FTC Wants Time In The Clink For Spyware Distributors

from the and-throw-away-the-key dept

Despite its best intentions, the FTC has been notably impotent in its efforts at stamping out spyware. Even after they’ve paid fines, many spyware distributors continue to operate and thumb their nose at the the government. Since it doesn’t look like fines are working, the FTC is now endorsing the idea of jail time for spyware distributors, as it hopes that the key to solving the problem is in stiffer punishments. Anyone who has had their computer overrun by spyware or had their identity stolen could be forgiven if they wanted the people behind spyware thrown in jail, but it’s not clear that it’s the best solution. For one thing, there’s no good definition of spyware, nor is it clear what aspect of it is illegal. Most people, to use an old line, know what spyware is when they see it, but such subjective definitions don’t cut it when you’re talking about imprisonment. Furthermore, the FTC doesn’t have a good way of tracking down spyware distributors, particularly when it comes to its most pernicious forms (aimed primarily at stealing confidential information), much of which originates outside of US borders. As is the case with spam, it’s unlikely that government actions will accomplish too much in this battle. The FTC probably realizes this, and in the absence of anything effective that it can do, it at least wants to sound tough.

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “FTC Wants Time In The Clink For Spyware Distributors”

Subscribe: RSS Leave a comment
dorpus says:

Packing Heat

When I parked my car at the apartment complex’s mailbox tonight, a guy wanted to borrow my car’s cigarette lighter to recharge his cell phone. I was confronted with a dilemma, but let him do it, he turned out to be safe.

Is it possible to infect cars with spyware by plugging into the lighter? If this had happened in California or New York, I wouldn’t have let him do it — but it’s Alabama, strangers can and do make off-the-wall requests.

rahrens (profile) says:


A car’s computer isn’t networked with the cigarette lighter. It shares the electrical system, but that doesn’t get you connected to the computer, as a car’s computer is a very specialized unit with specifically designed connectors that only work with the Mfr’s designed diagnostic machines. They don’t do ethernet or wireless, so no, you can’t get a virus on your car’s computer through the cigarette lighter.

Steve R. (profile) says:

Regretfully, one of the things “wrong” with our country, that results in a lot of no-action babble is: “For one thing, there’s no good definition of spyware, nor is it clear what aspect of it is illegal. “ To borrow a pet phrase “Analysis Paralysis”.

I think that there are several clear tests that can be imposed that would serve as clear proof that something is spyware or other forms of garbage. My comments actually go beyond spyware itself. One is the requirement that all programs that phone home inform/allow the user to control its operation. Eliminate the requirement that the user must opt-out, instead offer the user the opportunity to opt-in, marketers do NOT have a right to send you anything. Require that the user have the ability to easly remove any program.

To a degree we don’t have to “define” what is or is not spyware or other type of offensive program. All we need to do is define certain rights for the computer owner. If those rights are violated the assets of the offender are seized.

Anonymous Coward says:

Re: Re:

While the tests you mention sound good in theory they fail in actual execution. Based on those tests the Window’s operating system would be classified as spyware. While there are many that would be willing to debate that it’s true it does illustrate how even tests that appear to be clear and well defined end up including a lot of unintended things.

Another example are the active web pages, those that use such things as AJAX. They “call home” and allow “tracking” and user’s aren’t “asked” whether they want to do this and many don’t even know that it is happening, which runs into problems with the opt-in vs opt-out. So under the example rules a lot of web content (hotmail, yahoo mail, gmail to name a very few) would be classified as spyware.

Based on how well our government is at clearly defining such tests and then reacting when it’s discovered that there’s a problem I for one don’t want them governing this, especially when it involves loss of freedom. They’ve managed to mess things up enough as it is.

Kyles Mom says:

Its the users fault for not reading EULA on installing software. This is like lazy parents who cant watch thier kids.

Trojan droppers and such that result in spyware through exploits from malicious web programming without using a EULA is a different story.

So it is a tough one. Just stop looking at porn and go buy a girls gone wild dvd.

drjones says:

Re: Re:

I think its hardly fair to make the assertion that users should read their EULA’s, and would even be able to comprehend them if they did. There is nothing ethical what-so-ever about a typical EULA.

Most are so obfuscated with overly complex legal-speak and jargon as to make them unreadable to anyone without a law degree, anyhow.

Anonymous Coward says:

i hope this includes stuff like ms collecting your info when u update, but i imagine it wont affect corporate spyware, those companies the infect your computer when u install or update the compnents (as mentioned earlier) but i imagine they are talking about spyware that isnt under the corporate logo

i wish they would just leave the net unregulated and allow us to protect ourselves, but remember when massachusetts wanted to outlaw firewalls because they might mask an indentity? they will botch this one too

Fred Flint says:

It'll Never Happen...

… because by any definition of spyware, you’d have to include Microsoft Windows, starting with XP and especially, especially the new Vista. Then there’s Hewlett Packard, Dell, even keyboard makers, etc. etc.

All of them spy on you, they don’t ask permission and it’s damned difficult and sometimes near impossible to get them out of your computer. In the case of Windows, it is impossible to stop them.

Bill Gates won’t be going to jail…

Billy says:

The Can-Spam act already makes it a federal felony to spam more than 20,000 unsolicited messages a week. This is punishable with BOTH jail time and a fine. It’s already been used several times to send people to jail.

How is spyware any different than spam? Ethically, they are both in the same category.

Let’s make it real easy. Make the law read “….software that is installed without the users knowledge or direct authentication shall be ILLEGAL”

Granted this will make writing EULAs a little more difficult, but only to that special group of jerks that want to sneak “Bonsi Buddy” onto your machine.

You’d figure it’s been long enough that people will realize that spam mail, pop up ads, and banner ads are possibly the WORST form of advertisement there are.

You get out what you put in. Spam mail advertising couldn’t be more simple. So guess how effective it is? That’s right, it actually hurts your product sales, not increases them.

Wolfger (profile) says:

I think the definition is simple

Spyware: Any software which transmits data about the computer user without his knowledge and consent.

This would stop anything that transmits passwords, web browsing information, credit card info, name, address, phone number… but legitimate software with a real need to transmit this stuff could still do so by way of a pop-up box informing the user of what is to be transmitted, and requesting permission. The important thing would be to make it illegal to bury this “information and approval” in a EULA that 99% of people do not completely read.

In fact, let’s just make EULAs illegal, while we’re at it. 🙂

Add Your Comment

Your email address will not be published.

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...