Should It Be Illegal To Sell A Keylogger? Or Just To Use It?
from the might-be-pushing-the-boundaries dept
A court has issued an injunction temporarily banning the sale of a keylogger product called RemoteSpy. The ruling probably makes sense under the current FTC law, but it does raise some questions about whether it really makes sense to ban the sale of such a program, versus just the use of one. I can certainly understand why you might want to ban the sale of such programs, because if they’re sold, they’re perhaps more likely to be used. However, it still seems wrong to make it illegal to sell some software because that software can be used for illegal activities. Shouldn’t the liability belong to those who actually use the software for illegal purposes?
Comments on “Should It Be Illegal To Sell A Keylogger? Or Just To Use It?”
Without having read anything linked from this blurb, I’d imagine that the court’s justification is that it goes well beyond that the software “can be used for illegal activities” but, rather, that the primary purpose of the software is illegal.
Your final question is like asking if it shouldn’t be the crack user only, and not the crack dealer, that is punishable in the buy/sell transaction.
Re: Re:
Cygnus, your logic is flawed. Crack is a controlled substance, and ingesting crack is against the law.
Key logging software is not currently legal, nor should it be. And while I’m not a lawyer, I would be very, very surprised to find out that key logging, the primary purpose of the software, is illegal. If it were, that would be a vicious slippery slope since just about everything you do on a computer is logged somewhere for perfectly valid reasons.
Think about it this way: if they rebranded their product from “RemoteSpy” to “Nanny 2008” and called it a programming for monitoring what your children are doing, this would probably be a very different story.
Re: Re: Re:
Aargh. Correction:
>> Key logging software is not currently *illegal*.
Sorry, I’m done with the comment spam.
Re: Re: Re:
How about addressing the first paragraph, then.
Re: Re: Re: Re:
Your first paragraph culminated with “the primary purpose of the software is illegal”, which is untrue. There’s plenty of other physical-world analogies to the situation where product A has a legitimate purpose, but is frequently used for illegal activities. That doesn’t mean we should ban its sale.
– lockpicks
– guns
– Sudafed… oh wait, we did ban OTC sales of Sudafed because junkies were cooking it up.
It’s a line we have to walk, when is something worth banning because of its potential for abuse. I think banning keyloggers is bad idea, since (as I exemplified) this would probably encompass very useful and legitimate software with friendlier names.
Re: Re: Re: Re:
You mean where you admit that you didn’t even bother to read the story before commenting? I don’t know about mslade, but I can’t think of a nice way to respond to that.
Re: Re:
the primary purpose would be to monitor children’s public access or work computers to ensure they are not doing something against company policy. this is no different than the monitoring software that lets you see everything someone on another computer is doing (which is installed in most school computer labs).
Programs don't spy on people...
People do. No, really, this is no different from the on-going TIRED debate about firearms.
IMO everything should be illegal, and we should all be put in prison.
To my knowledge, keyloggers are commonly used on corporate/school computers to monitor the actions of the employees/students online.
If it were illegal, where would law enforcement get their copy ?
Re: Re:
Laws don’t apply to cops. Duh.
In his sensationalism...
Mike forgot to point out that this particular keylogger is designed to be installed remotely without the owner’s knowledge, which would ALWAYS be illegal.
Re: In his sensationalism...
Heh, I just clicked the link and saw that. I concede, this should be illegal. Boo @ sensationalism for making me engage in a bogus debate.
Re: In his sensationalism...
Mike forgot to point out that this particular keylogger is designed to be installed remotely without the owner’s knowledge, which would ALWAYS be illegal.
Really? I seem to recall reading about the FBI doing that.
Re: Re: In his sensationalism...
rootkit.
Re: In his sensationalism...
Why do you assume that the person sitting at the machine is the owner? It would make perfect sense for a large corporation with many officers or centers to use a product that is specifically designed to be installed from afar, rather than trying to remotely log into each computer and install it, or paying techs in several cities to do so, and hoping that they each do it correctly.
Re: Re: In his sensationalism...
…with many officers or centers… should be ‘with many offices or center’. Pardon me. 🙂
Re: Re: In his sensationalism...
Rose M. Welch says: Why do you assume that the person sitting at the machine is the owner? It would make perfect sense for a large corporation…
Are you arguing that the software being sold is legal or illegal?
Meanwhile, read the complaint, people. Don’t just jump on the bandwagon because someone’s beating a drum.
Either an owner or an authorized user can install a keylogger legally without notifying anyone else. The FTC has no problem with that. Corporate America does it all the time (the company owns the machine). NetNanny and the like are perfectly legal (as long as an owner or the owner of a userid on the machine installs the software knowingly).
According to the FTC complaint, RemoteSpy provides tools and instructions to trick people into running the install without realizing what they’re doing. The company advertises the fact that RemoteSpy is designed to stealth install, conceal its presence and take steps to complicate removal when finally detected. (The FTC complaint includes quotes from company advertisements supporting these points.)
There is no compelling legal use for the stealth install, cloaking or complicated removal features of the software. If the company wants to sell RemoteSpy, all they need to do is remove those features. They should probably ditch the “how to trick people into installing” wizard too, but arguably a non-stealth install would mitigate that issue if people are smart enough to read the warnings.
Also note that the FTC is filing this complaint in response to a complaint to them in March from the Electronic Privacy Information Center (free speech rights, privacy rights, anti-FISA, keep the government far from my computer, etc.). EPIC claimed that RemoteSpy is illegal. The FTC is acting on their complaint.
Sometimes the Feds do the right thing, people.
Re: Re: Re: In his sensationalism...
OK, RemoteSpy can be used in the same manner. So by your argument, RemoteSpy is, to use your words, “perfectly legal”.
Re: Uhh
What if i own the computer that i would like to install to remotely, Without the other users knowledge?
Should be illegal
Drug paraphernalia, for example is illegal to sell. Bongs for example. (and before I get a bunch of responses saying that they are legal .. what is legal is a “water pipe” where they explicitly say “for tobacco use only”). If its primary and only use is to perform an illegal activity then the equipment should be illegal itself. The keylogger falls into this category.
Re: Should be illegal
OK, so all they need to do is say somewhere, like in the EULA, that the product may not be used for illegal purposes and then they’re good? I bet they had something like that.
Re: Should be illegal
The primary use of a keylogger is to keylog. Keylogging is not illegal. Keyloggers should not be illegal.
i don’t see why key loggers are illegal, in one of previous jobs we had continuous problems with malware and viruses on certain PCs of course no one admitted using them, looking at the browsers history told us what sites were accessed and what times but that still didn’t tell us who, we had to install key loggers on all affected machines in order to find out who was the culprit.
Possible legal use
You could have a program that’s crashing horribly, and use a keylogger to figure out exactly why, by seeing what command was typed in or what shortcut was used right before it crashed. This is especially useful if it’s crashing badly enough that it can’t log anything first – as long as it doesn’t take the whole system down, the keylogger should be able to capture the last input. Particularly, if it’s a rare bug being encountered, a few testers with keyloggers running can get the problem fixed much faster than without them.
If you play computer games at the worldwide tournament level, a keylogger could be useful to learn someone’s favored build order in a stategy game (with their permission, of course.)
Etc.
Yes, the overwhelming majority of times a keylogger is employed, it’s to do something unethical, and usually illegal as well, but they DO have legitimate uses.
That being said, a program called “RemoteSpy” clearly isn’t targeting itself at legit uses.
Ban Cars Too
I’m pulling out my crayon and paper and writing block letters to my congressman asking him, while he’s about the task for banning software that might be used illegally someday, to also BAN CARS WHICH MIGHT BE USED BY SPEEDERS OR BANK ROBBERS OR DRUG SMUGGLERS AFTER THEY ARE SOLD.
Sir: PLEASE PROTECT US.
It only works on Microsoft products, probably gets in via javascript or activeX.
The basic difference between this and dealing drugs or selling guns is that drugs and guns are physical. If I have one gun, I can only sell it to one person. However, keyloggers could just be shared peer-to-peer. Banning their distribution is just as enforceable as banning illegal music downloads.
Ban More
They are going to ban Visual Basic as well, since the program used to write illegal software!
Re: Ban More
“They are going to ban Visual Basic as well, since the program used to write illegal software!”
Whoa – visual basic ?
You’ve got to be kidding
while all of you are debating legalities i downloaded remote spy via bit torrent
..jesus.
Ban thinking. If you couldn’t think of doing illegal things, you wouldn’t be able to do them. I hate this sh1t.
It’s stupid to ban the sale. Let’s use the child porn theme (which seems to be popular)and see what else sould be banned.
Backup Tools – They can be used to backup child porn.
Cleanup Tools – They can be used to cleanup traces of child porn.
DVD Software – They can be used to play child porn.
E-Mail Clients – They can be used to email child porn.
Graphics Viewers – They can be used to view child porn.
HTML Editors – They can be used to make websites that contain child porn.
IRC Clients – They can be used to talk about child porn.
Text Editors – They can be used to write stories about child porn.
Video Capture Software – They can be used to capture child porn.
Video Converters – They can be used to to convert child porn.
Video Editing Software – They can be used to edit child porn.
Video Players – They can be used to play child porn.
You can’t blame the tool for the person who abused it. I can imagine there are useful implementations for such a tool. Security would be one. If you suspect that one of your employees is leaking secrets, it would be useful in gaining intel that could condemn or exonerate them.
Oog am strong. Oog ban fire. Now Oog tribe no burn houses no more.
Oog find hard rump meat a real PITA.
Oog cold.
Terms of Use
Requires that you only install its software on computers that you own or have permission to monitor and that you inform all users of those computers that they are being monitored. Failure to do so may result in breaking of Federal and State laws. Awareness Technologies will cooperate with authorities in investigation of any allegations of misuse. Consult legal counsel if you have any questions regarding your specific circumstances.