Should It Be Illegal To Sell A Keylogger? Or Just To Use It?

from the might-be-pushing-the-boundaries dept

A court has issued an injunction temporarily banning the sale of a keylogger product called RemoteSpy. The ruling probably makes sense under the current FTC law, but it does raise some questions about whether it really makes sense to ban the sale of such a program, versus just the use of one. I can certainly understand why you might want to ban the sale of such programs, because if they're sold, they're perhaps more likely to be used. However, it still seems wrong to make it illegal to sell some software because that software can be used for illegal activities. Shouldn't the liability belong to those who actually use the software for illegal purposes?


Reader Comments (rss)

(Flattened / Threaded)

  1.  
    identicon
    Cygnus, Nov 19th, 2008 @ 4:11pm

    Without having read anything linked from this blurb, I'd imagine that the court's justification is that it goes well beyond that the software "can be used for illegal activities" but, rather, that the primary purpose of the software is illegal.

    Your final question is like asking if it shouldn't be the crack user only, and not the crack dealer, that is punishable in the buy/sell transaction.

     

    reply to this | link to this | view in thread ]

  2.  
    identicon
    mslade, Nov 19th, 2008 @ 4:13pm

    Programs don't spy on people...

    People do. No, really, this is no different from the on-going TIRED debate about firearms.

    IMO everything should be illegal, and we should all be put in prison.

     

    reply to this | link to this | view in thread ]

  3.  
    identicon
    mslade, Nov 19th, 2008 @ 4:17pm

    Re:

    Cygnus, your logic is flawed. Crack is a controlled substance, and ingesting crack is against the law.

    Key logging software is not currently legal, nor should it be. And while I'm not a lawyer, I would be very, very surprised to find out that key logging, the primary purpose of the software, is illegal. If it were, that would be a vicious slippery slope since just about everything you do on a computer is logged somewhere for perfectly valid reasons.

    Think about it this way: if they rebranded their product from "RemoteSpy" to "Nanny 2008" and called it a programming for monitoring what your children are doing, this would probably be a very different story.

     

    reply to this | link to this | view in thread ]

  4.  
    identicon
    mslade, Nov 19th, 2008 @ 4:18pm

    Re: Re:

    Aargh. Correction:

    >> Key logging software is not currently *illegal*.

    Sorry, I'm done with the comment spam.

     

    reply to this | link to this | view in thread ]

  5.  
    identicon
    Cygnus, Nov 19th, 2008 @ 4:20pm

    Re: Re:

    How about addressing the first paragraph, then.

     

    reply to this | link to this | view in thread ]

  6.  
    identicon
    Anonymous Coward, Nov 19th, 2008 @ 4:25pm

    To my knowledge, keyloggers are commonly used on corporate/school computers to monitor the actions of the employees/students online.

     

    reply to this | link to this | view in thread ]

  7.  
    identicon
    Anonymous Coward, Nov 19th, 2008 @ 4:25pm

    If it were illegal, where would law enforcement get their copy ?

     

    reply to this | link to this | view in thread ]

  8.  
    identicon
    mslade, Nov 19th, 2008 @ 4:28pm

    Re: Re: Re:

    Your first paragraph culminated with "the primary purpose of the software is illegal", which is untrue. There's plenty of other physical-world analogies to the situation where product A has a legitimate purpose, but is frequently used for illegal activities. That doesn't mean we should ban its sale.

    - lockpicks
    - guns
    - Sudafed... oh wait, we did ban OTC sales of Sudafed because junkies were cooking it up.

    It's a line we have to walk, when is something worth banning because of its potential for abuse. I think banning keyloggers is bad idea, since (as I exemplified) this would probably encompass very useful and legitimate software with friendlier names.

     

    reply to this | link to this | view in thread ]

  9.  
    identicon
    PRMan, Nov 19th, 2008 @ 4:29pm

    In his sensationalism...

    Mike forgot to point out that this particular keylogger is designed to be installed remotely without the owner's knowledge, which would ALWAYS be illegal.

     

    reply to this | link to this | view in thread ]

  10.  
    identicon
    Anonymous Coward, Nov 19th, 2008 @ 4:30pm

    Re: Re: Re:

    How about addressing the first paragraph, then.
    You mean where you admit that you didn't even bother to read the story before commenting? I don't know about mslade, but I can't think of a nice way to respond to that.

     

    reply to this | link to this | view in thread ]

  11.  
    identicon
    mslade, Nov 19th, 2008 @ 4:31pm

    Re: In his sensationalism...

    Heh, I just clicked the link and saw that. I concede, this should be illegal. Boo @ sensationalism for making me engage in a bogus debate.

     

    reply to this | link to this | view in thread ]

  12.  
    identicon
    Anonymous Coward, Nov 19th, 2008 @ 4:33pm

    Re: In his sensationalism...

    Mike forgot to point out that this particular keylogger is designed to be installed remotely without the owner's knowledge, which would ALWAYS be illegal.

    Really? I seem to recall reading about the FBI doing that.

     

    reply to this | link to this | view in thread ]

  13.  
    identicon
    Hmmm, Nov 19th, 2008 @ 4:37pm

    Should be illegal

    Drug paraphernalia, for example is illegal to sell. Bongs for example. (and before I get a bunch of responses saying that they are legal .. what is legal is a "water pipe" where they explicitly say "for tobacco use only"). If its primary and only use is to perform an illegal activity then the equipment should be illegal itself. The keylogger falls into this category.

     

    reply to this | link to this | view in thread ]

  14.  
    identicon
    Anonymous Coward, Nov 19th, 2008 @ 4:42pm

    Re:

    the primary purpose would be to monitor children's public access or work computers to ensure they are not doing something against company policy. this is no different than the monitoring software that lets you see everything someone on another computer is doing (which is installed in most school computer labs).

     

    reply to this | link to this | view in thread ]

  15.  
    identicon
    Anonymous Coward, Nov 19th, 2008 @ 4:45pm

    Re: Re: In his sensationalism...

    rootkit.

     

    reply to this | link to this | view in thread ]

  16.  
    identicon
    Anonymous Coward, Nov 19th, 2008 @ 5:02pm

    i don't see why key loggers are illegal, in one of previous jobs we had continuous problems with malware and viruses on certain PCs of course no one admitted using them, looking at the browsers history told us what sites were accessed and what times but that still didn't tell us who, we had to install key loggers on all affected machines in order to find out who was the culprit.

     

    reply to this | link to this | view in thread ]

  17.  
    identicon
    Anonymous Coward, Nov 19th, 2008 @ 5:03pm

    Re: Should be illegal

    what is legal is a "water pipe" where they explicitly say "for tobacco use only").
    OK, so all they need to do is say somewhere, like in the EULA, that the product may not be used for illegal purposes and then they're good? I bet they had something like that.

     

    reply to this | link to this | view in thread ]

  18.  
    identicon
    Trerro, Nov 19th, 2008 @ 5:07pm

    Possible legal use

    You could have a program that's crashing horribly, and use a keylogger to figure out exactly why, by seeing what command was typed in or what shortcut was used right before it crashed. This is especially useful if it's crashing badly enough that it can't log anything first - as long as it doesn't take the whole system down, the keylogger should be able to capture the last input. Particularly, if it's a rare bug being encountered, a few testers with keyloggers running can get the problem fixed much faster than without them.

    If you play computer games at the worldwide tournament level, a keylogger could be useful to learn someone's favored build order in a stategy game (with their permission, of course.)

    Etc.

    Yes, the overwhelming majority of times a keylogger is employed, it's to do something unethical, and usually illegal as well, but they DO have legitimate uses.

    That being said, a program called "RemoteSpy" clearly isn't targeting itself at legit uses.

     

    reply to this | link to this | view in thread ]

  19.  
    identicon
    Mark Regan, Nov 19th, 2008 @ 5:21pm

    Ban Cars Too

    I'm pulling out my crayon and paper and writing block letters to my congressman asking him, while he's about the task for banning software that might be used illegally someday, to also BAN CARS WHICH MIGHT BE USED BY SPEEDERS OR BANK ROBBERS OR DRUG SMUGGLERS AFTER THEY ARE SOLD.

    Sir: PLEASE PROTECT US.

     

    reply to this | link to this | view in thread ]

  20.  
    identicon
    Anonymous Coward, Nov 19th, 2008 @ 5:28pm

    It only works on Microsoft products, probably gets in via javascript or activeX.

     

    reply to this | link to this | view in thread ]

  21.  
    identicon
    Alexander, Nov 19th, 2008 @ 5:38pm

    The basic difference between this and dealing drugs or selling guns is that drugs and guns are physical. If I have one gun, I can only sell it to one person. However, keyloggers could just be shared peer-to-peer. Banning their distribution is just as enforceable as banning illegal music downloads.

     

    reply to this | link to this | view in thread ]

  22.  
    identicon
    Rose M. Welch, Nov 19th, 2008 @ 6:06pm

    Re: In his sensationalism...

    Why do you assume that the person sitting at the machine is the owner? It would make perfect sense for a large corporation with many officers or centers to use a product that is specifically designed to be installed from afar, rather than trying to remotely log into each computer and install it, or paying techs in several cities to do so, and hoping that they each do it correctly.

     

    reply to this | link to this | view in thread ]

  23.  
    identicon
    Rose M. Welch, Nov 19th, 2008 @ 6:07pm

    Re: Re: In his sensationalism...

    ...with many officers or centers... should be 'with many offices or center'. Pardon me. :)

     

    reply to this | link to this | view in thread ]

  24.  
    identicon
    another AC, Nov 19th, 2008 @ 6:11pm

    Uhh

    What if i own the computer that i would like to install to remotely, Without the other users knowledge?

     

    reply to this | link to this | view in thread ]

  25.  
    identicon
    ploglammel, Nov 19th, 2008 @ 6:19pm

    Ban More

    They are going to ban Visual Basic as well, since the program used to write illegal software!

     

    reply to this | link to this | view in thread ]

  26.  
    identicon
    mslade, Nov 19th, 2008 @ 6:43pm

    Re: Should be illegal

    The primary use of a keylogger is to keylog. Keylogging is not illegal. Keyloggers should not be illegal.

     

    reply to this | link to this | view in thread ]

  27.  
    identicon
    Anonymous Coward, Nov 19th, 2008 @ 7:04pm

    while all of you are debating legalities i downloaded remote spy via bit torrent

     

    reply to this | link to this | view in thread ]

  28.  
    identicon
    Anonymous Coward, Nov 19th, 2008 @ 7:12pm

    Re: Ban More

    "They are going to ban Visual Basic as well, since the program used to write illegal software!"

    Whoa - visual basic ?
    You've got to be kidding

     

    reply to this | link to this | view in thread ]

  29.  
    identicon
    Mart, Nov 20th, 2008 @ 5:00am

    ..jesus.

    Ban thinking. If you couldn't think of doing illegal things, you wouldn't be able to do them. I hate this sh1t.

     

    reply to this | link to this | view in thread ]

  30.  
    identicon
    Anonymous Coward, Nov 20th, 2008 @ 5:22am

    Re:

    Laws don't apply to cops. Duh.

     

    reply to this | link to this | view in thread ]

  31.  
    identicon
    Anonymous Coward, Nov 20th, 2008 @ 5:46am

    It's stupid to ban the sale. Let's use the child porn theme (which seems to be popular)and see what else sould be banned.

    Backup Tools - They can be used to backup child porn.
    Cleanup Tools - They can be used to cleanup traces of child porn.
    DVD Software - They can be used to play child porn.
    E-Mail Clients - They can be used to email child porn.
    Graphics Viewers - They can be used to view child porn.
    HTML Editors - They can be used to make websites that contain child porn.
    IRC Clients - They can be used to talk about child porn.
    Text Editors - They can be used to write stories about child porn.
    Video Capture Software - They can be used to capture child porn.
    Video Converters - They can be used to to convert child porn.
    Video Editing Software - They can be used to edit child porn.
    Video Players - They can be used to play child porn.

     

    reply to this | link to this | view in thread ]

  32.  
    identicon
    Blah Blah Blah, Nov 20th, 2008 @ 8:07am

    Re: Re: In his sensationalism...

    Rose M. Welch says: Why do you assume that the person sitting at the machine is the owner? It would make perfect sense for a large corporation...

    Are you arguing that the software being sold is legal or illegal?

    Meanwhile, read the complaint, people. Don't just jump on the bandwagon because someone's beating a drum.

    Either an owner or an authorized user can install a keylogger legally without notifying anyone else. The FTC has no problem with that. Corporate America does it all the time (the company owns the machine). NetNanny and the like are perfectly legal (as long as an owner or the owner of a userid on the machine installs the software knowingly).

    According to the FTC complaint, RemoteSpy provides tools and instructions to trick people into running the install without realizing what they're doing. The company advertises the fact that RemoteSpy is designed to stealth install, conceal its presence and take steps to complicate removal when finally detected. (The FTC complaint includes quotes from company advertisements supporting these points.)

    There is no compelling legal use for the stealth install, cloaking or complicated removal features of the software. If the company wants to sell RemoteSpy, all they need to do is remove those features. They should probably ditch the "how to trick people into installing" wizard too, but arguably a non-stealth install would mitigate that issue if people are smart enough to read the warnings.

    Also note that the FTC is filing this complaint in response to a complaint to them in March from the Electronic Privacy Information Center (free speech rights, privacy rights, anti-FISA, keep the government far from my computer, etc.). EPIC claimed that RemoteSpy is illegal. The FTC is acting on their complaint.

    Sometimes the Feds do the right thing, people.

     

    reply to this | link to this | view in thread ]

  33.  
    identicon
    Greevar, Nov 20th, 2008 @ 9:58am

    You can't blame the tool for the person who abused it. I can imagine there are useful implementations for such a tool. Security would be one. If you suspect that one of your employees is leaking secrets, it would be useful in gaining intel that could condemn or exonerate them.

     

    reply to this | link to this | view in thread ]

  34.  
    identicon
    Anonymous Coward, Nov 20th, 2008 @ 11:28am

    Re: Re: Re: In his sensationalism...

    Either an owner or an authorized user can install a keylogger legally without notifying anyone else. The FTC has no problem with that. Corporate America does it all the time (the company owns the machine). NetNanny and the like are perfectly legal (as long as an owner or the owner of a userid on the machine installs the software knowingly).
    OK, RemoteSpy can be used in the same manner. So by your argument, RemoteSpy is, to use your words, "perfectly legal".

     

    reply to this | link to this | view in thread ]

  35.  
    identicon
    Anonymous Coward, Nov 21st, 2008 @ 5:07am

    Oog am strong. Oog ban fire. Now Oog tribe no burn houses no more.

    Oog find hard rump meat a real PITA.

    Oog cold.

     

    reply to this | link to this | view in thread ]

  36.  
    identicon
    Sean, May 28th, 2013 @ 7:18am

    Terms of Use

    Requires that you only install its software on computers that you own or have permission to monitor and that you inform all users of those computers that they are being monitored. Failure to do so may result in breaking of Federal and State laws. Awareness Technologies will cooperate with authorities in investigation of any allegations of misuse. Consult legal counsel if you have any questions regarding your specific circumstances.

     

    reply to this | link to this | view in thread ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Save me a cookie
  • Note: A CRLF will be replaced by a break tag (<br>), all other allowable HTML will remain intact
  • Allowed HTML Tags: <b> <i> <a> <em> <br> <strong> <blockquote> <hr> <tt>
Follow Techdirt
A word from our sponsors...
Essential Reading
Techdirt Reading List
Techdirt Insider Chat
A word from our sponsors...
Recent Stories
A word from our sponsors...

Close

Email This