All too often, we've seen cases
where security software firms were sued
for calling some piece of software "spyware" or "adware." In fact, Microsoft even wanted to make sure that new anti-spyware legislation would make it clear that there's nothing wrong
with calling spyware "spyware." However, in the latest ruling on one of these cases (in which Zango sued Kaspersky), the ruling makes it clear we already have such a law on the books. The judge dismissed the lawsuit, noting that security firms have every right to label software as they see fit
, citing part of section 230 of the Communications Decency Act.
We often point
to section 230, because it protects service providers from liability for the actions of the service providers' users. However, this is referring to a different part of section 230, which says that no service provider is liable for a good faith attempt to restrict access to something it deems objectionable. The court felt that the security company was a service provider, and that since it
believed Zango was objectionable, then it has every right to try to restrict it. The court makes a second very important point. Zango complains that its software is not objectionable, and therefore the security providers cannot block it as objectionable. However, the court points out that the statute clearly says that it's for what the service provider finds objectionable
. In other words, the content in question need not be "objectionable" at all -- it only matters what the service provider feels about it. This is a pretty strong endorsement for the idea that security companies absolutely can call software whatever they feel is appropriate.