Spyware, Adware &
Legislation
The term "spyware" is not well defined.
Generally it is used to refer to any software that is
downloaded onto a person's computer without their
knowledge. Spyware may collect information about a computer
user's activities and transmit that information to someone
else. It may change computer settings, or cause "pop-up"
advertisements to appear (in that context, it is called
"adware").
Spyware may redirect a Web browser to a
site different from what the user intended to visit, or
change the user's home page. A type of spyware called
"keylogging" software records individual keystrokes, even
if the author modifies or deletes what was written, or if
the characters do not appear on the monitor. Thus,
passwords, credit card numbers, and other personally
identifiable information may be captured and relayed to
unauthorized recipients.
Some of these software programs have
legitimate applications the computer user wants. They
obtain the moniker "spyware" when they are installed
surreptitiously, or perform additional functions of which
the user is unaware. Users typically do not realize that
spyware is on their computer. They may have unknowingly
downloaded it from the Internet by clicking within a
website, or it might have been included in an attachment to
an electronic mail message (e-mail) or embedded in other
software.
According to an October 2004 survey and
tests conducted by America Online and the National Cyber
Security Alliance, 80% of computers in the test group were
infected by spyware or adware, and 89% of the users of
those computers were unaware of it. The Federal Trade
Commission (FTC) issued a consumer alert on spyware in
October 2004. It provided a list of warning signs that
might indicate that a computer is infected with spyware,
and advice on what to do if it is. Several states have
passed spyware laws, but there is no specific federal law.
During the first session of the 109th Congress, the House
passed two different spyware bills, H.R. 29 and H.R. 744,
on May 23, 2005. In the Senate, three bills were
introduced: S. 687, S. 1004, and S. 1608. S. 687 and S.
1608 were ordered reported from the Senate Commerce
Committee during 2005. A central point of the debate is
whether new laws are needed, or if industry
self-regulation, coupled with enforcement actions under
existing laws such as the Federal Trade Commission Act, is
sufficient. The lack of a precise definition for spyware is
cited as a fundamental problem in attempting to write new
laws that could lead to unintended consequences.
Opponents of new legislation further
insist that, if legal action is necessary, existing laws
provide sufficient authority. Consumer concern about
control of their computers being taken over by spyware, and
resulting impacts on their privacy, leads others to
conclude that more legislation is needed. The FTC supports
S. 1608, which would enhance FTC enforcement against
spyware, focusing on cross-border fraud.
(excerpted from the U.S. Congressional Reporting Service & Modified by AntiHubris.com)