Slashdot Mirror

← Back to Stories (view on slashdot.org)

House Passes Spyware Bills

Posted by samzenpus on from the listen-to-the-law dept.

stinerman writes "Today the house passed two bills aimed at stopping spyware / adware and unauthorized use of computers. H.R. 29 makes it 'unlawful for any person who is not the owner or authorized user of a protected computer to engage in deceptive acts or practices'. H.R. 744 (I-SPY Act) prohibits accessing a protected system via code copied on to the system to, among other things, disseminate personal information. Both bills sailed through the house and are expected to be passed by the Senate."

5 of 226 comments (clear)

  1. Re:The term 'spyware' has fuzzy definition by FidelCatsro · · Score: 3, Informative

    " H.R. 29 makes it 'unlawful for any person who is not the owner or authorized user of a protected computer to engage in deceptive acts or practices' && H.R. 744 (I-SPY Act) prohibits accessing a protected system via code copied on to the system to, among other things, disseminate personal information."

    I think that pretty much covers what is defined under the bill , These companys can try to rename it all they want ,But if it falls under these classifcations (read the bill for more clarity) then its illegal(well will be when the bill passes)

    --
    The only things certain in war are Propaganda and Death. You can never be sure which is which though
  2. I'm no lawyer but... by ZeroTrace · · Score: 5, Informative

    US Code Title 18 Section 1030e: (2) the term "protected computer" means a computer-- (A) exclusively for the use of a financial institution or the United States Government, or, in the case of a computer not exclusively for such use, used by or for a financial institution or the United States Government and the conduct constituting the offense affects that use by or for the financial institution or the Government; or (B) which is used in interstate or foreign commerce or communication, including a computer located outside the United States that is used in a manner that affects interstate or foreign commerce or communication of the United States; This doesn't protect anybody but the government... Back to the drawing board I guess.

    1. Re:I'm no lawyer but... by hhghghghh · · Score: 5, Informative

      or (B) which is used in interstate or foreign commerce or communication, including a computer located outside the United States that is used in a manner that affects interstate or foreign commerce or communication of the United States; This doesn't protect anybody but the government... Back to the drawing board I guess. The wording is because of States' rights. Congress can pass laws regulating interstate commerce, and some other topics (like defense, international relations, etc.) In practice, if you've ever used your computer to buy something off of e-bay, or to even look at a commercial from out-of-state, it's been used for interstate commerce. And if you haven't, you might. So that means everybody, just nice and constitutional-like.

  3. Be careful what you wish for by Halvard · · Score: 4, Informative

    First let me say IANAL. I've been around them my whole life but that doesn't mean I am one. I have been told by some that I think like them though.

    I don't think this quite protects like people seem to think it does.

    I interpret Section 2a2D of the SPY Act to say it's okay to change security settings without the knowledge of the protected parties as long as you don't seek to do damage. Imagine a defensive claim that a change to weaken security settings is to make the computer easier to use and less confusing. Prove they had a different motive. That could be tough. No question that changing a settings of allowing ActiveX controls to always run makes it easier for a website targeting ActiveX capable browsers to run whatever they want "for the purpose" of serving their users and it's "easier" for their "customers" to use the site because then they don't have to bother with or know about changing browser security settings.

    Additionally, has any one read Title 18,1030? This bill references another which goes to Title 18. Title 18,1030 reads:

    (e) As used in this section--
    (1) the term "computer" means an electronic, magnetic, optical, electrochemical, or other high speed data processing device performing logical, arithmetic, or storage functions, and includes any data storage facility or communications facility directly related to or operating in conjunction with such device, but such term does not include an automated typewriter or typesetter, a portable hand held calculator, or other similar device;
    (2) the term "protected computer" means a computer--
    (A) exclusively for the use of a financial institution or the United States Government, or, in the case of a computer not exclusively for such use, used by or for a financial institution or the United States Government and the conduct constituting the offense affects that use by or for the financial institution or the Government; or
    (B) which is used in interstate or foreign commerce or communication, including a computer located outside the United States that is used in a manner that affects interstate or foreign commerce or communication of the United States;

    That *might* protect you buying something on eBay but I read that to mean it doesn't protect you regarding, for example, online banking necessarily. Phishing seems to prohibited in the SPY Act but I think this needs more analysis. I think the Act protects companies like Microsoft and others (Symantec?) that are using DRM and the like. A number of companies (*cough* Real Networks *cough*) get caught not infrequently sending off more information than they claim that they do; they apologize and do it again. So say they "encrypt" it in pig Latin because they aren't supposed to any longer. Now because you've decrypted it (as any American Kindergardener can do), you've now violated God knows how many other acts.

    I'm not trying to say the sky is falling. These Acts could be a good start. But anyone who thinks this is the cure is a fool. Don't forget CAN-SPAM legitimized spam while being (mis-?)represented as outlawing it.

  4. Re:Useless? 'protected computer'? by Jurph · · Score: 4, Informative
    No, as usual, Joe Slashdot has utterly failed to do any research. From U.S. Code Title 18, Chapter 47, Section 1030, which this bill amends:
    (2) the term ``protected computer'' means a computer--
    (A) exclusively for the use of a financial institution or the United States Government, or, in the case of a computer not exclusively for such use, used by or for a financial institution or the United States Government and the conduct constituting the offense affects that use by or for the financial institution or the Government; or

    (B) which is used in interstate or foreign commerce or communication, including a computer located outside the United States that is used in a manner that affects interstate or foreign commerce or communication of the United States;


    So this bill applies to any computer in the United States which communicates with any computer not in the same state (reserving that power for the legislatures of the states). It even covers your computer, as long as your comments here can be broadly interpreted as "communicating". Yeah, I know -- it's a stretch.