Want CNET to notify you of price drops and the latest stories?

Australians take aim at spyware

Those convicted of installing spyware or cookies could face up to two years in prison, under new Australian legislation.

2 min read
Under new Australian legislation introduced by Democrats in the country, anyone convicted of installing spyware or cookies on computers without permission would face imprisonment of up to two years.

Brian Greig, the Democrats' information technology spokesman, said Thursday that the Spyware Bill 2005 was not designed to ban spyware or other unauthorized installations but to require companies to obtain permission from the owner of the computer before proceeding.

"It is this authorization that is at the heart of the Australian Democrats' proposals," Greig told the Senate. "Namely that no program or cookie or any other form of tracking device is to be installed on any computer without the user of that computer being given full and clear information as to the purpose of that computer or tracking device.

"Furthermore, once installed, each program or monitoring or tracking device must make it easy for the user to completely remove or uninstall it."

Spyware is an increasingly ubiquitous problem. A recent study revealed that around 90 percent of malicious programs found on both home and corporate PCs turned out to be spyware.

Frost & Sullivan security analyst James Turner has said that until anti-spyware utilities are easier to use, "the majority of Internet users will not be able to adequately protect themselves".

Greig said the legislation had to cover programs that are not intrinsically malicious but could be used with ill intent.

"One program, which records every stroke of the keyboard by a user, can be used by hackers to gain credit card numbers or by security-conscious financial organizations acting with the full knowledge of their employees," he said.

In the case of adware, the legislation states, companies should include an identifiable link that users can click on that informs them how to turn off the advertising feature or uninstall the software.

The bill requires companies to provide an example of the type of advertisement that may be delivered by the software, along with a clear description of the estimated frequency of the advertisement and how people can distinguish the type of ads delivered by different software programs.

It also requires that companies inform the user of the nature, volume and likely impact on the computer's processing capacity of any computational or processing tasks the software will cause the computer to perform.

The software must appear in the "Add/Remove Programs" menu or any similar feature provided by the operating system and be easily and completely removable using normal procedures for removing computer software.

Kristyn Maslog-Levis of ZDNet Australia reported from Sydney.