For the past couple of years, Congress has been dickering lackadaisically over the details of possible anti-spyware legislation. Statutes recently enacted by Alaska and Utah might force Congress to finally address this issue.
Pro-consumer (and, in some cases, anti-capitalism) forces have pushed to outlaw most adware, particularly pop-up ads that come bundled with some software. At the least, such interests want it disclosed, before it’s installed, in a clear and unavoidable notice.
On the other hand, marketing companies have pushed to keep certain advertising technologies both legal and in the Web-surfing background, such as using tracking cookies and Web bugs to monitor when and how consumers view Web sites and HTML-based marketing e-mails.
Under Alaska’s law, adware is illegal if it pops up an ad when someone else’s trademark is entered into a computer. The law does not allow a consumer to consent to this adware, such as in a long end-user license agreement (those terms in the tiny gray box that almost no one reads).
Alaska has anticipated that its statute will be challenged on the claim that it unconstitutionally attempts to regulate interstate commerce. Alaska’s law requires pop-up advertisers to inquire as to the home state of all advertising targets, to use geolocation software to attempt to stay away from Alaskans, and to not download banned pop-up software onto the computers of Alaskans.
Utah took a similar approach, enacting a statute that prohibits pop-up ads triggered by the entry of a trademark term. A court preliminarily ruled that Utah’s law impermissibly regulated interstate commerce by protecting only Utah residents.
Utah then amended its law to require adware distributors to ask whether the computer user is a Utah resident, just as Alaska demands. These statutes don’t ban all pop-ups. Still, these bills might sufficiently restrict the latitude of online advertisers to force them to push Congress to move faster on compromise legislation on spyware.
What Alaska and Utah have done with spyware isn’t as strong as what California tried to do with spam (essentially outlaw it altogether), but it might gore a big enough ox to get Congress moving.
While the likelihood of Congress passing an anti-spyware law has risen, no one can predict what it will say. Congress almost certainly will outlaw truly nefarious spyware, stuff that tries to sniff out your credit-card number and report it to an identity thief.
It’s also nearly certain that Congress will shelter most uses of cookies and Web bugs from liability. My guess is that Congress won’t entirely ban pop-up advertising, even if triggered by typing a trademark into a computer, but it will require some type of notice and consent before such adware is installed. Here’s what to watch for in judging who wins the battle:
-First, will Congress bless obtaining end-user consent to things such as pop-ups in long license agreements viewed through tiny gray boxes?
-Second, for things that Congress makes illegal, will it empower every harmed consumer to sue for a violation and permit class-action suits, or will it empower only the Federal Trade Commission and corresponding state consumer agencies to sue?
These governmental actors can’t sue every violator and don’t try they usually pursue only a few high-profile suits in hope of scaring away other violators.