Spyware Fight Attracts a Crowd
CNET News.com - February 10, 2006
Last month, the number of efforts to fight adware and spyware doubled with the announcement of two new initiatives: Spywaretesting.org, a consortium of antivirus companies, and StopBadware.org, an initiative led by two universities. These join the Trusted Download Program and the Anti-Spyware Coalition, both formed last year. The new initiatives were the hot hallway topic outside an event hosted by the Anti-Spyware Coalition here Thursday. People there disagreed on whether more is merrier. Some predict the efforts will collide, as each group is dedicated to helping consumers deal with the insidious software. Others say the peer pressure will keep each organization on its toes, helping the cause.
The Chapell View
Ever since lasts year's PEW study on spyware - and other reports that claimed that as many as 80% of U.S. based computers had been infected with spyware, there's been a lot attention paid to what can be done to address these issues. Part of this has meant the formation of industry groups - and as CNET points out, the focus of these groups may overlap a bit.
Currently, there are four main organizations / initiatives on the anti-spyware scene: (Spywaretesting.org, Stopbadware.org, the Anti-Spyware Coalition, and the Trusted Download Program [disclosure: Chapell & Associates was hired to assist TRUSTe in the development of the Trusted Download Program]). While this may seem like a lot, I'm not convinced that their respective impetuses overlap as much as some might think.
For example, Spywaretesting.org, one of the most recent to be launched, may appear to be treading similar ground to the Anti-Spyware Coalition (ASC), but the two are in fact serving very different purposes. The ASC is currently working at "building a consensus about definitions and best practices in the debate surrounding spyware." In other words, the ASC's intent is to define a set of standards for identifying potentially unwanted behaviors exhibited by consumer software. These potentially unwanted behaviors include displaying pop-ups, tracking web usage, automatic updates, and so on.
Spywaretesting.org, on the other hand, aims at providing standard "third-party evaluation criteria" for reviewing and testing anti-spyware products, according to their website. In response to the suspicious or downright nefarious downloads out there, quite a few different anti-spyware software programs have been developed, some of which may prove to be more effective than others. Spywaretesting.org might be thought of as providing methodology to judge the effectiveness of these anti-spyware products - not the unwanted behaviors involved with a piece of potential spyware.
Moreover, the Trusted Download Program and Stopbadware.org seem to point at two different, if related, goals. The first intends to put together a set of standards that are geared towards ensuring that consumers will understand the "essence of the bargain" when they choose to download software. This doesn't necessarily dictate that certain behaviors are more risky (or more likely to be unwanted). The focus is ensuring that there is real transparency involved - that when the software is downloaded, consumers are aware of what the software is going to do.
Stopbadware.org is a little different. Its website states that it will "put a spotlight on the worst badware creators" - thereby giving consumers knowledge about which programs do not respect its guidelines. While both the Trusted Download Program and Stopbadware.org use a set of guidelines to evaluate downloadable software, one aims at certifying the "good" players while other at shaming the "bad". Moreover, Stopbadware.org appears to be consumer facing - whereas the Trusted Download program is not.
Throughout the different programs, there are some differences in the guidelines used, and we can probably expect arguments - over the guidelines, whether such initiatives should be consumer facing, the legitimacy of adware, et cetera - to continue. Yet I think the growth of these organizations in the downloadable software space is probably a good thing. There may be disagreement about the value of each of these goals - certifying transparency, shaming the worst players, defining spyware and unwanted behaviors, and determining the efficacy of anti-spyware software - but each has its merits. Part of the problem with downloadable software has been the lack of obvious standards, which has left consumers and businesses unsure of exactly what to call spyware, what counts as transparency, what the worst behaviors are, and how to react. So even if the different groups overlap a bit, we'll end up with a clearer picture of what's going on.
Last month, the number of efforts to fight adware and spyware doubled with the announcement of two new initiatives: Spywaretesting.org, a consortium of antivirus companies, and StopBadware.org, an initiative led by two universities. These join the Trusted Download Program and the Anti-Spyware Coalition, both formed last year. The new initiatives were the hot hallway topic outside an event hosted by the Anti-Spyware Coalition here Thursday. People there disagreed on whether more is merrier. Some predict the efforts will collide, as each group is dedicated to helping consumers deal with the insidious software. Others say the peer pressure will keep each organization on its toes, helping the cause.
The Chapell View
Ever since lasts year's PEW study on spyware - and other reports that claimed that as many as 80% of U.S. based computers had been infected with spyware, there's been a lot attention paid to what can be done to address these issues. Part of this has meant the formation of industry groups - and as CNET points out, the focus of these groups may overlap a bit.
Currently, there are four main organizations / initiatives on the anti-spyware scene: (Spywaretesting.org, Stopbadware.org, the Anti-Spyware Coalition, and the Trusted Download Program [disclosure: Chapell & Associates was hired to assist TRUSTe in the development of the Trusted Download Program]). While this may seem like a lot, I'm not convinced that their respective impetuses overlap as much as some might think.
For example, Spywaretesting.org, one of the most recent to be launched, may appear to be treading similar ground to the Anti-Spyware Coalition (ASC), but the two are in fact serving very different purposes. The ASC is currently working at "building a consensus about definitions and best practices in the debate surrounding spyware." In other words, the ASC's intent is to define a set of standards for identifying potentially unwanted behaviors exhibited by consumer software. These potentially unwanted behaviors include displaying pop-ups, tracking web usage, automatic updates, and so on.
Spywaretesting.org, on the other hand, aims at providing standard "third-party evaluation criteria" for reviewing and testing anti-spyware products, according to their website. In response to the suspicious or downright nefarious downloads out there, quite a few different anti-spyware software programs have been developed, some of which may prove to be more effective than others. Spywaretesting.org might be thought of as providing methodology to judge the effectiveness of these anti-spyware products - not the unwanted behaviors involved with a piece of potential spyware.
Moreover, the Trusted Download Program and Stopbadware.org seem to point at two different, if related, goals. The first intends to put together a set of standards that are geared towards ensuring that consumers will understand the "essence of the bargain" when they choose to download software. This doesn't necessarily dictate that certain behaviors are more risky (or more likely to be unwanted). The focus is ensuring that there is real transparency involved - that when the software is downloaded, consumers are aware of what the software is going to do.
Stopbadware.org is a little different. Its website states that it will "put a spotlight on the worst badware creators" - thereby giving consumers knowledge about which programs do not respect its guidelines. While both the Trusted Download Program and Stopbadware.org use a set of guidelines to evaluate downloadable software, one aims at certifying the "good" players while other at shaming the "bad". Moreover, Stopbadware.org appears to be consumer facing - whereas the Trusted Download program is not.
Throughout the different programs, there are some differences in the guidelines used, and we can probably expect arguments - over the guidelines, whether such initiatives should be consumer facing, the legitimacy of adware, et cetera - to continue. Yet I think the growth of these organizations in the downloadable software space is probably a good thing. There may be disagreement about the value of each of these goals - certifying transparency, shaming the worst players, defining spyware and unwanted behaviors, and determining the efficacy of anti-spyware software - but each has its merits. Part of the problem with downloadable software has been the lack of obvious standards, which has left consumers and businesses unsure of exactly what to call spyware, what counts as transparency, what the worst behaviors are, and how to react. So even if the different groups overlap a bit, we'll end up with a clearer picture of what's going on.

