House Panel OKs Anti-Spyware Bill


WASHINGTON — Calling for penalties of up to $3 million, a House subcommittee
unanimously approved anti-spyware legislation Thursday, which requires that consumers
be given clear and conspicuous notice prior to downloading the Web traffic
tracking software.


H.R. 2929, or the Securely Protect Yourself Against Cyber Trespass Act (SPY Act),
also includes provisions to prohibit unfair or deceptive behavior,
such as key-stroke logging, computer hijacking and the display of
advertisements that cannot be closed.

The bill now goes to the House Energy and Commerce Committee. Similar
legislation is pending before the Senate Commerce Committee.


“I think this will become public law sometime before the end of this year
and protect the privacy of millions and millions of Americans,” said Energy and
Commerce Chairman Joe Barton (R-Texas).


In April, Barton was critical of the
Federal Trade Commission (FTC) for not doing enough to halt the spread of
spyware and vowed to pass tough legislation this year that would “cure this
cancer on the Internet.” The FTC maintained no new laws are necessary, because the
unauthorized use of spyware qualifies as a deceptive trade practice.


Consumer and privacy advocates are concerned about the growing number of
spyware programs that often piggyback on downloaded files,
report back Internet traffic patterns to advertisers and generate unwanted
popups.


The passage of the bill in the Subcommittee on Commerce, Trade and Consumer
Protection comes one day after EarthLink and Webroot
Software released a report that claims more than 500,000 system monitors and
Trojan horses were discovered from approximately 1.5 million scans completed
this year. Overall, the scans found 27.5 spyware programs per computer.


“Spyware continues to spread and plague legitimate computer users,” Rep.
Cliff Stearns (R-Fla.), chairman of the subcommittee, said. “This rapid
growth makes passing the legislation before us even more critical. This
legislation will directly target the advancing spread of spyware and provide
strong protections for all computer users’ rights to privacy.”


The bill requires anyone who is not the owner or authorized user of a
computer to provide an opt-in screen prior to transmitting or enabling any
information collection program, which can
collect personally identifiable information or information about Web sites
visited.

Stearns said the legislation “has been carefully crafted to avoid impacting
legitimate uses of the same technology that enables spyware, including
technology like parental Internet monitoring software used to track
children’s Internet usage or enhanced customer security for certain
websites.


“Our goal was to produce a bill that was not overly
prescriptive, specifically directed at egregious practices and which also
preserved legitimate uses of the technology,” added Stearns.


Rep. Mary Bono (R-Calif.), who originally introduced the legislation, said, “We are one
step closer to restoring safety, confidence and control to consumers when
using their own computers.”


In the disclosure notice required under the proposed law, the SPY Act
requires consumers be informed of the type of information the software
collects or sends or the purpose for which the information is collected or
sent. The bill also requires that spyware that the consumer consents to download
must be easily uninstalled “without undue effort or knowledge” on the part
of the computer user.

News Around the Web