Spyware :
Over the last several years, a loosely defined collection of computer software known as “Spyware” has become the subject of growing public alarm. Computer users are increasingly finding programs on their computers that they did not know were installed and that they cannot uninstall, that create privacy problems and open security holes, that can hurt the performance and stability of their systems, and that can lead them to mistakenly believe that these problems are the fault of another application or their Internet provider.
The term “spyware” has been applied to everything from keystroke loggers, to advertising applications that track users’ web browsing, to web cookies, to programs designed to help provide security patches directly to users. More recently, there has been particular attention paid to a variety of applications that piggyback on peer-to-peer file-sharing software and other free downloads as a way to gain access to people’s computers. This report focuses primarily on these so-called “adware” and other similar applications, which have increasingly been the focus of legislative and regulatory proposals.
Many of these applications represent a significant privacy threat, but in our view the larger concerns raised by these programs are transparency and user control, problems sometimes overlooked in discussions about the issue and to a certain extent obscured by the term “spyware” itself.
In this report, we hope to:
• identify the range of applications referred to as “spyware;”
• clarify the core problem raised by these invasive applications;
• give examples of several varieties of applications that fall into this category;
• describe other kinds of software that have often (and we think, mistakenly) been lumped together with spyware;
• investigate the connection between spyware and peer-to-peer software;
• evaluate policy and other solutions to the spyware problem;
• and provide tips for users about what they can do today to protect their personal information and their computers from these programs.
The term “spyware” has been applied to everything from keystroke loggers, to advertising applications that track users’ web browsing, to web cookies, to programs designed to help provide security patches directly to users. More recently, there has been particular attention paid to a variety of applications that piggyback on peer-to-peer file-sharing software and other free downloads as a way to gain access to people’s computers. This report focuses primarily on these so-called “adware” and other similar applications, which have increasingly been the focus of legislative and regulatory proposals.
Many of these applications represent a significant privacy threat, but in our view the larger concerns raised by these programs are transparency and user control, problems sometimes overlooked in discussions about the issue and to a certain extent obscured by the term “spyware” itself.
In this report, we hope to:
• identify the range of applications referred to as “spyware;”
• clarify the core problem raised by these invasive applications;
• give examples of several varieties of applications that fall into this category;
• describe other kinds of software that have often (and we think, mistakenly) been lumped together with spyware;
• investigate the connection between spyware and peer-to-peer software;
• evaluate policy and other solutions to the spyware problem;
• and provide tips for users about what they can do today to protect their personal information and their computers from these programs.