The Anti-Spyware Coalition, which includes Microsoft, AOL, Computer Associates, Lavasoft and Symantec, has put together standard guidelines for detecting, rating and protecting against unwelcome spyware programs.
The unauthorised use of spyware and adware, often downloaded unwittingly onto PCs, has led to programs becoming hated for the undercover distribution tactics, unauthorised data gathering, and eating-up of processing power.
The group defines spyware as “programs deployed without sufficient user consent or that impair user control over any of the following: privacy, system security and user experience; use of their system resources; or collection, use and distribution of personal information.”
The proposed guidelines, which aim to be a best practice for the anti-spyware industry, suggest companies should focus on how the programs in question behave and rate them on risk. High-risk programs are ones that replicate themselves via mass e-mails, worms, viruses; those that install themselves without a user's permission or knowledge, via a security exploit; or those that intercept e-mail or instant messages without user consent, transmit personally identifiable data, or change security settings.
Using tracking cookies to collect information or running programs automatically without explicit user consent are considered low risk.
Yet even the attempt to define spyware and create some guidelines has caused problems, with fears that spyware makers will use the guidelines simply to avoid getting caught by blocking tools.