The tricky issue of spyware with a badge
By Jeremy Reimer
It’s well known that organizations with nefarious and often criminal goals support and distribute malware and spyware that allows them to snoop on and/or manipulate people’s computers. However, what is less well-known is that some of the people behind spyware are ostensibly the “good guys”—law enforcement officers who install the software on suspects’ computers to assist them with their investigations.
The existence of “policeware” is not well-known, but the US government has used this sort of software before. In 2001, federal agents obtained permission from a judge to enter a suspect’s home and install keylogging software on his computer. The rationale for this unusual mode of investigation was to get around encryption software such as PGP and the web e-mail service, Hushmail, that the suspect was using. More recently, FBI agents used a virus to bust a bomb threat hoaxer.
So, given the fact that federal investigators and possibly other law enforcement personnel are using spyware to monitor suspect’s computers, what happens when said suspects run antispyware programs?A fascinating CNET survey of top antispyware vendors found that of 13 software companies, all of them stated that it is currently their policy to detect police spyware. When asked if they had ever received a court order to stop detecting police spyware, nine of the companies denied having received such a request. Computer Associates said they were not sure, and both Microsoft and McAfee declined to comment on the question.