Dutch regulator sets malware precedent

20 Dec 2007

Dutch telecom regulator OPTA has fined three Dutch enterprises a combined total of €1m for illegally installing spyware and adware on more than 22 million computers in the Netherlands and elsewhere.

The companies fined by OPTA operated together under the name DollarRevenue, which is considered to be among the 10 largest spyware distributors in the world.

They managed to install the software on personal computers via downloads from the internet and by exploiting security loopholes in computer programmes. The illegally installed software allowed the companies to spy on consumers’ online behaviour and triggered pop-up windows containing specific advertising material.

The OPTA action is the first time that a national regulator has resorted to drastic fines against a company acting in violation of EU privacy law. The move has been welcomed by the EU Telecoms and Media Commissioner, Viviane Reding.

“Spyware, spam and malware are a real plague for Internet users. The decision of OPTA, which applies EU legislation vigorously, will therefore help considerably to make our European information society a safer, more trustworthy place for consumers and businesses. I call on the regulators of other countries to follow the positive example set by the Dutch regulator,” said Reding.

To strengthen the regulatory regime underpinning internet and telecommunications security, the European Commission adopted on 13 November proposals on telecoms reform that include provisions to reinforce security and privacy. Under the proposals national regulatory authorities will be given the power to issue binding instructions to companies on the security measures that are required to secure their electronic communication networks and services and to oversee proper implementation.

Specifically in relation to spam, the proposals introduce the possibility for internet service providers to take legal action against spammers.

By Niall Byrne