The U.S. House plunged ahead today in its anti-spyware campaign, passing two different bills targeting unfair or deceptive practices related to spyware.
Just six months ago, similar legislation failed to capture the Senate’s imagination.
“It is time we not only pass this in the House but also make it the law of
the land,” Rep. Jan Schakowsky (D-Ill.) said. Rep. Cliff Stearns (R-Fla.),
added, “We passed this bill once before. Now, we’ve got to appeal to the
Senate to move it.”
First, though, the Senate will have to divine the intent of the House, which
passed two different approaches to dealing with spyware.
Under the Internet Spyware (I-SPY) Prevention Act of 2005, House members
approved legislation that imposes tougher criminal penalties for
spyware-related activities. The bill imposes prison terms for intentionally
accessing a computer without authorization for the purpose of planting
unwanted software.
Under I-SPY, using unauthorized access to a computer to commit a crime is punishable by a fine or imprisonment for up to
five years. If the access is used to transmit personal information for the
purposes of fraud or damaging a computer, the prison terms can go up to
two years.
“This is targeted legislation instead of an invasive regulatory scheme with
unknown consequences,” Rep. James Sensenbrenner (R-Wis.) said of the I-SPY
Act, which originated in Sensenbrenner’s Judiciary Committee.
The other bill passed Monday, the Securely Protect Yourself Against Cyber
Trespass Act (SPY Act), also toughens penalties on spyware purveyors but
goes much further than the I-SPY Act by imposing an opt-in, notice and
consent regime for legal software that collects personally identifiable
information from consumers.
Among the spyware practices prohibited by the bill are phishing, keystroke
logging, homepage hijacking and ads that can’t be closed except by shutting
down a computer. Violators could face civil penalties of up to $3 million.
Rep. Joe Barton (R-Tex.), whose Energy and Commerce Committee pushed the SPY
Act out to the House floor, said a prominent opt-in notice for consumers
prior to the personal collection of identifiable information is an important
aspect of any anti-spyware legislation.
“I believe that we need to require of ad companies the responsibility to
inform consumers and get their consent before they start installing devices
on consumers’ computers that keep track of everything they do on the
Internet,” Barton said. “This bill does that, the Judiciary bill does not.”
Rep. Bob Goodlatte, co-sponsor of the I-SPY Act along with Rep. Zoe Lofgren
(D-Calif.), said Congress should avoid the “excessive” regulation of the
Internet called for in the SPY Act.
“We must target the behavior, not the technology,” Goodlatte said. “The
I-SPY Act protects consumers by imposing stiff penalties on the truly bad
actors, while protecting the ability of legitimate companies to develop new
and exciting products and services online for consumers.”
Goodlatte said the SPY Act championed by Barton “imposes a broad regulatory
regime on businesses.”
Barton said he was prepared to merge the two House bills if the Senate
passed its own anti-spyware legislation.