Next: Outlawing spyware?

Utah has become the first state to make spyware a crime, passing a law that makes it illegal to install such programs on a PC without approval.

Starting in early May, violators face a fine of US$10,000 per incident, under the new Spyware Control Act. The Utah law aims to regulate the use of spyware and other advertising software, which is infamous for annoying computer users by tracking and reporting their Web whereabouts and displaying ads.

A software company that wants to load a surveillance program onto a Utah user's PC must make full disclosure, under the law. It must reveal what user behavior its software records, what information goes back to a central server, how often ads will appear, and how the ads look. Vendors must also clearly state the purpose of the downloaded software and any changes it makes to a PC's system.

"Spyware is horrible," says Utah State Representative Steve Urquhart, who sponsored the bill. He says spyware makes spam look like a minor inconvenience. "Sure, spam is a nuisance, but spyware is a violation of your privacy," he adds.

Utah's tough stance on spyware isn't going over well with many tech companies that feel the law is poorly written and overbroad.

"We feel this law will essentially outlaw a perfectly acceptable form of advertising and commerce," says Emily Hackett, executive director of the Internet Alliance, an Internet trade association.

In fact, the Internet Alliance tried unsuccessfully to convince Utah Governor Olene S. Walker to veto the Spyware Control Act. Also supporting the veto request were America Online, Google, Microsoft, Yahoo, and CNET Networks.

Opponents say the Spyware Control Act is a legal threat to a technology company's right to innovate. Hackett says the Utah law could be interpreted to ban free ad-sponsored software, and perhaps even threaten common e-mail programs that track when and which messages are delivered.

"We don't feel a ban on a specific technology is the right approach here," Hackett says. She concedes spyware is a problem, but adds, "technology isn't bad, it's the behavior of the people who use it."

Even the anti-spyware, pro-privacy Center for Democracy and Technology lobbied for a veto in Utah. Its representatives call the law "premature" and cite "definitional difficulties" with the word spyware. The group applauds Utah's attention to what it calls invasive and deceptive software, but urges a stronger, more consumer-focused approach.

Tech firms bristle

Just as the federal antispam CAN-SPAM Act has been called a well-meaning but ineffective effort, even supporters of anti-spyware measures are urging caution. Still, several other states and Congress are considering similar legislation.

Iowa and California are considering anti-spyware proposals. New York State legislators are reviewing a draft of an antihacking law that may also prevent companies from piggybacking advertising software with more desirable applications.

The U.S. Senate is considering an anti-spyware law, the Software Principles Yielding Better Levels of Consumer Knowledge (SPYBLOCK) Act. It would require distributors of spyware to get PC users' consent before installing software that records keystrokes, site navigation, or similar data and that shares it with another party.

Introduced in late February, it is due to be worked on over the next few weeks, according to a Senate staffer.

"Spyware allows virtual Peeping Toms to watch where you go and what you do on the Internet," said cosponsor Sen. Ron Wyden, D-Oregon, upon introducing the SPYBLOCK bill.

The proposals to reign in spyware are similar to efforts to control spam. They also face the same challenges, analysts say.

"Typically, legislative efforts to deal with tech issues haven't been raving successes," says Eric Hemmendinger, research director for security and privacy at the Aberdeen Group.

Walking the Line

The Utah Spyware Control Act was inspired by a court case involving pop-up ads, and was positioned as protection for Utah businesses.

Utah-based 1-800 Contacts took issue with the advertising firm WhenU, which served pop-up ads to the 1-800 Contacts Web site. Among the ads: 1-800 Contacts competitor VisionDirect.

State Rep. Urquhart says the law will let a Utah firm sue a spyware company that doesn't follow the Spyware Control Act, when its program displays ads on the Web site of a Utah-based business. He also says the act will help protect consumers by forcing spyware companies to be more upfront about their software.

"No legitimate company that notifies its customers of what is being installed on their system and what it does should have any reason to fear this law," Urquhart says.

Urquhart sees an irony in the tech industry's opposition to the Spyware Control Act in favor of self-regulation. "If not this now, then what when?" he asks.

The Internet Alliance has argued that self-regulation and technology solutions will ultimately be more affective in thwarting spyware. But Hackett could not point to any spyware solutions in the works.

"We don't have a working solution yet," Hackett says. "It's not that we are stalling. It's because it's a really tough nut crack."

In the interim, and outside Utah, users can readily find numerous freeware, shareware, or otherwise inexpensive programs designed to hunt down and remove spyware from PCs.

- Emily C. Kumler of the Medill News Service contributed to this report.

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Tom Spring

PC World
Show Comments

Brand Post

Most Popular Reviews

Latest Articles


PCW Evaluation Team

Maryellen Rose George

Brother PT-P750W

It’s useful for office tasks as well as pragmatic labelling of equipment and storage – just don’t get too excited and label everything in sight!

Cathy Giles

Brother MFC-L8900CDW

The Brother MFC-L8900CDW is an absolute stand out. I struggle to fault it.

Luke Hill


I need power and lots of it. As a Front End Web developer anything less just won’t cut it which is why the MSI GT75 is an outstanding laptop for me. It’s a sleek and futuristic looking, high quality, beast that has a touch of sci-fi flare about it.

Emily Tyson

MSI GE63 Raider

If you’re looking to invest in your next work horse laptop for work or home use, you can’t go wrong with the MSI GE63.

Laura Johnston

MSI GS65 Stealth Thin

If you can afford the price tag, it is well worth the money. It out performs any other laptop I have tried for gaming, and the transportable design and incredible display also make it ideal for work.

Andrew Teoh

Brother MFC-L9570CDW Multifunction Printer

Touch screen visibility and operation was great and easy to navigate. Each menu and sub-menu was in an understandable order and category

Featured Content

Product Launch Showcase

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?