DMA Offers Support for House Spyware Bill; 'I-SPY' Act Balances Protections for Consumers and Businesses

May 3, 2007 — As lawmakers look for ways to protect Americans from spyware, the Direct Marketing Association (DMA) today offered support for H.R. 1525, the Internet Spyware Prevention Act of 2007 (“I-SPY”). The bill is now being considered by the US House of Representatives’ Committee on the Judiciary’s Subcommittee on Crime, Terrorism, and Homeland Security.

In a letter submitted to bill sponsors Representatives Zoe Lofgren (D-CA) and Bob Goodlatte (R-VA) in advance of a subcommittee hearing scheduled for today, DMA reiterated its support for legislation “that combats spyware by identifying and making illegal specific bad acts and by providing resources for enforcement against bad actors.”

“The approach taken by the I-SPY Act to prevent spyware complements DMA’s position,” said Steven Berry, DMA’s executive vice president for government and consumer affairs. “The bill appropriately makes illegal specific conduct, rather than attempting to regulate technology or legitimate and important emerging online practices.”

Berry also said the legislation would be “effective in addressing illicit practices while minimizing the effect on legitimate businesses offering consumer products and services via the Internet.”

The I-SPY Act specifically would prohibit individuals or companies from intentionally accessing a protected computer without authorization through the use of a computer program or code, and intentionally using that program or code to commit a crime or to obtain or transmit personal information or impair the security protection or cause damage to the computer.

H.R. 1525 also expresses the sense of Congress that the US Department of Justice should vigorously prosecute those who use spyware to commit crimes and those that conduct phishing and pharming scams.

DMA has long supported voluntary and regulatory efforts to combat the spread of programs that install deceptive, fraudulent, or harmful software on people’s computers without their knowledge. In January 2006, DMA adopted mandatory guidelines that members must follow when their online marketing efforts involve the use of downloadable software programs.

DMA’s guidelines, which were referenced in its letter to Congress, states that marketers should not install, have installed, or use, software or other similar technology on a computer or similar device that initiates deceptive practices or interferes with a user’s expectation of the functionality of the computer and its programs. Such practices could include software that takes control of a computer (e.g., relaying spam and viruses, modem hijacking, denial-of-service attacks, or endless-loop pop-up advertisements). Also prohibited would be programs that deceptively modify or disable security or browser settings or prevent the user’s efforts to disable or uninstall the software.

DMA’s guidelines also lay out what marketers should do when offering software or other similar technology that is installed on a computer for legitimate marketing purposes. Specifically, such programs must give the user clear and conspicuous notice and choice at the point of joining a service or before the software or other similar technology begins operating on the user’s computer, including notice of significant effects of having the software or other similar technology installed. Marketers must also give the user an easy means to uninstall the technology and/or disable all functionality. Finally, marketers should always provide an easily accessible link to privacy policies and contact information, as well as clear identification of the company making the offer.

More information about DMA’s Guidelines for Ethical Business Practices is available online at www.the-dma.org/guidelines.

# # #