Senators Seek to Protect Computer Users from "Spyware," Hidden Downloads
SPYBLOCK Act would require consent, uninstall capabilities for software
Washington, DC - U.S. Senators Ron Wyden (D-Ore.), Conrad Burns (R-Mont.) and Barbara Boxer (D-Calif.) today introduced legislation to prohibit spyware, adware, and other invasive software from being secretly installed on Americans' computers. For the first time, the SPYBLOCK (Software Principles Yielding Better Levels of Consumer Knowledge) Act would prohibit installing software on somebody else's computer without notice and consent, and requires reasonable "uninstall" procedures for all downloadable software. Spyware, adware and other hidden programs often secretly piggyback on downloaded Internet software without the user's knowledge, transmitting information about computer usage and generating pop-up advertisements. Frequently such software is designed to be virtually impossible to uninstall. "The Internet is a window on the world, but spyware allows virtual Peeping Toms to watch where you go and what you do on the Internet," said Wyden. "Computer users should have the security of knowing their privacy isn't being violated by software parasites that have secretly burrowed into their hard drive." "Computer users should have the same amount of privacy online as they do when they close the blinds in the windows of their house," said Burns. "But this is not the case, as computers across the country are being hijacked everyday as users unknowingly download unwanted and deceitful programs that spy into their online world. Computer users must have some sort of defense against these sneaky programs hiding in the shadows of their machines." Boxer said, "This legislation will give consumers control over the programs that are downloaded onto their computers. As more and more people use the Internet, privacy violations become a greater threat, and we want to give our constituents the power to protect themselves from spyware and other hazardous software." The SPYBLOCK Act's general notice and consent requirement could be satisfied by commonly used on-screen dialog boxes that tell users that clicking "OK" will trigger the download of a particular program. More specific disclosure requirements kick in if the software has specific types of features, such as: · Features sometimes known as "spyware," that collect information about the user and transmit it over the Internet to a third party; · Features sometimes known as "adware," that cause pop-ups or other advertisements to appear on the user's machine; · Features that transmit messages or data over the Internet to third parties for purposes unrelated to any task the computer user is intentionally performing using the computer, such as hijacking the user's computer to send spam or to perform other tasks; and, · Features that modify user settings without the user's consent, such as automatically changing the designated "home page" on the user's Web browser. Additionally, the bill absolutely prohibits programs designed to trick users about who is responsible for content a user sees, such as causing a counterfeit replica of a company's Web site to appear whenever the consumer attempts to navigate toward a legitimate company's Web site. These types of programs have been used to fraudulently obtain personal financial information from users confused by dummy Web sites. The bill would be enforced by the Federal Trade Commission (FTC) and state attorneys general. The FTC could impose penalties just as it does for unfair and deceptive practices, including cease-and-desist orders and civil fines. State attorneys general could bring suits seeking injunctions, plus damages or other relief. The bill is expected to be referred to the Senate Committee on Commerce, Science and Transportation, of which Wyden, Burns and Boxer are members.