X
Business

FTC officials blast spyware measures

Legislators counter that officials should be outraged over potential abuses of privacy and security through programs that serve ads and transmit information.
Written by Declan McCullagh, Contributor
Two Federal Trade Commission officials ignited a political firestorm on Thursday by criticizing proposed laws targeting spyware and suggesting that the measures might harm legitimate software products, too.

During an appearance before a House of Representatives panel, FTC Commissioner Mozelle Thompson said the measures were the wrong approach to spyware and adware. "I do not believe legislation is the answer at this time," he said. "Instead, we should give industry the time to respond...Self-regulation combined with enforcement of existing laws might be the best way to go."

Members of the Energy and Commerce subcommittee on consumer protection reacted angrily to the advice, accusing Thompson and Howard Beales, director of the FTC's bureau of consumer protection, of being the only Americans who enjoyed having their computers infected by spyware and adware.

"You like this stuff? You're the only person in this country that wants spyware on their computer," Rep. Joe Barton, R-Texas, said to Beales. Referring to the rest of the panel, Barton added, "I would double down and bet that if asked whether they want to take it off, every one but you, sir, (would)."

While neither term has any well-accepted definition, adware tends to refer to pop-up advertising networks like those run by WhenU and Claria (formerly Gator). Spyware is more pernicious and can seize control of a computer or leak information. Politicians are feeling pressure to slap restrictions on both spyware and adware this year, and have drafted two new bills in the House. A third has been introduced in the Senate.

Subcommittee Chairman Cliff Stearns, R-Fla., told Thompson, "I'm a little concerned that you're not outraged that people have access to someone's privacy, Social Security numbers, and all this, and you're saying let it go by the wayside."

The FTC representatives countered by saying that while they were "outraged" by spyware, a careful approach was necessary. In addition, during an FTC workshop last week, a prosecutor noted that the Justice Department already had sufficient legal authority under existing computer crime laws to put the most noxious spyware makers in prison.

"We need to determine whether there is a definable class of software that can be called spyware," Beales said. Installing legitimate programs like Microsoft Windows or word processors could be made much more cumbersome if users had to give explicit consent to every one of hundreds of small applications that made up the application, Beales said. Thompson added that spyware is "difficult, if not impossible, to define."

Software industry lobbyists have warned that broad legislation against spyware and adware, such as a controversial Utah law, can have unintended consequences, prohibiting legitimate and desirable utilities and operating system features. One House bill defines spyware as "any software" that "transmits" personal information--a category that would include any e-mail client (because it transmits an address on the "from" line) and many Unix utilities.

But key politicians from both major parties are itching to do something soon, saying their own House computers have been infected by hundreds of adware and spyware strains.

"We are going to move Heaven and Earth to work on a bipartisan basis to modify the (Mary Bono) bill and move it at subcommittee and full committee and onto the floor and to the Senate...this year," said Barton, the chairman of the full Energy and Commerce committee. "I'm not guaranteeing that that'll happen, but the intent of the hearing is to start that process."

Editorial standards