Two spyware bills have been passed in the House of Representatives by overwhelming margins. Election-year scheduling may very well doom these bills, preventing consideration in the Senate, but consumers will not be without protection.
Legal recourse already exists, as evidenced by October’s announcement of the Federal Trade Commission’s (FTC) lawsuit against an alleged spyware distributor. So why the legislative fervor for new spyware laws?
The advent of new technologies brings with it new laws, or so it might seem. Yet this isn’t necessarily the case. More often than not, new technologies just provide new ways for doing old crimes. But lawmakers feel the pressure to hurry up and do something, and in their zeal to cure technology-related harms they propose redundant and confusing laws. This approach holds true with the pending spyware bills.
Wouldn’t it be great if there were some formula or test for determining the real need for new technology-related legislation? Or if Congress followed some standard mode of analysis, analogous to the familiar scrutiny a court provides in a First Amendment case or the cost-benefit analysis employed by some regulatory agencies?
In many ways, we already have such an analytical framework. We can turn to a four-year-old report available from the Department of Justice titled The Electronic Frontier: The Challenge of Unlawful Conduct Involving the Use of the Internet. It was published by the Working Group on Unlawful Conduct on the Internet, created by a 1999 Executive Order from then-President Bill Clinton.
Are New Laws Needed?
The working group was charged with analyzing online conduct in light of existing laws. It recommended that online conduct be treated consistently with offline conduct, in a technology-neutral manner. The report considered three main steps to determine whether new technology-related laws are needed.
First, it suggested lawmakers identify the conduct and the laws applicable to it. Are there existing laws that address unlawful conduct involving the use of the new technology?
Second, ask whether novel ways are needed to detect and catch the wrongdoers. Does the legislation provide not only new law, but also new tools or capabilities to investigate and prosecute the bad conduct?
Third, analyze current and potential market alternatives to government legislation. What is the potential for using education and empowerment tools to minimize the risks for such conduct?
How Spyware Laws Fare
Using the federal government’s own test for analyzing the need for technology-related laws, how do current legislative attempts to address spyware measure up?
Existing Laws: The FTC already regulates unfair and deceptive trade practices under the Federal Trade Commission Act. Federal law governs wire fraud, including someone who uses the Internet to commit a fraud. Provisions of the Computer Fraud and Abuse Act make it illegal to intercept a communication without a court order and could apply to some uses of spyware that co-opt control of computers or exploit Internet connections. State trespass, contract, tort, and fraud laws also apply.
New Tools for Investigation or Prosecution: The Internet presents a challenge to law enforcement because it is global, lacks boundaries, and provides for anonymity. But the pending spyware bills don’t change the nature of the Internet or provide law enforcement with investigative tools it doesn’t already possess.
Education & Empowerment Alternatives: A number of products exist to eliminate unwanted applications. New Internet security products are including privacy-protecting software. Microsoft Chairman Bill Gates recently said his company is working on solving spyware problems. In short, the market is working to protect consumers.
Existing laws adequately address any misuse of software resulting in fraud or other deceptive acts. The FTC is already on record as concluding specific spyware legislation is unnecessary.
Congress should allow the combination of technological innovation, consumer education, and the enforcement of existing laws to progress.
Braden Cox ([email protected]) is technology counsel for the Competitive Enterprise Institute in Washington, DC.