Home : Security : News

US spyware clampdown won't impress European governments

UK legal expert claims that efforts in the US to combat the growth of spyware are unlikely to influence European moves to tackle the problem.

By Guy Matthews, 3 May 2007 at 15:05

gallery

Moves to jail spyware perpetrators in the US are unlikely to be copied by European authorities, believes a UK legal expert.

A US House of Representatives subcommittee has this week approved a bill that recommends up to five years in prison for convicted distributors of malicious spyware.

Past versions of the Internet Spyware Prevention Act have failed to pass a vote in the US Senate. However, increasing militancy among US computer users fed up with unwanted software intrusion make this latest attempt much more likely to pass into law, believe observers.

At stake, claim the bill's backers, is the credibility of the internet itself, with domestic and business PC users increasingly unsure who to trust in a world where the theft of personal data online is rife.

"There's no similar legislation pending in the UK or anywhere in Europe that I'm aware of," said Kiran Sandford, head of IT at law firm Mishcon de Reya. But she questions whether any such legislation is likely to be effective.

"Spyware is very tricky to make laws against," said Sandford. "What happens if someone does something outside your jurisdiction, in Timbuktu or Russia? It's going to be rather hard to apply the long arm of the law and bring them to book."

There would be some limited value, she believes, in blocking legitimate companies from issuing spyware, perhaps under the impression it was legal.

But there is other legislation already enacted in the UK that makes spyware illegal, she said. "The Computer Misuse Act has just been updated so that you are not allowed to interfere with or change someone else's software program," she explained. "That's wide enough to cover spyware. Then there's the Privacy and Electronic Communications EC directive, which means you must give people the chance to reject cookies, and of course the Data Protection Act."

She sees no momentum for further law on spyware in Europe, such as has been experienced in the US. "We do, though, sometimes follow their lead, and they ours, so you can't totally rule it out," she said.

Sandford says that there are still reasons why UK companies should take note of the US bill, should it become law: "It could serve as an example of good practice, for one thing," she said. "And if you have a US subsidiary or are travelling to the US on business, then you'd be advised to check what the law says. It's a big issue over there. I was at an International Technology Law conference in Chicago last week, and I can tell you that spyware was high on the agenda."

Email to a friend

Print this page

Be the first to comment on this article

You need to Login or Register to comment.

Latest Security Analysis & Insight

Who to trust after the VeriSign hack?

Davey Winder questions what data was stolen from VeriSign and wonders why the company hasn't been more forthcoming.

More Security Analysis & Insight

Latest Security Reviews

Check Point 2210 Appliance review

Rating:

Check Point's new 2200 Appliances combined enterprise level network security with an SMB price tag. Its software blades provide a wealth of features, but do they complicate deployment? Read this exclusive review to find out.