Judge Halts Utah's Spyware Law

TheFarmerInTheDell writes "According to CNet News, a judge in Utah has granted an injunction to WhenU.com to temporarily halt the state's new anti-spyware law from going into effect. WhenU filed suit in April asking for an injunction, and this judge has decided that their claim of abridging their First Amendment Rights has enough merit to issue the injunction. What about our rights not to have to deal with this scumware?" (This previous post mentions Ben Edelman's research on WhenU and other spyware makers' activities.)

Free speech?

[KoriaDesevis]

So when does their 'right to free speech' end and my right to be left alone on my personal computer, in my private residence, begin?

Villianous Scum

[nightsweat]

Isn't there an electronic no-tresspassing law? If not, shouldn't there be?

Great more money for me!

[nlinecomputers]

I service PCs for a living and this spyware shit is really paying the bills. It's great that I get more work but you feel dirty like you are having to work on a sewer line.

I'm glad I have the work but also dislike having the need to do the work. I think alot of people of turning away from the internet because of all this spyware crap.

Re:Free speech? What about property rights

[Anonymous Coward]

actually I would think that by putting your computer on to the public internet kind of kills your right to privacy. Or something.

Re:Free speech? What about property rights

[Smallpond]

Actually, you have to consent to install their software. Its the "I agree" button at the bottom of the 2000-word license that you carefully read. Spyware would be putting it on your computer by using an exploit.

As for free speech, their claim is that delivering context-based ads is speech, which seems kind of a stretch. I guess they must mean "free as in beer".

A matter of security

[thewiz]

IMHO, I believe the U.S. Government needs to get involved with shutting down these spy- and mal-ware companies due to National Security. Having worked as a contractor in military facilities, every Windows-based system attached to the internet I've worked on in those facilities, has been loaded with spy-ware. And I'm not talking about military-sanctioned keystroke loggers and system management tools.

I've never been comfortable working with unclassified (but potentially sensitive) data on a system that I know has spy-ware on it. It wouldn't be difficult for someone to collect sensitive data from those machines with spy- or mal-ware. A little side note here: it's possible to use information from unclassified documents to determine classified information.

Regardless of whether the system is military, government, or your own personal PC, I see spy- and mal-ware as a form of trespassing. Someone sneaking software onto your PC is no different than someone breaking into your house and stealing your drivers license, social security card, and other personal information. What these companies do has nothing to do with free speech.

While I hate spyware

[Gr8Apes]

I'm probably going to be modded WAY down for this

I cannot 100% disagree with their position. If someone is foolish enough to click through the agreement and installs spyware, as repulsive as it is, who do they really have to blame except themselves? As long as they don't act like a virus and stealth install along with another program as some programs have been known to do, I don't see how you can complain. Basically, as long as they agree, they agreed. Are you going to sue MS for typing "format c:" and then losing your system?

I should mention that Hotbar is fresh in my memory from having to step my dad remotely through the painful removal process (no network access thanks to hotbar, sort of ironic;). However, the fact that is is painful, or even if it could not be removed at all, is not cause for legislation. Otherwise, I'd like MS to be the first victim. Ever try to uninstall an IE hotfix that causes problems? How about that "Outlook security fix"? Can't see your JPGs anymore? Tough. So, while I agree that Spyware sucks rocks, I don't think Utah's legislation is very well thought out or even correct.

I think a better law would actually address personal privacy. The more I think about it, the more I think I like the EU's privacy laws, and perhaps the US should step up to that level of privacy protection. (Be hell on advertisers, but who really gives a sh!t about them anyways?)

Hacking is free speech, too.

[gusanofeliz]

Has anyone done any reverse engineering of any of this spyware stuff? I mean, I would love to run a program that spoke gator.com's protocols and connected to their servers, reported endless amounts of bogus data to pollute and help render worthless all of their covertly gathered data that they value so much. Seems that this could be the only way to fight back.

Browser mods against spyware?

[WoodstockJeff]

Part of the request exchanged between a browser and a http server is a list of encodings and languages accepted by the browser and user. Is there a way to modify popular browsers to send, say, "Pragma:no-spyware-accepted" and "Pragma:no-tracking-software-accepted" on each request, to indicate in advance that you do not accept such software, despite (mistaken) click-throughs?

Granted, no spyware company is going to pay attention to such things, but it might be useful if you participate in a class-action claim against such a company for installing damaging software on your system without your permission.

How bout third amendment?

[thecorndogofdoom]

How about third amendment? Right against unreasonable search and seizure...normally applicable to physical search by the police...but what about "seizure" of personal information without permission...that's theft. Utah judges are bullshit. I know the 3rd amendment is intended for the government, but maybe it ought to be considered extensible in this circumstance? Actually, I'm surprised no-one has brought up harassment either (that I've heard of thus far).

WRONG!

[Anonymous Coward]

You DO have a right to privacy. Article 11, Section 2 of the American Convention on human rights specifically:

2.No one may be the object of arbitrary or abusive interference with his private life, his family, his home, or his correspondence, or of unlawful attacks on his honor or reputation.

That means that spyware is abusing my rights. It interferes with my computer, which interferes with my correspondence, since the primary function of any computer is telecommunications.

Case closed.

I didn't think that /dotters needed a civics lesson. I know that the entire country needs both 5th grade social studies repeated, so they can learn what "freedom" is (it isn't being free to do whatever you're told, sorry Ass-croft) and driving lessons.

Legal question

[Anonymous Coward]

I thought companies/corporations didn't necessarily have the same rights as individuals. I read somewhere that free speech didn't apply to companies or corporations, as they were set to different standards. If that's the case, shouldn't this case have been thrown out of court on those grounds?

As an aside, what's with all the bad news coming out of Utah? First the whole SCO thing, then Orrin Hatch's corruption, now this?

North Korea

[panurge]

True or not I don't know for certain but I read recently that in North Korea houses have a built in radio that broadcasts State propaganda, and that while it can be turned down, it cannot be turned off. Whereas under Capitalism some judges think that companies should be allowed to try and make you receive their propaganda, and that while the instructed may be able to stop it the majority can't....but of course that's completely different.

Re:Free speech?

[Anonymous Coward]

I classify spyware as "robbery," in the sense that it steals the bandwidth I pay for and steals hardware resources that I paid for on my system without my express written consent.

So you can take that 1st Amendment and shove it right up the spyware companies' collective asses.

How to convince the judge

[jridley]

Have some magnetic signs made up advertizing the local adult bookstore. Next time the judge stops at a stopsign, run up and slap the sign on the side. For bonus points, figure out somewhere that he won't notice it for a while; perhaps on the rear passenger door, he might not see it.

To simulate the trouble it can be to remove the crap from your system, slather some superglue on the backside before doing this, so that it'll be expensive and time consuming to remove and will cause damage that will also be expensive to fix.

I see NO difference between this and some of the more obnoxious spyware lately; they're both hijacking my property without my knowledge or consent in order to promote their own business interests.

Spyware Costs!

[spidergoat2]

I'm spending more and more time cleaning spyware at work. It invades computers then I have to get rid of it. I have a laptop someone just brought in that's filty with the stuff. I spent several hours at a friends house last night cleaning her PC. It's time to start sending bills to Spyware companies for these cleaning services. In fact, as I sit here, I believe that's what I'm going to do. I'll send invoices to these firms, then take them to small claims court when they don't pay. Who's with me?

Re:First Amendment Rights?

[NaugaHunter]

View the full scoop here [straightdope.com].

(quoting part:)
Here's what happened. Santa Clara County in California was trying to levy a property tax against the Southern Pacific Railroad. The railroad gave numerous reasons why it shouldn't have to pay, one of which rested on the 14th Amendment's equal protection clause: the railroad was being held to a different standard than human taxpayers.

When the case reached the Supreme Court, Chief Justice Morrison Waite supposedly prefaced the proceedings by saying, "The Court does not wish to hear argument on the question whether the provision in the Fourteenth Amendment to the Constitution which forbids a state to deny to any person within its jurisdiction the equal protection of the laws applies to these corporations. We are all of the opinion that it does." In its published opinion, however, the court ducked the personhood issue, deciding the case on other grounds.

Then the court reporter, J.C. Bancroft Davis, stepped in. Although the title makes him sound like a mere clerk, the court reporter is an important official who digests dense rulings and summarizes key findings in published "headnotes." (Davis had already had a long career in public service, and at one point was president of the board of directors for the Newburgh & New York Railroad Company.) In a letter, Davis asked Waite whether he could include the latter's courtroom comment--which would ordinarily never see print--in the headnotes. Waite gave an ambivalent response that Davis took as a yes. Eureka, instant landmark ruling.

For what it's worth, this is exactly the kind of case that could get back to the S.C. to force this issue, as one could also argue 'Fine, you have free speech rights but this is trespassing and you should be jailed'. I wouldn't have much hope with a consumer-favorable result with the current administration though.

DNS

[dacarr]

So what's there to stop ISPs from halting this crap on the DNS level by causing WhenU.com's domain to resolve to localhost? At the very least, that shou.d stem the implementation on random computers for it.

Re:Spyware Costs!

[spidergoat2]

I have to add this. Maybe this could be another slashdot comunnity effort. We publish the names and addresses of spyware makers, then we send them a lot of invoices for $50-100 per hour. Then perhaps a class action suit. Any other ideas?

Re:Free speech?

[Egekrusher2K]

"If the software spies or spams you without telling you honestly that it's doing so, you have a remedy in the form of existing laws against fraud or the like -- or possibly new laws that more narrowly target deceptive software."

Oh really? Have you read about anyone successfully pursuing this? These cases don't even make it to court. The laws on fraud, for some strange reason, don't apply here. Try telling a lawyer that you want to sue a company because they installed software on your computer without your consent, and they are going to laugh at you.

Now, don't get me wrong. What you said is valid in theory. However, the execution of these laws is very, very poor.

Ultimate example of

[MobyDisk]

I see two cases here:

1) If the malware/spyware does not tell you what it does, then you have a fraud case. No need for additional laws here.
2) If the malware/spyware does tell you, and you do not pay attention to the agreement, then it is the users fault.

The problem is with #2. Is it realistic to expect users to read these long contracts? Maybe, maybe not. Since normal everyday software now includes EULAs, people are used to ignoring them. THIS is what needs to be decided -- is it legal to bury this information in a multi-page EULA?

But I have a quick solution! Users should refuse to install applications that have EULAs. If every mom and pop called Microsoft or Dell or HP or Symantec when they saw an EULA, EULAs would be gone. *poof*

Unfortunately, this is where the consumers become sheep. They don't like malware, but they don't want to stand up to Microsoft either. So they have dug themselves a hole, and now they want the government to dig them out.

Re:First Ammendment Rights

[tehcyder]

I have no right to be left alone in public.

But you have no right to make me listen to you.

And if I am sitting at home, I certainly have the right to stop you sneaking in to harangue me.

So fuck off.

Anti-Spyware Proxy

[cavac]

I know, there are already some Anti-Spyware proxies out there, but... ..why not write a proxy that mangles the data before sending it out, anyway - that is, it is sending nicely formated random junk.

For the usual stuff like doubleclick it could for example generate nice, useless cookies with random ID's. For all the install-stuff it could just screw up the content a bit.

This would give those bastards the traffic they asked for but without the option to put it to commercial use :-)