DMA Testifies Before Senate on Impact, Policy Implications of Spyware on Consumers and Businesses

June 11, 2008 — In testimony submitted today at a US Senate Commerce Committee hearing on the impact and policy implications of spyware on consumers and businesses and on S. 1625 (the Counter Spy Act), the Direct Marketing Association (DMA) praised the Committee for its interest in combating spyware. However, DMA expressed concern that a statutory approach might not achieve the desired purpose of limiting spyware, but rather, might have the unintended effect of interfering with important e-commerce and marketing functionalities.

“The combination of strong industry guidelines, anti-spyware technologies, and enforcement of existing laws over the past three years has limited pernicious software downloads, reducing spyware’s threat to the positive consumer experience online,” said Jerry Cerasale, DMA’s senior vice president for government affairs. “Together, we are winning the battle against such malicious practices, but that battle will be ongoing. Today’s solutions and remedies may be obsolete tomorrow. As technology continues to evolve rapidly, so, too, will the challenges posted by spyware and related bad practices.”

In particular, DMA expressed concern that the current language in Section 4(b)(2) of the bill could be interpreted to extend well beyond regulating “surreptitious surveillance” practices and thereby create compliance uncertainty that could potentially limit current and future critical e-commerce functions designed to make the Internet browsing experience seamless. To rectify this, DMA recommended that the Committee tailor this section to specifically target “bad practices,” rather than create the regulation of many legitimate information practices resulting from software.

Additionally, DMA expressed concern that Sections 6(a)(8) and (9) — provisions that would bestow limited liability on a business that removes “objectionable content” or software used in violation of the Act — were not well defined. Specifically, Cerasale noted that while the authority to remove “objectionable content” may appear reasonable on its face, the term “objectionable” is not defined and, consequently, Section 6(a)(8) would allow any anti-spyware entity to act unilaterally and without review, and block any material that it defines as “objectionable.”

Similarly, DMA believes Section 6(a)(9), which would permit a business to remove software used in violation of sections 3, 4 or 5 of the Act, was defined too broadly and, consequently, called upon the Committee to amend this provision. DMA supports a provider’s ability to remove or disable a program employed to perpetrate a bad act, stated Cerasale, but it is concerned that a provision as broad as Section 6(a)(9) would allow a provider to remove legitimate software without consequence.

Given its concerns about the aforementioned provisions, DMA’s testimony called upon the Committee to revisit these sections of S. 1625 and make revisions.

“If regulation is necessary — and we believe it is unclear that a need for legislation remains in light of recent technological innovations — it should be drafted in a manner that does not undermine current efforts or upset consumers’ expectations regarding the types of available, legitimate online marketing,” said Cerasale told the Senate committee.

# # #