A couple of posts ago I wrote about an EU Directive, and how an attendee at our Antispyware Workshop told me it would severely affect adware. Either I misheard him or he got the designation wrong, but instead of it being Directive 8446, like I said earlier, my research has found that it's really Directive 95/46. This Directive is intended to protect the personal data of individuals. It requires that any company collecting data on an individual must first obtain the consent of that individual. The company must also identify itself to people from which it collects data, and allow those people access to the data so that they may make any necessary corrections.
To my knowledge, this Directive hasn't yet been used against adware companies, but it should. I wish we had a law like this in the U.S. If adware companies were forced to contact everyone they gathered information on, they would be forced into the light in a way they haven't been before. No more hiding behind multiple company and product names. The big question is whether they could really survive this type of scrutiny.