A subcommittee of the House Committee on Energy and Commerce approved H.R. 964, the Spy Act, and will soon be going before the full committee for approval. But the act seems to only protect vendors and DRM.
Ed Foster asks why…
But why? There are already plenty of federal and state laws regarding computer fraud, trespass, and deceptive trade practices that make spyware illegal. The existing laws have been sufficient to allow the FTC and/or state attorneys general to even successfully go after some of the nastier adware companies like Direct Revenue and Zango/180 Solutions. So what is the purpose of this law?
A clue can be found in the Limitations section of the Act, which features this rather broad exception:
Exception Relating to Security- Nothing in this Act shall apply to–
(1) any monitoring of, or interaction with, a subscriber’s Internet or other network connection or service, or a protected computer, by a telecommunications carrier, cable operator, computer hardware or software provider, or provider of information service or interactive computer service, to the extent that such monitoring or interaction is for network or computer security purposes, diagnostics, technical support, or repair, or for the detection or prevention of fraudulent activities; or
(2) a discrete interaction with a protected computer by a provider of computer software solely to determine whether the user of the computer is authorized to use such software, that occurs upon — (A) initialization of the software; or (B) an affirmative request by the owner or authorized user for an update of, addition to, or technical service for, the software.
In other words, it’s perfectly OK for basically any vendor you do business with, or maybe thinks you do business with them for that matter, to use any of the deceptive practices the bill prohibits to load spyware on your computer. The company doesn’t have to give you notice and it can collect whatever information it thinks necessary to make sure there’s no funny business going on. And by the way, another exception provision specifically protects computer manufacturers from any liability for spyware they load on your computer before they send it to you. Of course, the exception for software companies checking to make sure you’re an authorized user is the strongest evidence of what this bill is all about. After all, in terms of function, there’s not much difference between spyware and DRM. Too bad for Sony this bill wasn’t already the law when its rootkit-infected CDs came to light.
What the heck is Congress thinking?! This bill has to be defeated. Call and urge your congressman to vote against it as it doesn’t do anything to protect consumers.
[tags]spyware, drm, malware, spy act, congress, politics, security[/tags]