Coalition Offers Definition for 'Spyware'
As Internet users become increasingly threatened with spyware and adware attempting to infect their machines, software vendors and consumers groups have been struggling to answer a critical question: What is spyware? A coalition is now attempting to draw a line between acceptable and invasive advertising.
The Anti-Spyware Coalition, headed by the Center for Democracy & Technology with support from industry giants AOL, Earthlink, Microsoft, and Yahoo among others, has released the first draft of a 13-page document designed to establish definitions that will bring clarity to anti-spyware vendors.
Such classification of spyware and adware would make it easier for companies to improve their detection and removal products, and better educate customers of the risks associated with spyware. In addition, anti-spyware software vendors could avoid lawsuits from ad companies who claim their software is unfairly targeted.
Microsoft muddied the waters last week when it redefined adware company Claria's software as "Ignore" rather than "Quarantine," much to the chagrin of security experts. Microsoft publicly responded to the criticism saying the new classification came after a standard review process.
Microsoft also posted the criteria it uses when defining potential threats, which include deceptive behaviors, privacy, security, performance impact, and industry and consumer opinion of the product.
Likewise, the Anti-Spyware Coalition has defined "potential threats" -- a term that includes spyware, adware, cookies and hijackers -- as programs that: impair users' control over their systems, including privacy and security; impair the use of system resources, including what programs are installed on their computers; or collect, use and distribute personal or otherwise sensitive information.
The coalition will be accepting public comments on the draft proposal until August 12, and a final document is expected by the fall. However, the definitions are not likely to lessen the amount of spyware plaguing computer users as advertisers continue their aggressive practices.
The document will also not answer a key question of what consent advertisers should obtain from users before installing such software. Currently, spyware vendors often tack their terms onto the end of long license agreements that consumers rarely read.
Nonetheless, the definitions are a necessary first step the coalition's backers say.
"The establishment of the Anti-Spyware Coalition is an important step in deterring malicious software," said Mike Nash, Corporate Vice President of the Security Business & Technology Unit at Microsoft.
"As a founding member, we are excited to be part of the coalition because clarifying definitions and setting best practices in this space will help software developers avoid the risk of writing deceptive software, and will help Microsoft and our partners enable customers to identify and stop spyware and other unwanted technologies."