Sign Up: Free Daily Tech E-letter  
Technology Home
Tech Policy
Government IT
Personal Tech
Special Reports


Senators Try to Smoke Out Spyware


_____Cybercrime Headlines_____
States Speed up Spyware Race (, May 13, 2004)
'P2P' Firms Join Child-Porn Fight (The Washington Post, May 6, 2004)
Congress Takes a Stab at 'Spyware' (, Apr 29, 2004)
More Cybercrime Headlines
Sign up for the weekly tech policy e-letter (Delivered every Monday).
'Sasser' Worm Tip of the PC Bug Invasion (, May 12, 2004)
German Teen Admits Making The 'Sasser' Internet Worm (The Washington Post, May 9, 2004)
'Sasser' Worm Strikes Hundreds of Thousands of PCs (, May 3, 2004)
More Security News
_____Message Boards_____
Post Your Comments
E-Mail This Article
Print This Article
Permission to Republish
By Brian Krebs Staff Writer
Tuesday, March 2, 2004; 4:21 PM

Three U.S. senators are tackling the growing problem of "spyware," software programs that track what people do online, alter their Web browser settings and turn their computers into unwitting Internet advertising generators.

The "SPYBLOCK" Act, which was introduced late last week, would make it illegal to use the Internet to install software on people's computers without their consent, and require companies that offer software downloads to provide more disclosure about what the programs do and what information they collect. The bill also would require Internet ads generated by the software to be clearly labeled.

The bill would allow states to sue violators in federal court and would call on the Federal Trade Commission to impose fines and civil penalties under consumer protection laws.

"Computer users should have the security of knowing their privacy isn't being violated by software parasites that have secretly burrowed into their hard drive," said Sen. Ron Wyden (D-Ore.), who introduced the bill along with Sens. Conrad Burns (R-Mont.) and Barbara Boxer (D-Calif.). The bill is similar to legislation offered last year by Rep. Mary Bono (R-Calif.).

Computer users often wind up with spyware on their PCs after downloading "free" software such as programs that let them share digital music files. It often piggybacks on free versions of media players, download managers or online greeting cards.

Non-invasive versions of those programs are sometimes are called "adware." Companies that use it usually say so and allow users to disable the ads by paying a small fee to license the full version of the product. Still, the lawmakers said many companies that bundle adware with other software do not explain clearly enough how marketers will use the information those programs collect.

More aggressive forms of adware and spyware can install themselves through so-called "drive-by downloads," where consumers unknowingly download invasive programs by browsing a particular Web site. Much like a computer virus, spyware can be difficult for a non-technologically savvy user to remove and it frequently saps the victim's computer processing power and Internet connection speeds.

Spyware has existed for years -- the first legislation that took a shot at it came from Democratic presidential hopeful Sen. John Edwards (D-N.C.) four years ago -- but the problem is becoming more widespread, prompting fresh annoyance from Internet users and calls to bring it to a halt.

"The major concern here is user control and transparency," said Ari Schwartz, associate director at the Washington, D.C.-based Center for Democracy and Technology. "We've found that many consumers do not understand what they're getting themselves into when they download software."

The bill probably will not cut down on the worst kinds of spyware -- programs that exploit computer security flaws to hijack Internet connections or install "dialer programs" that force the computer to call expensive online 1-900 adult services -- said Stewart Baker, an attorney at Washington law firm Steptoe & Johnson.

In that sense, Baker said, it is a lot like the CAN-SPAM Act, which many computer experts said has done little to combat the skyrocketing problem of unsolicited bulk e-mail since it became law in January.

"If you apply the mailbox test, the spam law hasn't had a significant effect. It would be nice to see the spam law working as intended before we say we want to follow the same route with spyware," said Baker, who advises Internet service providers on complying with the new spam law.

Several of the nation's largest Internet service providers, including America Online and Earthlink, provide free software for their subscribers to scan their computers for spyware threats.

There are other anti-spyware programs available for downloading, but CDT's Schwartz warned that some unscrupulous marketers are selling programs that claim to get rid of spyware but surreptitiously install it.

Last fall, the FTC accused a tiny company called D Squared Solutions of extorting computer users by inundating them with pop-up ads to promote software that purportedly blocked the exact kinds of ads it was sending.

The FTC said D Squared bombarded computers with ads funneled through a security hole in a seldom-used program that runs by default on all recent Microsoft Windows PCs. Microsoft has since issued a patch to close the security hole and has said it will turn off the program via its next major software update later this year. That case is slated to go to trial next month.

The commission is scheduled to hold a public workshop on spyware, adware and other software on April 19, 2004. Home

© 2004 Washingtonpost.Newsweek Interactive

Company Postings: Quick Quotes | Tech Almanac
About | Advertising | Contact | Privacy
My Profile | Rights & Permissions | Subscribe to print edition | Syndication