Anti-Spyware Coalition
HomeDocumentsCommentsNewsEventsAbout ASC

Anti-Spyware Coalition Definitions Document

Spyware has quickly evolved from an online nuisance to one of the most dire threats facing the Internet. As users struggle to maintain control over their computers, many find themselves trapped in a cyclical battle against programs that install themselves without warning, open dangerous security holes and reinstall themselves after they've been uninstalled. The worst of these programs allow online criminals to hijack users' sensitive personal information at will. Even the most benign variants can slow computers to a crawl by wasting their processing power to provide unwanted "services." Compounding the problem are the sophisticated ploys spyware developers use to install their programs on unsuspecting users' computers. Spyware distributors often rely on security holes, clever cons, opaque "bundling" arrangements and other unsavory practices to spread their unwanted payload. As the threat has grown, so has the need to mount a coordinated defense against these unwanted programs and their adverse effects. 

The Anti-Spyware Coalition was convened to bolster that defense, by building on the great strides the technology industry has already made to combat the spyware problem. In recent years, computer and software makers have taken serious steps to safeguard their products and to educate consumers about how to avoid falling victim to spyware. At the same time, a strong and growing anti-spyware industry has created an array of tools to help consumers identify and purge their computers of unwanted technologies. The Anti-Spyware Coalition is made up of public interest groups, trade associations and the most prominent anti-spyware companies and their distributors.  Drawing on the combined expertise of its membership, the coalition is working to identify common definitions, tools and practices that will improve the effectiveness of anti-spyware technologies and help consumers better understand how those tools work to defend them. The following documents represent the completion of the first phase of that process. Coalition members felt it vital to establish common definitions of spyware and other potentially unwanted technologies so that vendors, software developers and consumers could better communicate about what sorts of technologies raise concerns, and how anti-spyware programs identify potentially unwanted programs. Included below are:

  • A, simple, formal definition of Spyware and Other Potentially Unwanted Technologies a term the coalition uses to define the panoply of technologies that may impinge a user’s computing experience, privacy, or security.
  • A comprehensive Glossary that offers clear definitions for terms commonly used in discussions about spyware and other potentially unwanted technologies.
  • A set of common industry guidelines for the Vendor Dispute Resolution Process.  This document outlines the steps that anti-spyware companies should take in responding to complaints from software publishers who allege that their software has been improperly flagged as "spyware."
  • Finally, the Anti-Spyware Safety Tips offer basic guidance for consumers to protect themselves and their computers.

These documents are working drafts that will serve as the cornerstone of the Anti-Spyware Coalition's ongoing efforts. They lay the foundation for the ongoing and future work of the coalition.  The documents will evolve as new problems are identified and our understanding deepens.  We continue to invite public input on all of our public documents as we proceed.


Spyware (and Other Potentially Unwanted Technologies)

Technologies deployed without appropriate user consent and/or implemented in ways that impair user control over:

  • Material changes that affect their user experience, privacy, or system security;
  • Use of their system resources, including what programs are installed on their computers; and/or
  • Collection, use, and distribution of their personal or other sensitive information.


Examples of Spyware (and Potentially Unwanted Technologies)

The table below lists some technologies that have been used to harm or annoy computer users. It is important to note that with proper notice, consent, and control some of these same technologies can provide important benefits: tracking can be used for personalization, advertisement display can subsidize the cost of a product or service, monitoring tools can help parents keep their children safe online, and remote control features can allow support professionals to remotely diagnose problems.

For example, the underlying technology that enables a keylogger is Tracking Software. Tracking Software can both harm and help a user. When a keylogger is installed and executed covertly, it is spying. On the other hand, a keylogger can be used for legitimate purposes with clear consent, such as letting an IT help desk remotely assist a user in problem diagnosis. An underlying technology typically becomes unwanted when it is implemented in a way that provides no benefit to -- or actively harms -- authorized users.

Underlying Technology Description of Underlying Technology Why the Underlying Technology May Be Wanted

Why the Underlying Technology May Be

Common Terms for Well-Known Unwanted Varieties
Tracking Software Used to monitor user behavior or gather information about the user, sometimes including personally identifiable or other sensitive information.
  • May be used for legitimate monitoring: e.g. by parents or companies

  • May be a necessary component of adware that is linked to wanted software

  • May allow customization

  • Done covertly, tracking is spying
  • May collect personal information that can be shared widely or stolen, resulting in fraud or ID theft
  • Can be used in the commission of other crimes, including domestic violence and stalking
  • Can slow machine down
  • May be associated with security risks and/or loss of data
  • Spyware (narrow)*
  • Snoopware
  • Unauthorized Keylogger
  • Unauthorized Screen Scraper
Advertising Display Software Any program that causes advertising content to be displayed
  • May be linked to other software or content that is wanted, subsidizing its cost.
  • May provide advertising that is desired by the user.
  • May be a nuisance and impair productivity
  • May display objectionable content
  • Can slow machine down or cause crashes and loss of data
  • May not provide users with adequate removal tools
  • May be associated with security risks
Nuisance or Harmful Adware
Remote Control Software Used to allow remote access or control of computer systems
  • May allow remote technical support or troubleshooting
  • Can provide users remote access to own data or resources
  • Can be used to turn a user’s machine into a mass mailer or soldier for DDoS attack or a host for malicious or inappropriate content
  • Done covertly, it is stealing cycles and other resources
  • Can slow machines down
  • May be associated with loss of data
  • May cause personal information to be shared widely or allow it to be stolen
  • Backdoors
  • Botnets
  • Droneware
Dialing Software Used to make calls or access services through a modem or Internet connection May allow access to desired services May cause unexpected toll calls to be made and charged to the user Unauthorized Dialers
System Modifying Software Used to modify system and change user experience: e.g. home page, search page, default media player, or lower level system functions May be used for desirable customization
  • Without appropriate consent, system modification is hijacking
  • Can compromise system integrity and security
  • Can drive user to spoofed web sites in order to steal their ID.
  • Hijackers
  • Rootkits
Security Analysis Software Used by a computer user to analyze or circumvent security protections Can be used for security research and other legitimate security purposes
  • Are frequently used nefariously
  • Presence may violate corporate policies or family understandings

Hacker Tools (including port scanners)

Automatic Download Software Used to download and install software without user interaction May be used for automatic updates, or other automatic system maintenance May be used to install unauthorized applications including those in the categories above


Passive Tracking Technologies Used to gather limited information about user activities without installing any software on the user’s computers
  • May be used for desired customization or personalization (example: “similar items you might like”)
  • May allow advertisers to avoid showing the same ad too often to the same person
May allow unwanted collection of information (for example, Web sites a user has visited) Unauthorized Tracking Cookies

*See attached Glossary for a detailed discussion of various uses of the term “spyware.”
The content throughout this Web site that originates with CDT can be freely copied and used as long as you make no substantive changes and clearly give us credit. Details.