PRINT EDITION | Subscribe to
NEWS | OPINION | SPORTS | ARTS & LIVING | ENTERTAINMENT Discussions | Photos & Video JOBS | CARS | REAL ESTATE
SEARCH:
Sign Up: Free Daily Tech E-letter  
Technology Home
Washtech
Tech Policy
   -Copyright
   -Cybercrime
   -E-Taxes
   -FCC
   -ICANN
   -Security
Government IT
Markets
Columnists
Personal Tech
Special Reports
Jobs

Advertisement
Company Postings
Get Quotes
Press Releases
Tech Almanac

FTC to Look Closer at 'Spyware'
Privacy Experts Warn of Dangers to Unwitting Consumers

Advertisement


_____Online Resources_____
Cookies and Spyware (The Washington Post, Nov 2, 2003)
_____Background_____
Senators Try to Smoke Out Spyware (washingtonpost.com, Mar 2, 2004)
Think Tank Wants Public's Help in 'Spyware' Fight (washingtonpost.com, Nov 18, 2003)
_____Fast Forward_____
No-Regrets Microsoft May Restore Security, but Not Trust (The Washington Post, Apr 11, 2004)
For Windows Users, 'Browser Hijacking' Is Only the Latest Threat (The Washington Post, Feb 29, 2004)
Big Intrusions, Tiny Pictures and Patented Problems (The Washington Post, Dec 28, 2003)
_____Cyber-Security_____
Microsoft Releases Update for Browser (The Washington Post, Jul 3, 2004)
Microsoft Releases Security Update (Associated Press, Jul 2, 2004)
Net Attack Aimed at Banking Data (The Washington Post, Jun 30, 2004)
More Security News
___Tech Policy/Security E-letter___
Written by washingtonpost.com's tech policy team, the e-mail version of this weekly feature includes an original news article and links to policy and cyber-security stories from the previous week.
Click Here for Free Sign-up
Read E-letter Archive


_____Message Boards_____
Post Your Comments
E-Mail This Article
Print This Article
Permission to Republish
By Yuki Noguchi
Washington Post Staff Writer
Monday, April 19, 2004; Page A04

A relatively new kind of software that resides in many computers and tracks its users' Web-surfing habits or triggers pop-up advertisements has come under scrutiny by federal regulators who have already cracked down on deceptive or misleading spam.

The Federal Trade Commission today is hosting a daylong workshop in Washington to discuss the effects of hidden software that may be used to control or spy on a computer without its user's knowledge.

So far most "spyware" and "adware" programs, often placed on Windows PCs by such downloaded programs as file-sharing programs, appear to have been used for the relatively benign purpose of tracking consumer preferences, said Howard Beales, director of the FTC's consumer protection division. The FTC is watching to see if criminals start making widespread use of this technology to steal credit-card and Social Security numbers of unwitting computer users, he said.

"So far [we] haven't thought that it warranted regulation," he said.

Privacy experts and makers of anti-spyware software say the FTC's light-touch approach leaves too many consumers vulnerable to more unwanted advertising or even the addition of controls that consumers might not realize are on their computer.

"There's a number of concerns about spyware, which is that it takes away consumers' control over their computers," said Ari Schwartz, associate director of the Center for Democracy and Technology in Washington. "We consider privacy to be a control issue as well," and many spyware programs act as surveillance tools for advertisers without the users' consent, he said. In February, the group filed a complaint with the FTC arguing for stricter enforcement against two companies involved in using software for allegedly deceptive and unfair ads.

The software generally enters a person's computer when he or she downloads and installs free music or game programs, for example. Often, popular downloaded programs such as Kazaa and Grokster require users to agree to a licensing agreement that allows the addition of adware to the computer's hard drive, legal agreements that Beales and privacy experts concede many consumers do not fully read. Other, more underhanded spyware developers automatically install spyware without the knowledge or informed consent of the user, privacy experts and software makers said.

Estimating how many computers carry spyware or adware is difficult, in part because many consumers do not know they have it, said Nate Elliott, an analyst with Jupiter Research. Some companies consider "cookies," which are small data files that Web sites can place on a computer to store information about a user's online activity, to be a form of software, but cookies are not programs and cannot control computer functions.

Last week, Internet service provider EarthLink Inc. and anti-spyware software maker Webroot Software Inc. said a three-month audit of slightly more than 1 million computers found 29.5 million pieces of spyware, or nearly 28 per computer. Almost 24 million of these items, however, were cookies.

"We think the problem is bigger than anyone understood," said David Moll, chief executive of Webroot of Boulder, Colo. In particular, "drive-by" downloads, which occur when Web sites exploit weaknesses in Microsoft's widely used Internet Explorer browser to install spyware and adware surreptitiously, are increasingly a problem, he said.

Roger Thompson, vice president of product development of Pest Patrol of Carlyle, Pa., said: "The issue is that there is no line between good behavior and bad behavior." Although a minority of spyware is used for "malicious" purposes, "it opens a back door that allows computers to be updated by the hacker and accept commands to log keystrokes, read files, or turn on the Web cam," he said.

Federal and state legislators have taken notice. U.S. Sens. Conrad Burns (R-Mont.), Ron Wyden (D-Ore.), and Barbara Boxer (D-Calif.) have introduced legislation that would prohibit the installation of software on a computer without notice and consent, and would require easy ways to remove it. Utah enacted legislation last month, and state legislatures in California and Iowa are considering action.

While some software installers are sneaky or fraudulent, the bigger problem may be that consumers neglect to read the fine print before loading programs, said David Sorkin, a professor at the John Marshall Law School in Chicago. "It's pretty hard to install controls beyond that contract."


TechNews.com Home

© 2004 The Washington Post Company


Company Postings: Quick Quotes | Tech Almanac
About TechNews.com | Advertising | Contact TechNews.com | Privacy
My Profile | Rights & Permissions | Subscribe to print edition | Syndication


PRINT EDITION | Subscribe to
NEWS | OPINION | SPORTS | ARTS & LIVING | ENTERTAINMENT Discussions | Photos & Video JOBS | CARS | REAL ESTATE
washingtonpost.com: | About washingtonpost.com
E-mail Newsletters | Archives | Wireless Access | Media Center | Advertise
mywashingtonpost.com | RSS Feeds | Our Headlines on Your Site
Rights and Permissions | Make Us Your Home Page
Work at washingtonpost.com | Internships | Site Index
The Washington Post: Subscribe | Subscriber Services
Advertise | Electronic Edition | Online Photo Store
The Washington Post Co.: Information
Other Washington Post Co. Websites
SEARCH:
  User Agreement and Privacy Policy | © Copyright 1996- The Washington Post Company