Hudson
05-09-2005, 04:38 AM
This is a long mutha:
ALBANY, N.Y. (May 7) - The windowless, cluttered 10-by-15-foot storeroom on the third floor of a Manhattan government building seems an unlikely setting for Attorney General Eliot Spitzer's next big thing. But purveyors of spyware and adware and even the major companies that advertise in the surreptitious downloads fear exactly that from the Democrat dubbed the "Sheriff of Wall Street."
"There has been a vacuum of enforcement to date," said Benjamin Edelman, a Harvard University student who specializes in spyware research.
Though Spitzer may get complaints he is attacking legitimate companies, Edelman said, the "fact is, there are lots of surprisingly big companies making serious money from these tactics. So Spitzer's intervention in users' defense is much appreciated and quite helpful."
The problem has become epidemic as people spend more time online and spyware developers get more aggressive.
Some repair shops blame spyware, particularly the subset of ad-delivery programs called adware, for more than half the trouble they're seeing. One study found spyware on the computers of 80 percent of participants.
Although users still get such programs attached to games, screensavers, file-sharing software and other freebies, often without their full knowledge, newer techniques need no user intervention whatsoever and rely on security flaws in Microsoft operating systems and browsers.
The Federal Trade Commission filed a major spyware case last fall. But it is understaffed, said Ari Schwartz of the Center for Democracy and Technology in Washington, D.C.
Enter Spitzer, a candidate for governor in 2006, is best known for his high-profile crusades against conflicts of interest in business but hasn't ignored cyberspace. Last year, his office settled a spam lawsuit against OptInRealBig.com of Colorado as his year-old investigation of a "spam ring" continues.
In pursuing spyware, last week's civil lawsuit against Intermix Media Inc. of Los Angeles is likely just the opening salvo.
Spitzer accused the company of secretly installing software that delivers nuisance pop-up advertisements and can slow and crash personal computers. Spitzer said such programs are fraudulent and threaten to discourage e-commerce.
"Mr. Spitzer has put a match to this and it will be interesting to see just how many volleys take place," said David Moll of Webroot Software Inc., an anti-spyware vendor.
Intermix denies any fraud or use of spyware, saying many of the practices in dispute were established by previous leadership. The company insists it is committed to the Internet's best practices.
Its competitors, meanwhile, insist their programs do not spy and say they welcome uniform rules.
"We strongly support efforts to clean up spyware and rid the Internet of malicious software," said Daniel Todd of 180 Solutions, a major adware company. "As a company that is providing free software and products to consumers, we think that working with technology experts, legal scholars, researchers and anti-spyware companies to establish such standards is a top priority."
Good thing, Spitzer said.
"People are fed up with adware and spyware," he said. "They feel as though they've lost control of their computers and they want something to be done."
Enforcement, however, is difficult.
"Those who engage in these abuses are hard to track down. An operation can be terminated and another literally pops up overnight," Spitzer said. "Hopefully, technology will provide a comprehensive solution at some point but until that time, there needs to be a cop in cyberspace who will stop the most egregious abuses."
Spitzer sees himself as the police.
While Congress and about half the states - including New York - debate legislation to clamp down on spyware, Spitzer is taking business fraud and consumer protection investigation into the 21st century:
His people set up three personal computers up in a storeroom in Spitzer's Manhattan office. For months, investigators visited the freebie-giveaway Web sites likely to carry adware and spyware. Investigator Vanessa Ip regularly analyzed the hard drive to detect any unwanted downloads.
"The most important thing was to try to mimic a typical consumer's experience," Ip said.
Kenneth Dreifach, chief of Spitzer's Internet Bureau, said the office is "limited only by the bounds of creativity and diligence of our investigators - which is limitless."
And don't expect Spitzer to focus only on companies that make and distribute spyware, Dreifach said.
"The companies with which they deal and companies that fund them realize that this is an illegitimate activity from which they want to distance themselves," he said. "No one should infer ... that actual advertisers that drive this activity are immune. They are not."
Companies including Netflix Inc. and Orbitz LLC have acknowledged using adware.
Spyware legislation typically defines it narrowly as surreptitious downloads that monitor a users' activity and could steal personal information.
Spitzer goes further - to include downloads of advertising onto hard drives that may or may not extract personal information.
Spitzer's spyware investigation recalls his successful national crusades against conflicts of interest among Wall Street stock analysts, dealers of mutual funds and insurance companies: A consumer concern is followed by a single lawsuit in an enforcement no man's land.
Negotiation for settlements follow, along with reforms to create new industry standards.
"This should be the next big thing for enforcement efforts because there are some likely targets and, more than with white-collar crime, this will resonate with people," said John C. Coffee, a Columbia Law School securities law expert who has closely followed Spitzer.
Those crusades on traditional American business have been good politically for Spitzer, Coffee said.
Spitzer appears to have prepared for the opportunity. Since Spitzer created the Internet Bureau in December 2000, the staff has doubled to four attorneys, a bureau chief, four investigators and seven college and law school students. The support staff has also doubled.
Even Spitzer's most recent public critic is pleased so far.
Bill Holstein, editor of Chief Executive magazine, has called for Spitzer's resignation, saying his investigations are overzealous and harmful to companies. Yet Holstein sees the spyware battle as "a case where the attorney general and his people are doing exactly what they ought to be doing.
"I agree e-commerce and the Internet are at risk," Holstein added. "It's smart politics, but it's also smart policy."
05/07/05 10:39 EDT
ALBANY, N.Y. (May 7) - The windowless, cluttered 10-by-15-foot storeroom on the third floor of a Manhattan government building seems an unlikely setting for Attorney General Eliot Spitzer's next big thing. But purveyors of spyware and adware and even the major companies that advertise in the surreptitious downloads fear exactly that from the Democrat dubbed the "Sheriff of Wall Street."
"There has been a vacuum of enforcement to date," said Benjamin Edelman, a Harvard University student who specializes in spyware research.
Though Spitzer may get complaints he is attacking legitimate companies, Edelman said, the "fact is, there are lots of surprisingly big companies making serious money from these tactics. So Spitzer's intervention in users' defense is much appreciated and quite helpful."
The problem has become epidemic as people spend more time online and spyware developers get more aggressive.
Some repair shops blame spyware, particularly the subset of ad-delivery programs called adware, for more than half the trouble they're seeing. One study found spyware on the computers of 80 percent of participants.
Although users still get such programs attached to games, screensavers, file-sharing software and other freebies, often without their full knowledge, newer techniques need no user intervention whatsoever and rely on security flaws in Microsoft operating systems and browsers.
The Federal Trade Commission filed a major spyware case last fall. But it is understaffed, said Ari Schwartz of the Center for Democracy and Technology in Washington, D.C.
Enter Spitzer, a candidate for governor in 2006, is best known for his high-profile crusades against conflicts of interest in business but hasn't ignored cyberspace. Last year, his office settled a spam lawsuit against OptInRealBig.com of Colorado as his year-old investigation of a "spam ring" continues.
In pursuing spyware, last week's civil lawsuit against Intermix Media Inc. of Los Angeles is likely just the opening salvo.
Spitzer accused the company of secretly installing software that delivers nuisance pop-up advertisements and can slow and crash personal computers. Spitzer said such programs are fraudulent and threaten to discourage e-commerce.
"Mr. Spitzer has put a match to this and it will be interesting to see just how many volleys take place," said David Moll of Webroot Software Inc., an anti-spyware vendor.
Intermix denies any fraud or use of spyware, saying many of the practices in dispute were established by previous leadership. The company insists it is committed to the Internet's best practices.
Its competitors, meanwhile, insist their programs do not spy and say they welcome uniform rules.
"We strongly support efforts to clean up spyware and rid the Internet of malicious software," said Daniel Todd of 180 Solutions, a major adware company. "As a company that is providing free software and products to consumers, we think that working with technology experts, legal scholars, researchers and anti-spyware companies to establish such standards is a top priority."
Good thing, Spitzer said.
"People are fed up with adware and spyware," he said. "They feel as though they've lost control of their computers and they want something to be done."
Enforcement, however, is difficult.
"Those who engage in these abuses are hard to track down. An operation can be terminated and another literally pops up overnight," Spitzer said. "Hopefully, technology will provide a comprehensive solution at some point but until that time, there needs to be a cop in cyberspace who will stop the most egregious abuses."
Spitzer sees himself as the police.
While Congress and about half the states - including New York - debate legislation to clamp down on spyware, Spitzer is taking business fraud and consumer protection investigation into the 21st century:
His people set up three personal computers up in a storeroom in Spitzer's Manhattan office. For months, investigators visited the freebie-giveaway Web sites likely to carry adware and spyware. Investigator Vanessa Ip regularly analyzed the hard drive to detect any unwanted downloads.
"The most important thing was to try to mimic a typical consumer's experience," Ip said.
Kenneth Dreifach, chief of Spitzer's Internet Bureau, said the office is "limited only by the bounds of creativity and diligence of our investigators - which is limitless."
And don't expect Spitzer to focus only on companies that make and distribute spyware, Dreifach said.
"The companies with which they deal and companies that fund them realize that this is an illegitimate activity from which they want to distance themselves," he said. "No one should infer ... that actual advertisers that drive this activity are immune. They are not."
Companies including Netflix Inc. and Orbitz LLC have acknowledged using adware.
Spyware legislation typically defines it narrowly as surreptitious downloads that monitor a users' activity and could steal personal information.
Spitzer goes further - to include downloads of advertising onto hard drives that may or may not extract personal information.
Spitzer's spyware investigation recalls his successful national crusades against conflicts of interest among Wall Street stock analysts, dealers of mutual funds and insurance companies: A consumer concern is followed by a single lawsuit in an enforcement no man's land.
Negotiation for settlements follow, along with reforms to create new industry standards.
"This should be the next big thing for enforcement efforts because there are some likely targets and, more than with white-collar crime, this will resonate with people," said John C. Coffee, a Columbia Law School securities law expert who has closely followed Spitzer.
Those crusades on traditional American business have been good politically for Spitzer, Coffee said.
Spitzer appears to have prepared for the opportunity. Since Spitzer created the Internet Bureau in December 2000, the staff has doubled to four attorneys, a bureau chief, four investigators and seven college and law school students. The support staff has also doubled.
Even Spitzer's most recent public critic is pleased so far.
Bill Holstein, editor of Chief Executive magazine, has called for Spitzer's resignation, saying his investigations are overzealous and harmful to companies. Yet Holstein sees the spyware battle as "a case where the attorney general and his people are doing exactly what they ought to be doing.
"I agree e-commerce and the Internet are at risk," Holstein added. "It's smart politics, but it's also smart policy."
05/07/05 10:39 EDT