Spyware

Just the word--"spyware"--sounds evil. Well, it is, and the problem is that it's not clearly illegal. It's time that it was.

Did you know that with spyware somebody could be logging all your keystrokes and having that information sent to them over the Internet? They could also be looking at your private financial information, your confidential memo or other private information. Ever had an advertisement popup over another ad? That could be spyware too.

"Spyware" is a great example of the proposition that the Internet is so new that we have yet to pass all the fundamental laws that should govern it. To me, surreptitiously installing spyware on my computer is not much different than spying on me using more traditional means. It seems to me that it should be a crime to bug my house with a listening device or to bug it with software. Right now, only the listening device is clearly illegal, and that's absurd.

Spyware is a rampant problem. If you have never checked your computer with one of the anti-spyware utilities, it's likely that you have spyware lurking on your system. (My favorite utility is "Ad-Aware." It's free, and you can find it at http://www.download.com/3000-2144-10045910.html.)

One of the problems with legislating on spyware is that it's not easy to define, and "I know it when I see" won't cut it. The best pithy definition I can come up with is that "spyware" is any software program that installs on your computer without your knowledge or consent and monitors your online activities and transmits this information to a third party; or causes advertisements to appear on your screen.

Utah is the only state that currently has a statute on spyware. When it was a pending bill, several large reputable companies expressed their concern about the law. In a letter, they said, "[I]ts definition is extremely broad and would cover a host of important and beneficial Internet communication software, and even the communication of routine network information….They may include information necessary to provide upgrade[d] computer security to protect against hacker attacks, to provide interactivity on web sites, to provide software patches, to improve Internet browser performance, or enhance search capabilities."

I think that we can overcome the objections with careful statutory drafting and proper disclosure by software companies. While I do recognize that the "definition" issue is not simple, I don't think that this should slow our pursuit for legal protection we so obviously need.

I happen to think that if you are going to program my computer to send you information over the Internet, I have a right to know that. That's not a difficult concept.

Spyware purveyors often argue that they do disclose their activities in their license agreements and technically that might be true. However, let's get real here. They typically bury their "disclosures" in an intimidating license agreement written in obtuse legalese. We all know nobody reads that license and they depend on that.

The types of disclosures I'm talking about are in plain language and are conspicuous.

The bottom line is that we need legislation against a rampant and serious problem. We should not let the details get in the way. Rather, let's deal with these details and get some legislation passed.