By Burt Helm Most people who use the Web still don't quite understand what spyware is -- but they know they sure don't like it. That's the finding of a new survey by the Pew American & Internet Life Project, which looked at surfers' relationship with programs that invisibly install themselves in PCs and then track users' Web activity.
The proliferation of spyware and other unwanted software certainly seems to be changing the way the Internet is used, according to the survey of 1,336 users, conducted between May 4 and June 7. More than 91% of those questioned reported making at least one change in their online behavior to avoid downloading viruses and spyware. The survey had a margin of error of 3%.
WARY SURFERS. Three out of five respondents who reported seeing spyware or adware on their computers after visiting particular Web sites said they hadn't returned to them. Almost 50% have stopped downloading software from the Internet altogether, and roughly 40% no longer download music and/or video files from peer-to-peer networks because of fears about spyware and viruses.
"People are starting to be more cautious about what they do online" says Pew Associate Director Susannah Fox. "As users get more experience with the Web, they are more savvy...but they are also more exposed."
While most of the poll's respondents said they believe spyware is sitting on their hard drives, they have only a vague notion of what it does, and 60% said they didn't know how it got there. When asked to name the source of computer problems, some respondents gave savvy technical answers. But many more would just say "spyware" or "viruses," and then blame friends and family members. "My cousin was downloading porn" said one respondent. "[I think] lightning had something to do with it," said another.
INFORMED CONSENT. Even legitimate adware companies haven't made it easy for users to tell the difference. Up until very recently, most users "consented" to have adware installed implicitly, by clicking on a long and wordy user license agreement that only vaguely mentioned the installation. But few users actually read those agreements to the end -- only 22%, according to the survey. Critics argue that having users "consent" this way makes most adware just as sneaky as the nastiest spyware.
That sneaky reputation, combined with users' sense of gathering danger, is a problem for e-marketers who want clients and users to believe that the products they install are on the up and up. Consumers tend to lump all Internet advertising programs under the heading "spyware," even when they have actually consented to download those programs, the survey suggests.
"There is a large amount of consumer confusion," says Avi Naider, president of WhenU, an e-marketer that uses adware programs to advertise for Cingular, British Airways (BAB), Priceline (PCLN), and others. Surfers "don't know how to define a lot of this stuff," he notes, "but they know they don't like it."
The difference between adware and spyware is actually very simple: Users have agreed to install the former on their computers. Spyware simply installs itself without your knowledge.
SELECTIVE ALLIANCES. To drive home this distinction, WhenU has stepped up efforts to help users understand exactly what its program is doing. In January, 2005, it began including pictures of the ads that appear when users download the product, so they know what to expect. The company also began labeling pop-ups with its own company name. In April, WhenU launched an 800 number that users could call with concerns about the ads.
Other marketers are trying to clean up their image by distancing themselves from old partners. In mid-June e-marketer Claria terminated its longtime relationship with KaZaA, a popular file-sharing site that included Claria's ad software with its program. While the KaZaA deal represented a "very significant" portion of Claria's revenues, "we're looking to partner with more mainstream publishers" says Reed Freeman, Claria's chief privacy officer.
Some news reports have speculated that the move also may be because Claria could be in talks with Microsoft (MSFT) about a possible acquisition, meaning that it wants to polish its image (Claria declined to comment on the acquisition for this story).
MORE WARNINGS. Claria, previously called Gator, has come under fire for installing itself on users' computers while providing only a small notice buried in the user license agreement.
Now, Claria swears it has changed its ways. "We agree that sticking disclosures in a [license agreement] isn't enough" says Freeman. "Any adware company that wants to gain widespread consumer acceptance should be doing more." Claria now provides "several layers" of notification, according to Freeman, to let users know they're downloading a program.
While the more prominent players take steps toward greater transparency, spam, spyware, and viruses have proliferated as fast as filters and security program can block them. The number of spam messages has grown from only 9% of all e-mail in 2002 to 73% of all messages sent in 2005, for a total of 9.2 billion spam e-mails, according to IBM's (IBM) Security Solutions unit.
HOLDING STEADY. Heightened public concerns about spyware may have a limited impact, appearing to check only increases in its incidence. Webroot, which develops software to scan and delete unwanted programs on PCs, estimates that the average number of such software found on the typical PC has remained steady at about 25 since October, 2004.
Looks like a steady stream of ads and tracking software is on the menu for most computer users, regardless of whether they want it, or even understand it. The only recourse for the immediate future may be a regular regimen of running special software that quarantines and eliminates unwanted programs.
Helm is a reporter for BusinessWeek Online in New York