I-SPY vs. SPY ACT

by on September 8, 2004

The spyware issue on the Hill is heating up. Today the Judiciary Committee held a full committee markup hearing on H.R. 4661, the “Internet Spyware (I-SPY) Prevention Act of 2004.” How does it differ from the H.R. 2929 “SPY ACT” (aka. the Bono bill)?

HR 4661 is in the Judiciary Committee, and carries with it criminal penalties enforceable by DOJ. The Commerce Committee bill HR 2929 imposes civil penalties as enforced by the FTC. The Judiciary bill contains only a few narrow prohibitions, while the Commerce bill has a long list of prohibitions relating to deceptive acts or practices and of collection of certain information (without notice and consent).

Which is the better bill? Do we really need spyware legislation? (this question asks not whether spyware is a problem, but whether legislation will do anything positive to reduce it).


Listening to the Judiciary hearing using RealPlayer, a couple of points came to the floor: spyware is a problem, and HR 4661 will address the more egregious uses of spyware. And one of the sponsors (Goodlatte) admitted that the bill addresses activity that is already illegal, but the bill will increase consumer confidence because it specifically addresses online fraudulent activity (unlike the garden variety fraud or trespass statute). The sponsors were clear in their desire to pass a bill that does not freeze technology in its place. There were two interesting amendments offered:

One would authorize $10M to DOJ to combat phishing scams and punish spyware crimes. The other would delete the preemption clause.

Indeed, one of the main differences of the Commerce bill and Judiciary bill is the scope of preemption each provides federal law over state law. For example, HR 4661 Section C states:

No person may bring a civil action under the law of any State if such action is premised in whole or in part upon the defendant’s violating this section. For the purposes of this subsection, the term `State’ includes the District of Columbia, Puerto Rico, and any other territory or possession of the United States.

What this means is that a plaintiff cannot bring a state tort action for civil damages using the violation of the federal criminal statute as “proximate causation” (one of the elements required for establishing a tort claim). This is an extremely limited form of preemption, if one could call it preemption at all. It is more like claim preclusion, and still allows the states to regulate the issue of spyware. So a company would still be subject to many different state actions under this bill. H.R. 2929 supersedes state law that expressly regulates the subject matter of deceptive spyware acts (as defined in the bill).

The limited scope of prohibitions in HR 4661 may be less of a burden on electronic commerce, but the lack of broad preemption may still subject software companies to many different and perhaps conflicting state laws.

Can a free market policy analyst be undecided here (or at least see the arguments on each side as being persuasive)? Looking for some feedback here, folks.

Comments on this entry are closed.

Previous post:

Next post: