The U.S. House Energy and Commerce Committee unanimously approved its fast-track anti-spyware legislation today, pushing the bill out for a full House
vote. But not before amending its language. Again.
At a January hearing on the legislation, several lawmakers, who otherwise strongly supported H.R. 29, the Securely Protect Yourself Against Cyber Trespass Act (SPY ACT), raised concerns that the bill would unintentionally target third-party cookies.
During a subcommittee vote last month, the House amended the SPY ACT in an attempt to exempt all types of cookies.
And before voting on the legislation on Wednesday, the committee further amended it to exempt HTML and Web beacons
Although he voted for the bill, Commerce Committee ranking member John Dingell (D-Mich.) acknowledged that there are still issues with it.
“This [amendment] makes clear that cookies are not
covered. But not all cookies are benign, and we may be creating dangerous
Chairman Joe Barton (R-Tex.) said he hopes to have the legislation on
President Bush’s desk by the end of the year.
“By acting quickly, we will put considerable pressure on the Senate to act
this year,” Barton said.
The SPY ACT prohibits unfair or deceptive practices related to spyware, and it requires an opt-in notice and consent regime for legal software that collects personally identifiable information from consumers.
The spyware practices specifically targeted by the legislation include
phishing, keystroke logging, homepage hijacking and ads that can’t be closed
except by shutting down a computer. Violators could face civil penalties of
up to $3 million.
First-party cookies are placed from the same domain the user clicks on and
are solely used to allow the user to access a Web site, most typically by
allowing the site to remember a user name and password. Advertisers,
publishers and their service providers use third-party cookies to serve,
rotate, target, cap, measure and report on online advertising.
In the 108th Congress that concluded in November,
the House passed two anti-spyware measures, but the legislation died when the
Senate declined to consider the bills.
Originally introduced by Rep. Mary Bono (R-Calif.), the bill also exempts
network monitoring from the provisions of the notice and consent
requirements to the extent that the monitoring is for network or security
purposes, diagnostics, technical support or repair, or the detection or
prevention of fraudulent activities.
The Business Software Alliance, Dell
, Time Warner
and EarthLink have all endorsed the legislation.