Conflict between the security vendors and the so-called adware companies --whose marketing software is making itself right at home on corporate PCs these days -- is heating up as disputes between the two sides evolve into legal confrontations.
Symantec earlier this month filed a complaint in a San Jose federal district court against New York City-based Hotbar.com following months of arguing over whether Symantec has the legal right to call Hotbar.com an adware company and eradicate its software as a security and privacy risk. It's a lawsuit that could have broader repercussions for the anti-spyware industry, which targets marketing-oriented code as well as malicious keyloggers and trojans.
Symantec's 12-page legal filing, "Symantec Corp. vs. Hotbar.com," is packed with definitions of spyware and adware from sources as wide-ranging as the Dept. of Homeland Security to the online encyclopedia Wikipedia.org written collaboratively by volunteers. For starters, Symantec essentially wants the court to decide the issue of whether calling Hotbar.com an adware firm is accurate or not.
Symantec includes its own definition of what Hotbar's program does, saying it "adds graphical skins to Internet Explorer, Microsoft Outlook and Microsoft Express toolbars and adds its own toolbar and search button. These custom toolbars have keyword-targeted advertisements built into them."
Symantec notes that the Hotbar code, when downloaded, serves up ads. It is also said to collect information about the computer user's browsing habits in order to share that information with remote servers for advertising purposes.
In addition to asking the court to determine that Hotbar is an adware firm, Symantec wants the court to say it's OK for Symantec's spyware/adware detection and eradication process to eliminate Hotbar code it finds as a computer security risk.
According to Symantec's senior director of legal affairs Joy Cartun, the company took this legal action against Hotbar because Hotbar had vehemently objected to being called an adware firm or having its marketing software subject to detection and removal by Symantec.
She says that after several months of arguing about this, Hotbar several times threatened Symantec with legal action based on alleged interference with Hotbar's business (both users and advertisers) under an interpretation of business tort law.
"They said, 'If you don't remove the detection, we will sue you,'" said Cartun. In its own strike-first action, Symantec's lawsuit asks the court to declare that Symantec's position vis-avis Hotbar is "not actionable as trade libel, product libel or product disparagement." Symantec doesn't expect Hotbar.com to file its legal response until summer and the case, if it goes forward, probably won't be heard until next year.
While the Symantec vs. Hotbar dispute may not be the first one to land in the courts, this may be the first in which a court has been asked to define adware and spyware, at least in some narrow sense, and determine whether it's OK for a security firm to detect and eradicate it as a risk. It will be a battle royale enjoyed by language experts, if no one else.
Ever more security firms are coming out with anti-spyware products [provide link to this week's story on Aluria and Trend Micro] that takes aim not only at malicious code such as keyloggers and trojans, but also goes after the marketing-oriented code that reports on the user's Web surfing activities and more.
The adware companies have fiercely opposed having their code targeted for detection and removal as a privacy and security risk as we recently noted.
There's no doubt that network managers view adware on corporate computers as a nuisance at best and at worst a threat that may clog networks and pose privacy and security concerns. But what would a court of law, weighing fine nuances about libel, defamation and business rights, have to say?
Give us your opinion at emessmer@nww.com.
I love it!! As I comment to client's all the time God I wish we could go back to 1993 when the only thing on the net and BBS was simple text and maybe a few photo's, My god ever since big business got a hold on the internet it's worse than TV. Which in my eyes is getting better, hell you don't want to see a commercial turn on HBO but god forbid you get some Ad-Ware installed on your PC you can't turn that off by turning the channel. I see more and more of this everyday I'm in the IT business and let me tell getting rid of this software is not the easiest task in the world anymore it's down right nasty taking total advantage of some unsuspecting internet use. The plain and simple truth is if the user knew what that software was about to do, know one in the right mind would ever click next...
Posted by: Charles L Sicher on June 20, 2005 08:13 PMPost a comment
|
Does Verizon's Voyager stack up to the iPhone? |
5 IT skills that won't boost your salary 
[1,407]
Women 4 times more likely than men to cough up personal info [589]
Japan's 10 funniest tech-related commercials [Videos] [407]
Throwing away a promo CD is "unauthorized distribution"? [1,265]
Adults too quick to dismiss educational video games [682]
Attack of the iPhone clones [Slideshow] [578]
10 things IT needs to know about AJAX [1,258]
This Year's 25 Geekiest 25th Anniversaries [Slideshow] [409]
Learn how to exploit your current security investment to control the information that flows into, through and out of your network.
Evaluating endpoint security products is a time-consuming and daunting task. Learn the six critical questions you need to ask prospective vendors to get the right endpoint solution.
Employees installing unauthorized applications is a growing threat to business security and productivity. Cost-effectively reduce this threat by integrating control into your malware protection.
