Tech Groups Back Kaspersky in Fight Against Zango
A broad coalition of technology groups today told a federal appeals court to toss out a lawsuit that adware maker Zango is continuing to pursue against computer security vendor Kaspersky Lab, arguing that to do otherwise would harm consumers and the future of the security software market.
In May 2007, Bellvue, Wash.-based Zango -- a company that makes software to serve pop-up ads and tracks users' activities on behalf of online marketers -- sued Kaspersky, charging that the company interfered with its business by removing its "adware" without first alerting the user.
In August, the judge assigned to the case dismissed Zango's suit, saying Kaspersky's actions were shielded by the federal Communications Decency Act (CDA). That law contains a "good Samaritan" clause that protects computer services companies from liability for good faith efforts to block material that users may consider objectionable (portions of the CDA have been struck down by the courts as unconstitutional, but this particular section is not one of them).
Earlier this year, Zango took its case up to the 9th Circuit Court of Appeals, saying Kaspersky's software should be labeled "badware" because it disabled Zango's software "without the customer's consent and without the customer's ability to override Kaspersky's invasive actions."
Interestingly, Zango's appeal is being supported by the National Business Coalition on E-Commerce and Privacy, an entity formed in 2000 that counts as members some of the largest corporations in America, including Bank of America, Charles Schwab & Co., Eastman Kodak, Fidelity Investments, General Motors, JP Morgan Chase, and the Vanguard Group. Update, May 6, 11:15 a.m: Removed UPS from this list, as it is no longer a member of this coalition.
Thomas M. Boyd, a partner at DLA Piper US LLP and counsel to the organization, said member companies are concerned that the judge's decision to toss out the suit last year could pave the way for security companies to block things like "cookies" and "Web beacons".
"The district court's decision is such that under the judges interpretation of CDA, a security software company has unreviewable power to decide that any content is objectionable and to deny user access to that content without any accountability for any damages that action may cause," Boyd said.
In a "friend of the court" brief filed with the appeals court today, a diverse collection of technology groups rallied behind Kaspersky in support of preserving the lower court ruling. Signatories to the brief include the Business Software Alliance, the Electronic Frontier Foundation (it's not often the BSA and EFF see eye-to-eye on tech issues), McAfee, Sunbelt Software and the Center for Democracy & Technology (CDT). Their brief is available here (PDF).
While this isn't the first case in which an adware company has sued an anti-spyware or security vendor, Ari Schwartz, CDT's vice president and chief operating officer, said the lower court's ruling is the strongest wording yet in support of protecting security companies from these types of strong-arm lawsuits.
"This is an extremely important case for consumers as to how security software protects them going forward, and whether the onus is put on the security company or [the adware vendor]," Schwartz said. "Congress clearly wanted to take the burden away from the security companies in this respect."
Zango claims that users install its software because they want the programs, games and videos that are provided as a result. But Kaspersky is hardly alone in classifying Zango's software as something most consumers don't want on their machines. According to a report (PDF) released last month by Microsoft, the software giant's own malicious software removal tool, which downloads with monthly security updates for Windows users, nixed more than 7.1 million instances of Zango's Hotbar browser toolbar from customer machines in the second half of 2007, more than 2 Â½ times the number of Hotbar installs it removed during the same period in 2006.
In fact, the only piece of unwanted software removed from more customer machines during that period was the "Zlob" Trojan, which comes disguised as a video "codec" that users need to install before they can view certain streaming content online.
No. 5 on Microsoft's list of intruders most frequently removed from customer machines in the last six months of 2007 was Zango Search Assistant. Microsoft said its removal tool disposed of 4.9 million installs of Search Assistant during that period, more than double the number of installs it removed during the second half of 2006.
That means that, taken together, Zango's Hotbar and Search Assistant programs made up nearly 30 percent of all programs removed by Microsoft's removal tool.
Microsoft's removal stats notwithstanding, there is another interesting statistic Microsoft published that would, on the surface at least, appear to support Zango's claim that people actually want its products: Specifically, what users of Windows Defender -- Microsoft's free anti-spyware program -- chose to do when alerted about potential adware and spyware infections. According to Microsoft, nearly 68 percent of users who received an alert about Hotbar or Zango Search Assistant installs told the Windows Defender to ignore it.
Posted by: TeMerc | May 5, 2008 6:56 PM | Report abuse
Posted by: Robert | May 5, 2008 8:11 PM | Report abuse
Posted by: SecAnalyst | May 5, 2008 9:06 PM | Report abuse
Posted by: Jesse Ruderman | May 5, 2008 10:33 PM | Report abuse
Posted by: Hobby Sec | May 6, 2008 5:49 AM | Report abuse
Posted by: TJ | May 6, 2008 9:46 AM | Report abuse
Posted by: C.B. | May 6, 2008 9:52 AM | Report abuse
Posted by: MysteryFCM | May 6, 2008 11:45 AM | Report abuse
Posted by: Pete from Arlington | May 6, 2008 12:39 PM | Report abuse
Posted by: TJ | May 6, 2008 1:19 PM | Report abuse
Posted by: Stephen John Davis | May 6, 2008 2:23 PM | Report abuse
Posted by: bclee | May 6, 2008 4:23 PM | Report abuse
Posted by: WILL | May 7, 2008 12:48 PM | Report abuse
Posted by: Richard Waddell | May 7, 2008 2:45 PM | Report abuse
Posted by: Richard Waddell | May 7, 2008 2:46 PM | Report abuse
Posted by: RogerH | May 7, 2008 4:55 PM | Report abuse
Posted by: John | May 15, 2008 3:42 PM | Report abuse
Posted by: TJ | May 19, 2008 11:43 AM | Report abuse
The comments to this entry are closed.