U.S. endorsement of spyware akin to Canuck group’s proposal

IT World Canada Staff

11 years ago

Recommendations of the Commission on the Theft of American Intellectual Property (IP Commission) to United States policy makers to make it legal for firms to install monitoring and surveillance software on devices to prevent IP infringement, mirrors a proposal made earlier this year by Canadian business organizations to fit computers with tools that track user activity.

Claiming that more than $300 billion are being lost to online IP theft annually, the IP Commission recommended that the U.S. government allow companies to equipped computers and devices with software that allows only authorized persons to open specific files. The digital lock will trigger a “range of actions” when unauthorized users attempt to access data.

Image from ShutterStock.com

“For example, the file could be rendered inaccessible and the unauthorized user’s computer could be locked down, with instructions on how to contact law enforcement to get passwords needed to unlock the account,” according to the 89-page report by the commission.

“The recommendations are shocking as they represent next-generation digital locks that could lock down computers and even retrieve files from personal computers,” said Michael Geist, University of Ottawa Internet law professor, in his blog today.

The proposal solution rekindled the debate on digital rights management (DRM) tools, and some media outlets had compared the strategy to those use by cyber criminals who surreptitiously load so-called spyware and ransomware on their victims’ machines. For example, cyber criminals use keylogger programs and software that locks down a user’s computer and demands payment for returning the machine to its original state.

The IP Commission’s recommendation also bears similarities to a proposal presented to Industry Canada in February by the Coalition of Business and Technology Associations. The 13 business and technology organizations called on the government to review a draft anti-spam regulations once more.

They also sought at least 10 exemptions from the draft regulation’s express consent requirements on software installation.

In their proposal, the coalition wants exempted:

(a) A program that is installed by or on behalf of a person to prevent, detect, investigate, or terminate activities that the person reasonably believes (i) presents a risk or threatens the security, privacy, or unauthorized or fraudulent use of a computer system, telecommunications facility or network or (ii) involves the contravention of any law of Canada, or a province or municipality of Canada or of a foreign state.

Such a provision, Geist said, “would effectively legalize spyware in Canada on behalf of these industry groups.”

“This exception could potentially cover programs designs to block access to certain Web sites (preventing the contravention of a law as would have been the case with SOPA), attempts to access wireless networks without authorization, or even keylogger programs tracking unsuspecting users (detection and investigation),” Geist said.