Washington State Outlaws Spyware 318
An anonymous reader submits "Today, the Governor of Washington signs a a bill outlawing spyware (bill history) which imposes penalties of $100,000 per violation. Spyware is broadly defined. It includes everything from changing a browser's bookmarks or homepage settings, "Opening multiple, sequential, stand-alone advertisements in the owner or operator's internet browser", keystroke-logging, taking over control of the computer, modify its security settings, and even "Falsely representing that computer software has been disabled." But here is my favorite: "Prevent, through intentionally deceptive means, an owner or operator's reasonable efforts to block the installation or execution of, or to disable, computer software by causing the software that the owner or operator has properly removed or disabled automatically to reinstall or reactivate on the computer." Microsoft and Ebay both testified in support of the bill. On May 10th, a similar law banning Internet and email phishing was also passed."
If I'm not mistaken... (Score:5, Funny)
Re:If I'm not mistaken... (Score:5, Funny)
Re:If I'm not mistaken... (Score:5, Funny)
Re:If I'm not mistaken... (Score:2)
Re:If I'm not mistaken... (Score:5, Funny)
Re:If I'm not mistaken... (Score:2, Informative)
Nintendo has a HQ in Redmond.
There's a lot of independant companies here in Redmond that have no association with MS in any way.
Google has a HQ in Kirkland, but you don't see people saying "whatever Kirkland wants, Kirkland gets...." or maybe that's just because Kirkland is a Grade A dump.
Depressing place.
Re:If I'm not mistaken... (Score:2)
Only Nintendo of America is HQed in Redmond. Nintendo (parent corp) in HQed in Kyoto, Japan.
And, Google is not HQed in Kirkland. They're HQed in Mountain View.
But, Redmond does have a sizable number of companies around like Nintendo, Safeco, AT&T wireless (now Cingular), etc.
Re:If I'm not mistaken... (Score:5, Insightful)
Give her, and the people of Washington State, some credit. WA state was one of the first to enact anti-spam legislation in the late '90s (rendered useless by the Republicans in DC). You may want to just write off everything tech related from WA state as brought to you by Redmond, but I'd credit the greater tech awareness of the area in general. Not every tech-head in Seattle submits to the deathstar (e.g. http://www.omnigroup.com/ [omnigroup.com]
Re:If I'm not mistaken... (Score:4, Funny)
What does AT&T have to do with this?
Re:If I'm not mistaken... (Score:4, Informative)
Re:If I'm not mistaken... (Score:5, Informative)
Meanwhile, in the Democratic heartland of King County, 50 valid ballots were found to have never been counted, and are still in their envelopes. What a mess. I just hope my vote isn't one of those 50.
The whole mess has been playing out in the papers for months now, it's getting very old.
Re:If I'm not mistaken... (Score:5, Informative)
Here is a Timeline [soundpolitics.com] for the events (with an obvious conservative slant).
Dead people voting (Score:2)
Which Governor Gets To Sign It? (Score:2)
Re:The Search For Credible Evidence Continues. (Score:3, Interesting)
That's because you're misunderstanding the "rumors" (which are not rumors, but facts, by the way). The problem is that Real's software (maybe not the very latest version, I haven't tried it, but for relatively recent versions this is certainly true) IS spyware in and of itself, because it (1) deceives users into installing stuff or signing up for stuff they didn't want or expect to be signed up for, (2) deeply integrates itself
Re:The Search For Credible Evidence Continues. (Score:2)
Now if it's used even handedly like that, then I'll get excited. Till then, I'm guessing it's just a public relations bluff.
Re:How will they enforce these laws? (Score:3, Insightful)
Re:bill may be unconstitutional (Score:3, Informative)
Not true. It is possible for software to determine it's own locality if it is connected to the internet, which is how most spyware gets installed in the first place. Although it is not 100% accurate, it is close enough that they could say they made every effort.
A person charged under this bill could sue the county/city where he was charged, for violating
Not sure how I feel... (Score:5, Insightful)
I love the idea that we are making something so irritating illegal in the strick legal sense of the word. Make no mistake, I hate Spyware.
At least I think I hate Spyware. I am not really sure, given the broad definition. Some Spyware is good, based solely on MY definition of 'good' and the mood I am in. So what if I have to give up something 'good' because the purveyors of that 'good' thing felt it might fit into the broad definition of Spyware and thusly discontinued it. I lose.
On the other hand, the creepy porn junk and the crud that wants my bank account so they can sell me into slavery in Korea definitely (again, in MY definition of...) fit the model of BAD Spyware and need to have its purveyors captured, subjected to Janet Jackson Videos and sent to prison for a long time. And thus begs the question:
How does this law get that done? Certainly these guys aren't going to stop their nonsense, they are making money doing it, so we will HAVE to enforce this law to get them to stop, and if they don't stop because there is no good way to enforce this law, then the BAD stuff continues and the GOOD stuff is thwarted.
I am just not sure about this one.
I suppose it gives teeth to companies like Microsoft and EBay to go after these guys and have them bundled away. That is good. But Who decides which ones Microsoft and EBay go after? And do I really want to create a system whereby Microsoft and EBay are the US Marshals and are enforcing laws the way they see fit, and going after those criminals that they decide to go after?
I'm just not sure about this one.
Re:Not sure how I feel... (Score:5, Insightful)
It won't help from outright viruses, but it could result in massive punitive damages for semi-legitimate corporations. e.g. Gator would be effectively banned from doing business in the state of Washington, under the penalty of heafty fines and/or criminal charges. (Sorry, I didn't read the law in any detail. I didn't catch if it was considered a criminal action or not.)
As for finding someone to prosecute these companies, that may not be as hard as it seems. Lawyers love to make money by bringing forward any cases they can. In the absense of money, they love high-profile cases that make a name for themselves.
Re:Not sure how I feel... (Score:2)
By clicking "Accept" you assert that you are not a resident of the state of Washington nor in any way physically or otherwise in the state and that the computer upon which you are installing this software is not and will never be within the jurisdiction of the state of Washington.
And words to the effect that make them immune to Washington law if the user misrepresents his locale or otherwise violates the terms of the agreement.
Re:Not sure how I feel... (Score:3, Insightful)
Re:Not sure how I feel... (Score:2)
.
.
.
OK, this is great. So how does one go about enforcing such a law? I have very mixed feelings about this one.
Maybe they send sasquatch over to kick the guy's ass?
Re:Not sure how I feel... (Score:3, Insightful)
If you want various background processes tracking your purchases and webuse to supply you with "tailored results" then you should be welcome to them.
If you DON'T, however, you should be able to remove the damn things with a minimum of fuss. It's never been good marketing for a company, in my opinion. Would you, in your right mind, buy something from a
Re:Not sure how I feel... (Score:3, Insightful)
The bill is littered with words/phrases like "through intentionally deceptive means", "deceptively", "intentionally misrepresenting", "falsely representing", "without the authorization of an owner or an operator", etc.
In every section of the bill, it's rather clear that the target of the legislation is software that deceives the user and/or does
Re:Not sure how I feel... (Score:2)
My biggest concern now isn't that benign software will be punished; rather, I suspect this bill will be useless because spyware companies will just embed "You give us permission to blah blah blah" clauses deep into those EULAs that no one really reads.
That's why spyware is a problem which simply can't be solved through legislation. You either restrict the right of people to do whatever they want with their computer or you leave the door wide open for companies to do whatever they want by getting you to
Re:Not sure how I feel... (Score:3, Insightful)
What happens if the user changes his mind? (In true /. tradition I didn't read the article)
IMHO, when the user consents through some legalese buried deep within some EULA, the software can install, but I think EULA clauses that go against a law are illegal
Re:Not sure how I feel... (Score:2)
So what if I have to give up something 'good' because the purveyors of that 'good' thing felt it might fit into the broad definition of Spyware and thusly discontinued it. I lose.
This I think is avoided by this law. Pretty much all the restrictions require that the behavior be "intentionally deceptive". This is basically defined to mean that the program intentionally lies about what it's going to do or intentionally omits a description of what it's going to do in order to deceive.
On the other hand, t
Enforcement? (Score:3, Interesting)
Oh, I'm so glad they thought to ask about that tiny, niggling issue of enforcement after voting for it.
And you're right, enforcement is going to be a big issue here. How many spywhores are operating in Washington? How many are operating in the U.S.
Re:Not sure how I feel... (Score:2, Insightful)
OK. That's different from spyware. Information aggregation is still legal. The bill is littered with phrases like through intentionally deceptive means. The deception is a key part of software getting itself classified as spyware. I would posit that spyware is *always* bad (possibly with the exception o
Leading the way again... (Score:5, Insightful)
Re:Leading the way again... (Score:2)
Re:Leading the way again... (Score:4, Informative)
WA's anti-spam law was useful for the dedicated individuals that took the time to track spam to it's source and file a civil action with the state against them. If you could track them down and you had otherwise fulfilled your own obligations under the law, it was a simple matter to get a $500 judgement in your favor for each actionable missive. Collecting was another matter.
The only real chance for success would be if the spammer were also in Washington.
Like all anti-spam legislation it did require some compliance with legal authority on the part of the spammer. as if someone selling fake Chinese Cialis is worried about legal authority.
Realplayer now illegal? hopefully (Score:5, Interesting)
Wonder if it's now illegal?
In fact, I'd like all third-party hidden-startup applications, which generally are unwanted and adopt this method since they know they'd be removed, to be illegal. I get VERY annoyed when other people feel fit to try to force their software into *MY* computer. How would they feel if I came into their front room and took over the remote control?
--
Toby
Re:Realplayer now illegal? hopefully (Score:5, Insightful)
The same way a Mafia racketeer would feel if you threatened to burn their house down if they didn't pay for your "fire insurance".
They aren't children; they know people hate what they do. As long as the annoying thing is happening to you for the profit of them, then they don't care, whether "they" are the Mafia or Gator or whoever.
Re:Realplayer now illegal? hopefully (Score:2)
Re:Realplayer now illegal? hopefully (Score:2)
Re:Realplayer now illegal? hopefully (Score:5, Interesting)
As far as I'm concerned, start arresting them all. I don't want their sh!tware on my box. I want their stuff to sit there nice and quiet up until the moment I want it to do something, and then I want it to do nothing extra. I don't want a pop-up "toolbox" to fix my printer; I don't want a noisy "Lookie what I printed for you, John, aren't you proud of my wonderous inkjets?!" dialog box. And when it's done I want it to get the hell out of my way. Completely. Don't ask me to update, don't leave a tool tray icon behind, don't leave a task running in task manager.
If all this requires sending a few developers to Federal Pound Me In The Ass Prison, all I can say is "don't drop the soap, guys."
Re:Realplayer now illegal? hopefully (Score:3, Insightful)
well you could not install those "features". Most driver cd/downloads have their drivers tucked in a directory some where. Especially true with driver updates you download from the manufacture's website. So yeah, you installed all that crap, you live with it. When i install an epson or an HP i just point add printer wizard at the driver dir
Re:Realplayer now illegal? hopefully (Score:3, Interesting)
HP has been the poster child for how to install crap the wrong way in Windows.
Set the wayback machine for the late 1990s. I bought a fast, expensive HP inkjet. When I got my brand new printer home and tried to "install" it, the "installer" wanted me to run their stuff. Having had prior experience with HP crapware, I said "no thanks, I'll install it myself." So I clicked up the add hardware lizard, and said "I'll for search myself, and I have a disk, th
Re:Realplayer now illegal? hopefully (Score:5, Funny)
This is exactly why I don't let my PC watch TV.
Re:Realplayer now illegal? hopefully (Score:2)
http://www.imdb.com/title/tt0092695/ [imdb.com]
Re:Realplayer now illegal? hopefully (Score:2)
I hate having anything more than 4-6 things in my systray, and start geting annoyed when I see >40 processes running.
Re:Realplayer now illegal? hopefully (Score:2)
Disable your unneccessary services in XP. It'll make your life much better, I promise.
Re:Realplayer now illegal? hopefully (Score:3)
Re:Realplayer now illegal? hopefully (Score:2)
Copy Protected CD's (Score:5, Interesting)
Mod Parent Up (Score:3, Interesting)
Can Washingtonians now sue record labels that use malware to prevent CD copying? That would be a terrific step towards ending such nonsense.
Section 5 pretty much invalidates the whole bill (Score:3, Interesting)
Agreed-hard to enforce (Score:3, Interesting)
Outlook Express (Score:3, Interesting)
at $100,000 per violation that is $100,000 * the number of windows instalations out there, I think microsoft is going broke!
Re:Outlook Express (Score:2)
For some reason, I don't see the option to uninstall Internet Explorer either, but when I delete its
And how do I stop the File Protection Service? (And I don't mean with a hex editor.)
Re:Outlook Express (Score:2)
Phishing is already illegal (Score:4, Insightful)
Phishing as Fraud vs. Attempted Fraud (Score:3, Interesting)
"This is EBay/PayPal/SomeRealBank/eGold/etc. - Give me all your info", that's lightweight no-money-stolen fraud, unless you give them your info and they use
People outside the US? (Score:3, Insightful)
Give half of that to bounty hunters who bring the culprit to justice and we could have a new series of reality shows. Who woulda thunk spyware could be entertaining?
Class Action Lawsuit (Score:3, Interesting)
where are the teeth? (Score:3, Interesting)
i want to see people paying up the wazoo for this: collection agencies pounding down doors, spyware companies going belly up, class action suits, the like. hell, if they put filesharing on the same penalty level as involuntary manslaughter (because you know those two are equally evil in the eyes of MPAA/RIAA/congress), why don't they send spyware companies to bankruptcy?
Well (Score:2)
It would be better developing ways to stop the actual spyware, rather than try to track down the people doing it. If the people were actually making serious money, and knew the government would be after them, they would be out of the country like a flash, and continue their business.
All that needs to be done (Score:4, Insightful)
Mod this bill redundant? (Score:4, Interesting)
Any technically-literate lawyers have a comment on this?
Re:Mod this bill redundant? (Score:2)
IANAL, but I think that a law which SPECIFICALLY prohibits some obscure behavior (that would lead to YEARS in courts in case of a suit) will certainly make the upholding of our privacy rights much faster and more effective.
Re:Mod this bill redundant? (Score:3, Interesting)
Any law that is practically unenforcable is only ever enacted in order to have it handy like a law against rats being in
So now there's a law (Score:3, Insightful)
How will they know who's doing spyware? Offer rewards to reports resulting in convictions.
Of course, the thing might be struck down as unconstitutional depending on the breadth of definitions it starts with and the zeal of the ever-loathed ACLU in promoting the letter of the First Amendment to the detriment of the spirit of it.
sigh.
Re:So now there's a law (Score:2)
Actually, there's a good argument why this may be unconstitutional: this is regulation of conduct that is happenning (at least in part) outside the State of Washington. There's a reason that wire-fraud laws are federal, and this shouldn't be any different -- I'd e
Re:So now there's a law (Score:2)
The ACLU does not determine what is legal; they merely present the cases that they think have merit. Blame the courts, particularly the Supreme Court, if you feel that they are misinterpreting the First Amendment.
That's just a bandaid on the problem. (Score:5, Insightful)
The advantage and disadvantage of the internet is that you can go access web sites from anywhere.
By making it tough for any group/organization to spread their malware from washington state, means they'll go elsewhere to host their stuff.
Suppose all the spyware people jump ship and go elsewhere, somebody WILL find a site that has it and will get the spyware.
It's like passing a law that makes it illegal to skid out of control and hitting a particular tree in the hopes of eliminating accidents.
AOL's AIM (Score:4, Interesting)
Re:AOL's AIM (Score:2)
It also has nice features that no other IM clients have, like text-to-speech. (iChat can speak the name of the sender, but AIM can speak the name, message, or both. Very handy.)
Re:AOL's AIM (Score:2, Insightful)
maybe the religous fundies should promote this law (Score:3, Insightful)
hehe no free porn for Washington
We know what at least one state congresscritter is up to...
Sounds all warm and fuzzy but actually doing anything is doubtful...at least til califonia catches up.
I believe you cant make automated telesales calls here but several computers havent read THAT law either
Alexa (Score:5, Insightful)
Huge Loophole, Crappy Bill (Score:4, Informative)
These prohibitions do not apply to any monitoring of a subscriber's internet service by a telecommunications carrier, cable operator, computer hardware or software provider, or provider of information service for network or computer security purposes.
So, when M$ looks at and deletes your files for supposed copyright violations, that's a "security" issue and they are OK. It does not matter that they have all of the other definitions of spyware and are much more invasive, they are a "software provider" doing it for "security".
The definition is so broad that it's hard to imagine who is not a "software provider" doing something for "security". Oh wait, now I know, anyone Microsoft does not like is not a "software provider".
A real spyware law would spank M$, HP and many other "software providers" for all the things this bill legitimately complains about and then allows.
Re:Huge Loophole, Crappy Bill (Score:2)
Too bad it'll never bite the **AA (Score:3, Interesting)
more jobs lost (Score:2, Funny)
Real Player (Score:5, Interesting)
I think (correct me if I'm wrong) that Real are based in Washington State. So what's the impact here, for both current and future versions of Real Player? Would make an interesting test case.
Silently installing DRM enforcing programs? (Score:4, Interesting)
Would this violate this law? I think it should. I wish I'd known about the StarForce installation--I wouldn't have bought the game.
Goodbye Copy Protected CDs (Score:5, Insightful)
Great and everything... (Score:3, Interesting)
They get their foot in the door and we might be in trouble...
Re:Great and everything... (Score:2)
Exercise in futility (Score:2, Insightful)
How about an industry-wide prosecution orgy? (Score:2, Interesting)
But as for the comments about Windows and its security holes, and how we should blame Microsoft, I don't agree with this either.
I don't think criminals who break into your house shouldn't be blamed because lockmakers, doormakers, or windowmakers (no relation) should have made their wares of sturdier materials.
People use Windows out of momentum and because they feel they have no choice. Microsoft would clean up its act if consumers forced th
valuable legal principle - accountability (Score:4, Insightful)
If Alice was an interior decorator who, on gaining access to a client's home, did stuff like:
- Changed all the speed-dial numbers on the telephone
- Installed listening/recording devices in all the rooms
- Modified the TV/video so it overlays ads of her choice over the top of programs (in addition to the regular ads screened by the station)
- Duplicated door keys and alarm codes and sold these to others
- etc
then Alice would be doing hard time at Club Fed or Her Majesty's.So why should it be any different with software?
When someone runs your software on their computer, they have admitted you into their sovereign private space, and you have a responsibility to behave in a manner respecting this. Well done, Washington. I note also that the Australian Democrats party has introduced similar legislation, which God-willing will also pass.
That does it. (Score:3, Funny)
I'm just not worth your time to try marketing to me. Even on legit registration they get my area code followed by 555-1212. I'm listed. Look me up.
fragile wording = fragile protection (Score:3, Informative)
The summary of this bill here at Slashdot seems to suggest it outlaws keystroke logging, but in fact it's a bit more specific and talks about transmitting, etc. Still, one thing that disturbs me is fragile wording like:
It looks to me like if you just skip recording characters every now and then, you're safe on that point. Or if you transferred the data first to another computer and then maybe a person or program or corporation or someone's dog picked up the data instead of having it transferred to them.
It probably needs at least some wording like "substantially all" instead of "all", and "entity" instead of "person".
I doubt this is the only problem with the legislation, it was just the first thing I saw when I spot-checked that one sentence.
This is absolutely mindless (Score:3, Insightful)
So we have a flawed operating system that doesn't give the user (when in Administrator mode) the required tools to remove software from their o/s. It also makes it trivially easy for malicious third parties to install software on the o/s.
And the answer is to pass legislation to try to prevent said operating system being exploited ?
This is completely Mindless. It's like letting a colony of wasps build a nest in your bedroom then treating each individual sting without ever looking at the nest.
Mindless I say... What they should have done is pass a law telling MS to fix their fucking rotten o/s. That MIGHT have done some good.
Re:Don't you hear it? (Score:5, Funny)
Re:Don't you hear it? (Score:2)
Apparently poor, lower-class people who think they're oppressed have heard the version where Canute was arrogant. By contrast, the enlightened people all know the story as it was originally told, where Canute wanted to prove to his fawning blockhead vassals that he was just this guy, you know?
Wish I could find the
Re:Nit : Canute wasn't stupid (Score:2)
Re:I see why you like that line (Score:5, Interesting)
Re:I see why you like that line (Score:4, Insightful)
In some places, you'll be blamed harsher than the robber himself, in others the window matter won't, actually, matter.
Oh, and your income matters, too
Re:I see why you like that line (Score:2)
Re:I see why you like that line (Score:5, Insightful)
But... MS is one of the largest employers in the state. Their employees are highly paid. Those employees spend money, buy expensive houses, etc. Microsoft builds buildings, buys land, and supports the arts and such. And lets not forget all the computers and software that they donate/discout for the state and it's schools.
Washington state will not piss off Microsoft. It is a fact. When those state AGs sued because they didn't like the settlement the DOJ did with Microsoft, was the Washington State AG among them? Why do you think that was?
MS is behind this law because if it works, it removes some (much?) of their responsibility (and also codifies in law that spyware is the programmer's fault, and doesn't specify it to be MS's fault). If the law said that, do you think it would have gotten a vote, let alone pass?
Things like this happen. At least it is a win for the consumer if it works, even if MS still isn't held accountable. All us geeks can do is answer questions from friends truthfully. "What's with/causes/why is there so much spyware?"... "Microsoft." Grass roots will work, we just need it to be organized. But then again we need to do that with lots of things (accepting buggy software, the release-then-patch mantra, overpriced software, etc.)
Does it really? (Score:2)
I don't think that line bans software which simply doesn't install itself.
Anyway, what I don't like is that this is so broadly defined. Plus, Washington is MS's home state. Considering MS could probably buy Washington, I'm concerned that some MS-sponsored judge will decide that Firefox is spyware because it looks like Internet Explorer, which decieves people into thinking
Re:Remember when SPAM was outlawed? (Score:4, Informative)
Re:Washington State charges MS Windows (Score:2)
With this bill, microsoft should be fined.
Re:Difficult to enforce (Score:2)
In a world where enforcement is rare, there will be a lot of violators. In that world the tyrants can begin to pick and choose who to enforce the law against.
Re:its really simple.. (Score:2)
Re:$100,000 is a bit excessive (Score:3, Insightful)
There has to be a substantive risk on the part of the perpetrator to dissuade him from producing the spyware, and there also needs to be suitable incentive to pursue legal action. Small fines aren't worth anything because you can't find a lawyer who would take the case.