1 / 34

Spyware – the ethics of covert software Mathias Klang

Spyware – the ethics of covert software Mathias Klang. Synopsis & Presentation By: Jeremy Dobs. Overview. The Technology of Spyware Legal Issues Spyware Business Model Privacy Theory Market Solutions Legislative Approach Ethics of Spyware Market vs. Legislative Solutions Conclusions.

stacy
Download Presentation

Spyware – the ethics of covert software Mathias Klang

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Spyware – the ethics of covert softwareMathias Klang Synopsis & Presentation By: Jeremy Dobs

  2. Overview • The Technology of Spyware • Legal Issues • Spyware Business Model • Privacy Theory • Market Solutions • Legislative Approach • Ethics of Spyware • Market vs. Legislative Solutions • Conclusions

  3. The Technology of Spyware • What is Spyware? • Spyware is an agent technology or software which is bundled with another form of software • Collects information and returns that information to the “information gatherer”

  4. The Technology of Spyware • Getting Spyware • Installed with larger software packages. Typically with ‘freeware’ software • Mentioned in the End User License Agreement (EULA) • Most users don’t want the technology; however, it is included without their explicit knowledge

  5. The Technology of Spyware • There are three main attributes that all spyware must have in order to be considered spyware • Installation occurs without the explicit knowledge or consent of the user • The software collects personal data about the user and creates a unique ID for that user • Uses the internet to transmit the data back to the source

  6. The Technology of Spyware • Comet Cursor • Provides new mouse-cursor look and feel • Secretly installs a GUID identifier and tracks online browsing habits • Company is no longer in business

  7. The Technology of Spyware • Kazaa and Altnet • File sharing service • Installs Altnet • Steals CPU resources • Distributed Network

  8. The Technology of Spyware • Gator • An online behavioral marketing company • Gator is a digital wallet • Stores information for later use • Installs OfferCompanion, which launches with the Gator program • Causes pop-up ads to appear onscreen

  9. Legal Issues • Despite legal actions, the position of spyware is unclear • Spyware, from a certain perspective, is totally legal • The right to privacy is fundamental and is protected in international conventions

  10. Legal Issues • Why is spyware ‘legal’? • EULA • Binds the user through liberal contract law • User ‘consents’ to having the software installed • We need to fundamentally re-examine contract law

  11. Legal Issues • Shrinkwrap & Clickwrap • When you buy software, you enter into a contract with the vendor • Contract = You pay for the product • Documents are often included with the software • This is called shrinkwrap • Somewhat binding obligations • During installation, more terms appear • This is called clickwrap • More binding than shrinkwrap

  12. Legal Issues • Contract D’adhesion • A situation “in which one predominant unilateral will dictates its law to an undetermined multitude rather than to an individual” (http://www.harp.org/mariner.htm, 119) • The multitudes have no ability to affect the terms • The only way to stop it: don’t install the software

  13. Legal Issues • Courts have strengthened shrinkwrap and clickwrap licenses • Places users in a weak position • Additionally, users know little legal terms • Cannot defend themselves

  14. Spyware Business Model • Software Manufacturers need money • Users expect and demand free software and services • There is a tendency to share and barter intellectual property • “Barter” = Illegal exchange and piracy

  15. Spyware Business Model • The desire for free software is hurting software companies • Lost revenues • Software companies need a source of income • Turn to marketing companies • Pay a sum to have their software included • This is the source of spyware

  16. Spyware Business Model • So, what do we have… • Users get free software • Software developers get the revenue they need • Marketing companies get the information they need • Therefore, spyware is not bad or evil • Certainly, this is over-simplifying the problem

  17. Privacy Theory • Unhappy users argue from a privacy point of view • However, their position is weak • Need to prove their position exists and, • Need to show that theirs is the worst situation • There is no international consensus here

  18. Privacy Theory • Is there a right to privacy? • Yes? • Then, to what degree? • Should privacy be limited, or expansive?

  19. Privacy Theory • Privacy and Technology • The level of privacy stands in relation to how well it can be invaded • Technology allows for more invasion into personal privacy • Discussions focus on voluntary privacy • Spyware is involuntary in most cases and takes information without telling the user

  20. Privacy Theory • Privacy and Law • The amount of privacy is a function of the laws of the time • This leaves us with contract law • Users left in a weak position

  21. Market Solutions • One attempt to defeat spyware is through market solutions • These include anti-spyware programs • Spysweeper • Ad-aware • Spybot • Some are proprietary, some are free

  22. Market Solutions • Some say this is the ultimate solution • Removes spyware programs permanently • However, there is another issue • Anti-spyware can damage legitimate business interests and harm companies • The question: To what extend are anti-spyware companies liable for their activities?

  23. Market Solutions • Anti-Spyware: The Gatekeeper • Another hurdle software developers must pass • Spyware companies are fighting back • Some companies actually disable anti-spyware programs • This is again legitimized using the EULA

  24. Legislative Approach • People turn to legislators for help • There have already been actions taken • The “Spyware Control and Privacy Protection Act of 2001” is an American response to spyware • Manufacturers must be more open • Limits data transmission

  25. Legislative Approach • However, ‘The Act’ may not go far enough • No regulations on the actions of spyware producers • European response • Classify data into two categories • Sensitive: Cannot be collected • Non-sensitive: Fair game • What is sensitive data?

  26. Legislative Approach • Problems with legislation • Concepts like spyware, user consent are vague • Must obtain a balance of needs and wants amongst all parties • Limited to the nations and locales where the laws are passed

  27. Ethics of Spyware • Two different views • Friedman’s: Corporations have a duty to maximize profits and return gain to the shareholders • Kantian View: View people as ends unto themselves and not use them merely as means • Using this principle, we conclude that spyware is unethical

  28. Ethics of Spyware • Spyware: A Necessary Evil? • Free software creates more utility than the evil generated • Reinforced by the fact that there exists software that can remove this problem • Growing number of anti-spyware programs and user discontent suggests most users believe spwyare is wrong

  29. Market vs. Legislative Solutions • What is the right way to go? • Use of anti-spyware software is a market solution • User needs to be aware of the problem, solution • Needs access to the tools to remove the spyware • However, most internet users are unaware of the problem

  30. Market vs. Legislative Solutions • What is the right way to go? • Regulation = Legislation • Problems • Takes time and a lot of effort • Not enough public debate on the issue • In the end, the problem resides with the user, so the user is left to the challenges of dealing with it

  31. Conclusion • Privacy is the price we pay for our infrastructure • The issue here is that many don’t even realize the price they are paying • Not able to willingly enter into an agreement

  32. Conclusion • Alternatives to Spyware • Don’t use the software that it comes with • Requires knowledge of the problem, however • May hurt the economics of free software • Eliminate the problem with market solutions • Again, requires knowledge of the problem

  33. Conclusion • Alternatives to Spyware • Legislative regulation • Difficult to enforce local laws when dealing with a global problem • There needs to be more public debate among the concerned individuals • Without public debate, we will never achieve a balance between technology and the needs of society

  34. Questions?

More Related