Internet and privacy experts yesterday warned consumers of a growing use of software often designed to steal the personal information of unwitting computer users who download it.
At a workshop sponsored by the Federal Trade Commission (FTC), panelists said computer “spyware” is the top complaint reported to technical support centers.
Like the recent viruses and worms that have spread to millions of computers worldwide, spyware has proven to be difficult to identify and remove. In some cases, spyware is prevalent enough on a computer that it drains the machine’s memory, causing it to malfunction or crash.
Spyware is generally considered any software program that is downloaded to a computer and performs illegal operations, usually without the user’s knowledge. Often, spyware is used to collect personal information or hijack a computer to send mass amounts of unwanted commercial e-mail, or spam.
“We’ve seen an increase in the sophistication of data gathering, and spyware can be included in that,” said FTC Commissioner Mozelle Thompson, who referred to the workshop as a “watershed event” in the effort to protect consumers from unwanted software on their computers.
Computer company Dell said yesterday that 12 percent of all calls to its technical support center relate to spyware and usually come from customers who don’t understand why their computers are malfunctioning or operating sluggishly.
McAfee, a Santa Clara, Calif., computer security firm, said it has seen a sharp rise in spyware since September and that more than 80 percent of the computers it scans have some sort of spyware. Among its most common finding were Web dialers, which are downloaded onto computers and can make long-distance calls using the phone lines of unsuspecting users.
Other spyware programs have been known to hijack Web browsers and direct them to advertisements or pornographic Web sites, or record the letters and numbers typed into a keyboard in an effort to steal passwords and other information. In most cases, computer users are unaware that these programs are on their computers. Internet provider Earthlink said last week that the average computer contains about 28 pieces of spyware.
Solving the spyware issues may prove as difficult as other technological issues recently addressed by the FTC, such as spam and identity theft. Panelists were unable to even agree upon a clear definition of spyware, and most cautioned the FTC to address the problem without infringing on the use of similar programs with legitimate purposes.
“I worry that some technologies that are otherwise benign might get corralled in and become collateral damage in a well-intentioned fight,” said J. Trevor Hughes, executive director of the Network Advertising Initiative, a collection of companies involved in online marketing.
Mr. Hughes and others defended marketers’ use of “adware,” which is technologically similar to spyware but is downloaded only with permission. Computer users often agree to download adware, which connects the computer to pop-up ads and other online advertising, in exchange for free software, such as a file-sharing program.
Experts said the line between honest adware companies and spyware can be thin, and a set of industry guidelines will help separate the honest companies from those operating illegally, as well as decrease the need for government regulation.
Utah recently passed a law prohibiting certain kinds of spyware. Congress and lawmakers in California are exploring similar bills. But it is not clear what effect, if any, legislation will have on the spyware problem. Panelists said the makers of spyware, like spammers, are difficult to identify and often operate overseas, where they are shielded from U.S. laws.
“The really bad people are not going to be dissuaded by a law made here,” said Andrew McLaughlin, senior policy counsel for Internet search company Google. “They’re not operating here, and we’re dealing with a global Internet.”
Please read our comment policy before commenting.