Regaining Control of Our Computers

Software Guidelines

I. General Definition of Badware

An application is badware in one of two cases:
  1. If the application acts deceptively or irreversibly.
  2. If the application engages in potentially objectionable behavior without:
    • First, prominently disclosing to the user that it will engage in such behavior, in clear and non-technical language, and
    • Then, obtaining the user's affirmative consent to that aspect of the application.

Both categories of badware are defined in detail in Section III below. Proper disclosure and consent requirements are discussed in general terms in Section II and, for specific categories of bad behavior, in Section III.

II. General Requirements for Disclosure and Consent

A. Initial Disclosure and Consent

Prior to installing the application, the application owner and any third party distributor or bundler must:
  • (a) First, fully, accurately, clearly and conspicuously disclose to end users:
    • (i) that they are installing an application (i.e., no "drive-by" downloads or installs),
    • (ii) the name of the application, identifying the entity responsible for it, and
    • (iii) the principal and significant features and functionality of the application;
    • (iv) any and all unexpected or unwelcome behaviors as defined by Section III below. Additional disclosure requirements for such behaviors may be listed in that Section as well.
  • (b) Then, obtain the end user's affirmative consent to install the application.

The above disclosure and consent must occur for both the primary application and every additional piece of software which is bundled with it.

B. Method of Disclosure and Consent

Disclosure of the items discussed in this document (a) must be provided in both (1) the End User License Agreement (EULA) or privacy policy (to the extent required by law or otherwise by industry custom) and (2) separately from the EULA and/or privacy policy (e.g., in installation screens or message boxes, as the case may be). The disclosure must be designed so that it will be read by, adequately inform and evidence the consent of a typical Internet user.

C. EULA and Privacy Policy

An application must comply with the agreements and representations made with end users in the EULA and privacy policy. The privacy policy must be accessible from the application in an easily found location. Any information collected or transmitted that relates to the user's use of his or her computer, regardless of whether it is personally identifiable, must be disclosed in the privacy policy. EULAs and privacy policies should be written in as understandable a manner as possible.

III. Specific Categories of Badware and Their Requirements

The project investigates several important categories of behavior that users find annoying or objectionable. In each category of behavior, the most extreme cases generally constitute badware behavior. The less extreme actions in each category, may not constitute badware, but are still behaviors that users should be aware of. Therefore, software which does those things, but does not clearly disclose them to the user and receive the user's affirmative consent, is also badware. These guidelines apply both to the primary application and all applications that are bundled with it.

A. Software Which Installs Deceptively

Application installations must be designed in a manner that ensures that an application is installed by end users in a knowing and willful manner. Applications which install deceptively are always considered badware.

Included in this category are applications which behave as Trojan horses, allowing the installation of additional applications without the user’s knowledge. Automatic-updating is permissible, however, if the use of automatic-updates is clearly disclosed to the user during installation of the application and either is used only to make non-substantive updates to the application itself or seeks the user’s consent before making any changes. Automatic-updates may not modify other software or be used to introduce substantive changes to the original application’s functionality (including the introduction of any behavior described within these guidelines).

Examples of behavior in this category include:
  1. Silently downloading
  2. Installing additional software without informing the user of the identity and purpose of that software (bundling)
  3. Using an exploit to install
  4. Acting as a Trojan horse
  5. Using automatic-updating to modify other software or to make substantive changes to the original application.
Examples of behavior in this category that may be consented if adequately disclosed include:
  1. Automatic-updating if used to make non-substantive updates to the original application or if user consent is sought before changes are made

B. Software Which Does Not Clearly Identify Itself

Users should be able to determine, without undue effort or a high degree of technical skill, that an application is on his/her computer and that this application is in fact running. A downloadable application should not hide its existence when running or in storage.

Neither an application nor any of its distribution or bundling partners may mislead end users or create end user confusion with regard to the source or owner of an application or any portion of its purpose, functionality or features. For example, all elements of an application that are visible to the end user must clearly identify their source through the application's branding and attribution. Likewise, any time the software, or any bundled software, impacts the user’s experience (via visible actions or resource consumption), the software must identify itself as the cause of the impact. That identification, whatever form it takes, must correspond to the identification of the application in the menu that permits end users to remove programs. To enable identification of software-effecting performance, the name of the process visible in windows task manager must match the software name in add/remove programs.

Advertisements provided by the application (if any), must clearly identify the application as the source of those advertisements.

If an application modifies the operation or display of other applications or Web sites (other than properties of the application owner), then in each instance the application must clearly and conspicuously be attributed as the source of that modification, in a manner that will inform a typical Internet user.

Examples of applications which do not comply with the requirements of this category include any application that:
  1. Does not clearly identify itself (name and purpose) at install time
  2. Does not clearly identify itself at run time
  3. Deceptively identifies itself at any time

C. Software Which Negatively Impacts Other Computers

Any application which contains a virus, worm, or other software that performs malicious actions against other computers constitutes badware and cannot be consented to by a user. Examples of this category include hijacking a user's computer for purposes of consuming bandwidth or computer resources, sending email messages, launching denial of service attacks, accruing toll charges through a dialer, etc.

D. Software Which Makes Changes to Other Software

This category includes applications which modify other software on the user’s computer. In general, applications which make such changes will be considered badware. Applications may, however, make certain relatively small changes to the functionality of a user’s web browser, so long as the changes are properly disclosed and consented to, and may be easily undone (see uninstallation requirements).

Examples of behavior in this category that may be consented to include:
  1. Adding a toolbar to the browser
  2. Changing the browser's home page
  3. Changing the browser's search settings
  4. Redirecting unresolved URLs
Examples of behavior in this category which may not be consented to, and which always constitute badware include:
  1. Redirecting valid DNS entries
  2. Modifying or blocking other applications
  3. Modifying or replacing parts of the operating system

E. Software Which Transmits Data To Unknown Parties

If an application collects or transmits personally identifiable information to anyone but the end user, or if an application collects or transmits information that could contain personally identifiable information (e.g., Internet usage), then this behavior must be properly disclosed and consented to as described below. In addition, wholesale keylogging or complete remote control are behaviors that always constitute badware and cannot be consented to.

Examples of behavior that may be consented to include:
  1. Transmission of non-personally identifiable data
  2. Transmission of data that may potentially be personally identifiable
  3. Transmission of personally identifiable data
Examples of behavior which may not be consented to, and which always constitute badware include:
  1. Transmission of keylogs or otherwise completely remote control software
Required disclosure for transmission of personally identifiable or potentially data. Prior to the first occurrence of any such collection or transmission, the application must:
  • First, fully, accurately, clearly and conspicuously disclose:
    • the type of information collected (e.g., the user's phone number),
    • the method of collection (e.g., by registration, etc.), and
    • the location of the privacy policy; and
  • Then, obtain the end user's affirmative consent to such collection and/or transmission.

F. Software Which Interferes With The User’s Normal Computer Usage

This category includes behaviors such as obstructive or intrusive functionality that interferes with an end user's Web navigation or browsing or the use of his or her computer, or repeatedly asking an end user to take, or trying to deceive an end user into taking, a previously declined action. When such behaviors make the user’s machine unresponsive or would force the average user to take an action that they would otherwise decline, then the application constitutes badware. In less extreme cases, an application may engage in the intrusive functionality if it is disclosed and consented to by the user.

Examples of behavior that may be consented to include:
  1. A reasonable number of pop-ups, pop-unders, exit windows, etc.
Examples of behavior that may not be consented to, and which always constitute badware include:
  1. Pop-ups, etc. that are so obstructive or harassing as to make the machine unresponsive
  2. Deceptive behavior that would force the average user to take an action they would otherwise decline
  3. Intentionally creating or exploiting any security vulnerabilities in end user computers to cause the computer to malfunction

G. Software Which Is Not Easy To Uninstall Completely

An application must permit end users to uninstall it (in the customary place the applicable operating system has designated for adding or removing programs, e.g., the Add/Remove Programs control panel in Windows) in a straightforward manner, without undue effort or a high degree of technical skill. In addition, an application, when running, must provide (in an easily found location, such as in a "help" file or the like) clear and concise instructions on how it may be uninstalled.

Once uninstalled, an application must not leave behind any functionality or design elements, and all setting changes made by the application, but not explicitly agreed to by the end user, must be reversed to the extent practicable. It is, however, acceptable for an uninstalled application to leave a small number of trivial files, such as text files or graphics files (e.g., .gif). In addition, uninstallation of the software must also signal the end of all user obligations to the software producer (i.e., the software producer may not continue to charge the user for use of an application after the application has been uninstalled)

Finally, once disabled by an end user, an application must not be re-enabled without an affirmative action by the end user to explicitly re-enable the end user's application. Accordingly, no use, update, installation or re-enablement of a separate application, and no code downloaded as a result of browsing a Web site, may operate to re-enable an application.

Bundled software must provide either a master uninstaller that will enable the end user to uninstall every application in the bundle without undue effort or skill, or must allow for the uninstallation of each application separately in accordance with this section. If the uninstallation of a bundled application will cause another application in the bundle not to function, then the uninstall process should make this dependency clear to the user. If no such dependency exists in actuality, then implying such a dependency constitutes unethical and prohibited behavior.

Examples of behavior that fails to follow the preceding rules regarding uninstallation and thus constitutes badware include:
  1. Failure to provide easy instructions for uninstallation
  2. Failure to use the system uninstall tools, or requiring the download of additional tool to uninstall
  3. Failure to remove all executables when uninstalled
  4. Reinstalling or enabling the application after the user has disabled it
  5. Failure to allow for the uninstallation of all applications within a bundle
  6. Claiming that the uninstallation of one application in a bundle will affect the functioning of another application in the bundle when this is not in fact the case
  7. Charging the user for use of an application after the application has been uninstalled
StopBadware Manifesto

Badware Reports (pdf)
Red_small Kazaa
Red_small Mediapipe
Red_small SpyAxe
Red_small Waterfalls 3

Contact Us  |  Privacy Policy

Consumer Reports WebWatch is not receiving any corporate support for its participation in this program.

Copyright © 2006 - All content for this site is under a Creative Commons license