[House Hearing, 110 Congress]
[From the U.S. Government Publishing Office]



                COMBATING SPYWARE: H.R. 964, THE SPY ACT

=======================================================================

                                HEARING

                               BEFORE THE

                    SUBCOMMITTEE ON COMMERCE, TRADE,
                        AND CONSUMER PROTECTION

                                 OF THE

                    COMMITTEE ON ENERGY AND COMMERCE
                        HOUSE OF REPRESENTATIVES

                       ONE HUNDRED TENTH CONGRESS

                             FIRST SESSION

                                   ON

                                H.R. 964

                               __________

                             MARCH 15, 2007

                               __________

                           Serial No. 110-21





      Printed for the use of the Committee on Energy and Commerce

                        energycommerce.house.gov

                                -------

                     U.S. GOVERNMENT PRINTING OFFICE

38-810                     WASHINGTON DC:  2008
---------------------------------------------------------------------
For sale by the Superintendent of Documents, U.S. Government Printing
Office  Internet: bookstore.gpo.gov Phone: toll free (866)512-1800
DC area (202)512-1800  Fax: (202) 512-2250 Mail Stop SSOP, 
Washington, DC 20402-0001

















                    COMMITTEE ON ENERGY AND COMMERCE

                  JOHN D. DINGELL, Michigan, Chairman

HENRY A. WAXMAN, California          JOE BARTON, Texas
EDWARD J. MARKEY, Massachusetts          Ranking Member
RICK BOUCHER, Virginia               RALPH M. HALL, Texas
EDOLPHUS TOWNS, New York             J. DENNIS HASTERT, Illinois
FRANK PALLONE, Jr., New Jersey       FRED UPTON, Michigan
BART GORDON, Tennessee               CLIFF STEARNS, Florida
BOBBY L. RUSH, Illinois              NATHAN DEAL, Georgia
ANNA G. ESHOO, California            ED WHITFIELD, Kentucky
BART STUPAK, Michigan                BARBARA CUBIN, Wyoming
ELIOT L. ENGEL, New York             JOHN SHIMKUS, Illinois
ALBERT R. WYNN, Maryland             HEATHER WILSON, New Mexico
GENE GREEN, Texas                    JOHN B. SHADEGG, Arizona
DIANA DeGETTE, Colorado              CHARLES W. ``CHIP'' PICKERING, 
    Vice Chairman                    Mississippi
LOIS CAPPS, California               VITO FOSSELLA, New York
MIKE DOYLE, Pennsylvania             STEVE BUYER, Indiana
JANE HARMAN, California              GEORGE RADANOVICH, California
TOM ALLEN, Maine                     JOSEPH R. PITTS, Pennsylvania
JAN SCHAKOWSKY, Illinois             MARY BONO, California
HILDA L. SOLIS, California           GREG WALDEN, Oregon
CHARLES A. GONZALEZ, Texas           LEE TERRY, Nebraska
JAY INSLEE, Washington               MIKE FERGUSON, New Jersey
TAMMY BALDWIN, Wisconsin             MIKE ROGERS, Michigan
MIKE ROSS, Arkansas                  SUE WILKINS MYRICK, North Carolina
DARLENE HOOLEY, Oregon               JOHN SULLIVAN, Oklahoma
ANTHONY D. WEINER, New York          TIM MURPHY, Pennsylvania
JIM MATHESON, Utah                   MICHAEL C. BURGESS, Texas
G.K. BUTTERFIELD, North Carolina     MARSHA BLACKBURN, Tennessee
CHARLIE MELANCON, Louisiana
JOHN BARROW, Georgia
BARON P. HILL, Indiana

                                 ______

                           Professional Staff
                 Dennis B. Fitzgibbons, Chief of Staff
                   Gregg A. Rothschild, Chief Counsel
                      Sharon E. Davis, Chief Clerk
                 Bud Albright, Minority Staff Director

                                  (ii)

        Subcommittee on Commerce, Trade, and Consumer Protection

                   BOBBY L. RUSH, Illinois, Chairman
JAN SCHAKOWSKY, Illinois             CLIFF STEARNS, Florida,
G.K. BUTTERFIELD, North Carolina          Ranking Member
JOHN BARROW, Georgia                 J. DENNIS HASTERT, Illinois
BARON P. HILL, Indiana               ED WHITFIELD, Kentucky
EDWARD J. MARKEY, Massachusetts      CHARLES W. ``CHIP'' PICKERING, 
RICK BOUCHER, Virginia                   Mississippi
EDOLPHUS TOWNS, New York             VITO FOSSELLA, New York
DIANA DeGETTE, Colorado              GEORGE RADANOVICH, California
CHARLES A. GONZALEZ, Texas           JOSEPH R. PITTS, Pennsylvania
MIKE ROSS, Arkansas                  MARY BONO, California
DARLENE HOOLEY, Oregon               LEE TERRY, Nebraska
ANTHONY D. WEINER, New York          SUE WILKINS MYRICK, North Carolina
JIM MATHESON, Utah                   MICHAEL C. BURGESS, Texas
CHARLIE MELANCON, Louisiana          MARSHA BLACKBURN, Tennessee
JOHN D. DINGELL, Michigan            JOE BARTON, Texas





















                             C O N T E N T S

                              ----------                              
                                                                   Page
H.R. 964, to protect users of the Internet from unknowing 
  transmission of their personally identifiable information 
  through spyware programs, and for other purposes...............     3

Barton, Hon. Joe, a Representative in Congress from the State of 
  Texas, opening statement.......................................    36
Bono, Hon. Mary, a Representative in Congress from the State of 
  California, opening statement..................................    39
Hooley, Hon. Darlene, a Representative in Congress from the State 
  of Oregon, opening statement...................................    37
Rush, Hon. Bobby L., a Representative in Congress from the State 
  of Illinois, opening statement.................................     1
Schakowsky, Hon. Jan, a Representative in Congress from the State 
  of Illinois, opening statement.................................    35
Stearns, Hon. Cliff, a Representative in Congress from the State 
  of Florida, opening statement..................................    34
Towns, Hon. Edolphus, a Representative in Congress from the State 
  of New York, opening statement.................................    38

                               Witnesses

Cerasale, Jerry, senior vice president, government affairs, 
  Direct Marketing Association, Inc..............................    74
    Prepared statement...........................................    76
Maier, Fran, executive director, TRUSTe..........................    95
    Prepared statement...........................................    97
Morgan, Dave, founder and chairman, Tacoda, Inc..................    87
    Prepared statement...........................................    89
Schwartz, Ari, deputy director, Center for Democracy and 
  Technology.....................................................    40
    Prepared statement...........................................    42
Varney, Christine A., Hogan & Hartson LLP, on behalf of Zango, 
  Inc............................................................   131
    Prepared statement...........................................   134

 
                COMBATING SPYWARE: H.R. 964, THE SPY ACT

                              ----------                              


                        THURSDAY, MARCH 15, 2007

              House of Representatives,    
            Subcommittee on Commerce, Trade
                           and Consumer Protection,
                          Committee on Energy and Commerce,
                                                    Washington, DC.
    The subcommittee met, pursuant to call, at 11:10 a.m., in 
room 2322 of the Rayburn House Office Building, Hon. Bobby L. 
Rush (chairman of the subcommittee) presiding.
    Members present: Representatives Schakowsky, Barrow, Towns, 
Ross, Hooley, Matheson, Stearns, Bono, Terry and Barton [ex 
officio].

 OPENING STATEMENT OF HON. BOBBY L. RUSH, A REPRESENTATIVE IN 
              CONGRESS FROM THE STATE OF ILLINOIS

    Mr. Rush. The subcommittee will come to order.
    Today the Subcommittee on Commerce, Trade and Consumer 
Protection tackles the problem of spyware, the insidious 
software that consumers unwittingly download onto their 
computers only to have their personal private information 
extracted for commercial or fraudulent purposes.
    Spyware comes in many forms. Sometimes it takes the form of 
adware that tracks the Web sites an individual visits in order 
to facilitate target marketing and develop pop-up ads tailored 
to sites he or she visits. At other times it is far more 
offensive, redirecting his or her Web searches to gambling or 
pornographic sites. And sometimes at its very worst, spyware 
monitors and steals a consumer's sensitive secret information 
such as account passwords and credit card numbers. Spyware 
surreptitiously makes its way onto one's computer by fooling 
the computer into downloading the nefarious software. Spyware 
is often secretly bundled with free software from Web sites 
that a consumer willingly downloads onto his or her computer. 
At other times spyware is installed as an add-on to a browser's 
toolbar or it simply pops up as a seemingly innocuous Web site 
or window, innocently asking for permission to install. Perhaps 
the worst of all, some spyware masquerades as anti-spyware with 
promises of cleaning up a person's computer only to install its 
own version of spyware.
    Whatever its form and however it is installed, at its worst 
spyware can lead to the unwanted exposure of offensive Web 
content to unsuspecting individuals, particularly children. It 
can also lead to outright fraud resulting in significant 
financial damages. At its best, spyware is simply nasty stuff 
that clogs computers, slows down processing power and is costly 
to remove. According to a survey in Consumer Reports as cited 
in the Washington Post, consumers paid as much as $7.8 billion 
over 2 years to protect or repair their computers with anti-
spyware and anti-virus software.
    In the past two Congresses, Mrs. Bono and Mr. Towns 
introduced the bipartisan Spy Act and both times the bill 
enjoyed overwhelming support. Twice this subcommittee and the 
full committee unanimously reported the bill. Twice the full 
House passed the bill with near unanimity and twice the Spy Act 
met its demise in the Senate. This year Mr. Towns and Mrs. Bono 
are once again teaming up to introduce the Spy Act as H.R. 964. 
It is my full intent as chairman of this subcommittee to do 
everything I can to make it three times that this bill passes 
this subcommittee and the full committee and the House of 
Representatives and finally makes its way to the President's 
desk. Let us all hope that the Senate can get its act together 
this time around. Three times should be the charm for the 
Senate.
     H.R. 964 provides a broad regulatory framework that 
empowers consumers with knowledge and allows them to be in 
charge of what goes on their personal computers. First, the 
bill outright prohibits deceptive practices and acts related to 
spyware that wreak havoc on a computer's operating system or is 
a harmful invasion of one's privacy. Moreover, the bill creates 
a regime where an entity cannot execute any program that 
collects personal information without first giving explicit 
notice to the consumer and subsequently receiving his or her 
consent. The bill further requires that once installed, the 
information collection program can be easily removed or 
disabled. Lastly, H.R. 964 provides that the FTC will enforce 
the Spy Act and that any violation of these provisions will be 
treated as an unfair and deceptive act or practice violating a 
rule promulgated under section 18 of the FTC Act. Accordingly, 
the Commission will be able to impose significant penalties, 
and I firmly believe, as do most of today's witnesses, that 
this bill strikes an appropriate and workable balance that will 
allow honest commerce and innovation to occur.
    Last year, not only did this bill receive an overwhelming 
support from our members but also from many technology 
companies and associations including Yahoo, eBay, AOL Time 
Warner, Dell, Microsoft, EarthLink and the U.S. Telecom 
Association. We will carefully consider the testimony of our 
witnesses and the comment letters that we have received from 
the FTC, consumer groups and industry experts.
    Again, I want to commend Mr. Towns and Mrs. Bono for the 
terrific work that they have done on the Spy Act and for 
exhibiting yet another example of quality bipartisan 
cooperation that is really rather unique to this subcommittee, 
and I welcome our guests, who have graciously agreed to appear 
before us today and I hope that today marks the first step 
towards making this important bill into law.
    Thank you.
    At this time I will submit a copy of H.R. 964 for inclusion 
in the record.
    [H.R. 964 follows:]



    Mr.  Rush. I recognize the ranking member of the 
subcommittee, the gentleman from Florida, Mr. Stearns.

 OPENING STATEMENT OF HON. CLIFF STEARNS, A REPRESENTATIVE IN 
               CONGRESS FROM THE STATE OF FLORIDA

    Mr. Stearns. Thank you, Mr. Chairman.
    As you have mentioned, we hope that the third time is the 
charm here. It has been nearly 3 years since the committee 
first held hearings on the subject of spyware. Although the 
Internet may seem like it has been around for a long time to 
many of us, the reality is that it has only been commercially 
available for a little more than a decade. As rapidly as usage 
has spread, so too has industry and user practices evolved. We 
have learned about some of these practices. Obviously spyware 
is one of those.
    Where circumstances warranted, we tried to respond with 
legislation in this committee, which we did. Some of our 
efforts of my colleagues resulted in public laws such as Can 
Spam. Although we like to respond as quickly as possible, we 
usually try to be as careful as possible to avoid unintended 
consequences. I don't think we did. I would say, Mr. Chairman, 
we are on this side ready to move to markup. We think we could 
move to markup after this hearing because we have had so much 
support for this bill in the past and we would like to see a 
markup out of this subcommittee as soon as possible.
    Mrs. Bono has showed leadership and Mr. Towns has in the 
108th Congress. We have discovered all the bad things about 
spyware and what it creates. We also learned that most 
pernicious forms of spyware have more malicious intentions than 
we realized. Criminals often in other countries have developed 
programs that can potentially be used to steal a person's 
identity. A keystroke logger is one example of a program that 
can capture a consumer's data, which can then be used to commit 
fraud. Other types of spyware software have been used to hijack 
a user's computer or to redirect a user's computer to bogus Web 
sites.
    After investigating the damage of potential harm caused by 
spyware to consumer computers, we passed the bill out of the 
subcommittee in the 108th. The House likewise passed it, as you 
have mentioned. Unfortunately, the Senate did not take up the 
bill and we tried again in the 109th. The committee again 
unanimously passed the legislation. H.R. 964 is the same bill 
we unanimously passed in the committee and nearly unanimously 
in the House last Congress.
    There has been, I think, much progress in the industry, I 
would compliment them, with the adoption of best practices and 
recognition of the need for consumer consent. We also have seen 
an increase in the number of enforcement actions. This is all 
good. That being said, the threat of spyware and the havoc it 
can inflict on a consumer's computer--or worse, on the 
identity--remains a real threat. Consumers and businesses are 
now spending billions of dollars to protect themselves and 
their computers. To that end, I believe there is still a need 
for this legislation and so I support H.R. 964. A company that 
is a bad actor is generally the exception rather than the rule. 
While criminals may never disappear, legitimate companies are 
not in business to offend their customers.
    I would like to welcome the distinguished panel here. I 
look forward to their views on H.R. 964.
    Mr. Chairman, in closing I would like to thank Mr. Barton 
for his leadership on this issue during the last two 
Congresses. I also obviously commend my colleagues, Mrs. Bono 
and Mr. Towns, and finally I would like to recognize my 
colleague, the chairman, Mr. Dingell, and Ms. Schakowsky, who 
was the ranking member when I was the chairman, for her hard 
efforts in this area too.
    With that, Mr. Chairman, I look forward to the hearing.
    Mr. Rush. Thank you.
    The committee recognizes the fine gentlewoman from 
Illinois, Ms. Schakowsky.

 OPENING STATEMENT OF HON. JAN SCHAKOWSKY, A REPRESENTATIVE IN 
              CONGRESS FROM THE STATE OF ILLINOIS

    Ms. Schakowsky. Thank you, Chairman Rush, for holding 
today's hearing on H.R. 964, the Spy Act.
    The proliferation of spyware, covertly installed software 
that can snatch personal information, has made it necessary 
that we pass this legislation. And while I am proud to be an 
original cosponsor of the Spy Act, I hope this is the last time 
that I say that.
    Our committee wanted to be proactive on this issue; we 
were. I was very proud to work with Mr. Towns and Mrs. Bono and 
Mr. Stearns and the chairman at the time, Mr. Barton, and Mr. 
Dingell. We did our work. We got it out of the subcommittee, 
the committee and the House. And when we first started working 
on this issue 4 years ago, spyware was not a household word; it 
is now. People used to be baffled when they found that their 
Web page settings changed or when their computers became 
sluggish. They would think that the problem was their computer 
or the Internet service provider but now the suspect is 
spyware.
    Spyware is a nationwide problem that affects millions of 
computers from large financial institution servers to home 
computers. America Online has put occurrences of spyware as 
high as 80 percent among households with broadband. As 
broadband becomes more popular in American households, we can 
only assume spyware will continue to affect our home computers 
until we give the Federal Trade Commission all the authority it 
needs to shut down spyware purveyors.
    Again, spyware is much more than little annoyances such as 
slow computers and unwanted popup ads. Those are just symptoms 
of the real trouble spyware can cause. The spyware is so 
resourceful that it can snatch personal information from 
computer hard drives, track every Web site visited and log 
every keystroke entered. Spyware is a serious threat to 
consumer privacy and a powerful tool for identity theft, the 
fastest-growing financial crime. With all the current threats 
to our country, our homes and our wallets, our computers should 
not have another worry.
    Although we don't want to stop legitimate uses of the 
software, underlying spyware such as allowing easy access to 
online newspapers, we do want consumers to have control of 
their computers and personal information. We have passed this 
bill with overwhelming bipartisan support in the past two 
Congresses and I hope this is the Congress that will get the 
bill signed into law.
    So I thank you, Mr. Chairman.
    Mr. Rush. Thank you.
    Now the committee will recognize the ranking member of the 
full committee, Mr. Barton of Texas, for 5 minutes.

   OPENING STATEMENT OF HON. JOE BARTON, A REPRESENTATIVE IN 
                CONGRESS FROM THE STATE OF TEXAS

    Mr. Barton. Thank you, Mr. Chairman. I appreciate the 
courtesy. I was just downstairs in the Energy and Air Quality 
Subcommittee in one of our hearings on climate change and 
rushed up here, so I appreciate the courtesy of being allowed 
to speak as soon as I get here.
    Thank you for holding the hearing on the Spy Act and making 
it a priority. As everyone knows, this is round 3. The 
committee sent the Spy Act to the floor by unanimous vote in 
the last Congress and a nearly unanimous vote in the Congress 
prior to that. The House likewise passed the legislation by a 
nearly unanimous vote in the last two Congresses. We are here 
today because the Senate has twice failed in the last 
Congresses to act on this bill for reasons that are absolutely 
a mystery to me.
    This legislation ought to be an automatic-passage bill. It 
is a key component to solving the problem of Internet spying, 
and protecting our constituents from invasions of their 
privacy. The bill not only receives broad bipartisan support in 
this institution but many of the big technology players also 
support the Spy Act: Yahoo, eBay, AOL Time Warner, Dell, 
Microsoft, EarthLink, the U.S. Telecom Association, just to 
name a few. We have differences of opinion on the issue of 
network neutrality, for example, among some of these folks. On 
this issue, there is 100 percent unanimity.
    The reason for the support is evident. Internet spying is 
more than just an annoyance and more than an invasion of 
consumers' privacy. It also poses the very real danger of 
identity theft. Furthermore, spyware often proves dangerous to 
the consumer's physical property, their personal computers. The 
scariest part of spyware is that you can have an unwanted, 
unnoticed program on your computer that captures and reports 
your keystrokes. What is at stake is a treasure chest of your 
life's financial secrets, your Social Security number, your 
bank account number, your credit card number and all kinds of 
personal passwords. Many consumers don't even know that this is 
possible, much less that these applications are alive on their 
computers right now, and as easy as it was to acquire a batch 
of spyware, sometimes it is almost impossible to get rid of it 
because of deceptive or nonexistent instructions for 
uninstalling these applications. You can pick up a batch of 
spyware by a click of a mouse but you may need the help of a 
computer expert and all day to get rid of it.
    Industry groups have taken strong steps, luckily, towards 
combating the dangers of spyware. However, it will take a mix 
of technology, consumer awareness, industry best practices, 
consumer education, strong enforcement of existing law and I 
think new law to effectively fight spyware.
    The bill before us does that. It places strong enforcement 
tools in the FTC's toolbox. It provides stiff penalties to hold 
various actors accountable for their action. It still balances 
the interests that are legitimate business interests of the 
bill.
    I could go on and on but let me simply say that this has 
been a bipartisan effort on our committee. Congresswoman Bono, 
Congressman Towns, Congressman Stearns, Congresswoman Jan 
Schakowsky as well as Chairman Dingell and myself have worked 
diligently to bring this legislation to the floor. And now with 
your efforts, Mr. Chairman, I am sure that we will finally get 
it across the finish line and get it through the Senate too. It 
just takes somebody from Chicago to get it done.
    With that, Mr. Chairman, I yield back the balance of my 
time.
    Mr. Rush. What else do you want?
    The gentle lady from Oregon, Ms. Hooley, is recognized for 
5 minutes.

 OPENING STATEMENT OF HON. DARLENE HOOLEY, A REPRESENTATIVE IN 
               CONGRESS FROM THE STATE OF OREGON

    Ms. Hooley. Thank you, Mr. Chairman, and I am thankful to 
all of the witnesses for being here today and your testimony on 
this issue.
    Although I am new to the Energy and Commerce Committee and 
this subcommittee, I have been involved for the last 8 years 
with fraud prevention efforts. I am pleased to join this 
subcommittee and have the opportunity to address these 
important issues as they relate to commerce. I commend my 
colleagues for taking up this issue of spyware, not only this 
Congress but for the last two Congresses, and I, like the chair 
and ranking member, hope this legislation can finally get all 
the way through and become law.
    Software that is installed without your consent to monitor 
or control your computer, known as spyware, threatens the 
security of our personal information and private transactions. 
It threatens commerce on the Internet and consumers' confidence 
of Web purchases and pollutes computers to the point they no 
longer function. Despite the efforts of FTC, which has 
completed 11 spyware enforcement cases, and the passage of the 
Safe Web Act, more needs to be done and I think this 
legislation is the answer. I do, however, have some concerns 
with regard to the lack of an exemption for fraud detection 
software. As I understand it, fraud detection software that is 
used to make consumers safer and helps protect them from 
fraudulent activity might be curtailed by this legislation. I 
hope we can look at this issue before markup.
    Again, I applaud this subcommittee for their diligent work 
on spyware and look forward to working with all of you and 
passing this piece of legislation.
    Thank you, and I yield back.
    Mr. Rush. Thank you.
    The gentleman from Nebraska, Mr. Terry, is recognized for 5 
minutes.
    Mr. Terry. I pass.
    Mr. Rush. The gentleman from Utah is recognized for 5 
minutes.
    Mr. Matheson. I will waive.
    Mr. Rush. The gentleman from New York, the coauthor of the 
bill, Mr. Towns, is recognized for 5 minutes.

 OPENING STATEMENT OF HON. EDOLPHUS TOWNS, A REPRESENTATIVE IN 
              CONGRESS FROM THE STATE OF NEW YORK

    Mr. Towns. Thank you very much, Mr. Chairman. I want you to 
know that I feel very confident and comfortable that this is 
going to make it all the way with you in the chair and of 
course seeing Mr. Morgan down from New York and I know that we 
are going to finish this thing off this time, no doubt about 
it.
    I also want to thank you for holding this important hearing 
today on H.R. 964, the Spy Act, and for your strong commitment 
to protecting consumers' privacy on the Internet. As the 
primary Democratic sponsor, I have been proud to work with 
Congresswoman Mary Bono. Her tireless efforts on this issue 
have been unmatched, and I want to thank her for her dedication 
and commitment to this issue.
    We passed this bill out of committee a few times already so 
perhaps the third time will be a charm. That is why it is 
important to hold this hearing. We want to make sure to get it 
right.
    Spyware continues to be a nuisance to many of our 
constituents, even as new and innovative Internet business 
models have sprung up. There is still some debate about the 
approach Congress should take to protect consumers from these 
harmful programs. One computer manufacturer has said that 
problems related to spyware cause most of their customer 
complaints. Another company said that spyware accounts for 
about 50 percent of all tech support calls. Although hard to 
quantify, this is adding hundreds of millions of dollars in 
costs for companies.
    More importantly, spyware programs can invade consumer 
privacy by recording and transmitting personal information, 
monitoring the Web sites you visit or even stealing documents 
from our computers. Other programs hijack your computer, 
forcing you to click through multiple screens until you 
download a program. Finally, all of these programs impair the 
functionality of a consumer's computer, often slowing its 
operation to a grinding halt.
    Although the problem seems clear, the solution is far from 
it. Technology changes at a tremendous rate, often making 
legislation outdated. Additionally, some computer programs 
which serve legitimate functions such as scanning your system 
for problems or security breaches or customizing our browser or 
advertising experience could be classified as spyware if we do 
not legislate carefully. It seems to me that a key issue is 
notice. Consumers must get meaningful and accurate notice 
before they make a decision to download programs that could 
harm their computers. The FTC should be prosecuting companies 
that do not provide notice or that provide deceptive notice. 
Certainly the egregious violators can be prosecuted under 
existing statutes and the FTC has taken steps in this regard, 
possibly in reaction to our continued interest in this 
legislation.
    Finally, let me conclude by saluting my colleagues, first 
Congresswoman Bono for her legislation and leadership on this 
issue, and of course, let me thank Ranking Member Barton of the 
full committee and of course former Chairman Stearns and of 
course former Ranking Member Schakowsky and also Mr. Dingell, 
who is the chairman of the full committee. I want to thank all 
of you for your work and I know that at the end of the day we 
are going to get this done, so thank you very much, Mr. 
Chairman.
    Mr. Rush. Thank you. Before we hear the best that we have 
for today, I want to just bring to the attention of Ms. Hooley, 
on page 19, line 3, there are provisions here for the detection 
or prevention of fraudulent activities.
    Ms. Hooley. OK. What line is it, Mr. Chairman?
    Mr. Rush. Page 19, line 3.
    Ms. Hooley. Line 3?
    Mr. Rush. Right.
    Now I have to personally apologize to the next speaker, a 
fine member of this subcommittee. Mrs. Bono, I want you to know 
that we are indeed saving the best for the last, so you are 
recognized now for 5 minutes.

   OPENING STATEMENT OF HON. MARY BONO, A REPRESENTATIVE IN 
             CONGRESS FROM THE STATE OF CALIFORNIA

    Mrs. Bono. Thank you, Mr. Chairman, and I just want to 
mention to my colleague, Mr. Towns, whom I have known for many 
years, that you reminded me of one of my favorite stories that 
I ran into Bono in an elevator when I was with my late husband, 
Sonny Bono, and the two of them had an argument over how to 
pronounce the name, but Sonny won with ``Bono''. That is one of 
my favorite stories and we love to laugh about that.
    I want to begin by thanking Chairman Rush and Ranking 
Member Stearns, again, my colleague, Ed Towns, Ms. Schakowsky 
and the long list of staff who have worked so hard, especially 
David Cavicke. They have worked so hard for many years in 
crafting the Spy Act. I would also like to thank full committee 
Chairman Dingell and Ranking Member Barton for their leadership 
and support throughout the past three Congresses. Without their 
commitment to addressing the problem of spyware, this bill 
would not be the bipartisan lovefest piece of legislation it is 
today. In the 108th Congress, I introduced H.R. 2929, the 
Safeguard Against Privacy Invasions Act. That bill passed the 
House by a vote of 399 to 1. In the 109th Congress, I 
reintroduced my spyware bill as H.R. 29, the Securely Protect 
Yourself Against Spyware Act, or Spy Act, and you don't know 
how that delights staff to come up with such clever acronyms. 
But just as it did in the 108th Congress, my bill passed the 
House by a large margin of 393 to 4.
    I remain a strong proponent of spyware legislation because 
of my belief that our constituents deserve adequate protections 
when they are online. This means that the computer user should 
be able to maintain control over his or her computer and the 
information they store on it. The Spy Act prohibits perverse 
behavior such as keystroke logging and drive-by downloads. 
Moreover, it establishes a simple notice regime so that 
computer users can make informed decisions regarding the 
programs they wish to put on their computers. Simply stated, 
this bill works to restore privacy on the personal computer, 
which has become the control center for our business 
transactions as well as our personal interactions.
    There was a time when the Internet was an occasional tool. 
However, today the Internet is used by most on a daily basis 
for practically everything. For this reason, it is crucial that 
computer users can securely carry out their lives on the 
Internet without fear that an unknown party may gain access to 
sensitive information. It is my firm belief that the Spy Act 
does this while at the same time preventing negative impacts to 
legitimate industry and the overall integrity of the Internet.
    I look forward to listening to the testimony from our panel 
today and I am sure that we all agree that spyware is a problem 
that could undermine the Internet's integrity and needs to be 
addressed.
    I would once again like to thank the committee for its 
support. I would like to urge my colleagues to support H.R. 
964, the Towns-Bono Spy Act.
    Again, thank you very much, Mr. Chairman. I yield back my 
time.
    Mr. Rush. Now we will hear from our fine array of 
witnesses. We certainly want to thank you for taking your time 
out from your busy schedule to testify before this subcommittee 
on this very important matter. I will introduce you 
individually and we will ask that you restrict your comments, 
please, to 5 minutes, and then be available for questioning.
    Our first witness today is Mr. Ari Schwartz. He is the 
deputy director of the Center for Democracy and Technology, 
CDT. CDT is a nonprofit public-interest organization devoted to 
promoting privacy, civil liberties and democratic values online 
through legislative, regulatory, self-regulatory and public 
education efforts. In this capacity, they have been a vocal 
supporter of comprehensive privacy legislation and further 
support the goals of H.R. 964, the Spy Act.
    Mr. Schwartz, you are recognized for 5 minutes.

    STATEMENT OF ARI SCHWARTZ, DEPUTY DIRECTOR, CENTER FOR 
                     DEMOCRACY & TECHNOLOGY

    Mr. Schwartz. Chairman Rush, Ranking Member Stearns, 
members of the committee, thank you for holding this public 
hearing today on the Spy Act and for inviting me to 
participate.
    This committee has consistently followed the spyware issue 
over the past 4 years and CDT is pleased to see this much-
needed attention continue.
    I come back to the committee today to offer good news and 
bad news on the spyware issue. First the bad news. As predicted 
by members of this committee in the past, spyware has 
unquestionably become one of the most serious threats to the 
Internet's future. Consumer Reports magazine estimates that 
consumers lost $2.6 billion to spyware alone last year, and one 
in eight consumers have spyware on their computer and according 
to the magazine, about 1 million consumers had to throw away 
their computer because they were so riddled with spyware.
    On the other side, in terms of good news, there are new 
indications that the combination of law enforcement, anti-
spyware technology, industry self-regulation, consumer 
education, legislative efforts and increased responsibility on 
the part of advertisers are beginning to impact the marketplace 
that had allowed spyware to flourish.
    On the law enforcement front, spyware actions at both the 
Federal and State level have increased dramatically over the 
past 2 years. The FTC has now successfully prosecuted 11 cases, 
which we detailed in our written testimony. Based on the 
experiences of these cases, it is now clear that the Commission 
desperately needs increased civil penalty authority in order to 
be comprehensively effective. The Spy Act, H.R. 964, provides 
such authority.
    Spyware enforcement has also been developing at the State 
level with 10 cases across four States so far. Although H.R. 
964 safeguards State-level enforcement under consumer 
protection statutes, it does not explicitly preserve the 
ability for State attorneys general to bring civil actions 
under statutory provisions specific to spyware. With so much 
enforcement work now occurring at the State level, we feel it 
is important to safeguard the role of the State attorney 
general by empowering them to help enforce Federal law.
    On a final note, I would like to stress that the Center for 
Democracy & Technology still strongly believes that the real 
long-term solution to spyware and other privacy issues in front 
of this committee will require baseline consumer privacy 
legislation based on fair information practices. General 
privacy legislation would provide businesses with guidance as 
they deploy new technologies and business models that involve 
the collection of information and it would give consumers some 
measure of confidence that their privacy is being protected as 
companies roll out these new ventures. If we do not begin to 
address privacy issues more comprehensively, this committee 
will need to continue to address new emerging privacy threats 
every few months with new legislation in order to protect 
consumers in the networked economy.
    We have seen a number of issues already begin to increase 
with the most recent including spam, do-not-call lists, search 
information, data breaches, use of Social Security numbers, 
pretexting and spyware. While we appreciate the committee's 
hard work on all these important issues, we believe that the 
members of this committee should join with the 13 companies and 
multiple consumer groups that have actively supported 
comprehensive consumer privacy legislation in an attempt to 
address these issues at the source rather than continue a 
piecemeal approach each time a new privacy threat arises.
    Thank you for your attention. I look forward to your 
questions.
    [The prepared statement of Mr. Schwartz follows:]



    
    Mr. Rush. Thank you.
    Our next witness, and Mr. Cerasale, if I mispronounce your 
name, please correct me, is Mr. Jerry Cerasale, a senior vice 
president of government affairs for the Direct Marketing 
Association Incorporated, DMA. DMA represents 3,600 member 
companies that are engaged in direct database and interactive 
marketing and electronic commerce. Last year the association 
developed and adopted standards for software downloads as part 
of its guidelines for ethical business practice. DMA opposes 
this bill and a broad regulatory approach in general because it 
believes that self-regulation coupled with existing FTC 
authority is working to crack down on harmful spyware.
    Mr. Cerasale, you are recognized for 5 minutes.

STATEMENT OF JERRY CERASALE, SENIOR VICE PRESIDENT, GOVERNMENT 
          AFFAIRS, DIRECT MARKETING ASSOCIATION, INC.

    Mr. Cerasale. Thank you very much, Mr. Chairman. With a 
last name like mine, I respond to anything that comes close. So 
that is fine. Cerasale is how it is pronounced but Cerasale is 
all right as well. I am not ashamed of my heritage.
    I do thank you for inviting us here and I would ask that my 
written testimony be placed in the record, and I thank you for 
recognizing DMA, the leading trade association. We have been 
around since 1917 and our members are part of the economy, very 
much part of this new e-commerce as they are providers of 
Internet service. They sell goods on the Internet and so forth. 
This is very important for us.
    We agree fully with the subcommittee and the committee that 
we want to try and rid the Internet of spyware. That is really 
a goal that I think we should all be working toward, and I want 
to commend this committee especially because you were the 
instigator. You were the catalyst for moving forward in trying 
to get industry looking at spyware. You were the catalyst to 
DMA in producing our guidelines for spyware, for downloading of 
software on the computers. You were the catalyst for browsers 
taking any spyware software and putting it in their browser. 
You are the catalyst for computer manufacturers adding that 
onto computers. You are the catalyst for software providers 
creating anti-spyware software. And I believe you are the 
catalyst for the FTC and the States for moving and trying to go 
against those bad actors putting on spyware deceptively onto 
consumers' computers and stealing information, stealing their 
computer, slowing it down and forcing those many people who had 
to throw away their computers.
    We have made progress since you started this investigation. 
It is not over, and I don't think it will ever be over. As 
technology changes, bad actors adapt. They get new technology 
and we are going to have to be ever vigilant as we go forward 
here. We don't think at the DMA that there is really a magic 
bullet that is an all-purpose answer to everything here, which 
is why we look at going forward with our guidelines because we 
can change them fairly rapidly and try and adjust to what is 
happening in the marketplace and try and keep this Internet 
open for e-commerce.
    We are really pleased that e-commerce has grown. One of the 
great things is as we look at the growth, we have statistics to 
show it is growing at 24 percent right now. It had been larger 
but it is continually growing, and one of the great things was 
that Cyber Monday was larger than Black Friday this holiday 
season and the gap is going to get larger and larger as e-
commerce becomes more and more part of our American experience 
for the benefit of consumers and the benefit of businesses.
    As we look at H.R. 964, we support granting the attorneys 
general the opportunity to and the authority to enforce the 
law. We think that is a major part of balancing for preemption. 
We also support the efforts and what is in section 2 of the 
law. We think going after the bad actors is really what is 
important and strikes the right balance.
    We have some concerns with section 3 of the bill. We think 
that the broad definition of software, and we had a very 
difficult time trying to define software in our guidelines so 
it is not something that is new. A broad definition of software 
will take into account and cover things that are part of the 
seamless use of the Internet that Americans are used to, that 
provides advertising-supported contents, there is so much free 
content on the Internet and so we think that section 3 probably 
goes further than we would want. We believe you need 
conspicuous notice, you need choice for the consumer, you need 
an ability to uninstall or at least totally disengage, disable 
any software that is put on your computer. We think there 
should be a link to the privacy policy of the person putting on 
the software and the name of the company should be known. We 
think that strikes the balance for consumer choice plus 
advertising marketing-supported Internet content which is 
available free to most Americans.
    The DMA has a concern with the Good Samaritan provision. We 
are worried that the Good Samaritan provision in the bill could 
become a means, an anti-competitive means and so we want to 
make sure that we look at that and strike that balance and make 
sure that is there. We also think that the monitoring provision 
in 5(b) is a little bit too narrow. That provision for the 
anti-fraud thing looks at certain companies. There are other 
companies that do anti-fraud that aren't covered in that 
exemption and we think that they are there.
    We want to thank you very much for having me here today.
    [The prepared statement of Mr. Cerasale follows:]



    
    Mr. Rush. Our next witness is Mr. Dave Morgan. Mr. Morgan 
is the founder and the chairman of TACODA, Incorporated. Mr. 
Morgan will testify on behalf of his company and on behalf of 
the Interactive Advertising Bureau, which represents more than 
300 leading companies that are responsible for selling more 
than 86 percent of online advertising. TACODA, which develops 
innovative technologies for target marketing, says on page 4 of 
its written statement that it supports H.R. 964, the next three 
pages detailing its complaints against everything but section 
2.
    Now we will recognize Mr. Morgan for 5 minutes.

  STATEMENT OF DAVE MORGAN, FOUNDER AND CHAIRMAN, TACODA, INC.

    Mr. Morgan. Thank you. Chairman Rush, Ranking Member 
Stearns and members of the subcommittee, thank you very much 
for inviting me to testify on H.R. 964.
    I am Dave Morgan, and as you can tell, I am wearing two 
hats here today. One is the founder and chairman of TACODA, 
Inc., a New York-based online advertising company, and also as 
the chairman of the Public Policy Council of the Interactive 
Advertising Bureau, which is the trade body of basically the 
largest majority of the online advertising today.
    Consideration of this legislation in past Congresses has 
been an extraordinarily open and bipartisan effort and we 
welcome the opportunity to participate with the committee and 
the staff in developing appropriate language that balances 
consumer protection with fostering continued growth on the 
Internet. It is clear to me and the IAB that this subcommittee 
intends to address the legislation to combat purveyors of 
malicious software while at the same time not adversely 
affecting legitimate online practices such as those employed at 
TACODA.
    The consumer experience with respect to spyware and online 
advertising has improved in the last few years and I would say 
I think the primary driver of that has been this committee's 
focus on the issue and the clear intent that the bad practices 
and this kind of action will not be tolerated. Second, we have 
certainly seen significant prosecutions and actions from the 
Federal Trade Commission and we have also seen a lot of 
industry self-regulatory effort, and as a member of the 
industry, I can tell you much of that has also been driven from 
a reaction from your attention to this issue, and also the 
self-regulation in areas of downloadable software. Given these 
developments and particularly with respect to the broader 
online advertising industry, we do think that there are issues 
around section 3 where there could be some unintended 
consequences.
    A little bit about TACODA. It was created in 2001 as a 
company to target online advertising. We deliver billions of 
advertisements online every day in the pages of major Web sites 
like the New York Times or Chicago Tribune or Orbitz, not pop-
up advertising and the protection of consumer privacy and the 
principles of relevancy, transparency and freedom of choice 
have been hallmarks of TACODA's business practices from the 
beginning. We are a board member of the Network Advertising 
Initiative, the NAI, the Direct Marketing Association and its 
interactive marketing advisory board.
    Interactive and online advertising is the primary means of 
funding a cost-free rich Internet as well as free access to 
unparalleled products and services. Online advertising is 
paying the bills for what people are spending more than 20 
percent of all of their media consumption today. TACODA and the 
IAB have worked closely with Web sites to develop guidelines to 
address topics including e-mail, popup ads, lead generation. 
Most people are probably surprised by the impact of online 
advertising and the fact that it is supporting this content but 
that is the reality because the vast majority of the content 
online is free today because advertising has paid for it.
    We support H.R. 964's efforts to combat spyware. We 
strongly agree that spyware is bad for consumers, business and 
the online advertising industry. The bill does not impinge on 
certain legitimate practices like those of TACODA which make it 
very easy at TACODA to be supportive of this legislation. But 
there is always a risk of legislation that governs technology 
and technology practices and that is where there are the areas 
of concern across the broader industry, that there may be some 
unintended consequences of defining technology, and given the 
dramatic advances in combating spyware and the guidance now 
available from enforcement and self-regulatory initiatives that 
did not exist at the outset of the last Congress, we believe 
that certain provisions of the bill are worth re-examining: the 
broad definitions of computer software and personally 
identifiable information as well as requirements in connection 
with the collection of both personal information and non-
personal information. In addition, there are new technologies 
that really weren't even utilized as recently as 2 years ago in 
areas of some certain uses of cookies and java and java script.
    Additionally, the IAB hopes to ensure that the anti-spyware 
providers can continue to remove bad software. We recognize the 
goal of the Good Samaritan provision. However, we would have 
concerns that with changes that have broadened this language to 
create a more extensive immunity provision, that would afford 
companies broad discretion to remove legitimate software which 
is often misidentified as spyware.
    Thank you for considering the views of TACODA and the IAB 
on these issues. The success of the Internet has helped fuel 
this country's economy. We look forward to working together 
with you. Thank you, Chairman Rush. Thank you, Ranking Member 
Stearns. Thank you, members of the subcommittee. I look forward 
to your questions.
    [The prepared statement of Mr. Morgan follows:]



    Mr. Rush. Thank you, Mr. Morgan.
    Our next witness is Ms. Fran Maier. Ms. Maier is the 
executive director of TRUSTe. TRUSTe is an independent, 
nonprofit organization that helps consumers and businesses 
identify trustworthy online organizations through its Web 
privacy seal. The organization is very supportive of H.R. 964, 
which establishes many of the same requirements included in 
TRUSTe's Trusted Download Program.
    Ms. Maier, you are recognized for 5 minutes.

      STATEMENT OF FRAN MAIER, EXECUTIVE DIRECTOR, TRUSTe

    Ms. Maier. Chairman Rush and Ranking Member Stearns and 
members of the subcommittee, I am Fran Maier, executive 
director and president of TRUSTe. We are, as you said, an 
independent, nonprofit organization and our mission is to 
advance privacy and trust for a networked world. We do this by 
serving as a trust authority, bringing together stakeholders 
and developing programs and best practices. Throughout 
programs, we aim to recognize and reward, elevate better 
industry players, responsible industry players.
    I want to thank you for the opportunity to speak to the 
committee about industry self-regulation and our insights on 
H.R. 964.
    First, I would like to talk a little bit about the Trusted 
Download Program. We have been working on this almost as long 
as you have been working on this bill for over a couple of 
years because spyware and unwanted software has really eroded 
consumer trust in the Internet. We developed the Trusted 
Download Program with a broad range of stakeholders including 
our founding partners, AOL, CNET Networks, Computer 
Associations, Microsoft, Verizon, Yahoo, and the Center for 
Democracy and Technology. Our program certifies that 
applications meet requirements for consent, uninstall and 
affiliate control as well as a number of other rigorous 
requirements. It is designed to bring accountability and 
transparency to the downloadable consumer market by creating 
market incentives for responsible best practices. Our program 
requirements are rigorous and have been shared with the 
committee. I would like to add that our certification program 
includes complete evaluation and monitoring and we use an 
outside testing lab to make sure that the benefits of 
certification only go to responsible players.
    Interestingly, I think our program requirements are tiered 
to take into account the many variations in software 
applications and distribution, so the greater the potential 
harm to a consumer, the stricter the standards for 
certification. For example, providers of advertising and 
tracking software in our program must take full responsibility 
for how their software is promoted and distributed. This 
includes the methods used by affiliates, distributors and 
bundling partners. The first group of nine certified 
applications were announced on our Whitelist on our Web site 
last month. We are happy to report that we think that the 
Trusted Download Program has already had a big impact for the 
consumer's benefit. One hundred percent of the companies' 
applications that were certified last month made changes, 
significant changes to their disclosure or to some of their 
activities. We have seen that publishers are reducing the size 
of their affiliate networks in response to the program and the 
press that they have received. CNET's download.com, which is a 
portal where consumers download software, is indicating when 
one of our certified applications is certified so that 
consumers can make that choice when they decide to download 
some software, and AOL and Yahoo among others are using the 
program to make some decisions about who they will partner with 
and advertise with. We believe to improve consumers' 
experience, we need both the stick of effective regulation 
against the bad actors as well as the carrot of market 
incentives to motivate more responsible players.
    Now, to H.R. 964, the Spyware Act. TRUSTe applauds the 
committee's work on the proposed legislation and you should 
know that your work has informed the development of the 
program. Baseline protections for consumers from spyware 
together with private sector self-regulatory initiatives such 
as we have will provide tangible relief to consumers. Section 
2, which outlines egregious software behavior, and section 3, 
requirements for notice, consent and uninstall, are very 
similar to the Trusted Download Program. However, we believe 
H.R. 964's effectiveness would be strengthened and its impact 
magnified by inclusion of a safe harbor for self-regulatory 
compliance programs modeled on the safe harbor provision of the 
Children's Online Privacy Protection Act. As part of the Safe 
Harbor, we would want participation in a self-regulatory 
program as a factor for the court to consider when determining 
penalties under section 4. A strong safe harbor would further 
incent companies to implement best practices. We believe that 
self-regulatory can complement legislation by going beyond 
legal requirements, respond quickly to consumer concerns and 
evolve at the fast pace of industry.
    I would like to conclude by saying that now that the 
Trusted Download Program has been launched, there are no more 
excuses. Advertisers can't say they can't control how their 
advertising is presented to consumers. Publishers should know 
whether their software is lacking adequate consumer controls 
and consent and companies should be able to maintain now that 
they can see the good software from the bad.
    Thank you for this opportunity. We respectfully request 
that you include a safe harbor to encourage adherence to best 
practices.
    [The prepared statement of Ms. Maier follows:]



    
    Mr. Rush. Thank you, Ms. Maier.
    Our next and final witness for this morning's hearing is 
Ms. Christine A. Varney from the law firm of Hogan and Hartson 
LLP. She is speaking on behalf of Zango Incorporated. Zango is 
an online media company that provides consumers with proper 
online media and programming in exchange for their consent to 
download adware onto their computers. Previously, as 180 
Solutions, the company settled FTC charges that it used unfair 
and deceptive practices to install unwanted adware that was 
deliberately difficult to remove. The settlement disgorged 
Zango of $3 million in ill-gotten gains and presently bars the 
company from installing any adware software onto a consumer's 
computer without his or her explicit consent and an easy means 
of removing it. Zango was lost in the dark and now they see the 
light. They support H.R. 964 except for section 5(c), the Good 
Samaritan section, which it believes to be anti-competitive and 
subject to abuse.
    Ms. Varney, you are recognized for 5 minutes for your 
opening statement.

   STATEMENT OF CHRISTINE A. VARNEY, HOGAN & HARTSON LLP, ON 
                     BEHALF OF ZANGO, INC.

    Ms. Varney. Thank you, Mr. Chairman. I was getting a little 
worried there until you got to the ``see the light'' part.
    Chairman Rush, Ranking Member Stearns and members of the 
subcommittee, as the chairman said, I am Christine Varney. I am 
head of the Internet practice at Hogan and Hartson, and in the 
spirit of full disclosure, I am a founder and past chair and 
current board member of TRUSTe. I am also a former Federal 
Trade commissioner.
    As the chairman said, I am appearing here today on behalf 
of my client Zango and Zango appreciates the opportunity to 
share its support for 964 and join the chorus of support that 
you are hearing for the bill. Just a moment about Zango and 
then we will talk just for a few moments about the specific 
provisions of the bill.
    Zango provides consumers with access to a large and 
expanding catalog of more than 100,000 pieces of Web content 
including online video, games, music tools and utilities. Much 
like television, this content is funded by advertising and 
available to consumers without charge. Twenty million consumers 
have chosen to enjoy this content and tens of thousands of 
consumers elect to download Zango software every day. At the 
same time, this business model offers smaller content providers 
and Web publishers the opportunity to monetize their creations 
and their online traffic by delivering to advertisers a 
receptive consumer when that consumer is most likely to be 
making an online purchasing decision. The company has more than 
3,000 advertising partners. Zango's desktop advertising model 
differs from other marketing applications in several respects. 
First and foremost, Zango's pre-download notice and consent 
process will meet the requirements of H.R. 964 as does its 
uninstall and labeling features. Second, Zango does not track 
or collect any user's personally identifiable information. In 
short, Zango is not spying on anyone. Third, instead of merely 
providing links in response to a search query or distracting 
the user with multiple click-throughs, Zango delivers an 
advertiser's specific Web page in response to the consumer's 
search for a related product or service. This gives the 
consumer the benefit of comparative offers on the Web at the 
time the consumer is looking to acquire something.
    Although, as I have emphasized, Zango is not spyware, the 
company long ago recognized that its success and ultimately the 
success of its business model was dependent upon Internet users 
understanding and trusting its value proposition and upon a 
level regulatory playing field for all online advertisers. 
Thus, Zango has supported congressional action in this area 
since the 108th Congress when it endorsed the bill reported by 
this committee. As with that bill, H.R. 964's greatest strength 
is its recognition that conduct and intentions underlying 
different forms of downloadable software require different 
approaches.
    Zango supports section 2 and 3 of the bill which 
appropriately and carefully distinguish between software 
functions that are per se unacceptable versus those for which 
consumer choice and consumer benefits are preserved with 
appropriate consumer protection. Zango also commends the 
authors of the bill for continuing to include the preemption 
provisions of section 6 and the tracking cookie study in 
section 8.
    We are concerned, however, about subsection 5(c), which has 
been described as a liability exception for the so-called Good 
Samaritans. This provision unnecessarily restricts the FTC's 
ability to pursue enforcement action against those parties the 
FTC believes warrant it. Equally important, the presence of 
such an immunity provision in the bill opens the door wide to 
judicial application and expansion of the concept in private 
litigation between commercial parties. Some companies selling 
scanning applications to consumers compete by issuing 
inflammatory warnings designed to frighten consumers about 
software lurking on their computers. It will not be long before 
purported congressional policy protecting Good Samaritans is 
cited as a legal basis for defending against or dismissing a 
civil claim brought by a software provider against one of these 
applications or even a claim brought by one of these 
applications against another. There is no compelling reason in 
this instance to alter the standard that commercial disputes 
between commercial parties should be settled commercially or 
short of that, in the courts in private litigation. The conduct 
of commercial parties should not be exempted from the FTC 
enforcement authority merely due to the alleged nature of the 
particular product or service being sold. Zango respectfully 
urges the committee to delete subsection 5(c).
    All participants in the online advertising industry should 
embrace and implement the standards set forth in section 3 of 
H.R. 964, as Zango has, but unfortunately, not all will. Too 
many in fact will not until they are compelled to do so. As the 
desktop advertising industry evolves, Zango will continue to 
strengthen its business practices and enhance its technology to 
make the online economy increasingly valuable by enabling 
consumers, advertisers, publishers and content providers to 
seamlessly work together. With the one modification suggested, 
H.R. 964 is fully supported by Zango and we urge its enactment.
    I have submitted longer written remarks for the record, and 
I look forward to your questions.
    [The prepared statement of Ms. Varney follows:]



    
    Mr. Rush. Thank you very much.
    The chair recognizes himself for 5 minutes of questioning. 
I am going to ask a series of questions of this entire panel 
and I ask you in the interest of time, I only have 5 minutes, 
that you do not filibuster, just answer the question with a yes 
or no answer. I will give you ample opportunity if I have time 
remaining to expand on your answers after we have gone through 
this entire series.
    So I want to start with Mr. Schwartz. Mr. Schwartz, do you 
support H.R. 964?
    Mr. Cerasale. Not as written.
    Mr. Rush. Mr. Morgan?
    Mr. Morgan. On behalf of TACODA, we support the bill.
    Mr. Rush. Ms. Maier?
    Ms. Maier. Yes.
    Mr. Rush. Ms. Varney?
    Ms. Varney. Yes.
    Mr. Rush. Next question. Do you believe that consumers 
should be protected from the dangers of significant economic 
losses inherent in spyware programs, and if your answer is yes, 
do you support section 2 of the bill?
    Mr. Schwartz?
    Mr. Schwartz. Yes, and yes.
    Mr. Rush. Mr. Cerasale?
    Mr. Cerasale. Yes to both.
    Mr. Rush. Mr. Morgan?
    Mr. Morgan. Yes to both.
    Ms. Maier. Absolutely.
    Ms. Varney. Yes to both.
    Mr. Rush. Do you believe that consumers should receive 
clear and conspicuous notice of advertising and tracking 
software, especially programs that collect personal information 
on consumers, Mr. Schwartz?
    Mr. Schwartz. Yes.
    Mr. Cerasale. Yes, Mr. Chairman.
    Mr. Morgan. Yes, Mr. Chairman.
    Ms. Maier. Yes.
    Ms. Varney. Yes.
    Mr. Rush. I am tempted to start from this end but I am 
winning starting from that end so I think I am going to keep on 
going. I am not going to change.
    Do you believe that consumers should be provided the right 
to consent to such intrusive applications on their computers?
    Mr. Schwartz. Yes.
    Mr. Cerasale. No, we believe in consumer choice, not 
necessarily one size fits all.
    Mr. Morgan. On behalf of the IAB, we believe that one size 
does not fit all.
    Mr. Rush. So what is your answer?
    Mr. Morgan. My answer would be no, not broadly.
    Ms. Maier. Yes.
    Ms. Varney. Yes.
    Mr. Rush. I am going to start at this end now.
    Ms. Varney, do you believe that such programs should 
provide consumers with a simple installation procedure?
    Ms. Varney. And simple uninstallation, yes.
    Ms. Maier. Agree with that, yes.
    Mr. Morgan. Yes.
    Mr. Cerasale. Yes, it should be if they can't fully 
uninstall, it should be at least totally disabled.
    Mr. Schwartz. Yes.
    Mr. Rush. Ms. Varney, do you support section 3 of the bill?
    Ms. Varney. Yes.
    Ms. Maier. Yes.
    Mr. Morgan. And as I said before, yes, TACODA is supportive 
of the entire bill. On behalf of the online advertising 
industry, we would like a few parts of section 3 re-examined.
    Mr. Rush. Mr. Cerasale?
    Mr. Cerasale. Section 3, not totally as written.
    Mr. Schwartz. We support the goals of section 3. We have 
some comments in our written testimony regarding some of the 
details.
    Mr. Rush. Ms. Varney, do you believe that the Congress 
should provide a single, coherent, pro-competitive regime for 
consumer protection in this area rather than a patchwork quilt 
of different State laws?
    Ms. Varney. Yes, I do, Chairman.
    Ms. Maier. Yes, I do.
    Mr. Morgan. Yes, I do.
    Mr. Cerasale. Yes, we support preemption.
    Mr. Schwartz. In general, yes.
    Mr. Rush. Mr. Schwartz, I have a few moments.
    Mr. Schwartz. I would say that we would like the States to 
be able to act under the Federal bill though. I understand that 
that raises some jurisdictional questions but we hope that that 
can be addressed on the floor that attorneys general will be 
able to act under this bill as a Federal bill.
    Mr. Rush. We have had some earlier commentary on the Good 
Samaritan provision. Is there anybody else that would like to 
add some other commentary on the Good Samaritan provision?
    Mr. Schwartz. I will make a statement about the Good 
Samaritan provision. I think that the goals of the Good 
Samaritan provision are good ones. The goals seem to be to 
promote anti-spyware software. Really, the first line of 
defense for a consumer today is anti-spyware software and we 
have seen that it has had a major effect, positive effect on 
the issue. I have worked with the anti-spyware coalition, with 
anti-spyware groups and with privacy groups and public interest 
groups, working together to build best practices and standards 
for how anti-spyware companies work. We think that we have come 
up with a good set of best practices, putting out more actually 
just today that have gone through an extensive public comment 
period.
    I question the concern over the provision, more because I 
don't think it is going to be effective in doing what the goals 
intend it to do. The goal is, as I said, to promote anti-
spyware software but it really only protects anti-spyware 
software from the provisions, from the penalties in the bill 
and not from things that an anti-spyware company is most likely 
to be sued over, defamation, for example, or raising concerns 
about software. There are no penalties in this bill that go 
after anti-spyware software in that way so I question how 
effective it is going to be, but the concerns that have been 
raised here I don't see as really getting at the main problem 
with the provision.
    Mr. Rush. My time has expired.
    Now I will recognize the ranking member, Mr. Stearns.
    Mr. Stearns. Thank you, Mr. Chairman.
    Mr. Schwartz, you mentioned in your opening statement that 
sometimes it is so difficult to get rid of the spyware that you 
have to throw away your computer and there is not really a 
program out there that can just sweep through and get rid of 
the spyware?
    Mr. Schwartz. We have seen a real increase in the ability 
of these programs to embed themselves in computers.
    Mr. Stearns. So it is almost impossible to get rid of them?
    Mr. Schwartz. In many cases, if they have something that is 
called a root kit, it can be imbedded into the operating 
system, so when you are looking for the program, you ask the 
operating system, the operating system basically tells you this 
program isn't there because the question goes to the operating 
system and the root kit basically tells the operating system--
and this is a very simplistic version of what happens but----
    Mr. Stearns. With that in mind, I ask the staff, there are 
only four States in the United States that have actually passed 
spyware: New York, Texas, California and Washington. Utah tried 
to do it and the courts threw it out. What was the reason why 
the courts threw it out? Does anyone in the panel know?
    Mr. Schwartz. It was a different kind of a spyware bill. It 
really tried to focus on copyright provisions, intellectual 
property of ads showing up over the other ads, the place where 
the consumer was trying to go instead of at the deceptive 
practices that this bill and that most of the other bills have 
gone after.
    Mr. Stearns. Ms. Maier, some critics have suggested that 
the online environment has changed with new software, new 
programming so that this legislation really perhaps is not 
needed, and maybe, Mr. Schwartz, you can help me too. Do you 
think that it is possible that it would be accurate that--there 
are some software companies that are not in favor of this bill. 
Some of them are concerned because we have a study on cookies 
and others are concerned, say well, just let the software 
handle it. What is your opinion in terms of software being able 
to prevent software from coming in and that would take of the 
problem, we don't need legislation?
    Ms. Maier. Sir, there is always the good players and the 
bad players and I think the good players can look to self-
regulatory efforts, to look to best practices and----
    Mr. Stearns. So there is no software out there that would 
prevent the bad players from getting into the computer?
    Ms. Maier. I don't think there is a perfect solution. I 
think it really is a partnership between legislation, 
technology, self-regulatory and other efforts, and so I see 
legislation as necessary.
    Mr. Stearns. Does the rest of the panel agree with that, 
that there is no software out there that at least would cover 
90 percent of the spyware?
    Mr. Schwartz. That is correct.
    Mr. Cerasale. That is correct. As a matter of fact, if 
there were one tomorrow, it might not be effective as 
technology is constantly changing.
    Mr. Stearns. So as much as technology is moving forward for 
software, bad guys can find another way?
    Mr. Cerasale. Absolutely. They may be more technologically 
advanced the more people are trying to stop them.
    Mr. Morgan. Yes, I would agree with that. I mean, it is 
absolutely impossible for technology to be a silver bullet 
here.
    Mr. Stearns. Ms. Varney?
    Ms. Varney. I agree with that.
    Mr. Stearns. OK. The next question is, it appears that 
section 3 of this bill is the area that a lot of people are 
concerned about. I guess for the panel, are cookies used for 
the purpose of serving advertisements? Should cookies be 
treated differently than spyware that does not use personally 
identifiable information to serve advertisements?
    Mr. Schwartz, would you start?
    Mr. Schwartz. Cookies are a somewhat complex issue but I do 
think that they should be treated differently than software.
    Mr. Cerasale. Cookies are so much embedded in how the 
Internet works. It clearly is a different animal. Cookies and 
similar-type technologies are different from a software 
download.
    Mr. Stearns. OK. Mr. Morgan?
    Mr. Morgan. Yes, cookies and what I would call relatively 
passive technologies are very different than the kind of 
invasive software that has been used with the computer 
programs. I think the issues that people have around section 3 
are, it is really hard to figure out the wording of how you can 
get between that passive and active from a practical 
standpoint.
    Mr. Stearns. Mr. Morgan, when this got out of our 
committee, they put in this study on cookies, and I cautioned 
them, I said that was going to create a lot of concern and 
angst in the industry because once you have a study on cookies, 
the study might come out, you never know where it is going to 
go and everybody has these cookies. Do you think cookies by 
themselves are innocuous and----
    Mr. Morgan. I think they are largely innocuous but I 
actually think that the study is a fine idea. I think that this 
is one of those examples, as they say, that sunshine is the 
best antiseptic. If there are problems, I don't think anything 
is hurt by having attention brought.
    Mr. Stearns. Ms. Maier, and you might also point out, 
answer the first question, but the second intuitively is this 
study on cookies, is that necessary?
    Ms. Maier. First of all, I think that cookies are outside 
the scope of what we call software or downloadable applications 
in our program. A study on cookies I think is a great idea. I 
think there are a lot of things going on. Our Web cell program 
requires consumers to know about other cookies and other 
tracking software so if there is a study on cookies, I hope it 
would be including other----
    Mr. Stearns. Is it possible cookies could replicate the 
software once they are in the computer?
    Ms. Maier. What it is technically possible continues to 
amaze me but I don't think that is----
    Mr. Stearns. Do cookies track and do the same thing that 
spyware does in another way that could be considered harmful?
    Ms. Maier. Not generally.
    Mr. Stearns. Mr. Schwartz, do you want to answer that?
    Mr. Schwartz. Cookies basically give an ID number from a 
particular Web site and they can be used--the uses of them have 
changed over time and--but there are more harmful pieces of ID 
tracking that have come up over time so it is kind of--there 
has been a change in that. I do think that a study would be 
helpful at getting at how they are being used.
    Mr. Stearns. Ms. Varney, let me just close. My time is 
running out. If you don't mind just answering the question.
    Ms. Varney. Sure. I think the study is a terrific idea. I 
think the tension around section 3 is on two levels. Cookies, 
java script, HTML, all devices used in the seamless delivery of 
content that consumers want today on the Internet can be 
abused, and the question is, where does this bill land on those 
type of seamless technologies.
    I think there is another tension maybe unspoken in public. 
Yahoo, Google, AOL all have toolbars and those toolbars 
absolutely collect information and deliver advertising. 
Currently, those companies give you great notice and get great 
consent inside their master agreement. They don't pull it out 
separately. I think there is a question about whether or not 
they should and whether or not that bill requires them too.
    Mr. Stearns. Thank you, Mr. Chairman.
    Mr. Rush. Ms. Schakowsky is recognized for 5 minutes.
    Ms. Schakowsky. Mr. Schwartz, you frequently talk about 
baseline privacy legislation and I wondered if you could 
describe for us what you would envision for such a bill and 
also because you mentioned--I can't remember if you said it but 
in your written testimony there are some downsides to not 
having a more comprehensive piece of legislation in dealing, 
for example, with spyware alone. So I wonder if----
    Mr. Schwartz. Let me start with the problems and then move 
to what we would like to see. Some of the problems that we see, 
you have different--we start coming up with these different 
privacy bills in all of these areas, I mentioned seven in my 
testimony, but for those of you who have been on this 
subcommittee know, there are dozens, literally dozens of 
privacy issues that have come before this subcommittee over the 
past 10 years or so, as we start coming up with different 
standards for different types of information, it becomes harder 
for consumers to know what the particular standard is for that 
type of information. If we don't have a safety net there, and 
there are some areas that still fall outside of that so a new 
technology arises and you have to create a new standard for 
that new technology. You have to compare it to all these other 
differing standards, go through this whole process again. We 
think that it makes more sense to come up with really a 
baseline safety net kind of standard where we know that if 
something falls out of it, at least it is covered by this new 
standard of where personal information is being directly 
collected, and we would like to see something that covers the 
fair information practices. I think that the Federal Trade 
Commission, actually started by the work of Commissioner Varney 
at the end of the table over there, has at one point back in 
the 1990's endorsed privacy legislation. We thought that that 
was an excellent starting point: notice, choice and consent, 
depending on the situation, access and security and enforcement 
as a great starting point to look at to getting at these 
issues. We feel there have been a number of bills over the 
years that have started us down that path. We now have 13 
companies that testified in front of the, I think it was the 
full committee, last year in support of looking at general 
privacy legislation. We think consumer groups are behind it. 
There is momentum now we think to get at this issue so that we 
don't have these kind of different standards across different 
kinds of industry, across different kinds of technology.
    Ms. Schakowsky. I would really like to hear from other 
panelists on their view of having a comprehensive baseline 
bill.
    Mr. Cerasale?
    Mr. Cerasale. Yes. Well, DMA does not have a set position 
on an overall comprehensive privacy bill. We want to be open 
and talk and discuss it. There are an awful lot of privacy laws 
in the United States and how they do come together and so forth 
and what information is covered and not covered. An overall 
privacy bill could in fact really create the different 
standards that financial information is treated one way whereas 
as marketing information another that may be more restrictive 
and so it is a very complicated issue and we have an awful lot 
of guidelines. It is not just DMA but OPA and others have 
guidelines that companies like Yahoo, AOL and Google follow 
with notice and choice and I think that right at the moment you 
have in the United States a series of laws and guidelines as 
industry works together that seems to work. One of the problems 
with an overall bill is that technology is changing so quickly, 
it makes it very difficult as we see, for example, the 
computer----
    Ms. Schakowsky. I am going to have to stop you because I 
want others to speak. But it is also a problem with technology 
changing with very specific bills that deal with a specific 
problem.
    Yes?
    Mr. Morgan. Both TACODA and IAB, we don't have a formal 
position but we are certainly open to dialog on that kind of 
legislation.
    Ms. Schakowsky. Ms. Maier.
    Ms. Maier. We have been working with a number of companies 
in trying to encourage better privacy protections for consumers 
and in general we think baseline privacy legislation could be 
good. That said, I think we still need spyware legislation 
because a lot of this doesn't even have to do with personal 
information but computers installing things and tracking and 
that could be outside the scope of privacy legislation.
    Ms. Varney. Congresswoman, I am here on behalf of Zango and 
they really have not examined whether or not it would be for or 
against any baseline privacy legislation. They strongly support 
this bill and they don't collect personally identifiable 
information. So I think there is a need--even if there a 
baseline privacy bill that we get out of the Congress and 
signed by this President, there probably still is a need for 
this type of legislation.
    Ms. Schakowsky. I am not suggesting that we don't do this 
legislation. Thank you.
    Mr. Rush. Mrs. Bono is recognized for 5 minutes.
    Mrs. Bono. Thank you, Mr. Chairman.
    First, I just want to comment on the discussion about 
cookies. I think the study or the report on cookies in the bill 
is a good thing and I didn't really have a problem with cookies 
in the beginning because anybody with a slightly elevated 
degree of sophistication on the Internet knows how to go ahead 
and delete your cookies. It is not that hard to do. So I think 
the report obviously is a good thing. That is why we didn't 
really give it more weight than that because there is a removal 
tool.
    And I just want to comment, the question that Ranking 
Member Stearns asked was about software and how effective it is 
at removing spyware/adware and I just want to applaud Microsoft 
because I think Windows Vista--I am a user of Vista on one of 
my computers--and I think they have come a long way and with 
Windows Defender I think they have certainly tried to tackle 
the issue. As soon as Windows Vista works with iTunes, it might 
be a perfect world, but until then, I do want to applaud them 
for their efforts to address the issue.
    But I would like to ask a question of Mr. Morgan, and that 
is, can you tell us about the current state of the online 
advertising industry and how popup ads are currently being 
used? There has been obviously a lot of restraint, best 
practice put into place but they are still out there. Can you 
go over what they are doing now?
    Mr. Morgan. Certainly, Congresswoman. Well, first I would 
like to say I have been in the online advertising industry for 
about 15 years and we have probably had some forms of spyware 
for the better part of the last 10, and I applaud you, 
Congresswoman Bono, because until you made it an issue and 
brought it to the forefront, it wasn't being talked about, and 
I won't say it wasn't being talked about in Congress. It wasn't 
being talked about inside the online advertising industry. I am 
one of the first to say self-regulation and self-regulatory 
practices help solve problems but we weren't solving it, and 
that is one of the reasons you probably hear sometimes a little 
balance of my position in TACODA in talking about other things. 
But I will say that since you got involved and you and 
Congressman Towns introduced the bill, there has been a lot of 
attention in the industry and I have not seen any issue that 
has had more attention in the industry over the last several 
years, and what we have seen is, we have seen a significant, I 
would say a dramatic reduction in the use of popup advertising. 
We have certainly seen companies like Microsoft make 
extraordinary leaps forward in software and technology. We have 
seen a lot of practices go forward and I think that has been a 
great thing.
    Mrs. Bono. Can you describe then how interactive 
advertising helps provide consumers with free online content?
    Mr. Morgan. I think that--and this is a tiny anecdote but 
one of the things I have found in talking to people about this 
is that a lot of people think the Internet works like cable 
television and that you pay a bill to an Internet service 
provider and you get access to a bunch of channels and content, 
and what most people haven't realized is the money that is paid 
by a consumer never actually makes it to the people that make 
the content. Not a penny of that goes to the New York Times or 
to Orbitz or to iVillage. They are 100 percent supporting what 
they give for free to consumers with advertising and one of the 
reasons it has been such a robust industry that we have really 
supported the actions against spyware because it had the 
capability and still has some capability that really had the 
capability to really harm or destroy what was really emerging 
in strong industry.
    Mrs. Bono. I think on your point there, I just picked up--
the committee did a great job providing a ton of information up 
here including a Business Week article from July 17. I hadn't 
even seen this before, but for those of you who have seen it, 
the opening quote says consumers have strong opinions about 
direct revenue software, and this is a quote: ``If I ever''--I 
don't even know if I should say this for the record but it 
says, ``If I ever meet anyone from your company, I will kill 
you,'' a person who identified himself as X said in an e-mail 
to Direct Revenue last summer, ``I will * * * * kill you and 
your families.'' That is what it says. Such sentiments aren't 
unusual. ``You people are evil personified,'' and this 
gentleman goes on to say, ``I would like the 4 hours of my life 
back I have wasted trying to get your stupid uninvited software 
off of my now-crippled system,'' and I think that last sentence 
really identifies people's frustration with adware and spyware 
and it is not a matter of direct advertising and good 
practices. It is a matter of really interfering with people's 
lives and the fact is I believe we own our own computers, not 
an outside source, and that is where this whole thing came 
from.
    I see Mr. Chairman, that I am just about out of time and I 
just want to thank all of you on the panel who have worked with 
us in the past on this bill and I know Ed Towns and I will 
continue to work with you and hear your concerns as we go 
through the process. So thank you very much.
    Mr. Rush. Does the gentlelady request unanimous consent 
that this be included into the record, the article?
    Mrs. Bono. Yes, Mr. Chairman, thank you, and also to notice 
that I was quoting because I don't know if I violated rules by 
quoting the F-word but I did not say that word so I don't want 
to get in trouble.
    Mr. Rush. No, since you complimented the committee, we will 
accept that. Thank you.
    Mr. Rush. Ms. Hooley, you are recognized for 5 minutes.
    Ms. Hooley. Thank you, Mr. Chairman, and I thank all of my 
colleagues who have worked so hard on this bill and Mrs. Bono, 
for all of your hard work.
    I am a cosponsor of the bill. I strongly support this bill 
and I want to make sure there are not any unintended 
consequences and I am concerned that there may be unintended 
consequences if there is detection software, then that they 
can't be used to keep consumers safe them from fraudulent 
activity. I know, Mr. Chairman, you pointed out the exemption 
clause but I don't know if that clause actually does what it 
needs to do to make sure that there is an exemption here for 
the software that helps keep fraudulent activity out of your 
life, software that determines the legitimacy of a transaction 
or to verify information supplied by that consumer, and I guess 
I would like to hear from you if you think again that we don't 
have some unintended consequence in this piece of legislation.
    Ms. Varney. May I comment on that?
    Ms. Hooley. Yes, please.
    Ms. Varney. Zango has commented on that provision, 
Congresswoman, and the way that we read the language, and if I 
may, I will just quote it. It says that ``No provider of 
computer software may be held liable under this Act on account 
of any action voluntarily taken or service provided in good 
faith to disable a program used to violate section 2 or 3.'' 
There is a couple of concerns we have. Remember, this Act is 
enforceable by the FTC.
    Ms. Hooley. Right.
    Ms. Varney. It doesn't create a private right of action. So 
what this in effect is saying to the FTC is that anybody can 
hide behind the defense of hey, we are just a scanning ap 
trying to take bad stuff off people's computers. We think that 
is an unwise standard to put in this Act. The FTC is very 
judicious about its enforcement and I cannot foresee a 
circumstance under which they would go after a legitimate 
provider of a scanning application. However, the providers of 
scanning applications ought to be under the same requirements 
when it comes to notice and consent and uninstall. So we think 
that the better course here, since this is an act empowering 
the FTC to prosecute bad actors, is to leave that exemption 
out, let the FTC prosecute those who do have the requisite bad 
intention or who fail to provide the adequate notice, consent 
and uninstall.
    Ms. Hooley. Yes, Mr. Cerasale?
    Mr. Cerasale. I want to look at the exemption provision in 
section 5(b) where the monitoring or interaction of your anti-
fraud software you are exempted from the Act totally so in the 
notice and all of that but it is limited to telecommunications 
carrier, cable operator, computer hardware or software provider 
or provider of information, service or interactive computer 
service to the extent that it is more for anti-fraud. Those are 
not the only people--they are not really software providers. 
They are not the only people running the anti-fraud programs, 
creating the software and sending it in. So we need to expand 
to financial institutions to use this, credit card companies, 
so forth, retailers even use because they collect credit cards 
or direct marketers so we need to look at expanding 5(b), not 
that the exemption is bad but to expand it to help us in the 
prevention of financial fraud.
    Ms. Hooley. OK. I am assuming that you would have a list of 
what else needs to be added to those exemptions?
    Mr. Cerasale. Yes. I will provide that list and try and 
work out--we probably need to talk with committee staff to make 
sure that we are as inclusive or not too inclusive in the 
exemption.
    Ms. Hooley. Did this fix this in the Senate, by the way? 
Did they do something different in the Senate, anybody know?
    Mr. Cerasale. They did make a change in the Senate so we 
can use--we will provide the Senate language.
    Ms. Hooley. OK. Thank you.
    Mr. Rush. Thank you so very much. I certainly want to 
extend our thanks to the witnesses who have come and helped us 
and informed us so much and participated in this hearing. 
Again, thank you for taking the time out from your busy day.
    With that said, we will call the committee adjourned. The 
committee is now adjourned.
    [Whereupon, at 12:30 p.m., the subcommittee was adjourned.]

                                 
