Industry Supportive of New Spyware Bill
Industry is cautiously optimistic about more targeted antispyware legislation introduced earlier this month in the House. In a House Commerce Committee hearing Wed., executives from Microsoft and EarthLink praised HR-29 and said it was a considerable improvement over an earlier version that passed the House almost unanimously last year but failed to win Senate support.
Sign up for a free preview to unlock the rest of this article
Communications Daily is required reading for senior executives at top telecom corporations, law firms, lobbying organizations, associations and government agencies (including the FCC). Join them today!
The bill seeks to protect individuals from spyware by requiring that consumers receive a conspicuous notice before downloading the code. The bill also includes provisions to prohibit key-stroke logging, browser hijacking, phishing and the display of ads that can’t be closed. It also establishes stiff fines up to $3 million per violation.
“The bill allows notices to consumers to be tailored to take into account different scenarios,” said Microsoft Assoc. Gen. Counsel Ira Rubinstein. “It also contains important exceptions for critical functionalities such as security procedures and authentication checks. These revisions help target bad actors without impeding legitimate applications.”
Defeating spyware will require a combination of legislation, technology and education, said EarthLink Vp-Law & Public Policy David Baker. Baker outlined his company’s efforts to eradicate adware cookies, system monitors and Trojan horses and said 3.2 million scans by EarthLink users found 83 million instances of spyware -- 26 programs per computer.
The Center for Democracy & Technology largely favors the bill. “HR-29 marks a substantial step forward in addressing many of the concerns of consumer groups and companies with targeted anti-spyware legislation,” said Ari Schwartz, assoc. dir of CDT. “In particular, we strongly endorse the idea of raising penalties on and calling specific attention to the worst types of deceptive software practices online.” CDT and Microsoft expressed concerns about notice and consent requirements that might become intrusive to users. “Congress must proceed cautiously,” said Rubinstein.
CDT once again introduced the concept of broad online privacy legislation as a better approach to the problem than writing laws for every technology that comes along. “If we do not begin to think about privacy issues more comprehensively, the same players will be back in front of this committee in a matter of months to address the next threat to online privacy,” said Schwartz. When pressed on that question by the committee, Microsoft’s Rubinstein said he would “welcome the opportunity” to talk about baseline privacy legislation.