Industry tries to unite again to tackle spyware

The Anti-Spyware Coalition (ASC), a group of IT companies and public interest groups, is hoping to succeed where a previous vendor organisation failed in tackling the global problem of spyware. The ASC released an agreed-upon draft definition of spyware Tuesday that it hopes will promote public comment and ultimately result in users becoming better educated about the dangers of spyware.

The Consortium of Anti-Spyware Technology Vendors (Coast), initially drawn from the security software vendor community, fell apart in February after a failed 16-month effort to coordinate its members' conflicting goals and an ongoing debate over admitting companies that created spyware. The ASC, convened by the Center for Democracy and Technology, has a much wider membership than Coast.

ASC members include the likes of America Online, Computer Associates International, Hewlett-Packard Co., Microsoft and Yahoo, along with McAfee, Symantec and Trend Micro, and antispyware specialist vendors Aluria Software and Webroot Software. The organisation also numbers the Canadian Internet Policy and Public Interest Clinic, the Cyber Security Industry Alliance and The University of California Berkeley's Samuelson Law, Technology & Public Policy Clinic among its members. The ASC was formed in early April, after a number of companies approached the Center for Democracy and Technology about forming a group to combat spyware. The organisation's web site at went live Tuesday.

Ari Schwartz, associate director of the Center for Democracy and Technology, has been heading up the ASC's work. He said that the new antispyware consortium had learned from Coast's experience. "The main difference between us and Coast is that we're trying to help antispyware companies communicate better together and with consumers," Schwartz said. "Coast was more about communication between antispyware companies and software publishers."

Another key differentiator from Coast is that ASC has instituted a policy of full consensus membership where everyone has to agree on bringing on new members, according to Schwartz. He's keen for the organisation to include more public interest groups, pointing out that although they're not members, the National Consumer Law Center and the Consumers Union came to an ASC meeting in Washington, D.C.

Schwartz also wants ASC to become more global. "We've been contacted by a couple of companies from London," he said. Schwartz also pointed out that the group already numbers several European companies -- LavaSoft from Sweden, Safer-Networking from Germany and, new member as of Tuesday, Panda Software from Spain. Australian firm PC Tools is also an ASC member, he added.

One fear the ASC has is the potential harm spyware could be having on consumers' Internet behavior, Schwartz said, as indicated by last week's Pew Internet & American Life Project survey. The study revealed that 91 percent of Internet users polled have changed their behavior online to try and avoid being attacked by spyware and other unwanted technologies.

Spyware isn't only plaguing consumers. "What we're hearing from companies is that spyware is starting to become a bigger enterprise problem," Schwartz said, pointing to the recent multimillion dollar contract for antispyware technology issued by the US Department of Defense.

"We'd like to see more enforcement actions," Schwartz said, adding that the ASC will hope to improve communications between antispyware vendors and law enforcement to track down spyware companies. A commissioner from the US Federal Trade Commission (FTC) attended the ASC's Washington, D.C., meeting.

The ASC is inviting public comment for the next month on documents it released Tuesday. "We're just trying to get a foundation down," Schwartz said. The documents include a list of spyware and other potentially harmful technologies aimed at users, a glossary defining commonly used terms relating to spyware and safety tips about how to protect against spyware.

There's also a process laying out how to resolve disputes if a vendor believes its software has been wrongly tagged as spyware. Previously each antispyware company worked on developing its own process and spyware companies would try to play off one antispyware company against another using their various dispute processes, according to Schwartz. "We're leveling the playing field so that antispyware companies spend less time talking about the [vendor dispute] process and more time on how to tackle spyware," he said.

Spyware can be defined two ways, according to the ASC. "In its narrow sense, spyware is a term for tracking software deployed without adequate notice, consent or control for the user," the organization states in its glossary. However spyware is also used as an umbrella term encompassing not only its narrow definition, but also other "potentially unwanted technologies," the ASC adds, including harmful adware, unauthorised dialers, rootkits and hacker tools.

In its antispyware safety tips document, the ASC has six major recommendations for users to defend themselves against spyware. The organisation suggests that users keep the security on their computers up to date; only download programs from Web sites they trust; familiarise themselves with the fine print attached to any downloadable software; avoid being tricked into clicking dialog boxes; beware of so-called "free" programs; and use antispyware, antivirus and firewall software.

Come Aug. 12, ASC will review and respond to all the comments it has received, Schwartz said. The organisation will then meet toward the end of August and produce a final document. "The next step is do risk modeling, help companies make decisions about what they flag as spyware, what's their objective criteria for flagging, and work on best practices," Schwartz said.

Ben Edelman, a Harvard Law School student researching the methods and effects of spyware, doubts the usefulness of a uniform definition of spyware. "Users know what software they don't like, and there's substantial benefit to letting antispyware vendors compete to best match users' desires and preferences," he commented in an e-mail.

A uniform definition may actually end up benefitting spyware makers, Edelman wrote, adding, "They [the spyware makers] hope to get a single definition they can then manage to escape, and they hope to use those definitional tricks to avoid having their software brought to users' attention for possible removal. This is still a potential worry in any definition project, but the ASC seems to avoid many of the most obvious pitfalls."

Although he was dubious about the potential benefits from the ASC's spyware definition, he concluded, "Still, if the ASC promises more work in the future, perhaps their further work product will have greater benefits for users."

Join the newsletter!

Error: Please check your email address.
Rocket to Success - Your 10 Tips for Smarter ERP System Selection
Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

China Martens

IDG News Service
Show Comments


James Cook University - Master of Data Science Online Course

Learn more >


Victorinox Werks Professional Executive 17 Laptop Case

Learn more >



Back To Business Guide

Click for more ›

Most Popular Reviews

Latest Articles


PCW Evaluation Team

Louise Coady

Brother MFC-L9570CDW Multifunction Printer

The printer was convenient, produced clear and vibrant images and was very easy to use

Edwina Hargreaves

WD My Cloud Home

I would recommend this device for families and small businesses who want one safe place to store all their important digital content and a way to easily share it with friends, family, business partners, or customers.

Walid Mikhael

Brother QL-820NWB Professional Label Printer

It’s easy to set up, it’s compact and quiet when printing and to top if off, the print quality is excellent. This is hands down the best printer I’ve used for printing labels.

Ben Ramsden

Sharp PN-40TC1 Huddle Board

Brainstorming, innovation, problem solving, and negotiation have all become much more productive and valuable if people can easily collaborate in real time with minimal friction.

Sarah Ieroianni

Brother QL-820NWB Professional Label Printer

The print quality also does not disappoint, it’s clear, bold, doesn’t smudge and the text is perfectly sized.

Ratchada Dunn

Sharp PN-40TC1 Huddle Board

The Huddle Board’s built in program; Sharp Touch Viewing software allows us to easily manipulate and edit our documents (jpegs and PDFs) all at the same time on the dashboard.

Featured Content

Product Launch Showcase

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?