The nascent Anti-Spyware Coalition is set to publish the first results of its work aimed at bolstering the fight against spyware.
The group, made up of makers of anti-spyware software, will release a proposed definition of spyware and a common lexicon, said Ari Schwartz, an associate director at the Center for Democracy and Technology, which has led the work of the group. Various consumer and industry organisations helped in the effort, he said.
Schwartz said: "Any unified approach to the spyware problem is going to require a common definition of what the problem is. One of the biggest challenges we have had with spyware has been agreeing on what it is."
Spyware and adware have become a major headache for computer users over the past few years. However, purveyors of the software defend the programs as legitimate marketing tools and take issue with anti-spyware makers when their products are flagged and removed. The coalition's goal is to draw clear lines, ultimately to help consumers keep their PCs clean.
The coalition defines spyware narrowly as software that gathers information about the user and is installed without adequate user notice, consent or control. The definition would mark as spyware any programs that are downloaded and installed surreptitiously or programs that secretly track which Web sites people visit, for example.
An expanded definition also includes other potentially malicious programs, such as software that provides backdoors for hackers or serves up ads on the user's screen.
In that definition, spyware and other potentially unwanted technologies are described as those that "impair users' control over: material changes that affect their user experience, privacy, or system security; use of their system resources, including what programs are installed on their computers; or collection, use, and distribution of their personal or otherwise sensitive information".
The group has also drafted procedures for dealing with software makers who believe their product has been unfairly flagged as spyware.
Critics fear that spyware makers stand to gain most from the coalition's work. It may give them the tools to prevent their software from being flagged and removed by anti-spyware products, said Ben Edelman, a Harvard law student and an adware and spyware researcher.
"The entities most urgently calling for uniform standards are those who make applications often labelled as spyware or adware," he said. "They hope to get a single definition that they can then manage to escape."
Internet users know which software they don't like, and anti-spyware makers should build their products based on that, Edelman said. "There's substantial benefit to letting anti-spyware vendors compete to best match users' desires and preferences," he said.
Both spyware and adware can sap computing power. They're often surreptitiously installed on computers to gather information about people that is used for advertising or provided to other interested parties. The market for tools to remove the unwanted software is booming.
Talkback
The tussle between definition and function
There is an inherent conflict between the definitional and functionality aspects. Anything that does not fit in the definition of a “wrong or crime” is not punishable howsoever culpable it may be. Thus, if the spywares are able to adjust their functioning in such a manner as to circumvent the penal sanctions of the law, then there will be no further solution. Thus, first of all the definition must be “inclusive” in nature and must start with the words “includes”. Secondly, the definition must be satisfied not in mere form but also in substance. In short, it must be as per the letter and spirit of the law. The best possible solution is to combine the definitional and functionality ideals and make the definition tamper proof and effective.