Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?
Security Privacy Your Rights Online

Spy Act of 2007 = "Vendors Can Spy Act" 309

strick1226 writes "Ed Foster over at InfoWorld describes the Spy Act bill (H.R. 964) as having the same relation to the prevention of spyware that the CAN SPAM Act had to the prevention of spam. It allows exceptions for companies to utilize spyware for any number of reasons; if this bill had been law when Sony distributed their rootkit, they would have had perfect cover. Most troubling is that the bill would preempt all state laws, including those more focused on the privacy of people's data, and disallow individuals from bringing suit. It is expected to pass soon with 'strong bipartisan support.'"
This discussion has been archived. No new comments can be posted.

Spy Act of 2007 = "Vendors Can Spy Act"

Comments Filter:
  • Legal, not moral (Score:5, Interesting)

    by Potor ( 658520 ) <farker1&gmail,com> on Tuesday April 24, 2007 @06:37PM (#18862817) Journal

    if this bill had been law when Sony distributed their rootkit, they would have had perfect cover.
    but the protest would have been the same - it was more of a moral outrage than a legal outrage.
    • Re: (Score:2, Insightful)

      by Anonymous Coward
      But at least there was legal recourse to prevent them from continuing their actions.
    • by csmacd ( 221163 ) on Tuesday April 24, 2007 @06:44PM (#18862887) Homepage
      Yes, organizations that distribute spyware care.

      >sarcasm off

      When organizations have the legal cover to do junk like this, they will. No amount of moral outrage is going to stop them, unless they monitor and report some random elected official's illegal activities.
      • Re:Legal, not moral (Score:5, Informative)

        by TechnicalFool ( 719087 ) on Tuesday April 24, 2007 @10:34PM (#18864803)
        As far as I'm aware, organisations always have had the legal cover (if just barely) to distribute spyware, as long as they say it's being installed in the EULA. If not, CoolWebSearch et all would have been sued out of business a long while ago. According to the article, and if I read it correctly, this seems to be more about giving large companies the legal arse-covering required to hack into your computer "just to check" if you've got, say, a dodgy copy of Autodesk Inventor.

        What I'd be interested in is how this and other such spyware could be subverted, possibly with some false (and FOSS, naturally) piece of software that sends ridiculous junk to the remote servers. Sort of an anti-spyware, if you will. The best analogy I can think of off-hand would be programs like the fake SubSeven servers, that as I recall made your computer pretend to be infected with the SubSeven trojan. If you got someone connecting, you could give them a false directory tree, or press a button to blast their computer with a gazillion windows in their SubSeven client.

        I think maybe a little hacktivism is called for, although naturally I would not advocate breaking any laws in the process! Oh no, sir!
    • Re: (Score:3, Informative)

      by interiot ( 50685 )
      Oh, there a number of lawsuits and attorney general investigations [wikipedia.org] too.
  • by Anonymous Coward on Tuesday April 24, 2007 @06:39PM (#18862835)
    I don't see who this will be a problem.
    • by Anonymous Coward on Tuesday April 24, 2007 @06:48PM (#18862917)
      I use Windows Vista you insensitive cl
    • Re: (Score:3, Interesting)

      by drgonzo59 ( 747139 )
      Well you make a very good point. In a certain respect, I wish they would legalize this stuff so companies will start installing load of spyware on every windows computer out there. Eventually some will turn to open source software.

      A major success for Linux operating systems is because not only is Linux great (and it is.../special remark to keep the Slashdot horde from lynching me) but because Windows sucks so much. If Window was OS X all this time, I am not sure if Linux would have gained as much popular

    • by TheGratefulNet ( 143330 ) on Tuesday April 24, 2007 @07:23PM (#18863257)
      this is actually way beyond windows.

      it SEEMS that this bill gives vendor-tunnels the OK. and also it notes that they can be stealth. you know, like the sneak and peek procedures we have today.

      yes, this is the electronic form of sneak and peek.

      and that is why you should be afraid of this. it gives remote 'special parties', well special priviledges on YOUR BOX.

      this is such a bad idea, it must have come from congress and/or special interests.

      this surely has NO benefit to We, The People ;(
      • by bberens ( 965711 ) on Tuesday April 24, 2007 @08:01PM (#18863561)
        More than that, now a government official can get a warrant for [insert major company] who will gladly allow them access to your system via their pre-installed spyware. They're in your network and you don't even know it. More snooping without the ability to detect or fight in court. Remember, they're looking at the corporations records, not looking at your box (which you stand a chance to fight in court).
        • Re: (Score:3, Interesting)

          by bergeron76 ( 176351 )
          This is yet another reason why I refuse to use gmail for email. I don't need the largest marketing/advertising company in the world knowing what I subscribe to, what I enjoy, or when I enjoy it.
      • The exceptions are too broad.
        • by TheGratefulNet ( 143330 ) on Tuesday April 24, 2007 @08:53PM (#18863925)
          I have Good Reason To Believe(tm) that there is already a shadow set of remote management commands that are not documented in standard user manuals for SOME comms equipment. these allow remote access to networking equip (entirely at the request of the gov, who is paying for such R&D in some key companies) and things like port mirroring, packet capture, triggering and so on.

          you think you have the 'docs' to the equipment in your data comm room? are you sure? in fact, its all closed-source and there's very little you can do about it ;(

          and in fact, most people IN the comms equiment vendor don't even know about this behind-the-scenes stuff.

          I'm not kidding and I'm not nuts. this isn't hard to extrapolate given how our gov is SO hell-bent on spying on its own citizens.

          at this point, you do pretty much have to assume that all things you do on the net (this included) are being sniffed and if it 'hits' the right triggers, remote events can be sent or log data retrieved at will.

          its basically already too late. the horses are already out of the barn. just - BE AWARE of that fact. its all you can do. just be aware.
      • Re: (Score:2, Funny)

        by tgcid ( 917345 )

        this surely has NO benefit to We, The People ;(
        How quickly you forget that corporations are people too.
      • Re: (Score:3, Interesting)

        by Blakey Rat ( 99501 )
        How about explaining those bold-faced terms?

        What's "vendor-tunnels?" What's "sneak and peek?" What "special privileges?"

        If you're going through the effort to emphasize them, you could at least define them.
  • by Marrshu ( 994708 ) on Tuesday April 24, 2007 @06:41PM (#18862851)
    ... there go more of our personal rights simply to support the big business and such. Who wants to guess how long it'll take Sony to restart their whole rootkit campaign? Can't forget Microsoft and all those ISPs that want to spy on you. Big Brother is watching you after all
    • Re: (Score:3, Insightful)

      Democracy, privacy, and human rights are antithetical to the "free market". We either get to rule ourselves, or the corporations get to rule us. Guess which way it's turning out?
      • by JesseMcDonald ( 536341 ) on Tuesday April 24, 2007 @07:12PM (#18863153) Homepage

        Democracy, privacy, and human rights are antithetical to the "free market".

        You're right on the first point, but you've got the last one backwards: without a free market (i.e. freedom to act as you wish so far as it involves your own property, and freedom to engage in voluntary exchange with others without coercive interference) you cannot exercise those "human rights." You have human rights to the exact extent that you have property rights; they are fundamentally inseparable.

        As far as democracy is concerned, you don't live in a democracy (assuming you live in the U.S. or Europe). The U.S. is a constitutional republic, and the important aspect of such a government is the constitutional limits, not the elections.

        • Re: (Score:3, Insightful)

          You have human rights to the exact extent that you have property rights; they are fundamentally inseparable.

          How do you figure? How is my right to speak or move or breathe air tied to my property rights --- unless you consider me someone's property?
          • unless you consider me someone's property?

            Unemployed, Huh?
          • You are someone's property. Either your own, or someone else's. If you don't own you, then who does?
          • by JesseMcDonald ( 536341 ) on Tuesday April 24, 2007 @09:31PM (#18864233) Homepage

            How do you figure? How is my right to speak or move or breathe air tied to my property rights --- unless you consider me someone's property?

            property right: the right to control how a piece of property is employed.

            Move to where? That "somewhere" is either unowned, or someone's property. With private property rights you can own that place -- or receive permission from the owner -- and move to it freely. No one else can legitimately prevent you from doing so. On the other hand, if all the property is collectively owned, or belongs to the State, you'll need to get permission to move. Your right to move is thus artificially subject to someone else's will. (If all property is unowned and cannot be homesteaded then it cannot be employed by anyone (see the definition above), in which case you don't have the right to move anywhere. This is a fairly useless case but it ought to be mentioned. When most people speak of an absence of property rights they really mean ownership by the State, or collective ownership by all, which in a democracy is the same thing.)

            You want to speak? I assume that means you want to address a group? Where will you do it, if no one owns any property? Without private ownership the use of suitable gathering places much necessarily be decided by majority vote, and/or the State. Resources are limited; not everyone who wishes to speak will be able to do so. If your position is in the minority good luck finding a place for your audience to hear you.

            At a more fundamental level, if you don't own anything you cannot ensure your own survival -- food, shelter, defense -- or save for the future. If the Majority doesn't care much for you they can reallocate your rations elsewhere, leaving you to starve. If you objected then you'd be claiming a right to that food, that shelter; a property right, to be exact. But on what basis? You didn't produce that food, or construct that shelter. In a private property system you could claim that the prior owner gave it to you in exchange for something else of value, but without private property you are necessarily at the mercy of the State.

            Property rights are essential for survival. Private property rights are essential for freedom.

      • by FooAtWFU ( 699187 ) on Tuesday April 24, 2007 @07:19PM (#18863219) Homepage

        Please note that the "free market" about which you're complaining deserves its name in quotes, because insofar as these the issues you are complaining about are market issues, they are not Free, and insofar as they are free, they are not market issues. Buying legislation is just rent-seeking [wikipedia.org] and as old as the hills.

        Free Markets and Free Enterprise don't mean the freedom of Enterprise to do whatever the heck they feel like. It means a freedom for people to engage in enterprise (you know, selling things to each other) as long as they're both willing and able to do so. Nothing in this is contradictory with democracy or against human rights.

        The contribution of funds to influence the political process is an entirely nonmarket affair. Blaming market economics for the hazards which are induced are roughly equivalent to saying "Hey, this guy got a job with $COMPANY and used the money to buy a gun and shoot people. $COMPANY is antithetical to human rights!".)

        • by miskatonic alumnus ( 668722 ) on Tuesday April 24, 2007 @07:50PM (#18863483)
          Free Markets and Free Enterprise don't mean the freedom of Enterprise to do whatever the heck they feel like. It means a freedom for people to engage in enterprise (you know, selling things to each other) as long as they're both willing and able to do so. Nothing in this is contradictory with democracy or against human rights.

          Tell that to the people of Bolivia after their water supply was privatized.
          • How can you privatize a water supply? Were people prevented from digging wells in their own back yard? If so, that's not free enterprise, that's government protected monopoly and the opposite of free enterprise.
            • Re: (Score:2, Interesting)

              by Tsagadai ( 922574 )
              If you actually knew, yes, they were prevented from digging wells and catching rain in buckets. Why don't you read up on it it was a subsidury of Bechtel.
          • Re: (Score:3, Insightful)

            by homer_s ( 799572 )
            Tell that to the people of Bolivia after their water supply was privatized.

            I like how you start a story in the middle to make your point. How was the govt able to sell it to a private company?
            The govt control of the market for water was what allowed them to unscrupulously sell it to a company that paid enough 'campaign contributions'. And govt control is what allows them to prevent other people from entering the market (they made it illegal for people to dig wells and use their roofs to harvest water).
    • Re: (Score:2, Informative)

      by RedElf ( 249078 )
      You seem a little paranoid, have you switched your desktop to OpenBSD yet?
  • So now they're just making the cash-enema legal? I guess it beats all the lying and sneaking and stealing... just change what's considered "legal" until you can do whatever you want!

    If you have money.
    • Moral vs. Legal (Score:5, Interesting)

      by mrbluze ( 1034940 ) on Tuesday April 24, 2007 @07:14PM (#18863173) Journal

      Moral desensitization leads to legal deregulation. With enough exposure and promotion, the public will accept the legalization of just about anything (as history has shown). It is in the interests of large businesses to protect their market and to discover new markets by having the upper hand in intelligence.

      The problem has become that legitimate and morally acceptable markets are generally well serviced and difficult to break into. Companies are therefore very tempted to create new markets, or break into markets which hitherto have been illegal (usually because they are viewed as immoral or socially destructive), such as porn, prostitution, addictive substances, and now privacy invasion.

      As the only way to create these kinds of markets is to change legislation, these companies are very active in infiltrating and influencing government. The US government is particularly prone to this kind of corruption.

      All of this is obvious. But the techniques used are subtle. They will try to sell the idea to make it appear to be in the public interest. Who knows, maybe we can expect to see a report of a missing child found because of spyware, or some shit like that.

  • by grasshoppa ( 657393 ) <skennedy&tpno-co,org> on Tuesday April 24, 2007 @06:50PM (#18862945) Homepage
    I wonder how much longer that'll fly with the local states. See: http://www.realidrebellion.com/ [realidrebellion.com] in regards to another law which steps on state rights, and who's unhappy with it.
    • I wonder how much longer that'll fly with the local states.

      Doesn't matter. This law overrides state laws that conflict with it, as authorized by the "supremacy clause" of the US Constitution.

      (That's the one that is often misread to say that treaties have the force of constitutional amendments. In fact it says that the Constitution, federal laws passed under the authorization of the constitution, and treaties negotiated and ratified as authorized by the constitution, each override state law when they are i
  • by LamerX ( 164968 ) on Tuesday April 24, 2007 @06:50PM (#18862953) Journal
    ...then all spyware will be legal. COMPANIES are the ones who install spyware in the first place. It's there for ADVERTISING. Who does advertising? COMPANIES! This bill will only completely legalize spyware.
    • Re: (Score:2, Interesting)

      by Tuoqui ( 1091447 )
      And guess what... DMCA protects them from you removing their spyware! So if you use spybot or AdAware you're gonna be breaking the law. Nice to see the politicians are looking out for big business though. Who else wants to incorporate with me so we can get a crapload of legal immunities?
    • Re: (Score:3, Interesting)

      by RobertM1968 ( 951074 )

      And to top that off, companies like MS continuously try to collect information about other products (how many times has an app crashed on Windows, and Windows asks you if you want to send a report to MS?). With the broad coverage of this law, many companies will be able to collect whatever information they want in an effort to "better support you" which could end up becoming an escalating war with each other instead.

      Add to that, if you have a website of almost any sort, this is grounds to install spyware o

  • by roman_mir ( 125474 ) on Tuesday April 24, 2007 @06:51PM (#18862967) Homepage Journal
    We had this discussion before. [slashdot.org] The law will make it perfectly legal to spy on you, and you new shiny OS will make it perfectly impossible (well, as long as DRM works) for you to prevent this by technical means.

    People who say that it doesn't matter to them, whether Vista has DRM or not [slashdot.org] as long as they can play their games, maybe surprised to find out that the DRM may make it impossible for them to enjoy their games through enabling the spying and whatever other active measures that can be taken by spying software. Do you like modifying your games in any way? It may become impossible if you are on a DRM platform and you are spied upon. Of-course there are those, who would rely on the DRM to be broken [slashdot.org] but this is not a very good practice to rely on that, I mean there are so many problems with that, for example why would you trust a 'DRM removing patch' from someone to be spyware/rootkit free? It is better to avoid such products altogether. Avoid DRM products, avoid spyware infected products, that's the only way to really stay in the clear. Besides, isn't it illegal to remove 'security protection' under DMCA anyway?

    Free Software becomes more and more attractive in this culture of customer spying and DRM locking every day.
    • Free Software becomes more and more attractive in this culture of customer spying and DRM locking every day

      until free software becomes illegal... Watch out for any upcoming "Intellectual Property Reform"


    • Vista's DRM doesn't prevent you from doing anything that you could have done on XP.
      • Vista's DRM doesn't prevent you from doing anything that you could have done on XP. - so it just sits there without doing anything? Ok, so it's broken then? So they'll fix it for you in the next patch update.
      • by bit01 ( 644603 )

        Vista's DRM doesn't prevent you from doing anything that you could have done on XP.

        Except do whatever you want with your own computer.


        DRM. You don't control it means you don't own it.

  • by drgonzo59 ( 747139 ) on Tuesday April 24, 2007 @06:53PM (#18862979)
    ...open source software. Even in the Linux world that means not using binary drivers. Who knows perhaps Nvidia or other binary drivers have a backdoor installed at the request of NSA. Is that probable - No. Possible? - Maybe. AT&T for example was diverting (still is?) a lot of the their data to NSA, if they wrote drivers, don't you think they would be willing to include a backdoor for U.S. government to use? For all we know such a backdoor exists in Windows. After a high number of cyber attacks on .mil, I am sure Uncle Sam can ask Microsoft to install a small code fragment that would allow access to any machine after say a pre-determined pattern of socket connection attempts or something like that.
  • This came from the newly-Democratic House of Representatives... so can we get a third party in there that isn't so technologically inept, and that isn't so beholden to corporate interests?
  • Just [slashdot.org] another [slashdot.org] brick [slashdot.org] in [slashdot.org] the [slashdot.org] wall [slashdot.org].
  • What's the deal?

    Why do people think you can legislate your way out of these issues? Spyware, spam, etc . . .

    For e-mail, use a system that is not susceptible to spam (good filtering, and a white list).

    For software, use a system that is not susceptible to spyware (OS X, or Linux).

    Spyware doesn't bother me now, it hasn't bothered me in the past, and it won't bother me in the future. If you've got a problem with spyware, either stop buying products from the people who are infecting your system (ahem, Sony), of stop buying systems that are prone to infection (ahem, Microsoft).

    If a company sells you an unsafe car, do you blame the government, or the car company? And having been sold 2 or 3 unsafe cars already, why would you go back to the same vendor?

    Non issue. Something Congress shouldn't discuss or legislate about. Get over it, and stop being a slave to the MS monoculture.
    • I agree. I'm not trying to troll, but I actually like spyware and viruses, to an extent. I always laugh when I read about some corporation getting infected with a Windows worm, and it costing them millions of dollars in downtime.

      If you're dumb enough to keep going back to the same vendor after getting burned by their products so many times, I think you deserve whatever happens to you.

      As the saying goes, "Fool me once, shame on -- shame on you. Fool me -- you can't get fooled again." Err, you know what I
  • Deduct your lost bandwidth and cpu cycles and disk space from your taxes. And the lost potential revenue of selling you're consumer info. (sometimes you can get things with material value for filling out a survey)
  • wait! (Score:3, Interesting)

    by Renraku ( 518261 ) on Tuesday April 24, 2007 @07:13PM (#18863159) Homepage
    Email your..no write..no call...well hell. They don't care anyway.

    Soap box, check. Ballot box, check. Anyone remember what came next? Jury box? How do we get in on that? Oh well, probably won't work. Lets skip it and go straight to the ammo box.

    What can we reasonably do against a government that sits there and sells our freedoms to the highest vendor? It won't be long before we're forced to pay three easy payments of $599.99 for a new TV-doo-hickie to watch us while we're watching TV. In the name of advertisement, of course, to figure out how we react to some shows.
  • Much to my annoyance, Anna Eshoo, the local congresswoman for Silicon Valley, is a cosponsor on this turkey. I sent in a letter. This thing needs some work in committee to clean it up, preferably well enough that EPIC is satisfied with it.

  • blame the OS (Score:4, Interesting)

    by Grinin ( 1050028 ) on Tuesday April 24, 2007 @07:18PM (#18863205) Homepage
    I think that software companies behind the Operating systems being used today should take full responsibility at prevention and removal of spyware/adware/malware. There should be no need for anti-virus software. Microsoft should stay ahead of virus writers in order to patch systems with vulnerabilities, and in a much better way then the present.

    This weekend, I was given a PC that needed to have viruses, spyware, malware removed... I thought it was a joke, this thing looked like a honeypot. It had every trojan known to man on it, every piece of spyware, backdoor, and virus had infected it, and no form of security (besides Service Pack 1 for XP). After 4 days straight trying to remove them (formatting not being an option, because the person was missing their OS restore cd and/or Windows XP home edition CD) I have finally gotten all of them removed... but my point, is that none of this should have ever been possible. An operating system should be designed more intelligently than those who want to exploit those same operating systems. I'm sure if they took the same amount of time they spend trying to promote new products and put it into better R&D for patching vulnerabilities, none of this would happen... but I suppose we don't know who scratches whose back in the world of Operating system / Anti-virus vendor's anymore....
    • The problem isn't holes in the operating systems. It's holes in the users brains. How can MS stop you from running a program that you want to run? Who are they to say which programs are safe to run? Sure there's been a few problems with open ports and network worms, or automatically executing email attachments, but the majority of malware out there comes from people who download, install, and run it out of their own free will. How is MS or any other OS vendor supposed to stop that?
    • Problem is the user themselves probably either actually installed or authorized 50% of what you found.

      Did they have a clue what they were doing? No. Should they have been allowed to install software on their computer if they didn't know better? No.

      If the OS can prevent or allow installation of software, you can't blame the OS for allowing the user to install software. You can lock Windows down so installation of trojans, spyware, etc. is impossible. What you then have is an email/web surfing appliance.
  • if you're not in your parents' basement.
  • Good luck trying to get past BlackIce with application protection enabled!
  • Just who does Congress think they're serving here?

    Ask your congress-critter just how this vote benefits You! If they can't give you a good answer to this, ask them why they're still in office.

  • by Opportunist ( 166417 ) on Tuesday April 24, 2007 @07:36PM (#18863371)
    Did anyone actually expect a law that limits the power of businesses and hands some back to you? Can you name a single law that was created in the last, say, 7 years that actually promotes privacy and limits the power businesses have over you?

    Oh, yes, it "outlaws" spyware... with a few hand picked exceptions that can be summed up with "spyware is outlawed unless some company uses it".

    In fact this legalizes spyware rather than outlawing it. Until now you could at least try to get a lawsuit going and at least get a humiliating settlement (humiliating for you, not the corp using spyware against you). See the Sony rootkit trials for details.

    With this in effect, the judge would have to throw it out of court even before anything starts, because it would certainly fit the "exceptions".
  • If you haven't already.. now would be a great time to read George Orwell's book 1984, because it seems we're getting closer and closer to the state of corporate spying and invasion of our private lives.

    For those interested, here is the entire book in pdf [msxnet.org] format.
  • Administration says this :

    "We were trying to do spying through government agencies, but it seems that due to public pressure we will have to eventually let go of it. So, we put out this act to allow private companies to spy on people, so we will be able to continue spying through private companies that are affiliated with us. And as its private and everyone can do this, noone can object"
  • List of sponsors (Score:3, Informative)

    by Comatose51 ( 687974 ) on Tuesday April 24, 2007 @08:06PM (#18863593) Homepage
    List of sponsors: http://thomas.loc.gov/cgi-bin/bdquery/z?d110:HR009 64:@@@P [loc.gov] I wonder how much donations from companies these guys get.
  • Blockquoth the poster:

    Exception Relating to Security- Nothing in this Act shall apply to--

    (1) any monitoring of, or interaction with, a subscriber's Internet or other network connection or service, or a protected computer, by a telecommunications carrier, cable operator, computer hardware or software provider, or provider of information service or interactive computer service, to the extent that such monitoring or interaction is for network or computer security purposes, diagnostics, technical support, o

  • Go to hell if they think spying on their customers is ok.
  • Congress doesn't even pretend they are doing this for consumers' benefit. I figured it wasn't going to be long before they finally just said, "Yeah, we're gonna screw you over. Whatcha gonna do? Vote for the other party?! HAW HAW HAW!"

  • Ah. Freedom at last. (Score:3, Informative)

    by mnemotronic ( 586021 ) <mnemotronic@gmPO ... om minus painter> on Wednesday April 25, 2007 @01:01AM (#18866203) Homepage Journal
    As a computer hardware and software provider who performs computer and network security diagnostics and technical support, I will soon be free to monitor and interact with *anyones* network connection, service, or computer. Legally.

    Stand back baby, I'm a Nessus [nessus.org] monkey with a long list [unixhub.com] of a**holes [blocklist.org], a can 'o nmap [insecure.org], a fully loaded Metasploit [metasploit.com], and I ain't afraid to use 'em.

  • Mission Creep (Score:3, Insightful)

    by xZoomerZx ( 1089699 ) on Wednesday April 25, 2007 @01:49AM (#18866545)
    1. Never underestimate the ability of a law to expand beyond it original ill-conceived boundaries given enough time. 2. States' rights have been non-existent for over 140 years, not just the last few. 3. Politics is about the accumulation of power in the hands of a few. 4. Read the sig. 5. Be afraid. Be very afraid.

"Wish not to seem, but to be, the best." -- Aeschylus