Lavasoft News - December S2006

Call for Consensus Anti-Spyware Legislation

The news that Zango, Inc., one of the world’s largest distributors of adware, settled the U.S. Federal Trade Commission’s (FTC) charges that the company violated federal law by using unfair and deceptive methods to download adware, was a clear victory in the fight against spyware. But the results of the settlement show the limitations of current legislation in deterring spyware vendors, and the challenges that lie ahead in protecting consumers’ privacy.

Just days after the announcement, FTC Commissioner Jon Leibowitz urged the U.S. Congress to give the agency expanded authority to impose civil fines on distributors of hidden spyware.

"The civil penalty authority Congress granted us in the (anti-spam law) gave our anti-spam efforts real teeth. Sadly, in spyware cases, we don't yet have that authority," Leibowitz said. "Right now, all we can get is disgorgement of profits, but we can’t fine the malefactors at all. What kind of deterrence is that?"

Doubt is also being cast on Zango’s adherence to the settlement. Spyware researcher Ben Edelman told Lavasoft News that Zango has not reformed its ways.

"If Zango were to comply with these requirements, in full, users would far better be able to understand what Zango does, and to decide whether or not they want it. Unfortunately, Zango is not in compliance with this settlement. Installations remain, some of them surprisingly widespread that do not do what the settlement requires," Edelman said.

The consumer advocacy group Center for Democracy and Technology (CDT), who in January filed a complaint with the FTC against Zango for deceptively distributing adware to millions of people, hailed the win as a benchmark in the fight against spyware.

"This is a landmark settlement, and one that sends an important message to companies that have built their businesses on the backs of Internet users without any concern for what those users want," said Ari Schwartz, Deputy Director of the CDT, in a press release.

As part of the settlement’s terms, future downloads of Zango’s adware without consumers’ consent are banned; it is required to provide a way for consumers to remove the adware, and must give up $3 million in ill-gotten gains.

The CDT believes the precedents established in this case could vastly improve the Internet experience for millions of users. But it is uncertain if precedent alone is enough to bring about change.

"If Congress really wants to enhance consumer protection in the next decade, it needs to come up with a consensus anti-spyware law that gives us the authority to penalize the purveyors of spyware who cause so much consumer harm," Leibowitz said in his speech.

Under current U.S. law, the FTC can go to court and ask that a company be made to give up ill-gotten profits, but cannot impose additional, civil fines.

Increased anti-spyware legislation has been initiated in the past few years without making a final passage through Congress. Critics have voiced concerns that such laws would define spyware too broadly, perhaps outlawing legitimate software downloads.

"I've never been much concerned about overbroad anti-spyware legislation, because the bills I've looked at just haven't had the problems their critics have claimed. Some advertising companies seek blanket authority to do what they wish to users' computers, but that's just not appropriate, and some of the proposed legislation rightly would not allow that," Edelman told Lavasoft News.

Edelman shares Leibowitz’s view to do more, but takes a different approach. He says he would begin by seeking further disgorgement from spyware vendors. "The FTC is entitled to full disgorgement of Zango's profits attributable to its past and ongoing prohibited business practices."

Edelman says Zango’s profits far outweigh the $3 million dollar settlement the company is due to pay back.


Home  arrow

Quick Buy: Ad-Aware SE Plus, Professional & Enterprise *offer ends 31/12/2006
In the spirit of giving this holiday season Lavasoft is giving you 15% off all Ad-Aware SE products – Plus, Professional and Enterprise – the entire month of December. Take advantage of this merry deal and keep yourself and your loved ones spyware free!

* Please enter the following coupon code to retain your rebate: zz46tv12x8c

Holiday Shopping Stats
American consumers will spend more than $32 billion in holiday Internet purchases this year.
Source: Jupiter Research

As many as 12 million people could fall prey to ID theft in some form – 40% of them between mid-Nov. and Jan.1.
Source: LifeLock Inc.

Trojan horse

Term of the Month
A zero-day attack is a virus or other exploit that takes advantage of a newly discovered hole in a program before the developer has made the fix available, or sometimes even before they are aware the hole exists. "Zero-day" is the day you open the virus-infected e-mail or get hit by a drive-by download because the anti-virus or anti-spyware software you keep up-to-date knew nothing of the attacks.
Read more at Wikipedia here.

Tech Tips
Attention Windows Users: If Microsoft Windows is your main operating system, be sure to visit Microsoft Security Updates and stay on top of all of the security patches that Microsoft releases on a monthly basis. Ongoing Microsoft vulnerabilities underscore the need to:

1) Regularly update your operating system with the latest patches, and

2) Maintain active virus, hacker, spyware and other identity theft protection.

Lavasoft AB
Lilla Bommen 1
411 04 Gothenburg

Page footer