- The Washington Times - Sunday, October 30, 2005

NEW YORK (AP) — A coalition of anti-spyware vendors and consumer groups have published guidelines to help consumers assess products designed to combat unwanted programs that sneak onto computers.

The Anti-Spyware Coalition released the guidelines last week for public comment and updated a separate document that attempted to craft uniform definitions for “spyware” and “adware” in hopes of giving computer users more control over their machines.

The Pew Internet & American Life Project said Internet users have become more cautious online because of worries about spyware and adware, which can bombard users with pop-up ads and drain processing power to the point of rendering computers unusable.

Nearly half of adults online in the United States have stopped visiting specific Web sites that they fear might infect them with such unwanted programs, and a quarter have ceased to use file-sharing software, which often comes bundled with adware.

In addition, 43 percent of Internet users say they have been hit with spyware, adware or both, with broadband users generally at greater risk.

The new guidelines from the coalition assign risk levels to various practices common in spyware and adware.

High-risk practices include installation without a user’s permission or knowledge, interference with competing programs, interception of e-mail and instant-messaging conversations and the display of ads without identifying the program that generated them.

Changing a browser’s home page or search engine setting is deemed a medium risk, while using data files called cookies to collect information is considered a low risk.

“Although all behaviors can be problematic if unauthorized, certain ones tend to have a greater impact and are treated with more severity than others,” the guidelines say.

The idea is to agree on what practices should concern consumers the most. Within the general rankings, individual vendors still have leeway to assign their own weight to each behavior in deciding whether to quarantine or remove a program when detected.

The coalition also offers similar rankings on consent.

High marks go to programs that are distributed as separate downloads in clearly labeled packages, while those that try to bury what they do in legalese are given low ratings.

The commenting period on the guidelines ends Nov. 27.

The guidelines could encourage industry “best practices” that developers of adware and other programs could follow to avoid getting flagged by anti-spyware vendors.

However, the coalition has yet to set a timetable for defining such practices, said Ari Schwartz of the Center for Democracy and Technology, which led the coalition.

Nonetheless, Mr. Schwartz said, last week’s announcements represent a start toward long-term improvements in anti-spyware tools and consumer education.

“There won’t be as much gray area, and we’ll have more transparency out there,” he said.

A separate coalition document defining spyware and related terms changed little from the draft issued in July.

The updated definitions document, reflecting nearly 400 comments received from the public, still flags as potential threats — an umbrella definition that includes spyware, adware and other categories such as “hijackers” and “cookies” — programs that:

• Impair users’ control over their systems, including privacy and security.

• Impair the use of system resources, including what programs are installed on their computers.

• Collect, use and distribute personal or otherwise sensitive information.

By classifying “adware” as falling under the umbrella term “Spyware and Other Potentially Unwanted Technologies,” the coalition avoided a key dispute that has led to lawsuits by adware developers against anti-spyware vendors: Is adware a form of spyware or are the two separate?

LOAD COMMENTS ()

 

Click to Read More

Click to Hide