• by Kate Kaye , February 10, 2006

Among the behavioral targeting ad options available, some fall into the adware category, serving behaviorally-targeted ads to users who have downloaded free software. Users have been known to lump such ad-supported programs into the spyware category, whether they deserve it or not. According to a report released Tuesday by the anti-spyware outfit Webroot, the firm found more than 400,000 spyware-hosting sites in '05. CNET is adamant that Download.com, its software review and download site--which does offer some adware--not be among those rotten apples. As part of its effort to help establish better practices among software makers, CNET is on the advisory committee of Truste's Trusted Download program, which aims to give users peace-of-mind by evaluating adware and trackware applications for certification. Behavioral Insider talked with David Gregory, senior producer at CNET's Download.com about the Trusted Download program and the impact it might have on the software scene.

Behavioral Insider: In what capacity is CNET involved in the Trusted Download program?

Gregory: CNET and Download.com in particular are members of the Trusted Download advisory committee. This is basically a group of companies that have a stake in where that program goes, what direction they take, and what criteria they use to certify applications. So really, our role is pretty limited. We're just an advisor.

BI: Are there things that would apply specifically to CNET and Download.com that you're trying to bring to the fore?

Gregory: In general, Truste has a pretty good grasp of what's in the best interest of our users. As far as we're concerned, the goals are all shared. All of the companies that are involved in the program, have an interest in promoting good practices in companies that are going to be applying for the Truste program, particularly around any sort of ad delivery or targeting--anything that directly affects users.

BI: How do you see this Trusted Download program affecting CNET or other online publishers?

Gregory: I think our hope is that it's going to promote better practices in the industry as a whole. We generally want to see better behavior in the "adware/spyware" companies that are out there,  and hopefully distinguish between who's a legitimate marketer vs. who is an actual threat to the user.

BI: What do you do at CNET now to enable that vetting process?

Gregory: Where Download.com is concerned, we test all software that's submitted to us, and we don't allow software that raises red flags via tools that we use to scan software.

BI: Are these tools that you've developed internally?

Gregory: They're the same tools that users would use to detect these things.

BI: Of the software that you are testing, what percentage gets approved vs. what's red-flagged?

Gregory: Well, there are a lot of reasons why we wouldn't accept a piece of software. It's not limited to just adware and spyware; we have a lot of criteria. But, off the top of my head, I think it's around 5-10 percent [that isn't accepted].

BI: And what percentage of that would be due to nefarious spyware activity?

Gregory: Maybe one or two percent.

BI: So, it seems like it's not a lot. Does it seem that way to CNET? It's talked about so often, but the numbers, the way you're describing them, don't seem to be too big.

Gregory: Well, we've had a policy in place for about a year now, and I think it's known now that we don't accept those things. So the percentage of [software makers] that actually try to submit is fairly low right now.

BI: What is your sense of the bigger software world and what's out there in terms of what's bad?

Gregory: Well, there's a lot. We certainly do our best to screen it out... I think that as far as users are concerned, it's a relatively small number of items, but the ripples are pretty big, especially when there's not a lot of oversight... The hope is that, with Truste they're going to help create a more consistent standard that the anti-spyware companies would use to determine what's a threat and what isn't. Because another issue we face is that it's not always clear-cut which items are a threat and which aren't.

BI: So how do you determine those things when something is questionable?

Gregory: Well, we evaluate on a case-by-case basis. If we need to, we'll involve the editor. It's very much an editorial decision on our part what we allow and what we don't.

BI: What sorts of things might be considered in the adware category that you give the green light to?

Gregory: At the moment, we make some exceptions for ad-supported software, but it's very limited. The criteria is very narrow... Basically, we would allow an application that displays an ad within the application, but not outside of it. A program could have a little window as part of the interface, or a banner or something, similar to what you would see on a Web page. But when it starts getting into the realm of pop-ups, we see more of a problem with that.

BI: Are there any other issues relating to this stuff that you're hoping Truste focuses on?

Gregory: I think they have a pretty good understanding of what the issues are.... From what I've seen, the criteria are certainly robust enough that I'm fairly confident that products that do ultimately get certified by Truste are going to be something that users don't necessarily have to be concerned about.... What remains to be seen is how many companies actually are able to meet that criteria, actually gain certification.... If they're really serious about participating in the program and meeting the criteria that Truste has laid out, they may have to go back and make some changes to their software.

BI: Do you think that Truste has enough clout that companies are going to be concerned if they're not approved?

Gregory: It remains to be seen. We really have no idea how many companies and products are going to seek out certification.