WASHINGTON -- A key committee in the U.S. House of Representatives unanimously approved anti-spyware legislation Wednesday that includes revisions designed to make the bill more palatable to business interests.
HR29, the Securely Protect Yourself Against Cyber Trespass Act, or Spy Act, is sponsored by Rep. Mary Bono (R-California). It aims to prevent spyware purveyors from hijacking a homepage or tracking users' keystrokes, requires that spyware programs be easily identifiable and removable, and allows for the collection of personal information only after express consent is given by users.
The bill also exponentially increases fines against abusers, authorizing the Federal Trade Commission to fine violators up to $3 million per infraction.
"To my mind, invading a personal computer is no different than breaking and entering a person's home," said House Commerce Committee chairman Joe Barton (R-Texas). "Those who do it are crooks, if not strictly burglars.... I want the FTC to go after them with a vengeance."
Some technology companies, concerned that overzealous anti-spyware legislation could sweep up legitimate software in its dragnet, have in recent weeks successfully lobbied for changes that narrow the bill's scope.
In February, Rep. Clifford Stearns (R-Florida), chairman of the Subcommittee on Commerce, Trade and Consumer Protection, attached an amendment that would exempt software cookies, including third-party cookies, from the spyware definitions covered by the bill.
That amendment also exempted embedded ads on web pages from the bill's requirement that online ads (often pop-ups that appear without a site's sanction) include identifying information so consumers can find and remove the software causing them.
On Wednesday, Stearns introduced a new amendment that would create another exemption, this time for web "beacons" (HTML and JavaScript that facilitate the ordinary construction of web pages but don't monitor consumers' behavior or gather information about those users). Such code wouldn't be considered spyware under the bill's new provisions.
New language also affirms that companies can monitor activity on their own websites, and direct advertising of their own products based on that monitoring, without being subject to the bill's notice-and-consent provision.
In addition to other technical changes, Stearns' amendment would create a new prohibition on "evil twin" attacks, in which hackers create malicious Wi-Fi hotspots in order to lure unsuspecting users. Once the user logs in, the hacker can intercept data or direct users to spoof sites designed to collect personal information.
While the bill received unanimous approval from the Commerce Committee (and is expected to garner wide support in the full House), there remained lingering concerns about certain provisions that could lead to more tinkering before the bill hits the House floor.
Ranking committee member Rep. John Dingell (D-Michigan) said he's worried the bill's cookie exemption might be too broad.
"At least with respect to cookies, we need to make sure that we are not creating dangerous loopholes that are inconsistent with the purposes of this legislation," he said.
Despite such concerns, however, HR29 appears on the fast track for passage this year. One potential hurdle is the Senate, which failed to enact its own anti-spyware legislation in the last session even after the House passed last year's version of Bono's bill by an overwhelming 399-1 vote.
Although the House bill still has no companion legislation in the Senate, Sen. Conrad Burns (R-Montana), who introduced the companion bill that failed to pass last year, plans to reintroduce anti-spyware legislation "in the next one or two months," his spokeswoman said Wednesday.
Barton said he's confident anti-spyware legislation will pass the full Congress this year.
"In fact, I'm going to make it a personal mission that HR29 gets to the president's desk as soon as possible," he said.
In addition to the HR29 markup in the Commerce Committee, the full House Judiciary Committee on Wednesday approved S167/HR357, known as the Family Entertainment and Copyright Act of 2005, which passed the Subcommittee on the Courts, the Internet and Intellectual Property on March 3. The full Senate passed its identical version of the bill Feb. 1.
The legislation would affirm the legality of software such as ClearPlay, which automatically edits supposedly objectionable scenes out of popular movies. Several DVD players now come ClearPlay-enabled and work with more than 1,000 movie titles.
Some Hollywood directors and studios argue that such altering of their works without permission violates their copyright.
But bill sponsor and subcommittee chairman Rep. Lamar Smith (R-Texas) has championed the measure as pro-family.
"Parents should be able to mute or skip over anything they want if they feel it's in the best interests of their children," he said.
Supporters want to pass the bill before the Supreme Court hands down a decision in the Grokster peer-to-peer case, which could alter interpretation of copyright law and therefore stall any pending copyright bills. The Court, which will hear oral arguments March 29, is expected to issue a Grokster decision this summer.
