IDG News Service - Even though security technology is improving, spyware legislation is still needed from Congress because many consumers don't use all the tech tools available to them, antispyware groups said Thursday.
Antispyware groups including the Center for Democracy and Technology (CDT) and StopBadware.org called on Congress to pass antispyware legislation during the last days of the 2006 session. Although some studies show a small decrease in the amount of spyware on PCs, the use of spyware that logs keystrokes seems to be going up, said Ari Schwartz, deputy director of the CDT.
"The issue is everyone's still making money doing this," Schwartz said during an antispyware discussion in Washington. Spyware distributors identified by the Federal Trade Commission (FTC) or the CDT can pull in tens of millions of dollars in revenue annually, he added.
Antispyware technology can work, but 81 percent of home PC users don't use all three common security tools -- antispyware software, antivirus software and firewalls -- according to a survey published in December by AOL LLC and the National Cyber Security Alliance (NCSA).
"We still think consumers are not protected," said Ron Teixeira, the NCSA's executive director. "If they don't take these three core measures, it doesn't matter what we do."
The House of Representatives passed two antispyware bills in May 2005, but the full Senate has yet to act on similar legislation introduced there. Paul Cancienne, a legislative assistant for Representative Mary Bono, said his boss is optimistic that the Senate can still pass legislation and the two chambers can iron out their differences before Congress adjourns in October.
Bono, a California Republican, pushed forward legislation that would require many software programs collecting personal information to get permission before doing so. Bono's Securely Protect Yourself Against Cyber Trespass Act also would outlaw the act of taking over a computer in order to send unauthorized information or code, and diverting a Web browser without the permission of the computer owner. The bill, which passed the House by a 389-vote margin, would allow fines of up to $3 million for spyware-like activity.
Security software updates are exempted from the Bono bill.
In addition to legislation, antispyware groups need to continue to educate consumers about online dangers and ways to combat them, said NCSA's Teixeira. Many people don't know how to properly use security software or are confused about products out there, he said.
Many of the discussion's participants said legislation that would define illegal practices and give the FTC more power to work with overseas law enforcement agencies would help fight spyware. But not everyone there saw more legislation as an improvement.
A new law could bring unintended consequences for the tech industry, said John Palafoutas, senior vice president for domestic policy and congressional affairs at tech trade group AeA.
Palafoutas pointed to studies that say a significant percentage of time consumers spend online is looking at pornography sites, identified by StopBadware.org as major sources of spyware.
"I'm wary of a legislative fix," Palafoutas said. "Part of the problem is there's a lot of recklessness out there."
Free Insider GuideCopyright © 1994 - 2012 Computerworld Inc. All rights reserved. Reproduction in whole or in part in any form or medium without express written permission of Computerworld Inc. is prohibited. Computerworld and Computerworld.com and the respective logos are trademarks of International Data Group Inc.
