Spyware bill reintroduced in Congress
It allow fines of up to $3M for spyware software makers
IDG News Service - Spyware legislation that would allow fines of up to $3 million for makers of software that steals personal information from a user's computer or hijacks its browser will get a second look after the U.S. Congress failed to pass the legislation in 2004.
Rep. Mary Bono (R-Calif.) reintroduced an antispyware bill yesterday that passed the House of Representatives last year but failed in the Senate. The Securely Protect Yourself Against Cyber Trespass Act, or SPY ACT, defines most functions performed by so-called spyware as unfair business practices subject to U.S. Federal Trade Commission fines.
Bono said in a statement that she expects the bill to sail through Congress this year. The measure passed the House in October on a 399-1 vote.
"The SPY ACT was introduced because we feel that consumers have the right to know and be protected when they are downloading software that has the ability to collect and transmit personal information," Bono said. "From its original introduction, the SPY ACT has evolved through a tremendously collaborative bipartisan effort to what we feel is strong and sound legislation. We ... are confident that this year we will see a spyware bill in the law books."
The SPY ACT would require a user's permission before software is downloaded onto a computer. It ran into objections from software vendors, who suggested that it could force them to notify users every time software scans their machines for updates. The SPY ACT also would prohibit unauthorized software from changing a browser's default home page, changing the security settings of a computer, logging keystrokes and delivering advertisements that the computer user can't close without turning the machine off or ending all sessions of the browser.
The bill Bono introduced is the same one passed by the House, except for a one-year extension in the bill's sunset clause, from December 2009 to December 2010. An earlier version of a Bono spyware bill, introduced in July 2003, sought to broadly prohibit spyware and defined it as "any computer program or software that can be used to transmit from a computer, or that has the capability of so transmitting, by means of the Internet and without any action on the part of the user of the computer to initiate such transmission, information regarding the user of the computer, regarding the use of the computer, or that is stored on the computer."
Some software vendors, including those that market antivirus update software, objected that the definition was overly broad and could make their services subject to fines. Some technology companies continued to callthe amended version of the bill too broad, but authors of the amended version attempted to address concerns that the original bill outlawed a type of technology instead of outlawing bad activities.
Some consumer and privacy advocates supported the bill, however. The Center for Democracy and Technology, a civil liberties group, supports the bill's penalties, said Ari Schwartz, the center's associate director. "It would be a lot easier to get the message out in terms of deterrence," he said.
Changing the Way Government Works: Four Technology Trends that Drive Down Costs and Increase Productivity
This paper discusses four technology-based approaches to improving processes and increasing
productivity while driving down department and agency costs.
- Why Projects Fail CIOs are expected to deliver more projects that transform business, and do so on time, on budget and with limited resources.
- The New Business Case for Video Conferencing: 7 Real-World Benefits Beyond Cost-Savings This whitepaper provides insight into the value of video conferencing in today's business environment, and how organizations are using visual collaboration to find...
- Gartner Magic Quadrant for Client Management Tools The client management tool market is maturing and evolving to adapt to consumerization, desktop virtualization, and an ongoing need to improve efficiency.
- LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy... All Gov't Legislation/Regulation White Papers | Webcasts