Despite my near-certainty that no Attorneys General nor other political movers and shakers read my missives, I thought I would present the outline of a manifesto regarding adware that might possibly be useful for some realistic form of legislation down the road. Realistically of course, any such legislation would immediately cause a relocation of any corporate presence of adware "providers" away from the jurisdictions in question (presumably offshore), however, a bit of teeth in the legalisms around it might actually force some form of equitable resolution. To be brutally honest about it, some form of legitimate pervasive adware is likely, perhaps not inevitable, but advertisers will do anything to get their message across (been to a movie or a stadium lately?) and while there's still time, the situation should be addressed through strong legislation (sure to be opposed by every marketing constituency) that would make things a bit less onerous on the end user. The science fiction story (was it Heinlein or Asimov?) where advertising robots followed people around ubiquitously and cannot be turned off is a depressing possiblilty if sufficient controls aren't put in place soon.
First and foremost is identity. Any adware producer should clearly identify themselves, not only in any installation attempt, but there should be updated contact information in any adware control panel that will enable anyone to contact the adware provider, either in the business or technical domain. This must be complimented by strong controls on code-signing (are you listening Verisign and other CAs?) that verify the company is who they say they are, that any digital certificates issued to the company are short-lived and that there is an ongoing recertification process by the CA to continue to verify that the holder of any certificate is indeed reachable. This could of course be a win-win proposition, in that it would allow for increased fees to the CA or such other agency that would vouch for the adware provider's identity (perhaps Choicepoint?) , and that any truly legitimate provider of adware would be glad to pay for to establish that it's being constantly vetted. As to the overall economics of the situation, somebody will end up paying those fees (the advertisers of course) and as to whether it would remain economically viable is a matter of conjecture. The stick of course is that whoever issues any identity documents to an adware provider is on the hook for the adware provider's actions, and if they go rogue, the affiant will get hung for any damages incurred.
Article comments