Rep. Mary Bono (R) Palm Springs, CA introduced H.R. 2929 earlier this year.
Titled "Safeguard Against Privacy Invasions Act" the intent is "To protect
users of the Internet from unknowing transmission of their personally
identifiable information through spyware programs, and for other purposes."
I have written to my congressman and my two senators in support of the
bill, and I encourage you to do the same. The bill is currently in the
Subcommittee on Commerce, Trade and Consumer Protection
The text of my letter is below. Feel free to use it as a template.
Ask yourrepresentatives to support and co-sponsor the bill. Ask your senator
to draft or sponsor similar legislation in the Senate.
November 26, 2003
Dear {Representative},
I am writing today to call your attention to the growing threat of computer
"spyware", and its dangerous proliferation through the internet.
Spyware and other similar pests constitute a clear invasion of privacy and
illegal collection and use of personal information. They represent a form of
commercial terrorism that is currently unencumbered by United States law.
This unfortunate reality must quickly be altered.
"Spyware" actually comprises a wide range of software categories that
function in different ways. Here is just a partial list of spyware types:
Adware, Anarchy, ANSI Bomb, AOL Pest, Backdoor, Binder, Browser Helper
Object, Carding, Commercial RAT Cracking, Cracking Tool, DDOS, Dialer, DOS,
Downloader, Dropper, Encryption Tool, Exploit, Firewall Killer, Flooder,
Hijacker, Hostile ActiveX, Hostile Java, Hostile Script, IRC War, Key
Logger, Loader, Mail Bomber, Mailer, Notifier · , Nuker · P2P · Packer ·
Password Capture · Password Cracker · , Password Cracking Word Port Scanner,
Probe Tool, Proxy, RAT, Ripper, Sniffer, SPAM Tool, Spoofer, Spyware,
Spyware Cookie, Trackware Cookie, Trojan, Trojan Creation Tool, Trojan
Source, Virus Creation Tool, Virus Source, Virus, War Dialer, Worm, Worm
Creation Tool.[i]
While there are software products available to detect and remove spyware,
the fight against this pernicious and prevailing threat is never won. New
variants to spyware packages are developed almost daily, and already, the
spyware problem dwarfs the threat of viruses and trojans.[ii]
Spyware is installed on personal computers most often without the user's
knowledge. In this way, they are similar to viruses and trojans. There are,
however some clear differences between spyware and viruses.
While most viruses and Trojans are designed to disable or use the victim's
computer to perpetuate itself, spyware is designed for commercial purposes
to generate income or marketing data for the creators and users of the
software. It is this commercial purpose that is most alarming.
Keyloggers monitor every keystroke a user types. Targeted popup windows
interfere with web navigation. Browser hijacks add search tools and
advertising to your web browser. All this is done surreptitiously. Some
spyware installations come "bundled" with other software that the user
intentionally purchases or downloads and installs. The End-user License
Agreement (EULA) contains thinly veiled references to these additional
programs, buried deep in the license language.
Another distinguishing characteristic of spyware is that it almost always
has no instructions or utilities for uninstalling or removing it from a
computer. Any legislation aimed at regulating or controlling spyware and
malware should include a requirement that the consumer be given the
opportunity to remove unwanted software at their discretion.
The free reign given to spyware in the United States has led legitimate
companies to load remote-access software on its customers' computers to
deliver advertising, monitor activities and collect marketing data.
Angry customers who feel they have nowhere to turn are posting their stories
at an alarming rate on internet forums and bulletin boards.[iii]
I urge you, your staff and colleagues to draft and support legislation, such
as H.R. 2929, (currently referred to the House Subcommittee on Commerce,
Trade and Consumer Protection) to eliminate the threat of spyware and other
similar pests. I also call on the House and the Senate to continue to hold
hearings to investigate the use and proliferation of spyware and malware.
These hearings should and must include testimony from ordinary computer
users, software developers, commercial terrorists who develop and deploy
spyware, IT professionals, and experts in the combat against spyware pests.
I would appreciate a response and any comments you may have, and I look
forward to your action in the legislature on this matter.
Sincerely,
----------------------------------------------------------------------------
----
[i] Pest Patrol, Index of English Pest Descriptions;
http://www.pestpatrol.com/pestinfo/#index
[ii] Wired News, April 14, 2003,
http://www.wired.com/news/technology...,58423,00.html
[iii] Spyware Info, "Your desktop is Direcway's bulletin board"
http://www.spywareinfo.com/articles/direcway/
Reply With Quote