UPDATED: After four months and nearly 400 comments, the Anti-Spyware Coalition (ASC) has published a final definition of terms used in the spyware
The group also published an interim risk-modeling document that can be used to determine whether a piece of software is actually spyware, according to its consensus definition. The ASC will take public comments on the risk-modeling document until Nov. 27.
The ASC published an interim report in July defining a variety of terms used in the spyware industry — adware, droneware and screen scrapers for example — and asked for public comments before the organization submitted a finalized version.
According to the ASC, spyware is defined as, “A term for tracking software deployed without adequate notice, consent or control for the user. In its broader sense, spyware is used as a synonym for what the ASC calls ‘Spyware and Other Potentially Unwanted Technologies.'”
The finalized definitions, which officials said would be updated as needed, include documents containing safety tips for end users, as well as the best approach for resolving vendor disputes between anti-spyware companies and software publishers.
Why would an organization spend so much time devising a common definition for what many Internet users already know and deal with on a regular basis?
But the industry organization, made up of companies such as AOL , McAfee
, Microsoft
and the Center for Democracy & Technology (ADT), have found the word “spyware” can mean something different from person to person or company to company.
Nicholas Graham, a spokesman at AOL, said a common definition brings unity and a sense of purpose and clarity to the overall debate of spyware. This common ground, he said, will help AOL and the other industry partners at ASC target the bad actors, as well as the practices that menace their customers on a daily basis.
“It takes us a very big step forward overall,” he said. “I think it’s a positive and does address some of the issues that need to be spoken to in the debate around spyware today.”
From the common definition and risk-modeling foundation they’ve now created, organization officials said, the group can move on to other areas to help prevent the spread of spyware. The ASC plans to work next on best practices to be used by the industry.
According to an August report by FaceTime Communications, companies are spending an average $130,000 a month to clean up spyware introduced by unsanctioned applications.
