How Do You Define Spyware?

from the not-so-easy dept

Now that we've done an absolutely dreadful job of defining and (not) banning spam, politicians have worked their way up to spyware - where they're discovering an identical problem. Just how do you define spyware? While a federal anti-spyware bill is being worked on in Congress, over in Utah they're pushing ahead with their own state version. However, a bunch of well known internet companies are lobbying hard against the bill, saying that the definition of spyware is way too broad and would end up banning plenty of things that should remain perfectly legal. Once again, it sounds quite similar to the discussions about anti-spam legislation. The companies involved say they support the concept of stopping spyware, but are worried about this particular attempt to do so. Of course, as with the spam debate, this could just lead to a watered down law that does nothing useful other than make politicians claim they did something. The real issue isn't with the actions of the spyware - but that it often gets installed without the user realizing what they're installing. Sometimes, users want to use a product that might be considered spyware, but they should at least be in a better position to understand what it's doing with their data and be given more control to turn it off if they no longer want it.
Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team


Reader Comments

Subscribe: RSS

View by: Time | Thread


  1. identicon
    Oliver Wendell Jones, 15 Mar 2004 @ 1:01pm

    Spyware Def

    A cookie is not Spyware.

    Software like Windows Media Player and WinAmp that reports usage statistics and miscellaneous non-user specific data to a central repository *and* tell you about it *and* (most importantly) give you the option to NOT report such information are not spyware.

    Software like WMP and WinAmp that do not make it easy to to NOT report information (like, oh.. say anything by REAL for example) and consistently put a program in your Systray even though you've disabled it, Ctrl-Alt-Deleted it and uninstalled 50 or 60 times are *probably* spyware.

    Programs that install themselves behind your back, that don't have a visible window or icon in the task bar/systray that report on your surfing trends and serve no useful purpose and/or were never requested by the owner of the PC are definately sypware.

    Programs that have one 'obvious' purpose (Gator) and yet also do other sneaky things such as reporting your surfing trends and/or replacing ads on websites you visit are definately spyware.

    Except for the Probably part they all seem pretty cut and dry to me.

    link to this | view in thread ]

  2. identicon
    Beck, 15 Mar 2004 @ 1:24pm

    Easier Definition

    Anything removed by Ad-Aware or SpyBot is Spyware. They have already created the definition. Can you write that into legislation?

    link to this | view in thread ]

  3. identicon
    BoilerBob, 15 Mar 2004 @ 1:34pm

    Re: Spyware Def

    While I agree completely with our definitions, you haven't define a law. Law's can't have probably in them. Furthermore, you need to define "behind your back". Burying a disclaimer in the terms of service would allow this software to be legal yet who reads the TOS?

    I'm a fan of free markets. Between ISP's and browser addons, pop-ups are being eliminated. If more people removed spyware with tools like adaware, the economics would force these companies to stop.

    link to this | view in thread ]

  4. identicon
    Jason Newcomb, 15 Mar 2004 @ 1:46pm

    Spyware is hacking.

    Anyone who takes code and uses it to record personal information is a hacker.

    If you notice that a machine has "spyware" loaded, what information has it obtained? And for who? Does someone have my bank account information? My online trading account information?

    With names like "Key Logger, Hijackers, plugin-ignore, tracks, and trojans", how should we define it?

    If it modifys the original operating condition of a web browser without notification, or even if it is buried deep in a license agreement, the user will likely miss it.
    (That is another subject)

    In any case, it may be safe to say that most people have no private information when they log into a computer. Seeing as we have industries that depend on privacy and security, the industry may want to take the helm here.

    Just my two cents.

    link to this | view in thread ]

  5. identicon
    data64, 15 Mar 2004 @ 2:55pm

    Re: Spyware is hacking.

    Anyone who takes code and uses it to record personal information is a hacker.

    You might be confusing a hacker with acracker.

    link to this | view in thread ]

  6. identicon
    zackery weatherwax, 16 Mar 2004 @ 5:00am

    doesnt take a genius to know what spyware is

    one huge problem i had while reading this was that companies who defend against spyware saying that it is way too broad to define it is just saving their own tail. they most likly distribute alot of the spyware. i think that spyware should be defined as whatever you dont want on your computer that downloads on its own without you really doing anything. the non spyware i would say is the stuff you choose to download. that is one of the most simplest ways of defining it.

    link to this | view in thread ]

  7. identicon
    suzi, 16 Mar 2004 @ 9:42pm

    definition of spyware

    From the most authoritative site on spyware - www.spywareinfo.com:
    Spyware is software or hardware installed on a computer without the user's knowledge which gathers information about that user for later retrieval by whomever controls the spyware.
    Spyware can be broken down into two different categories, surveillance spyware and advertising spyware.
    Surveillance software includes key loggers, screen capture devices, and trojans. These would be used by corporations, private detectives, law enforcement, intelligence agencies, suspicious spouses, etc.
    Advertising spyware is software that is installed alongside other software or via activex controls on the internet, often without the user's knowledge, or without full disclosure that it will be used for gathering personal information and/or showing the user ads. Advertising spyware logs information about the user, possibly including passwords, email addresses, web browsing history, online buying habits, the computer's hardware and software configuration, the name, age, sex, etc of the user.
    As with spam, advertising spyware uses the CPU, RAM, and resources of the user's computer, making the user pay for the costs associated with operating it. It then makes use of the user's bandwidth to connect to the internet and upload whatever personal information it has gathered, and to download advertisements which it will present to the user, either by way of pop up windows, or with the ad banners of ad-supported software. All of this can be considered theft in the cases of advertising spyware that installs without disclosure.


    http://www.spywareinfo.com/articles/spyware/

    link to this | view in thread ]

  8. identicon
    giZZmo, 13 Sep 2004 @ 10:58pm

    ANY anti-spyware law is better than none...

    if for no other reason than companies like Claria (Gator) won't be able to just sue someone who makes a program to remove their software. Once the threat of lawsuits flying around is somewhat removed, we'll see antivirus companies with larger resources start to tackle the problem head-on. The little guys are losing the battle. If a Symantec or a Network Associates were able to aggressively remove spyware without making themselves a huge target for spyware companies to sue, their software might make more than a half-hearted attempt at ridding users' machines of spyware.

    link to this | view in thread ]

  9. identicon
    rytcv@mail.com, 2 Oct 2006 @ 7:53am

    yboqfsxp cgtedib

    csei yhpjqxt hbzuyn pufgdzt dxkzho mfexslw bfztl

    link to this | view in thread ]


Follow Techdirt
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Discord

The latest chatter on the Techdirt Insider Discord channel...

Loading...
Recent Stories

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.