Slashdot Mirror

← Back to Stories (view on slashdot.org)

House Passes Spyware Bills

Posted by samzenpus on from the listen-to-the-law dept.

stinerman writes "Today the house passed two bills aimed at stopping spyware / adware and unauthorized use of computers. H.R. 29 makes it 'unlawful for any person who is not the owner or authorized user of a protected computer to engage in deceptive acts or practices'. H.R. 744 (I-SPY Act) prohibits accessing a protected system via code copied on to the system to, among other things, disseminate personal information. Both bills sailed through the house and are expected to be passed by the Senate."

9 of 226 comments (clear)

  1. The term 'spyware' has fuzzy definition by guyfromindia · · Score: 4, Insightful

    http://www.eweek.com/article2/0,1759,1788844,00.as p According to this article, leading anti-spyware vendors are working with the nonprofit Center for Democracy and Technology to develop guidelines for defining spyware.
    When the very definition of spyware is hanging in balance, I dont see how they can strictly enforce the law.
    My 2c.

  2. What's the catch? by __aaclcg7560 · · Score: 3, Insightful

    I wouldn't be surprised that if you allowed one piece of spyware to be installed, it would be automatically assumed that you want more spyware installed. It's like getting married to one person and finding out that all the in-laws are moving into your new place with you.

  3. Re:Spyware with permission? by NickFortune · · Score: 4, Insightful
    I suppose it's going to come down to what the courts deem as authorisation and deception. Disclaimer: IANAL, I have not yet RTFL.

    I'd expect not for things like Gator, since that would be "authorised" access to your computer, with you authorising it. Spyware that comes bundled with other code could sneak past by havting the authorisation burined in the bundling software licence agreement.

    On the bright side, it should make the covert installation of spy/malware from a web page illegal. Or maybe more illegal. Of course, those who argue that web page access entails an implicit social contract are likely to feel they have been granted all the authority they need.

    I'd guess it needs to be tested in the courts before we can tell wether this is going to be a CAN-SPY bill or not.

    --
    Don't let THEM immanentize the Eschaton!
  4. First Steps... by kf6auf · · Score: 3, Insightful

    The problem with first steps (whether it be Congress's legislation or international treaties) is that because it's a first step and getting agreement it hard enough they can't accomplish very much and, yet, after the first step has been taken no one feels the need to take another step. My guess is that this legislation is too weak to accomplish anything and nothing will really be done until it becomes a big enough problem that the politicians can't say that they worked on it and are waiting for it to take effect or some BS like that.

    Now if they had only made it part of the DMCA, then we would get some quality legal action going by the **AA and we might actually solve the problem.

  5. But... by CountBrass · · Score: 3, Insightful

    Is this really something that government should be legislating at all?

    It let's both ignorant users (whom I can forgive) but also Microsoft (whom I can't) off the hook. Rather than having to secure their systems/fix fundamental security flaws in their OS and applications they can just hide behind this new law: "It's not our fault we didn't do anything wrong, they broke the law!"

    --
    Bad analogies are like waxing a monkey with a rainbow.
    1. Re:But... by Winkhorst · · Score: 3, Insightful

      Under this theory of free speech, I have the right to stand over your bed at midnight and give you my opinion on current affairs. I also have a right to privacy, and that includes a bunch of hax0rs breaking into my computer and turning it into a zombie or some moron corporation trying to sell me exactly what I just bought from them. No, free speech does not include the right to be heard.

      --
      "Is this Winkhorst a nova criminal?" "No just a technical sergeant wanted for interrogation."
  6. Also prohibits sueing spyware users? by mnemotronic · · Score: 3, Insightful
    Prohibits any person from bringing a civil action under State law premised upon the defendant's violating this Act.
    If I read that correctly, I can't sue someone who installs spyware on my pc or tries to phish me. But I don't understand the "under State law" clause, so maybe I could still sue under federal law? Does this limit my recourse to breaking the guy's kneecaps?
    --
    The Russians have won. They have made the world a cesspool of distrust, greed, fear and hate.
  7. Why Bother? by sqlrob · · Score: 4, Insightful

    There's already laws against unauthorized computer access, just enforce them.

    Yet another unenforced law doesn't do any good.

  8. What is really needed is more general privacy by jonwil · · Score: 4, Insightful

    Ignoring the fact that the spyware makers could just go offshore and avoid this, what is really needed is a new bill giving americans more privacy for personal details across the board. (not just for spyware)

    For example, if collects personal details they should be required to tell you that they have those details.
    And allow you to change those details if they are wrong.
    And if they give those details to another company (e.g. credit agency, firm that is going to use the details to send you marketing crap etc etc) they should be required to tell you about that too.

    Spyware companies would be required to notify you in advance what personal details their software collects (if any) and what is done with those details.

    The problem with this proposal is that it would cost the big corporations money to implement. But more to the point it would prevent the corps from hiding what is going on (for example, I occasionally get letters from American Express asking if I want an American Express card even though I have never had any dealings with American Express in my life which means that some other company I deal with such as my bank must have given American Express my postal address and stuff)

    Really, the 5 biggest problems with spyware are:
    1.Spyware takes various levels of personal details and sends it to some company (with you not knowing what those details are or what is being done with them)
    2.Spyware installs without it being clear that it is installing
    3.Spyware messes with system files and settings
    4.Spyware takes up memory/system resources (and often internet bandwidth to download ads etc)
    and 5.Spyware is almost always impossible to remove without tools like ad-aware, MS anti-spyware or Spybot.