The U.S. House of Representatives last week overwhelmingly passed two separate anti-spyware bills, but as the measures now move to the Senate, legislators will find most of the hard questions unresolved—a familiar scenario in Congress, where similar House bills withered last year following Senate inaction.
The SPY ACT (Securely Protect Yourself Against Cyber Trespass), authored by Rep. Mary Bono, R-Calif., takes the more active approach, requiring a conspicuous notice to users before transmitting spyware.
The SPY ACT largely resembles the Senates SPYBLOCK (Software Principles Yielding Better Levels of Consumer Knowledge) bill, sponsored by Sens. Conrad Burns, R-Mont.; Ron Wyden, D-Ore.; and Barbara Boxer, D-Calif. The sponsors are awaiting a date for a committee hearing on the bill and hope to have one before the end of the summer, an aide to Burns said.
Alternatively, the Internet Spyware Prevention Act, authored by Rep. Bob Goodlatte, R-Va., focuses on penalties for fraudulent or deceptive behavior without targeting any particular technology—an approach favored by the IT industry.
Goodlattes bill, which passed the House 395-1, makes it a crime to intentionally access a computer without authorization by causing code to be copied onto the computer and using it for malicious purposes.
From the industrys perspective, the Goodlatte approach avoids the possibility of ensnaring legitimate software downloads, such as security patches.
IT managers, who are employing a growing array of technologies to combat spyware themselves, widely applaud the legislative initiatives as a supplement to their own efforts.
Jeff Smestuen, network manager at Blue Bell Creameries L.P., in Brenham, Texas, said spyware and other unwelcome traffic have increased exponentially on his network in the past 18 months.
“Most of [the data mining programs] are crap software. They take up a lot of resources on your machine, and they can take a machine down to a crawl,” Smestuen said.
As for the legislative approach to reducing spyware, Smestuen said he supports both a notice requirement and tough criminal penalties.
to read more about attempts to outlaw spyware.
“The only way you should get those kinds of programs is if you agree,” Smestuen said. “I think of spyware and spam as theft and an intrusion. Its costing me money and productivity. The laws need to be strict, and the penalties have to be severe.”
Check out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEK.com Security Center Editor Larry Seltzers Weblog.