Spy Act of 2007 = "Vendors Can Spy Act"

strick1226 writes "Ed Foster over at InfoWorld describes the Spy Act bill (H.R. 964) as having the same relation to the prevention of spyware that the CAN SPAM Act had to the prevention of spam. It allows exceptions for companies to utilize spyware for any number of reasons; if this bill had been law when Sony distributed their rootkit, they would have had perfect cover. Most troubling is that the bill would preempt all state laws, including those more focused on the privacy of people's data, and disallow individuals from bringing suit. It is expected to pass soon with 'strong bipartisan support.'"

Re:Legal, not moral

[TechnicalFool]

As far as I'm aware, organisations always have had the legal cover (if just barely) to distribute spyware, as long as they say it's being installed in the EULA. If not, CoolWebSearch et all would have been sued out of business a long while ago. According to the article, and if I read it correctly, this seems to be more about giving large companies the legal arse-covering required to hack into your computer "just to check" if you've got, say, a dodgy copy of Autodesk Inventor.

What I'd be interested in is how this and other such spyware could be subverted, possibly with some false (and FOSS, naturally) piece of software that sends ridiculous junk to the remote servers. Sort of an anti-spyware, if you will. The best analogy I can think of off-hand would be programs like the fake SubSeven servers, that as I recall made your computer pretend to be infected with the SubSeven trojan. If you got someone connecting, you could give them a false directory tree, or press a button to blast their computer with a gazillion windows in their SubSeven client.

I think maybe a little hacktivism is called for, although naturally I would not advocate breaking any laws in the process! Oh no, sir!