Coalition Publishes Spyware Guide

The Anti-Spyware Coalition defines key terms and behaviors that characterize spyware programs.

Like pornography, spyware has been one of those things that most people cant define but know when they see. No longer.

The Anti-Spyware Coalition, an anti-spyware industry group, on Tuesday published a document that aims to put spyware in its place by defining key terms and behaviors that characterize spyware programs.

The list of uniform definitions is the first major contribution of the ASC, a collection of anti-spyware companies and consumer groups that formed early in 2005. The list provides examples of "potentially unwanted technologies," a term the group prefers to "spyware," and is intended to give anti-spyware software makers a uniform standard by which to evaluate software programs, said Ari Schwartz, associate director of the CDT (Center for Democracy and Technology, which heads the ASC.

"We want everybody working from the same book of definitions. The more common discussion there is about [spyware], the better decisions users can make in the marketplace," said David McGuire, communications director at CDT.

/zimages/2/28571.gifA recent study found that more that 90 percent of U.S. Internet users have changed their online behavior to counter the threat of spyware programs. Click here to read more.

Spyware and other potentially unwanted technologies are defined as programs that "impair users control over material changes that affect their user experience, privacy or system security," according to an ASC statement.

The group also provided a list of types of potentially unwanted technologies, from key-logging programs and "screen scraper" tools, to Web page cookies and other tracking programs used by online advertisers. Each type of program is described according to the underlying technology and why the technology could be unwanted by the user. A glossary provides definitions of terms such as Trojan, port scanner, spyware and snoopware.

ASC is made up of representatives from the various companies and from consumer groups, including CDT. It tried to steer clear of labeling any program good or bad, and instead focused on behaviors, Schwartz said.

"We dont think technology itself is the problem. Its more about what these programs do to make them unwanted. The underlying technology is neither good nor bad," he said.

For example, rootkit programs lurk below the surface and purposely avoid detection, which the group considers an "unwanted" behavior, Schwartz said.

/zimages/2/28571.gifClick here to read about how one common spyware program is adopting rootkit methods to creep onto machines undetected.

"If a program is there, then someone should have meant it to be there and it should be easy to identify," Schwartz said.

ASC also included a multistep vendor dispute and resolution process in the ASC document that provides software companies and anti-spyware makers with a guideline for resolving disagreements over whether a particular program is or isnt "potentially unwanted technology."

While the definitions are intended to aid anti-spyware vendors and create consistency in how anti-spyware programs label and treat programs they detect, no vendor is compelled to accept or adhere to the ASC definitions, Schwartz said.

"Anti-spyware companies ultimately make the decisions. They all make good products, but they do things differently. Consumers will decide which [program] is best for them in the marketplace," Schwartz said.

ASC has submitted the definitions to the public for comment through August 12, and is accepting feedback from everybody—including companies such as 180 Solutions, Direct Revenue, Claria and WhenU, which have been accused of making and circulating spyware programs, Schwartz said.

"Were interested in getting their comments. Weve told them this is coming and ... consider them part of the public," he said.

/zimages/2/28571.gifCheck out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at Security Center Editor Larry Seltzers Weblog.