Legislation takes aim at spyware

A resolution introduced in Congress would force companies to lift the cloak on their use of spyware, a kind of software that can secretly collect information from Internet users.

The Safeguard Against Privacy Invasions Act would require companies to inform Internet surfers that they use spyware and get permission before the software is installed on a hard drive.

As an independent program, spyware can track Internet browsing, examine files on a hard drive, even monitor keystrokes, according to analysts and trade groups.

Privacy advocates say spyware also can collect everything from passwords to credit card numbers. While its use is allowed, disclosure often comes in the fine print of terms of use agreements, which few casual Internet users read or download.

The federal legislation introduced Friday "will help prevent such invasions of privacy," Rep. Mary Bono, the California Republican who wrote the act, said in a statement. "Through this bill, users will knowingly agree to the conditions under which spyware operates before it is installed."

Web sites that use spyware would have to clearly post a notice about the software and how it is to be used, and a separate note if the spyware gathers personally identifiable information. Then users would have to grant permission before the software could be installed.

The Federal Trade Commission would be the enforcer with the ability to levy civil and criminal penalties.

Bono, whose district includes Palm Springs, sponsored the act with Rep. Edolphus Towns, a Brooklyn, N.Y., Democrat.

(Updated 4:20 p.m.)