Product Code Database
Spyware (a portmanteau for spying software) is any malware that aims to gather information about a person or organization and send it to another entity in a way that harms the user by violating their privacy, endangering their device's security, or other means. This behavior may be present in other malware and in legitimate software. Websites may engage in spyware behaviors like web tracking. Hardware devices may also be affected.
Spyware is frequently associated with advertising and involves many of the same issues. Because these behaviors are so common, and can have non-harmful uses, providing a precise definition of spyware is a difficult task.
The first recorded use of the term spyware occurred on October 16, 1995, in a Usenet post that poked fun at Microsoft's business model.Vossen, Roland (attributed); October 21, 1995; Win 95 Source code in c!! posted to rec..programmer; retrieved from groups.google.com November 28, 2006. Spyware at first denoted software meant for espionage purposes. However, in early 2000 the founder of Zone Labs, Gregor Freund, used the term in a press release for the ZoneAlarm.Wienbar, Sharon. " The Spyware Inferno ". News.com. August 13, 2004.
In early 2000, Steve Gibson formulated the first description of spyware after realizing software that stole his personal information had been installed on his computer.
Later in 2000, a parent using ZoneAlarm was alerted to the fact that Reader Rabbit, educational software marketed to children by the Mattel toy company, was surreptitiously sending data back to Mattel.Hawkins, Dana; " Privacy Worries Arise Over Spyware in Kids' Software". U.S. News & World Report. June 25, 2000 Since then, "spyware" has taken on its present sense.
According to a 2005 study by AOL and the National Cyber-Security Alliance, 61 percent of surveyed users' computers were infected with some form of spyware. 92 percent of surveyed users with spyware reported that they did not know of its presence, and 91 percent reported that they had not given permission for the installation of the spyware." AOL/NCSA Online Safety Study ". America Online & The National Cyber Security Alliance. 2005. , spyware has become one of the preeminent security threats to computer systems running Microsoft Windows . Computers on which Internet Explorer (IE) was the primary web browser are particularly vulnerable to such attacks, not only because IE was the most widely used,Spanbauer, Scott. " Is It Time to Ditch IE? ". Pcworld.com. September 1, 2004 but also because its tight integration with Windows allows spyware access to crucial parts of the operating system.Keizer, Gregg. " Analyzing IE At 10: Integration With OS Smart Or Not?". TechWeb Technology News. August 25, 2005.
Before Internet Explorer 6 SP2 was released as part of Windows XP Service Pack 2, the browser would automatically display an installation window for any ActiveX component that a website wanted to install. The combination of user ignorance about these changes, and the assumption by Internet Explorer that all ActiveX components are benign, helped to spread spyware significantly. Many spyware components would also make use of exploits in JavaScript, Internet Explorer and Windows to install without user knowledge or permission.
The Windows Registry contains multiple sections where modification of key values allows software to be executed automatically when the operating system boots. Spyware can exploit this design to circumvent attempts at removal. The spyware typically links itself to each location in the Windows Registry that allows execution. Once running, the spyware will periodically check if any of these links are removed. If so, they will be automatically restored. This ensures that the spyware will execute when the operating system is booted, even if some (or most) of the registry links are removed.
Problems arose due to users not being informed about neither the occurrence nor the extent of such monitoring, and were not given a chance to decide on whether to participate or not. As advertisements became targeted, the borders between adware and spyware started to dissolve, it started to both monitor users and deliver targeted ads.
Anti-spyware has become a new area of online vending with fierce competition. These tools purported to clean computers from spyware, adware, and any other type of shady software located in that same gray area. This type of software can lead to false positives as some types of legitimate software came to be branded by some users as "Spyware" (i.e. Spybot: Search & Destroy identifies the Scan Spyware program as a Spybot.) These tools were designed similarly to anti-malware tools, such as antivirus software. Anti-spyware tools identify programs using signatures (semantics, program code, or other identifying attributes). The process only works on known programs, which can lead to the false positives mentioned earlier and leave previously unknown spyware undetected. To further aggravate the situation, some shady companies distributed fake anti-spyware tools in their search for a larger piece of the online advertising market. These fake tools claimed to remove spyware, but instead installed their own share of adware and spyware on unsuspecting users' computers. Sometimes, this software would also remove adware and spyware from competing vendors.
New spyware programs are constantly being released in what seems to be a never-ending stream, although the increase has leveled out somewhat over the last few years. According to developers of anti-spyware programs, the fight against spyware is more complicated than the fight against computer virus, trojan horses, and computer worm. There is still no consensus on a definition or classification system of spyware, which negatively affects the accuracy of anti-spyware tools resulting in some spyware programs being able to remain undetected on users' computers.
Spyware is mostly used for the stealing information and storing Internet users' movements on the Web and serving up pop-up ads to Internet users. Whenever spyware is used for malicious purposes, its presence is typically hidden from the user and can be difficult to detect. Some spyware, such as keyloggers, may be installed by the owner of a shared, corporate, or public computer intentionally in order to monitor users.
While the term spyware suggests software that monitors a user's computer, the functions of spyware can extend beyond simple monitoring. Spyware can collect almost any type of data, including personal information like internet surfing habits, user logins, and bank or credit account information. Spyware can also interfere with a user's control of a computer by installing additional software or redirecting . Some spyware can change computer settings, which can result in slow Internet connection speeds, un-authorized changes in browser settings, or changes to software settings.
Sometimes, spyware is included along with genuine software, and may come from a malicious website or may have been added to the intentional functionality of genuine software (see the paragraph about Facebook, below). In response to the emergence of spyware, a small industry has sprung up dealing in anti-spyware software. Running anti-spyware software has become a widely recognized element of computer security practices, especially for computers running Microsoft Windows. A number of jurisdictions have passed anti-spyware laws, which usually target any software that is surreptitiously installed to control a user's computer.
In German-speaking countries, spyware used or made by the government is called govware by computer experts (in common parlance: Regierungstrojaner, literally "Government Trojan"). Govware is typically a trojan horse software used to intercept communications from the target computer. Some countries, like Switzerland and Germany, have a legal framework governing the use of such software.Basil Cupa, Trojan Horse Resurrected: On the Legality of the Use of Government Spyware (Govware) , LISS 2013, pp. 419–428 FAQ – Häufig gestellte Fragen In the US, the term "policeware" has been used for similar purposes.
Use of the term "spyware" has eventually declined as the practice of tracking users has been pushed ever further into the mainstream by major websites and data mining companies; these generally break no known laws and compel users to be tracked, not by fraudulent practices per se, but by the default settings created for users and the language of terms-of-service agreements.
In one documented example, on CBS/CNet News reported, on March 7, 2011, an analysis in The Wall Street Journal revealed the practice of Facebook and other websites of web tracking, which is linked to their identity, far beyond users' visits and activity on the Facebook site itself. The report stated: "Here's how it works. You go to Facebook, you log in, you spend some time there, and then ... you move on without logging out. Let's say the next site you go to is The New York Times. Those buttons, without you clicking on them, have just reported back to Facebook and Twitter that you went there and also your identity within those accounts. Let's say you moved on to something like a site about depression. This one also has a tweet button, a Google widget, and those, too, can report back who you are and that you went there." The Wall Street Journal analysis was researched by Brian Kennish, founder of Disconnect, Inc.
However, since this definition does not encompass all of the different types of spyware available, they also provide a wider definition, which is more abstract in its appearance:
Difficulties in defining spyware forced the ASC to define what they call Spyware (and Other Potentially Unwanted Technologies) instead. This includes any software that does not have the users' explicit consent for running on their computers. Another group that has tried to define spyware is StopBadware, which consists of actors such as Harvard Law School, Oxford University, Google, Lenovo, and Sun Microsystems. StopBadware does not use the term spyware at all, but instead introduced the term badware. Their definition is as follows:
The work by Warkentiens et al. (described in Section 7.3.1 in ) can be used as a starting point when developing a classification of privacy-invasive software, where privacy-invasive software is classified as a combination between user consent and direct negative consequences. User consent is specified as either low, medium or high, while the degree of direct negative consequences span between tolerable, moderate, and severe. This classification allows developers and users to first make a distinction between legitimate software and spyware, and secondly between spyware and malicious software. All software that has a low user consent, or which impairs severe direct negative consequences should be regarded as malware. While, on the other hand, any software that has high user consent, and which results in tolerable direct negative consequences should be regarded as legitimate software. Under this classification system, spyware constitutes the remaining group of software, i.e. those that have medium user consent, or which impair moderate direct negative consequences. This classification is described in further detail in Chapter 7 in .
This classification system is broken down further with the distinction of direct negative consequences and indirect negative consequences. This distinguishes between any negative behavior a program has been designed to carry out (direct negative consequences) and security threats introduced by just having that software executing on the system (indirect negative consequences). One example of an indirect negative consequence is the exploitation risk of software vulnerabilities in programs that execute on users' systems without their knowledge.
Most spyware is installed without knowledge, or by using deceptive tactics. Spyware may try to deceive users by bundling itself with desirable software. Other common tactics are using a Trojan horse, spy gadgets that look like normal devices but turn out to be something else, such as a USB Keylogger. These devices actually are connected to the device as memory units but are capable of recording each stroke made on the keyboard. Some spyware authors infect a system through security holes in the Web browser or in other software. When the user navigates to a Web page controlled by the spyware author, the page contains code which attacks the browser and forces the download and installation of spyware.
The installation of spyware frequently involves Internet Explorer. Its popularity and history of security issues have made it a frequent target. Its deep integration with the Windows environment make it susceptible to attack into the Windows operating system. Internet Explorer also serves as a point of attachment for spyware in the form of Browser Helper Objects, which modify the browser's behaviour.
In some infections, the spyware is not even evident. Users assume in those situations that the performance issues relate to faulty hardware, Windows installation problems, or another malware infection. Some owners of badly infected systems resort to contacting technical support experts, or even buying a new computer because the existing system "has become too slow". Badly infected systems may require a clean reinstallation of all their software in order to return to full functionality.
Moreover, some types of spyware disable software firewalls and antivirus software, and/or reduce browser security settings, which opens the system to further opportunistic infections. Some spyware disables or even removes competing spyware programs, on the grounds that more spyware-related annoyances increase the likelihood that users will take action to remove the programs.Edelman, Ben; December 7, 2004 (updated February 8, 2005); Direct Revenue Deletes Competitors from Users' Disks ; benedelman.com. Retrieved November 28, 2006.
are sometimes part of malware packages downloaded onto computers without the owners' knowledge. Some keylogger software is freely available on the internet, while others are commercial or private applications. Most keyloggers allow not only keyboard keystrokes to be captured, they also are often capable of collecting screen captures from the computer.
A typical Windows user has administrative privileges, mostly for convenience. Because of this, any program the user runs has unrestricted access to the system. As with other , Windows users are able to follow the principle of least privilege and use non-administrator accounts. Alternatively, they can reduce the privileges of specific vulnerable Internet-facing processes, such as Internet Explorer.
Since Windows Vista is, by default, a computer administrator that runs everything under limited user privileges, when a program requires administrative privileges, a User Account Control pop-up will prompt the user to allow or deny the action. This improves on the design used by previous versions of Windows. Spyware is also known as tracking software.
Nonetheless, spyware remains a costly problem. When a large number of pieces of spyware have infected a Windows computer, the only remedy may involve Backup user data, and fully reinstalling the operating system. For instance, some spyware cannot be completely removed with tools from Gen Digital, Microsoft, PC Tools (company).
Major anti-virus firms such as NortonLifeLock, PC Tools, McAfee and Sophos have also added anti-spyware features to their existing anti-virus products. Early on, anti-virus firms expressed reluctance to add anti-spyware functions, citing lawsuits brought by spyware authors against the authors of web sites and programs which described their products as "spyware". However, recent versions of these major firms home and business anti-virus products do include anti-spyware functions, albeit treated differently from viruses. Symantec Anti-Virus, for instance, categorizes spyware programs as "extended threats" and now offers real-time protection against these threats.
Other Anti-spyware tools include FlexiSPY, Mobilespy, mSPY, TheWiSPY, and UMobix.
Like most anti-virus software, many anti-spyware/adware tools require a frequently updated database of threats. As new spyware programs are released, anti-spyware developers discover and evaluate them, adding to the list of known spyware, which allows the software to detect and remove new spyware. As a result, anti-spyware software is of limited usefulness without regular updates. Updates may be installed automatically or manually.
A popular generic spyware removal tool used by those that requires a certain degree of expertise is HijackThis, which scans certain areas of the Windows OS where spyware often resides and presents a list with items to delete manually. As most of the items are legitimate windows files/registry entries it is advised for those who are less knowledgeable on this subject to post a HijackThis log on the numerous antispyware sites and let the experts decide what to delete.
If a spyware program is not blocked and manages to get itself installed, it may resist attempts to terminate or uninstall it. Some programs work in pairs: when an anti-spyware scanner (or the user) terminates one running process, the other one respawns the killed program. Likewise, some spyware will detect attempts to remove registry keys and immediately add them again. Usually, booting the infected computer in safe mode allows an anti-spyware program a better chance of removing persistent spyware. Killing the process tree may also work.
Some ISPs—particularly colleges and universities—have taken a different approach to blocking spyware: they use their network firewalls and web proxy to block access to Web sites known to install spyware. On March 31, 2005, Cornell University's Information Technology department released a report detailing the behavior of one particular piece of proxy-based spyware, Marketscore, and the steps the university took to intercept it.Schuster, Steve. "". Cornell University, Office of Information Technologies. March 31, 2005. Many other educational institutions have taken similar steps.
Individual users can also install firewalls from a variety of companies. These monitor the flow of information going to and from a networked computer and provide protection against spyware and malware. Some users install a large hosts file which prevents the user's computer from connecting to known spyware-related web addresses. Spyware may get installed via certain shareware programs offered for download. Downloading programs only from reputable sources can provide some protection from this source of attack.
Individual users can use cellphone / computer with physical (electric) switch, or isolated electronic switch that disconnects microphone, camera without bypass and keep it in disconnected position where not in use, that limits information that spyware can collect. (Policy recommended by NIST Guidelines for Managing the Security of Mobile Devices, 2013).
Spyware which attacks affiliate networks places the spyware operator's affiliate tag on the user's activity – replacing any other tag, if there is one. The spyware operator is the only party that gains from this. The user has their choices thwarted, a legitimate affiliate loses revenue, networks' reputations are injured, and vendors are harmed by having to pay out affiliate revenues to an "affiliate" who is not party to a contract.Edelman, Ben (2004). " The Effect of 180solutions on Affiliate Commissions and Merchants ". Benedelman.org. Retrieved November 14, 2006. Click fraud is a violation of the terms of service of most affiliate marketing networks. Mobile devices can also be vulnerable to chargeware, which manipulates users into illegitimate mobile charges.
The Federal Trade Commission estimates that 27.3 million Americans have been victims of identity theft, and that financial losses from identity theft totaled nearly $48 billion for businesses and financial institutions and at least $5 billion in out-of-pocket expenses for individuals. FTC Releases Survey of Identity Theft in U.S. 27.3 Million Victims in Past 5 Years, Billions in Losses for Businesses and Consumers . Federal Trade Commission, September 3, 2003.
Beginning on April 25, 2006, Microsoft's Windows Genuine Advantage Notifications application was installed on most Windows PCs as a "critical security update". While the main purpose of this deliberately uninstallable application is to ensure the copy of Windows on the machine was lawfully purchased and installed, it also installs software that has been accused of "phoning home" on a daily basis, like spyware.Weinstein, Lauren. Windows XP update may be classified as 'spyware' , Lauren Weinstein's Blog, June 5, 2006. Retrieved June 13, 2006.Evers, Joris. Microsoft's antipiracy tool phones home daily , CNET, June 7, 2006. Retrieved August 31, 2014. It can be removed with the RemoveWGA tool.
The proliferation of fake or spoofed antivirus products that bill themselves as antispyware can be troublesome. Users may receive popups prompting them to install them to protect their computer, when it will in fact add spyware. It is recommended that users do not install any freeware claiming to be anti-spyware unless it is verified to be legitimate. Some known offenders include:
Fake antivirus products constitute 15 percent of all malware.
On January 26, 2006, Microsoft and the Washington state attorney general filed suit against Secure Computer for its Spyware Cleaner product.McMillan, Robert. Antispyware Company Sued Under Spyware Law . PC World, January 26, 2006.
Spyware producers argue that, contrary to the users' claims, users do in fact give consent to installations. Spyware that comes bundled with shareware applications may be described in the legalese text of an end-user license agreement (EULA). Many users habitually ignore these purported contracts, but spyware companies such as Claria say these demonstrate that users have consented.
Despite the ubiquity of agreements, under which a single click can be taken as consent to the entire text, relatively little caselaw has resulted from their use. It has been established in most common law jurisdictions that this type of agreement can be a binding contract in certain circumstances.Coollawyer; 2001–2006; Privacy Policies, Terms and Conditions, Website Contracts, Website Agreements ; coollawyer.com. Retrieved November 28, 2006. This does not, however, mean that every such agreement is a contract, or that every term in one is enforceable.
Some jurisdictions, including the U.S. states of Iowa" CHAPTER 715 Computer Spyware and Malware Protection ". nxtsearch.legis.state.ia.us. Retrieved May 11, 2011. and Washington, Chapter 19.270 RCW: Computer spyware . apps.leg.wa.gov. Retrieved November 14, 2006. have passed laws criminalizing some forms of spyware. Such laws make it illegal for anyone other than the owner or operator of a computer to install software that alters Web-browser settings, monitors keystrokes, or disables computer-security software.
In the United States, lawmakers introduced a bill in 2005 entitled the Internet Spyware Prevention Act, which would imprison creators of spyware.Gross, Grant. US lawmakers introduce I-Spy bill . InfoWorld, March 16, 2007. Retrieved March 24, 2007.
Additionally, several diplomatic efforts have been made to curb the growing usage of Spywares. Launched by France and the UK in early 2024, the Pall Mall Process aims to address the proliferation and irresponsible use of commercial cyber intrusion capabilities.
In a second case, brought against CyberSpy Software LLC, the FTC charged that CyberSpy marketed and sold "RemoteSpy" keylogger spyware to clients who would then secretly monitor unsuspecting consumers' computers. According to the FTC, Cyberspy touted RemoteSpy as a "100% undetectable" way to "Spy on Anyone. From Anywhere." The FTC has obtained a temporary order prohibiting the defendants from selling the software and disconnecting from the Internet any of their servers that collect, store, or provide access to information that this software has gathered. The case is still in its preliminary stages. A complaint filed by the Electronic Privacy Information Center (EPIC) brought the RemoteSpy software to the FTC's attention.See Court Orders Halt to Sale of Spyware (FTC press release November 17, 2008, with links to supporting documents).
The hijacking of Web advertisements has also led to litigation. In June 2002, a number of large Web publishers sued Claria for replacing advertisements, but settled out of court.
Courts have not yet had to decide whether advertisers can be held Legal liability for spyware that displays their ads. In many cases, the companies whose advertisements appear in spyware pop-ups do not directly do business with the spyware firm. Rather, they have contracted with an advertising agency, which in turn contracts with an online subcontractor who gets paid by the number of "impressions" or appearances of the advertisement. Some major firms such as Dell Computer and Mercedes-Benz have sacked advertising agencies that have run their ads in spyware.
TheftTrack allowed school district employees to secretly remotely activate the webcam embedded in the student's laptop, above the laptop's screen. That allowed school officials to secretly take photos through the webcam, of whatever was in front of it and in its line of sight, and send the photos to the school's server. The LANrev software disabled the webcams for all other uses ( e.g., students were unable to use Photo Booth or video chat), so most students mistakenly believed their webcams did not work at all. On top of the webcam surveillance, TheftTrack allowed school officials to take screenshots and send them to the school's server. School officials were also granted the ability to take snapshots of instant messages, web browsing, music playlists, and written compositions. The schools admitted to secretly snapping over 66,000 webshots and , including webcam shots of students in their bedrooms. "Initial LANrev System Findings" , LMSD Redacted Forensic Analysis, L-3 Services – prepared for Ballard Spahr (LMSD's counsel), May 2010. Retrieved August 15, 2010.
Applications
"Stealware" and affiliate fraud
A few spyware vendors, notably 180 Solutions, have written what the New York Times has dubbed "stealware", and what spyware researcher Ben Edelman terms affiliate fraud, a form of click fraud. Stealware diverts the payment of affiliate marketing revenues from the legitimate affiliate to the spyware vendor.
Identity theft and fraud
In one case, spyware has been closely associated with identity theft.Ecker, Clint (2005). Massive spyware-based identity theft ring uncovered . Ars Technica, August 5, 2005. In August 2005, researchers from security software firm Sunbelt Software suspected the creators of the common CoolWebSearch spyware had used it to transmit "chat sessions, , , bank information, etc.";Eckelberry, Alex. "Massive identity theft ring" , SunbeltBLOG, August 4, 2005. however it turned out that "it actually (was) its own sophisticated criminal little trojan that's independent of CWS." This case was investigated by the FBI.
Digital rights management
Some copy-protection technologies have borrowed from spyware. In 2005, Sony BMG Music Entertainment was found to be using in its XCP digital rights management technologyRussinovich, Mark. "Sony, Rootkits and Digital Rights Management Gone Too Far," , Mark's Blog, October 31, 2005. Retrieved November 22, 2006. Like spyware, not only was it difficult to detect and uninstall, it was so poorly written that most efforts to remove it could have rendered computers unable to function.
Texas Attorney General Greg Abbott filed suit,Press release from the Texas Attorney General's office, November 21, 2005; Attorney General Abbott Brings First Enforcement Action In Nation Against Sony BMG For Spyware Violations . Retrieved November 28, 2006. and three separate class-action suits were filed. "Sony sued over copy-protected CDs; Sony BMG is facing three lawsuits over its controversial anti-piracy software" , BBC News, November 10, 2005. Retrieved November 22, 2006. Sony BMG later provided a workaround on its website to help users remove it. Information About XCP Protected CDs. Retrieved November 29, 2006.
Personal relationships
Stalkerware is spyware that has been used to monitor electronic activities of partners in intimate relationships. At least one software package, Loverspy, was specifically marketed for this purpose. Depending on local laws regarding communal/marital property, observing a partner's online activity without their consent may be illegal; the author of Loverspy and several users of the product were indicted in California in 2005 on charges of wiretapping and various computer crimes.
Browser cookies
Anti-spyware programs often report Web advertisers' , the small text files that track browsing activity, as spyware. While they are not always inherently malicious, many users object to third parties using space on their personal computers for their business purposes, and many anti-spyware programs offer to remove them.
Shameware
Shameware or "accountability software" is a type of spyware that is not hidden from the user, but operates with their knowledge, if not necessarily their consent. Parents, religious leaders or other authority figures may require their children or congregation members to install such software, which is intended to detect the viewing of pornography or other content deemed inappropriate, and to report it to the authority figure, who may then confront the user about it.
Spyware programs
These common spyware programs illustrate the diversity of behaviors found in these attacks. Note that as with computer viruses, researchers give names to spyware programs which may not be used by their creators. Programs may be grouped into "families" based not on shared program code, but on common behaviors, or by "following the money" of apparent financial or business connections. For instance, a number of the spyware programs distributed by Claria are collectively known as "Gator". Likewise, programs that are frequently installed together may be described as parts of the same spyware package, even if they function separately.
Spyware vendors
Spyware vendors include NSO Group, which in the 2010s sold spyware to governments for spying on human rights activists and . NSO Group was investigated by Citizen Lab.
Rogue anti-spyware programs
Malicious programmers have released a large number of rogue software (fake) anti-spyware programs, and widely distributed Web can warn users that their computers have been infected with spyware, directing them to purchase programs which do not actually remove spyware—or else, may add more spyware of their own.Howes, Eric L. " The Spyware Warrior List of Rogue/Suspect Anti-Spyware Products & Web Sites ". Retrieved July 10, 2005.
Legal issues
Criminal law
Unauthorized access to a computer is illegal under computer crime laws, such as the U.S. Computer Fraud and Abuse Act, the U.K.'s Computer Misuse Act, and similar laws in other countries. Since owners of computers infected with spyware generally claim that they never authorized the installation, a prima facie reading would suggest that the promulgation of spyware would count as a criminal act. Law enforcement has often pursued the authors of other malware, particularly viruses. However, few spyware developers have been prosecuted, and many operate openly as strictly legitimate businesses, though some have faced lawsuits." Lawsuit filed against 180solutions ". zdnet.com September 13, 2005Hu, Jim. " 180solutions sues allies over adware ". news.com July 28, 2004
Administrative sanctions
US FTC actions
The US Federal Trade Commission has sued Internet marketing organizations under the "unfairness doctrine"See Federal Trade Commission v. Sperry & Hutchinson Trading Stamp Co. to make them stop infecting consumers' PCs with spyware. In one case, that against Seismic Entertainment Productions, the FTC accused the defendants of developing a program that seized control of PCs nationwide, infected them with spyware and other malicious software, bombarded them with a barrage of pop-up advertising for Seismic's clients, exposed the PCs to security risks, and caused them to malfunction. Seismic then offered to sell the victims an "antispyware" program to fix the computers, and stop the popups and other problems that Seismic had caused. On November 21, 2006, a settlement was entered in federal court under which a $1.75 million judgment was imposed in one case and $1.86 million in another, but the defendants were insolvent FTC Permanently Halts Unlawful Spyware Operations (FTC press release with links to supporting documents); see also FTC cracks down on spyware and PC hijacking, but not true lies , Micro Law, IEEE MICRO (Jan.-Feb. 2005), also available at IEEE Xplore .
Netherlands OPTA
An administrative fine, the first of its kind in Europe, has been issued by the Independent Authority of Posts and Telecommunications (OPTA) from the Netherlands. It applied fines in total value of Euro 1,000,000 for infecting 22 million computers. The spyware concerned is called DollarRevenue. The law articles that have been violated are art. 4.1 of the Decision on universal service providers and on the interests of end users; the fines have been issued based on art. 15.4 taken together with art. 15.10 of the Dutch telecommunications law.
Civil law
Former New York State Attorney General and former Governor of New York Eliot Spitzer has pursued spyware companies for fraudulent installation of software. In a suit brought in 2005 by Spitzer, the California firm Intermix Media, Inc. ended up settling, by agreeing to pay US$7.5 million and to stop distributing spyware.Gormley, Michael.
Libel suits by spyware developers
Litigation has gone both ways. Since "spyware" has become a common pejorative, some makers have filed libel and defamation actions when their products have been so described. In 2003, Gator (now known as Claria) filed suit against the website PC Pitstop for describing its program as "spyware".Festa, Paul. " See you later, anti-Gators? ". News.com. October 22, 2003. PC Pitstop settled, agreeing not to use the word "spyware", but continues to describe harm caused by the Gator/Claria software." Gator Information Center ". pcpitstop.com November 14, 2005. As a result, other anti-spyware and anti-virus companies have also used other terms such as "potentially unwanted programs" or greyware to denote these products.
WebcamGate
In the 2010 WebcamGate case, plaintiffs charged two suburban Philadelphia high schools secretly spied on students by surreptitiously and remotely activating webcams embedded in school-issued laptops the students were using at home, and therefore infringed on their privacy rights. The school loaded each student's computer with LANrev's remote activation tracking software. This included the now-discontinued "TheftTrack". While TheftTrack was not enabled by default on the software, the program allowed the school district to elect to activate it, and to choose which of the TheftTrack surveillance options the school wanted to enable.
See also
Bibliography
External links
|
|
