Can Malware Firms Use EULAs To Ban Security Firms From Stopping Spyware?

from the interesting-tactic dept

The maker of a keylogger program that is advertised as a way for parents to watch what their kids do online is threatening an anti-spyware maker for listing their product as potentially being spyware. There have been some lawsuits like this before, over the issue of whether or not the product actually is “spyware,” but this case is different in some important ways. Instead of quibbling over the definition being used, the keylogger maker, RetroCoder, says it put a note in its end user license agreement (EULA) saying that the program could not be used by anyone who creates “a program that will affect this software’s ability to perform its function.” In other words, they’re trying to get around the issue by saying anyone who might disable their software is forbidden from looking at their software, as per the license agreement. Just think of the can of worms that opens up, if allowed. Any malware writer would just have to put similar language into an EULA, and antispyware firms wouldn’t be able to do anything. Hell, Sony could do the same thing with their little rootkit. Hopefully, this case actually does go to court (though, you’d have to think the lawyers for RetroCoder would understand it’s a bad idea), because it would help define the limitations of these EULAs. There is already some precedent. Back in 2002, Network Associates was sued for putting language in their EULAs that banned any negative reviews of the product. The company lost that case, making it clear that you can’t put just anything into those agreements.

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “Can Malware Firms Use EULAs To Ban Security Firms From Stopping Spyware?”

Subscribe: RSS Leave a comment
Jeff says:


If I have their software installed and running and I write a program that computes something, hence using CPU cycles, and my program runs at the same time as theirs, I may be “affecting their software’s ability to perform its function”, for example, by changing subtle timing characterists on the machine and hence be in violation of the EULA….


Michael "TheZorch" Haney (profile) says:

Re: Can Malware Firms Use EULAs To Ban Security

No they can’t get away with it. Case in point, California’s law specifically prevents companies from attempting to back out of liability using EULAs as Sony is discovering.

The wording of a EULA cannot ever be allowed to supercede the word of law. If a court allowed such a thing it would set an extremely dangerous precident. Fortunately, legal documents with wording that’s supposed to let them bypass certain laws have been repeated defeated in the courts. No judge in his/her right mind would allow such a thing to happen.

No unless they wanted to be disbarred.

giafly says:

Retrocoder's Reply

“Retrocoder Limited has NOT threatened to sue Sunbelt – we are currently looking at what legal options we have to defend our product.”

“As you can see, at the moment it is just a warning to them to stop blacklisting the program. Our program is not a “trojan” or “virus”, it is used to keep a remote “eye” on your kids or employees. The user must have access to the users machine in order to install the client. Only the installer of the program can view the client machine. Our program does not attempt to bypass firewalls or other such protection.” – Retrocoder (Slashdot)

(Note that this is governed by UK law which made pretty much all breach-of-copyright a criminal offense about 2 years ago. I thought this was stupid and complained to my MP, but almost nobody else did.)

Bryan Price (user link) says:

How about an Installed Software Licensing Agreemen

Installed Software, recognize that this is my hardware you are running on. By installing yourself on my hardware you agree to:

1) being monitored by whatever means the end user wishes to monitor you with, be it other software or additional hardware.

2) do not change my hardware nor more software, nor my settings for either hardware or software without notifying me, and allowing me to change those settings back at any time if they are changed.

3) being modified for any reason by the end user, up to and including complete removal from the hardware.

4) must give the end user a way of removing you completely from the end user hardware. This is a separate issue from #3.

5) Updates are at the option of the end user (Are you listening Google? Apple?)

There’s more I’m sure, but that’s what I’ve got at the top of my head.

Add Your Comment

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...