The Economist sums it up nicely — Spam:Email::Spyware:Web.
Spyware is software that sneaks on to your PC, tracks your online activities, and occasionally splashes pop-up advertisements across the screen. It is more than a nuisance: such software is, in effect, hijacking your PC, monitoring your internet use and unilaterally opening browser windows. Some spyware also harvests personal information, such as your e-mail address and locationor even your credit-card details.
Spyware that monitors a user’s online activities and triggers advertisements in response is present on over 4% of computers, according to one study. The top three spyware firms claim their software is installed on around 100m PCs. Yet most users are unaware it is there. That is because the software is usually installed in a bundle with other programs, such as the peer-to-peer file-trading software with which many internet users swap music. Another kind of spyware automatically installs itself when a user merely visits a particular site, a trick known as drive-by downloading. Having sneaked on to a PC, spyware applications can severely degrade its performance. Mostly, it is very difficult to remove; some programs are even designed to make removal as hard as possible.
The most nefarious forms of spyware steal information such as credit-card numbers or passwords by monitoring every keystroke a user types. This kind of software is already illegal, and is relatively rare. Much more common, however, is advert-triggering software, produced and distributed by software companies operating in a legal grey area, who prefer to call their products adware. There is real money to be made in hijacking screen real-estate and selling it to advertisers: the largest adware firm, Claria, had revenues of $90.5m in 2003 and recently announced plans for an initial public offering.
The analogy with spam is informative. If legislators had acted sooner, it might have been possible to prevent spam from spiralling out of control. Does that suggest that legislation against spyware will also prove ineffective? Not necessarily, because the people behind spyware are a centralised and traceable group of companies, unlike spammers. Lawmakers have an opportunity to nip spyware in the bud, and help to ensure the integrity of the internet. They should take it.