With little fuss and no debate, a House subcommittee today amended an anti-spyware bill to clarify that the legislation does not cover third-party cookies.
H.R. 29, the Securely Protect Yourself Against Cyber Trespass Act (SPY ACT),
prohibits unfair or deceptive practices related to spyware and requires an
opt-in notice and consent regime for legal software that collects personally
identifiable information from consumers.
The spyware practices prohibited by the legislation include phishing,
keystroke logging, homepage hijacking and ads that can’t be closed except
by shutting down a computer. Violators could face civil penalties of up to
At a January hearing on the
legislation, concerns were raised that the bill would unfairly target
third-party cookies, although lawmakers insisted that was not their intent
and expressed their desire to reach a compromise on the issue.
Rep. Cliff Stearns
“This amendment otherwise clarifies an excellent bill,” said Rep. Cliff
Stearns (R-Fla.), chairman of the House Subcommittee on Commerce, Trade and
Consumer Protection. “The bill should not penalize authentic use of the
technology. It [the bill] does not apply to cookies, including third-party
First-party cookies are placed from the same domain the user clicks on
and are solely used to allow the user to access a Web site, most typically
by allowing the site to remember a user name and password. Advertisers,
publishers and their service providers use third-party cookies to serve,
rotate, target, cap, measure and report on online advertising.
“This is an all-out technology arms race [against bad actors],” Stearns
said. “This bill will help us win that race.”
The bill permits computer software providers to interact with a user’s
computer without notice and consent to determine whether the user is
authorized to use the software. Network monitoring is also exempted from the
provisions of the notice and consent requirements of the bill to the extent
that the monitoring is for network or security purposes, diagnostics,
technical support or repair, or the detection or prevention of fraudulent
The bill next goes to the full House Energy and Commerce Committee. Chairman
Joe Barton (R-Tex.) said he “expects this bill on the floor very quickly.”
The Senate has yet to hold any hearings on spyware.