New spyware definitions ‘a starting point’
NEW YORK — Anti-spyware vendors and consumer groups took a stab at issuing uniform definitions for “spyware” and “adware” today in hopes of giving computer users more control over their machines.
The definitions seek clarity that could help improve anti-spyware products, educate consumers and fend off lawsuits from developers of software that sneaks onto computers.
It’s not clear what, if anything, the taxonomy itself might accomplish in ending the deception involved in placing intrusive and damaging programs on people’s computers.
The 13-page document is silent, for instance, on what developers must do to obtain consent from consumers. Nor does the document, still formally a draft, clearly state how specific programs might fall under a certain category.
“It’s not the end game but it’s a great starting point,” said Dave Cole, director of product management at Symantec Corp., a member of the coalition that spent three months crafting the terms. “You’ve got to have a foundation, a common vocabulary to start with … and have all of us speak the same language.”
Forty-three percent of adult U.S. Internet users say they’ve been hit with spyware, adware or both, according to the Pew Internet and American Life Project. More than 90 percent of Internet users have changed their online behavior, meanwhile, to try to avoid becoming victimized.
By classifying “adware” as falling under the umbrella term, “Spyware and Other Potentially Unwanted Technologies,” the coalition avoided a key dispute that has led to lawsuits: Is adware a form of spyware or are the two separate?
The coalition recognized that not all advertising software is unwanted and restricted the use of “adware” to the potentially unwanted kind. It created a separate category for “hijackers” that change browser settings and noted that some data files, or “cookies,” have legitimate uses for saving preferences.
The industry can now discuss and define how specific technologies or practices harm users, said Ari Schwartz of the Center for Democracy and Technology, which led the coalition. He said more specific guidelines are expected this fall.
The definitions themselves could undergo revision after a one-month period for public comment.
Release of the definitions comes as Microsoft Corp. acknowledges that it has revised its treatment of adware made by Claria Corp., formerly known as Gator Corp.
Instead of putting the programs in “quarantine,” Microsoft’s anti-spyware tool recommends users “ignore” the items it detects. Microsoft said the change was unrelated to speculation that Microsoft has been in talks to buy Claria.