Spyware is software which monitors user actions, gathers personal data, and/or displays advertisements to users. While some spyware is installed surreptitiously, a surprising amount is installed on users’ computers with their active participation. In some cases, users agree to accept spyware as part of a software bundle as a cost associated with gaining functionality they desire. In many other cases, however, users are unaware that they installed spyware, or of the consequences of that installation. This lack of awareness occurs even when the functioning of the spyware is explicitly declared in the end user license agreement (EULA). We argue and demonstrate that poor interface design contributes to the difficulty end users experience when trying to manage their computing environment. This paper reviews the legal, technical, and design issues related to the installation of spyware bundled with other software. It reports on results of an experiment in which thirty-one users were asked to configure computers, deciding which software to install from a set of software that included disclosed spyware. The results suggest that current EULA interfaces do little to encourage informed decision-making and that simpler interfaces with key terms highlighted have potential to improve informed decision-making.
Privacy, Notice, End User License Agreement, EULA, Security and Usability, Spyware, Terms of Service, ToS
Place of Original Publication
I/S: A Journal of Law and Policy for the Information Society
2 I/S: A Journal of Law and Policy for the Information Society 283 (2006)
Good, Nataniel; Grossklags, Jens; Thaw, David; Perzanowski, Aaron K.; Mulligan, Deirdre K.; and Konstan, Joseph, "User Choices and Regret: Understanding Users' Decision Process about Consensually Acquired Spyware" (2006). Faculty Publications. 621.