The Federal Trade Commission formally announced Tuesday its first assault against spyware — bits of computer code that surreptitiously install themselves on the computers of Internet users to track their activities, push them to Web sites, barrage them with advertisements, and wreak havoc with their machines.
The commission filed a civil lawsuit in a federal court in New Hampshire last week against Sanford Wallace, the owner of Seismic Entertainment Productions and Smartbot.net, contending that Wallace and his companies had violated a federal law that prohibits "unfair or deceptive acts or practices in or affecting commerce."
"This may be our first case," said Lydia Parnes, the acting director of the commission's Bureau of Consumer Protection, at a news conference in Washington on Tuesday. "But it won't be our last."
The suit, which seeks an injunction against Wallace's companies, claims they exploited vulnerabilities in Microsoft's Internet Explorer Web browser — the most widely used browser — to seize varying amounts of control over users' computers. It also charges that the spyware deployed by the two companies changed users' home pages, installed advertising and software programs on the users' computers, and caused a deluge of pop-up windows to appear on users' computer screens — without their consent. In some instances, the complaint says, the codes caused users' computers to "malfunction, slow down, crash, or cease working properly."
"I understand what the FTC is trying to do," Wallace said in a telephone interview, "but we believe that what we're doing is legal."
Just how widespread the problem of spyware has become is difficult to measure, but in a workshop held by the FTC last spring, representatives of Microsoft complained that nearly half of the system failures reported by users of its Windows operating system were traceable to spyware infestation. And a representative of Dell Computer said that complaints about spyware had eclipsed all other problems on their technical help lines.
The commission's action comes as Congress is focusing attention on legislation aimed at curbing spyware on the Internet. Two bills — the Internet Spyware Prevention Act and the Safeguard Against Privacy Invasions Act — were passed in the House of Representatives last week. And several states are considering their own anti-spyware legislation, although the only provision to have passed — Utah's Spyware Control Act — is on hold while a state court considers its constitutionality.