A bill to restrict software programs that can bombard people's computers with pop-up advertising and even steal their identities cleared a hurdle in Congress after being approved by a powerful committee in the House of Representatives.
The House Energy and Commerce Committee voted 45-4 to approve the Securely Protect Yourself Against Cyber Trespass – or "Spy" Act – a bill that would require companies and individuals to get computer owners' consent before transmitting "spyware" programs to their computers.
| | | | ___Tech Policy/Security E-letter___ Written by washingtonpost.com's tech policy team, the e-mail version of this weekly feature includes an original news article and links to policy and cyber-security stories from the previous week.
• Click Here for Free Sign-up
• Read E-letter Archive
| | | | | | |
|
Violators could get fines of up to $11,000 per offense.
Many companies upload spyware programs onto people's computers along with instant messaging buddy icons, games and other free software, usually concealing the spyware notice deep in a user agreement or omitting it entirely. File-sharing software for exchanging free music and movies online is a major source of spyware.
The committee amended the bill in an attempt to accommodate several high-tech companies' concerns that it would restrict the use of software that they use to communicate with their customers.
The legislation passed today was altered in several other ways. It now defines "personally identifiable information" such as credit card numbers and government-issued identification. It also limits the number of times companies would be required to notify consumers about spyware (and pop-up ad-serving software known as "adware") and allows Internet service providers to monitor their customers' computer use in order to maintain security on their networks.
Rep. Anna Eshoo (D-Calif.) said that the industry's concerns were not adequately addressed, and cited a list of industry and consumers' groups that have problems with the bill.
"The technology is complicated, the privacy issues are difficult and the business models at stake are varied and complex. I think it's something we shouldn't rush through," Eshoo said.
One of the associations Eshoo listed was the Information Technology Association of America. Its president, Harris Miller, called today's vote premature.
"This is trying to kill a fly with a sledgehammer when it's not even clear that the fly is buzzing around," Miller said.
The bill now moves to the full House, where it could run into competition from a spyware bill introduced yesterday by Rep. Robert Goodlatte (R-Va.).
The Internet Spyware Prevention Act of 2004 would send people to jail if they use spyware to defraud consumers by stealing and misusing their credit card and Social Security numbers as well as other personal data. The bill would not restrict or outlaw any kind of software, and would not require companies to get consumer consent before uploading software to their computers.
"We introduced a bill to go after the really bad guys without stifling innovation on the Internet," said Goodlatte spokeswoman Elyse Bauer.
Ari Schwartz, an associate director at the Washington-based Center for Democracy and Technology and a supporter of spyware legislation, said the Goodlatte bill raises fewer concerns about harming legitimate technology.
"The approach of going after bad practices makes sense for spyware," Schwartz said.
