• by Wendy Davis  @wendyndavis, February 3, 2005

In a development that should hearten the online ad industry, lawmakers are currently rewriting the anti-spyware bill H.R. 29, known as the Spy Act, to clarify that its provisions do not apply to any cookies--including those that track consumers as they move from site to site throughout the Web--OnlineMediaDaily has learned.

As originally proposed, the bill--now in the Committee on Energy and Commerce, U.S. House of Representatives--apparently requires companies that install certain types of cookies to first obtain consumers' consent. But the committee currently is rewriting the bill to exempt all cookies from that mandate, said Kimberly Pencille, press secretary for Rep. Mary Bono (R-Calif.), who introduced the bill early last month.

Online advertisers maintain that asking consumers for their permission to install certain cookies-- including those that monitor users across a variety of sites--could potentially hurt their business by making it harder to determine information such as how many times a consumer has seen a particular ad.

Last year, a bill virtually identical to H.R. 29 passed 399-1 in the House of Representatives, but died when the Senate didn't act on it. When considered by the House last year, there was little organized opposition to the portion of the bill that dealt with cookies. The original measure contained an exception for cookies installed by individual sites, such as Amazon.com, that simply store passwords or remember information about consumers. But, arguably, the proposal also required consumers to affirmatively opt-in to receive cookies that track behavior across more than one site.

In the last several months, online advertising executives mobilized in opposition to the portion of the bill that dealt with cookies. Last week, several key online ad industry executives held a strategy meeting at the Washington, D.C law firm Piper Rudnick Gray Cary.

Trevor Hughes, executive director of the Network Advertising Initiative, said that his organization supported efforts to shut down spyware, but also "worked aggressively to make sure that things like cookies are not collateral damage in the war against spyware."

In addition to the cookie provisions, H.R. 29 outlaws the hijacking of computers by surreptitious installation of software. The bill also requires companies to secure consumers' permission before collecting personally identifiable information.

An early indication that efforts were paying off came last week when Rep. Cliff Stearns (R-Fla.)--chair of a House subcommittee on commerce, trade, and consumer protection--testified at a Congressional hearing that it might be a mistake to mandate consumer permission for third-party cookies. "Another challenge that we face as legislators is ensuring that our responses to the growing spyware problem don't penalize legitimate uses of similar information technology designed to monitor and prevent unauthorized activity," said Stearns. "Among some of the concerns expressed regarding H.R. 29 that will be examined as we continue to work on the bill are: Examining the need for an exception for cookies and the issues raised by third-party cookies, since the bill is intended to apply only to software," he stated.