House Toughens Spyware Penalties

Scott Morris swm at
Fri Oct 8 20:54:23 UTC 2004

Oh, how festive.  Anyone got that "Bill (Gates) Blocker" filter ready?  :)

Left to their own devices, congressmen should NOT be allowed to write bills
about things they don't understand.  Well...  Ok, that's too restrictive.
No bills would ever get written.  

We'll still see the same problems coming from the same non-US places where
it isn't exactly feasible to prosecute.  But it made someone someplace feel
better, I'm sure!


-----Original Message-----
From: owner-nanog at [mailto:owner-nanog at] On Behalf Of
Sent: Friday, October 08, 2004 4:33 PM
To: nanog at
Subject: FW: House Toughens Spyware Penalties

 It all reads ok until the latter part... shudder...


-----FW: <200410081600530249.000E013B at>-----

Date: Fri, 08 Oct 2004 16:00:53 -0400
Sender: cybercrime-alerts-bounce at
From: cybercrime-alerts <alerts at>
To: cybercrime-alerts at
Subject: House Toughens Spyware Penalties

October 8, 2004
House Toughens Spyware Penalties

For the second time in three days, the U.S. House of Representatives has
passed an anti-spyware bill, this time adding criminal penalties to tough
civil provisions of legislation passed on Tuesday. 

The Internet Spyware Prevention Act of 2004 (H.R. 4661), which passed on a
415-0 vote Thursday, makes it a crime to intentionally access a computer
without authorization or to intentionally exceed authorized access. If the
unauthorized intrusion is to further another federal crime such as secretly
accessing personal data, the penalty is up to five years in prison. 

Deliberately injuring or defrauding a person or damaging a computer through
the unauthorized installation of spyware carry prison terms of up to two
years. The legislation also authorizes $10 million for the Department of
Justice to combat spyware and phishing (define) scams, although the bill
does not specifically make phishing a crime. 

"By imposing criminal penalties on these bad actors, this legislation will
help deter the use of spyware, and will thus help protect consumers from
these aggressive attacks," Rep. Bob Goodlatte (R-VA), the bill's author,
said in a statement. "At the same time, the legislation leaves the door open
for innovative technology developments to continue to combat spyware

Tuesday night, the House passed legislation prohibiting unfair or deceptive
practices related to spyware. The bill, known as the Spy Act (H.R. 2929),
also requires an opt-in notice and consent form for legal software that
collects personally identifiable information from consumers. The penalties
in H.R. 2929 are limited to civil fines of up to $3 million. 

Both bills now go the Senate, which has pending legislation similar to the
House bills. House Energy and Commerce Committee Chairman Joe Barton
(R-Texas) said earlier this week he thought the two chambers could agree on
a spyware bill before lawmakers adjourn on Friday or Saturday. 

"[We've] seen several egregious examples of spyware being used in ways that
most Americans would think clearly ought to be criminal," Ari Schwartz,
associate director of the Center for Democracy and Technology, said in
another statement. "The bill will help make sure there are strong deterrents
to using spyware to defraud or injure consumers." 

The two House bills are supported by a broad array of trade groups,
including the U.S. Chamber of Commerce and the Business Software Alliance
(BSA). "This anti-spyware legislation ensures that criminal penalties are
imposed upon those persons who aim to harm innocent Internet users via
spyware applications," said Robert Holleyman, president and CEO of the BSA. 

Dell (Quote, Chart), eBay (Quote, Chart)>, Microsoft (Quote, Chart), Time
Warner (Quote, Chart), Yahoo (Quote, Chart) and Earthlink (Quote, Chart)
endorsed the Tuesday legislation. They did so after exemptions were added to
the bill for network monitoring for security purposes, technical support or
repair, or the detection or prevention of fraudulent activities. 

The bill also permits computer software providers to interact with a user's
computer without notice and consent in order to determine whether the
computer user is authorized to use the software upon initialization of the
software or an update of the software. 

"Every day thousands of unsuspecting Americans have their identities
hijacked by a new breed of cyber criminals because of spyware. People whose
identities have been stolen can spend months or years -- and much of their
hard-earned money -- trying to restore their good name and credit record.
This legislation will help prevent bad things from happening to good names,"
Rep. Lamar Smith
(R-Texas) said. 

Articles distributed for the purposes of education, discussion and review.

Archives and Subscription Updates:
PGP Key:


--------------End of forwarded message-------------------------

                     |\ __ /|   (`\            
                     | o_o  |__  ) )           
                    //      \\                 
  -  nmh at  -  Powered by FreeBSD  -
 "The term "daemons" is a Judeo-Christian pejorative.
 Such processes will now be known as "spiritual guides"
  - Politicaly Correct UNIX Page

 Opportunity is missed by most people because it is dressed in overalls and
looks like work.
   - Thomas Edison

 "Microsoft isn't evil, they just make really crappy operating systems."
   - Linus Torvalds

  If you want to go backwards, you put it in 'R,' and if you want to go
forward, you put it in 'D'
  -- Sen. Tom Harkin (D-IA)

More information about the NANOG mailing list