Many of the definitions included in the bill make several popular free software
makers spyware were it not for the user consent they receive, albeit in some
cases rather unintentionally. As is the case with any legislation, in its ideal
state, the new rules and definitions would give users a sense of security while
not negatively impacting economic advances. Make a law too restrictive and new
development ceases - those inclined to do right no longer push forward, whereas
those who initially acted with impunity continue to do so. The same is true if
a law is too loose. In the end, the space suffers.
Among the more
interesting stories to arise, prior to the final signing of the Bill into law, is a
lawsuit brought by the FTC against Seismic Entertainment Productions, Inc., Smartbot.Net,
and Sanford Wallace.
To some the name Sanford Wallace carries no meaning. To others, especially
media buyers in the late 1990’s, that name equals the internet’s version of
Billy the Kid. Fewer people have associated with them the infamy that Sanford
does. For those unfamiliar with him or his story, he makes Scott Richter’s
OptInRealBig seem like a double opt-in, weekly newsletter. Email was the name of
Sanford’s game, and his notoriety stemmed from his PassThisOn.com site (or spam
trap according to some) which until recently was seemingly stuck in time, having
not changed in years. It not only earned him a lot of money but also the title
of Spam King.
That
Sanford might have installed ad spawning software on users’ computers is nothing
special. Many companies install adware on people’s computers. The FTC claims that what caused the
extreme ire in this case was that this application not only installed itself
without any form of end user agreement but the ad it most often showed was a
spyware removal one. To most people, it seemed like extortion – users receive an
unwanted application that would pop error messages and open the CD-ROM tray only
to be told they needed to buy a spyware removal program. The creator of the
spyware did not own or create the spyware removal product, he simply profited
from its great performance and vice versa.
It
is hard to say whether the advertiser who benefited gave back all their profit.
This case presents interesting questions with regards to who benefits and who is
liable. That the advertiser is guilty of poor judgment is in no doubt. Of course
an ad for spyware removal will do well when run on a spyware program. The
advertiser in this case didn’t install the program, but they did not complain
from its success. Chances are they probably didn’t know how they got their
inventory and were happy not knowing.
Unlike many forms of spyware that spread via email, this is alleged to have propagated through unexpected channels, ad networks. The accused, Seismic Entertainment are alleged to have done the media buys, most often through brokers. Supposedly, they would pay for a campaign, most likely unrelated to spyware, one suggestion being that it was commonly for a dating site; it is assumed that the dating site was not aware of the association between their ad and the alleged spyware installation.
Assuming that the above is accurate, by using their ad code and server, it meant that the accused could control what loaded when the browser request was made. They were as a result able to show a banner, but is alleged that they also took advantage of an Internet Explorer exploit and installed the spyware on users’ machines when loading the banner.
Spyware is an important issue, and in many ways the legislation represents
legitimate action on behalf of the users to provide a trusting online
environment. Companies that purchase media using browser exploits, along with
free software that has more ads than perceived end-user value, harm our business
immeasurably. These types of programs and activities without question should be
stopped. The hope is that the ever increasing legislation both in number of laws
and speed with which they are passed won’t have the stifling affect they could
and create a lawlessness among parts of our space.
Related links:
http://www.ftc.gov/os/caselist/0423142/0423142.htm
http://web.archive.org/web/20031201013907/http://default-homepage-network.com/
http://web.archive.org/web/20040207144001/default-homepage-network.com/index.html
http://66.102.7.104/search?q=cache:jrtiQre7ZlMJ:passthison.com/+&hl=en
http://www.default-homepage-network.com/
http://www.passthison.com
http://www.pestpatrol.com/PestInfo/p/passthison.asp
Jay Weintraub
