Spyware beware, as a new document released by the Anti-Spyware Coalition (ASC) signals a seriously escalating breakdown of potentially unwanted programs.
The new “risk model description” released by the ASC provides criteria to aid anti-spyware developers in identifying spyware programs through certain behaviours they exhibit on a computer.
“This document clarifies the specific, objective behaviours that make certain programs dangerous,” said Ari Schwartz, deputy director of the U.S. Center for Democracy and Technology (CDT), a member of the ASC. These behaviours are evaluated to determine how they affect privacy, security and user experience.
Program behaviours that could affect privacy include those that compromise the user’s information or data. A program could also be potentially unwanted if it negatively affects user experience and functionality, as well as compromise security through behaviours that lead to attacks on the computer or becoming a vehicle for an attack, ASC said. The risk model description can also serve as a framework for drafting anti-spyware legislation, said David Fewer, staff counsel for the Canadian Internet Policy and Public Interest Clinic (CIPPIC) in Ottawa.
“The first challenge spyware poses policy makers is definitional: what makes any given technology spyware, and so objectionable?” Fewer said.
In the U.S., a number of spyware-related complaints have been filed with the Federal Trade Commission — the latest was a complaint against Internet ad developer 180solutions Inc.
Although CIPPIC is constantly on the lookout for spyware shops in Canada and vowed to “be quick to bring more complaints” against them, the legislative environment seems to be lacking.
“We do have some existing laws that address some of the behaviours that exist with spyware,” said Fewer. “But these are fairly narrow provisions and only capture one small segment of the kind of behaviours that are potentially unwanted and objectionable.” Federal legislation specifically addressing spyware is needed, he said.
Fewer expressed optimism that the newly elected Conservative government would heed this call, stressing the previous government’s commitment to addressing spam and spyware, as part of the bigger issue of ensuring the Internet remains a “trustworthy vehicle for e-commerce and democratic participation.”
“The Conservatives, we’re certain, will be looking at the issue,” Fewer said, adding it would be “quite irresponsible” to ignore the problem.