House Continues Anti-Spyware Push

Energy and Commerce Committee unanimously approves legislation, setting stage for full House vote.

WEBINAR: Live Date: December 14, 2017 @ 1:00 p.m. ET / 10:00 a.m. PT

Modernizing Authentication — What It Takes to Transform Secure Access REGISTER >

Posted March 9, 2005

Roy Mark

The U.S. House Energy and Commerce Committee unanimously approved its fast-track anti-spyware legislation today, pushing the bill out for a full House vote. But not before amending its language. Again.

At a January hearing on the legislation, several lawmakers, who otherwise strongly supported H.R. 29, the Securely Protect Yourself Against Cyber Trespass Act (SPY ACT), raised concerns that the bill would unintentionally target third-party cookies.

During a subcommittee vote last month, the House amended the SPY ACT in an attempt to exempt all types of cookies.

And before voting on the legislation on Wednesday, the committee further amended it to exempt HTML and Web beacons , which facilitate normal Web page construction. In addition, the bill exempts embedded advertising from the proscribed list of practices requiring notice and consent.

Although he voted for the bill, Commerce Committee ranking member John Dingell (D-Mich.) acknowledged that there are still issues with it.

"This [amendment] makes clear that cookies are not covered. But not all cookies are benign, and we may be creating dangerous loopholes."

Chairman Joe Barton (R-Tex.) said he hopes to have the legislation on President Bush's desk by the end of the year.

"By acting quickly, we will put considerable pressure on the Senate to act this year," Barton said.

The SPY ACT prohibits unfair or deceptive practices related to spyware, and it requires an opt-in notice and consent regime for legal software that collects personally identifiable information from consumers.

The spyware practices specifically targeted by the legislation include phishing, keystroke logging, homepage hijacking and ads that can't be closed except by shutting down a computer. Violators could face civil penalties of up to $3 million.

First-party cookies are placed from the same domain the user clicks on and are solely used to allow the user to access a Web site, most typically by allowing the site to remember a user name and password. Advertisers, publishers and their service providers use third-party cookies to serve, rotate, target, cap, measure and report on online advertising.

In the 108th Congress that concluded in November, the House passed two anti-spyware measures, but the legislation died when the Senate declined to consider the bills.

Originally introduced by Rep. Mary Bono (R-Calif.), the bill also exempts network monitoring from the provisions of the notice and consent requirements to the extent that the monitoring is for network or security purposes, diagnostics, technical support or repair, or the detection or prevention of fraudulent activities.

The Business Software Alliance, Dell , eBay , Microsoft , Time Warner , Yahoo and EarthLink have all endorsed the legislation.

0 Comments (click to add your comment)
Comment and Contribute


(Maximum characters: 1200). You have characters left.



IT Management Daily
Don't miss an article. Subscribe to our newsletter below.