U.S. House Passes Stronger Anti-Spyware Bill

The U.S. House of Representatives has legislated an anti-spyware law, according to which software distributors must acquire the users' consent prior to loading programs on their computers. This new act is much tougher than the one the House passed last month in May 2007. The old act though enforced penalties for spurious application of spyware, but it did not frame any regulatory function for the law over software.

The latest SPY Act bill requires companies to alert users about any software ready to be installed on their PCs and specifically seek their confirmation. According to this new law, the companies are required to prepare honest notices, which should have an opt-in before executing software designed to gather information. The software should also be easily removable or terminable without creating much hassle for the users.

The House passed the SPY Act by 368 votes against 48. The act bans commandeering the computers to distribute unsolicited material to other PCs, diverting activities on the web browser, altering a computer's configuration, and using keystroke logging. It is illegal to accumulate personal information under the bill without taking permission and the bill imposes a fine of up to $3 million for certain violations.

The FTC would enforce the law under the Federal Trade Commission Act and would regulate strong civil penalties for each breach of the Act. The FTC would also examine the procedure to handle cookies and software already loaded on computers.

The anti-spyware bill has become debatable drawing opposition from different groups. While one group says it is too tough, the other says it is too lenient.

Graham Cluley, senior technology consultant for Sophos believes that any step that helps to obstruct cyber criminals' activities has to be right in principle. On June 12, 2007 CRN published what Cluley told Vnunet.com.

Cluley further said that the security industry would be examining the legislation closely to determine its ability to function, and to seek answers for the questions such as whether its enforcement is actually possible and whether it is really able to catch fraudsters who use spyware for committing identity theft. He added the legislation should hit only cyber criminals and not prevent legitimate users of the Internet from working innovatively.

Related article: U.S. Businesses Lose $712 Per Worker Due to Spam

» SPAMfighter News - 6/27/2007