Symantec Corp. said it has reached an out-of-court agreement in its adware lawsuit against New York-based Hotbar.com Inc. The deal calls for Symantec to dismiss its suit, but continue to classify Hotbar’s program files as low-risk adware.
Hotbar’s programs allow users to add graphical skins to Internet Explorer, Microsoft Outlook and Outlook Express toolbars and also add its own toolbar and search button. Symantec says that these programs can enable the display of advertisements and track user’s online browsing habits, which can be used to display targeted ads.
In June 2005, Symantec filed a suit with the U.S. District Court of Northern District of California, San Jose Division, to support its right to identify Hotbar’s programs as adware and to provide users with tools to remove the programs. Hotbar protested Symantec’s attempts to classify its files as adware.
Symantec or Hotbar.com officials were not available for comment Friday morning. The legal battle against adware and spyware companies is starting to heat up, say legal experts.
“In fighting against malware one of the most effective tools out there is litigation, both in deterring the building of applications that do nasty things and shining light on some of the worst offenders,” said John Palfrey, clinical professor of law at Harvard Law School and executive director of the Harvard Law School’s Berkman Center for Internet & Society, in Cambridge, Massachusetts.
As an example of how the malware problem is starting to attract broader attention, Palfrey pointed to last month’s action by the Center for Democracy and Technology, a Washington, D.C.-based consumer group, which filed complaints with the U.S. Federal Trade Commission (FTC) charging online marketer 180solutions Inc. with “duping” users into downloading advertising software.
Legal battles involving adware and spyware, however, pose unique challenges. “There’s a fine line between legitimate advertising practices and unwanted advertising practices, and finding where that line falls is a difficult one,” said Palfrey.
Underlying that problem is the issue of informed consent, say experts.
“One of the biggest legal challenges in these types of cases is the notion of ‘illusory consent,’ ” said Benjamin Edelman, a Harvard Ph.D. student and well-known spyware pundit.
“Hotbar, for example, always gets users to press ‘okay’ to some button somewhere, it’s not like it just installs silently or randomly…but what they don’t tell users about are the ads they’re going to show or how or why they’re going to show them. So you accept Hotbar without knowing what you’re getting into, and in my mind that’s a rotten deal,” Edelman said.
Harvard’s Berkman Center has teamed up with Oxford University’s Oxford Internet Institute to form a group dedicated to spreading awareness of malware. The group has launched a Web site, StopBadware.org, which is designed as a clearinghouse on malware for consumers.
The group is gathering input from consumers as well as conducting its own research on whether or not applications are malware and plans to report its first findings in the ‘next month or so,’ said Palfrey, who is co-director of the group. Also joining in the effort are IT vendors Google Inc., Lenovo Group Ltd., and Sun Microsystems Inc. Consumer Reports is serving as an advisor.