U.S. Senators Conrad Burns (R-Mont.) and Ron Wyden (D-Ore.) introduced their
long-awaited anti-spyware legislation today, calling for prohibitions and
penalties on a variety of practices that result in unwanted software being
placed on consumers’ computers.
Burns and Wyden, the principal authors of the 2003 CAN SPAM Act, said their
bill, known as the Spy Block Act, starts with the premise that computer
owners should have knowledge and control over the software installed on
their machines, according to a statement released by the senators.
“When I purchase a computer and install it in my home, I expect to be the
only one who has access to it,” Burns said in a statement. “This legislation
gives control back to those who should have it. It protects computer users
from those potentially devastating spies and the programs they want to
According to the statement, the bill specifically bans the surreptitious installation of software where
the user never intended to trigger the installation and prohibits misleading
inducements to install software. It also targets software that once
installed, prevents efforts by the user to uninstall or disable it.
The legislation also bans the collection and transmission of information
about the user of a computer without the user’s consent and prohibits the
installation of that software that causes ads to appear without identifying
itself as the source of the ads.
“Millions of Americans use computers daily to pay their bills, research
medical conditions and to shop online, and no one should have to worry that,
with each click of a mouse, their every move in cyberspace is being watched,”
Wyden said ion the joint statmentt with Burns. “Consumers should have
control over the programs on their machines and should not have their
privacy jeopardized by invasive programs lurking on their computers.”
The bill also includes criminal penalties for certain “particularly
egregious and intentional acts,” as well as protection for providers of
anti-spyware technology acting in good faith from being sued for blocking or
removing software programs from a user’s computer.
The Federal Trade Commission would be charged with enforcing the
legislation, with violations treated as unfair or deceptive trade practices.
In addition, state attorneys general would be authorized to bring actions, as
well. The bill would preempt state spyware statutes, except to the extent
such statutes prohibit deception.
While Burns and Wyden waited several months after the start of the 109th
Congress to introduce their legislation, the House of Representatives has
been aggressively pushing its own version of an anti-spyware bill since
Earlier this month, the House Energy and Commerce Committee unanimously
approved its fast-track anti-spyware legislation, pushing the bill out for a
full House vote.
H.R. 29, the Securely Protect Yourself Against Cyber
Trespass Act (SPY ACT), prohibits unfair or deceptive practices related to
spyware, and it requires an opt-in notice and consent regime for legal
software that collects personally identifiable information from consumers.
The spyware practices specifically targeted by the House legislation include
phishing, keystroke logging, homepage hijacking and ads that can’t be closed
except by shutting down a computer. Violators could face civil penalties of
up to $3 million.