Article

A United States perspective on the ethical and legal issues of spyware

Authors:

Janice C. Sipior,

Burke T. Ward,

Georgina R. RoselliAuthors Info & Claims

ICEC '05: Proceedings of the 7th international conference on Electronic commerce

Pages 738 - 743

https://doi.org/10.1145/1089551.1089684

Published: 15 August 2005 Publication History

Get Access

Abstract

Spyware is regarded as the largest threat to internet users since spam, yet most users do not even know spyware is on their personal computers. Ethical and legal concerns associated with spyware call for a response. A balance must be found between legitimate interests of spyware installers, who have obtained informed consent of users who accept advertisements or other marketing devices, and users who are unwitting targets. Currently, there is not widespread awareness or understanding of the existence of spyware, its effects, and what remedies are available to defend against it. For industry sectors subject to data collection and protection laws, spyware results in unintentional noncompliance. This paper examines the ethical and legal issues of spyware from a United States perspective. First, the increasing prevalence of spyware is discussed. Various types of spyware are then overviewed. Ethical and legal concerns, including privacy invasion, surreptitious data collection, direct marketing, hijacking, and trespass are discussed. Finally, various methods of responding to spyware, including approaches by consumers, industry, and the U.S. government, are addressed, calling for a need to resolve escalating concerns of users while balancing the beneficial use of spyware as a legitimate marketing tool.

References

[1]

Bugged by spyware? (2003). Database and Network Journal, 33(16): 22--23.

Google Scholar

[2]

Internet Spyware (I-SPY) Prevention Act of 2005 (HR 744.IH), http://thomas.loc.gov/cgi-bin/query/D?c109:1:/temp/~c109XoBJWT:, visited March 15, 2005.

Google Scholar

[3]

SPY ACT (HR 29.IH) http://thomas.loc.gov/cgi-bin/query/D?c109:1:/temp/~c109XoBJWT::, visited March 15, 2005.

Google Scholar

[4]

Bank, D. (2004). What's that sneaking into your computer? Wall Street Journal, 26 April: R1.

Google Scholar

[5]

Batchelar, R. (2004). Don't be snookered by sneaky spyware, Australasian Business Intelligence, March: 14c.

Google Scholar

[6]

Bloustein, E. (1964). Privacy as an aspect of human dignity: An answer to Dean Prosser. NYU Law Review, 39: 962--1007.

Google Scholar

[7]

Borland, J. (2003). Spike in "spyware" accelerates arms race, CNET News.com, 24 February: http://news.com.com/ 2009-1023-985524.html.

Google Scholar

[8]

Canter, S. (2004). No-cost ad blocking; PAC files are even better than HOSTS files for blocking Web site ads, PC Magazine, 23(19): 70.

Google Scholar

[9]

Carlson, C. (2004). Spyware beware, eWeek, 21(26): 33.

Google Scholar

[10]

Carroll, S. (2004). How to avoid spyware, PCMagazine, 23(4): 79.

Google Scholar

[11]

Center for Democracy & Technology (2003). Ghosts in our machines: Background and policy proposals on the 'spyware' problem, November. www.cdt.org/privacy/031100spyware.pdf, visited October 25, 2004.

Google Scholar

[12]

Clyman, J. (2004). Antispyware: Adware and spyware are a growing nuisance and threat, PC Magazine, 23(13): 82.

Google Scholar

[13]

Coggrave, F. (2003). Is someone using spyware to monitor how your employees are using their computers? Computer Weekly, 11 November: 38.

Google Scholar

[14]

Delaney, K. J. (2004). Videogame makers borrow TV's tactics for selling ads, Wall Street Journal, 18 October: B5.

Google Scholar

[15]

Direct Marketing Association. (2002). Economic impact: U.S. direct & interactive marketing today executive summary- 2002: Interactive marketing: http://www.the-dma.org/cgi/registered/research/libresecoimpactinteractive.shtml.

Google Scholar

[16]

Duntemann, J. (2004). Degunking your PC, PC Magazine, 23(14): 60.

Google Scholar

[17]

Earthlink (2005). Earthlink spy audit, http://www.earthlink.net/spyaudit/press, visited March 15, 2005.

Google Scholar

[18]

Edvalson, R. (2004). Commentary: Explorer's pitfalls aren't easy to avoid, but choices exist, The Idaho Business Review, 2 August: 1.

Google Scholar

[19]

FTC (2004a). FTC consumer alert: Spyware, October 2004, http://www.ftc.gov./bep/conline/pubs/alerts/spywarealrt.htm, visited October 17, 2004.

Google Scholar

[20]

FTC (2004b). Prepared statement of the Federal Trade Commission before the Committee on Energy and Commerce, Subcommittee on Commerce, Trade, and Consumer Protection, United States House of Representatives, Washington, D.C., April 29, 2004, http://www.ftc.gov/os/2004/04/040429spywaretestimony.html visited October 18, 2004.

Google Scholar

[21]

FTC (2004c). Conference: Monitoring software on your PC: Spyware, adware, and other software, April 19, 2004, www.ftc.gov/workshops/spyware/index.htm, visited October 18, 2004).

Google Scholar

[22]

FTC (2004d). Spyware poses a risk to consumers, April 29, 2004. http://www.ftc.gov/opa/2004/04/spywaretest. htm, visited October 25, 2004.

Google Scholar

[23]

Furger, R. (2000). Who's watching you on the web? PC World, March: 33.

Google Scholar

[24]

Gilmour, K. (2004). Destroy all spam and spyware, Internet Magazine, February: 24--33.

Google Scholar

[25]

LoVerso, J. R. (2004). Bust banner ads with proxy auto configuration, www.schooner.com/~loverso/no-ads, visited October 28, 2004.

Google Scholar

[26]

Norian, P. (2003). The Struggle to Keep Personal Data Personal: Attempts to Reform Online Privacy and How Congress Should Respond, Catholic University Law Review, Volume 52, Number 803, p. not available.

Google Scholar

[27]

Radcliffe, D. (2004). Spyware: How to fight back against insidious attacks from cookies gone bad, Network World, 21(4): 51.

Google Scholar

[28]

Rensberger, D. (2002). We are not alone: Spam and spyware, Searcher, April: 20--26.

Google Scholar

[29]

Roberts, P. (2004). Your PC May Be Less Secure Than You Think, IDG News Service, October 25, http://www.peworld.com/news/article/0,aid,118311.00.asp, visited March 15, 2005.

Google Scholar

[30]

Rubenking, N. J. (2004). 11 signs of spyware, PC Magazine, 23(4): 79.

Google Scholar

[31]

Smith, G. (1999). Tracking brawl: Is Big Brother watching you online, or are you just paranoid? ABCNews.com, 17 December.

Google Scholar

[32]

Sullivan, A. (2004). Spyware emerges as new online threat, Boston Globe 19 April: C2.

Google Scholar

[33]

Urbach, R. R. and G. A. Kibel (2004). Adware/spyware: An update regarding pending litigation and legislation, Intellectual Property and Technology Law Journal, 16(7):12+

Google Scholar

[34]

Warren, S. D. and L. D. Brandeis (1890). The right of privacy, Harvard Law Review, December: 193--220.

Google Scholar

[35]

Ding, W., and Marchionini, G. A Study on Video Browsing Strategies. Technical Report UMIACS-TR-97-40, University of Maryland, College Park, MD, 1997.

Digital Library

Google Scholar

[36]

Fröhlich, B. and Plate, J. The cubic mouse: a new device for three-dimensional input, Proceedings of the SIGCHI conference on Human factors in computing systems (CHI '00) (The Hague, The Netherlands, April 1--6, 2000). ACM Press, New York, NY, 2000, 526--531.

Digital Library

Google Scholar

[37]

Lamport, L. LaTeX User's Guide and Document Reference Manual. Addison-Wesley, Reading, MA, 1986.

Google Scholar

[38]

Sannella, M. J. Constraint Satisfaction and Debugging for Interactive User Interfaces. Ph.D. Thesis, University of Washington, Seattle, WA, 1994.

Digital Library

Google Scholar

Cited By

View all

Benton KCamp LGarg V(2013)Studying the effectiveness of android application permissions requests2013 IEEE International Conference on Pervasive Computing and Communications Workshops (PERCOM Workshops)10.1109/PerComW.2013.6529497(291-296)Online publication date: Mar-2013
https://doi.org/10.1109/PerComW.2013.6529497
Borg ABoldt MCarlsson B(2011)Simulating Malicious Users in a Software Reputation SystemSecure and Trust Computing, Data Management and Applications10.1007/978-3-642-22339-6_18(147-156)Online publication date: 2011
https://doi.org/10.1007/978-3-642-22339-6_18
Rowe N(2009)The Ethics of Deception in CyberspaceHandbook of Research on Technoethics10.4018/978-1-60566-022-6.ch034(529-541)Online publication date: 2009
https://doi.org/10.4018/978-1-60566-022-6.ch034
Show More Cited By

Index Terms

A United States perspective on the ethical and legal issues of spyware
1. Security and privacy
2. Social and professional topics
  1. Computing / technology policy
    1. Computer crime
    2. Intellectual property

Recommendations

A Data-driven Characterization of Modern Android Spyware

According to Nokia’s 2017 Threat Intelligence Report, 68.5% of malware targets the Android platform; Windows is second with 28%, followed by iOS and other platforms with 3.5%. The Android spyware family UAPUSH was responsible for the most infections, ...
A review of spyware campaigns and strategies to combat them
InfoSecCD '06: Proceedings of the 3rd annual conference on Information security curriculum development

While they seem very similar, often using the same tools and techniques, spyware installations are carried out for very different reasons than traditional malware attacks. Consequently, different strategies must be used to fight them. Malware is usually ...
Stopping spyware at the gate: a user study of privacy, notice and spyware
SOUPS '05: Proceedings of the 2005 symposium on Usable privacy and security

Spyware is a significant problem for most computer users. The term "spyware" loosely describes a new class of computer software. This type of software may track user activities online and offline, provide targeted advertising and/or engage in other ...

Reviews

Reviewer: Arthur E. Salwin

Even casual users of the Internet have heard of computer viruses and the need to protect against them. However, a new threat?spyware?has emerged; many are unaware of it, and have become victims. Even large corporations are targets, and can run afoul of federal law because of it. For example, the financial services and healthcare industries are required to maintain the privacy of financial and patient information. Because of spyware, they may unwittingly reveal the information they are required to protect. So what is spyware__?__ It can be defined as any software that covertly gathers user information through Internet connections without the user's knowledge or permission. According to one survey, spyware is present on 80 percent of home PCs, with most users unaware of its presence. This timely paper presents an overview of the types of spyware, which include cookies, adware, Trojan horses that hijack one's computer, and system monitors. It then explores the ethical and legal implications, and the threats that spyware imposes. Next, technical countermeasures, proposed legal remedies, and industry self-regulation are discussed. The authors feel that informed user consent and awareness are the key distinctions between software installed on a machine for a legitimate purpose and malicious spyware. It is clear that the threat is not going to go away any time soon, and spyware protection needs to be added to users' arsenals to protect their machines and their privacy. Online Computing Reviews Service

Access critical reviews of Computing literature here

Become a reviewer for Computing Reviews.

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

ICEC '05: Proceedings of the 7th international conference on Electronic commerce

August 2005

957 pages

ISBN:1595931120

DOI:10.1145/1089551

Conference Chairs:
Qi Li
Xi'an Jiaotong University, China
,
Ting-Peng Liang
Sun Yat-Sen University, Taiwan, China

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 15 August 2005

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Article

Acceptance Rates

Overall Acceptance Rate 150 of 244 submissions, 61%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

5
Total Citations
View Citations
2,421
Total Downloads

Downloads (Last 12 months)18
Downloads (Last 6 weeks)1

Reflects downloads up to 29 Sep 2024

Other Metrics

View Author Metrics

Citations

Cited By

View all

Benton KCamp LGarg V(2013)Studying the effectiveness of android application permissions requests2013 IEEE International Conference on Pervasive Computing and Communications Workshops (PERCOM Workshops)10.1109/PerComW.2013.6529497(291-296)Online publication date: Mar-2013
https://doi.org/10.1109/PerComW.2013.6529497
Borg ABoldt MCarlsson B(2011)Simulating Malicious Users in a Software Reputation SystemSecure and Trust Computing, Data Management and Applications10.1007/978-3-642-22339-6_18(147-156)Online publication date: 2011
https://doi.org/10.1007/978-3-642-22339-6_18
Rowe N(2009)The Ethics of Deception in CyberspaceHandbook of Research on Technoethics10.4018/978-1-60566-022-6.ch034(529-541)Online publication date: 2009
https://doi.org/10.4018/978-1-60566-022-6.ch034
Boldt MCarlsson BLarsson TLindén N(2007)Preventing Privacy-Invasive Software Using Collaborative Reputation SystemsSecure Data Management10.1007/978-3-540-75248-6_10(142-157)Online publication date: 2007
https://doi.org/10.1007/978-3-540-75248-6_10
Boldt MCarlsson B(2006)Privacy-Invasive Software and Preventive MechanismsProceedings of the International Conference on Systems and Networks Communication10.1109/ICSNC.2006.62Online publication date: 29-Oct-2006
https://dl.acm.org/doi/10.1109/ICSNC.2006.62

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Cited By

Index Terms

Recommendations

A Data-driven Characterization of Modern Android Spyware

A review of spyware campaigns and strategies to combat them

Stopping spyware at the gate: a user study of privacy, notice and spyware

Reviews

Access critical reviews of Computing literature here