California Computer Spyware Act – California Globe | #itsecurity | #infosec


California has a number of formal acts in statute. Business and Professions Code Division 8, Chapter 32 provides the Consumer Protection Against Computer Spyware Act, which is contained in Section 22947 to 22947.6. Chapter 32 was added in 2004 by Chapter 843. Section 22947 provides the Act’s name.

Section 22947.1 provides definitions for the following terms: “advertisement”; “authorized user”; “computer software”; “computer virus”; “consumer”; “damage”; “execute”; “intentionally deceptive”; “Internet”; “person”; and, “personally identifiable information.”

Section 22947.2 provides that a person or entity that is not an authorized user is prohibited, with actual knowledge, with conscious avoidance of actual knowledge, or willfully, from causing computer software to be copied onto the computer of a consumer in this state and use the software to do any of the following:

  • Modify, through intentionally deceptive means, any specified settings related to the computer’s access to, or use of, the Internet.
  • Collect, through intentionally deceptive means, personally identifiable information that meets any specified criteria.
  • Prevent, without the authorization of an authorized user, through intentionally deceptive means, an authorized user’s reasonable efforts to block the installation of, or to disable, software, by causing software that the authorized user has properly removed or disabled to automatically reinstall or reactivate on the computer without the authorization of an authorized user.
  • Intentionally misrepresent that software will be uninstalled or disabled by an authorized user’s action, with knowledge that the software will not be so uninstalled or disabled.
  • Through intentionally deceptive means, remove, disable, or render inoperative security, antispyware, or antivirus software installed on the computer.

Section 22947.3 provides that a person or entity that is not an authorized user, with actual knowledge, with conscious avoidance of actual knowledge, or willfully, is prohibited from causing computer software to be copied onto the computer of a consumer in this state and use the software to do any of the following:

  • Take control of the consumer’s computer by engaging in specified activities.
  • Modify any of the specified settings related to the computer’s access to, or use of, the Internet.
  • Prevent, without the authorization of an authorized user, an authorized user’s reasonable efforts to block the installation of, or to disable, software, by doing any specified activities.

Section 22947.4 prohibits a person or entity, who is not an authorized user, from doing any of the following with regard to the computer of a consumer in this state:

  • Induce an authorized user to install a software component onto the computer by intentionally misrepresenting that installing software is necessary for security or privacy reasons or in order to open, view, or play a particular type of content.
  • Deceptively causing the copying and execution on the computer of a computer software component with the intent of causing an authorized user to use the component in a way that violates any other provision of this section.

Section 22947.4 provides that it is the intent of the Legislature that this chapter supersedes and preempts all laws adopted by a city, county, city and county, municipality, or local agency regarding spyware and notices to consumers from computer software providers regarding information collection.



Original Source link

Leave a Comment

seventy nine − = seventy five

nationalcybersecuritynews.toda

FREE
VIEW