Original URL: http://www.theregister.co.uk/2005/10/28/anti-spyware_defs/

Anti-Spyware definitions finalised

Cover blown

By John Leyden

Posted in Security, 28th October 2005 10:36 GMT

The Anti-Spyware Coalition (ASC), an alliance of software companies, security firms and consumer groups, finalised its definitions of spyware on Thursday.

The group defined spyware and other potentially unwanted technologies as those deployed without appropriate user consent and/or implemented in ways that impair user control over: material changes that affect their user experience, privacy, or system security; use of their system resources, including what programs are installed on their computers; and/or collection, use, and distribution of their personal or other sensitive information.

ASC also published a "risk modeling" document that explains the criteria anti-spyware vendors use to determine whether or not to label a piece of software as "spyware." The document, which contains a fair amount of technical detail, is designed to help consumers to better understand how security products work, as well as offering anti-spyware companies guidelines for their own proprietary rating processes. The risk modeling language will be open for public comment until 27 November on the ASC Web site.

"The spyware definitions give those of us united in the battle against spyware a common language, while the risk-modeling document clearly lays out the behaviors that make certain software dangerous. These developments move us closer to a world in which consumers have the upper hand over those who create malicious, unwanted technology," said Ari Schwartz, Associate Director of the Center for Democracy and Technology, which has led the work of the group.

In addition, ASC announced that its first public meeting will take place on 9 February at the Hyatt Capitol Hill in Washington DC. A second public meeting will take place in Ottawa, Canada on 16 May. ®