Privacy-invasive software

In early 2000, Steve Gibson formulated the first description of spyware after realizing software that stole his personal information had been installed on his computer.

[citation needed]Despite different interpretations of the definition of spyware; all descriptions include two central aspects, a degree of associated user consent, and the level of negative impact they impart on the user and their computer system (further discussed in Section 2.3 and Section 2.5 in (Boldt 2007a)).

Another group that has tried to define spyware is StopBadware, which consists of actors such as Harvard Law School, Oxford University, Google, Lenovo, and Sun Microsystems.

User consent is specified as either low, medium or high, while the degree of direct negative consequences span between tolerable, moderate, and severe.

All software that has a low user consent, or which impairs severe direct negative consequences should be regarded as malware.

Under this classification system, spyware constitutes the remaining group of software, i.e. those that have medium user consent, or which impair moderate direct negative consequences.

One example of an indirect negative consequence is the exploitation risk of software vulnerabilities in programs that execute on users' systems without their knowledge.

[10] In the search for more effective advertising strategies, companies soon discovered the potential in ads that were targeted towards user interests.

When downloading software described as "free of charge", users had no reason to suspect that it would report their Internet usage so that presented advertisements could be targeted towards their interests.

Problems arose due to users not being informed about neither the occurrence nor the extent of such monitoring, and were not given a chance to decide on whether to participate or not.

As the chase for faster financial gains intensified, several competing advertisers turned to more nefarious methods in an attempt to stay ahead of their competitors.

These tools purported to clean computers from spyware, adware, and any other type of shady software located in that same gray area.

The process only works on known programs, which can lead to the false positives mentioned earlier and leave previously unknown spyware undetected.

To further aggravate the situation, some shady companies distributed fake anti-spyware tools in their search for a larger piece of the online advertising market.

These media centers include the same functionality as conventional television, DVD players, and stereo equipment, but combined with an internet connected computer.

A three-by-three matrix classification of privacy-invasive software showing legitimate, spyware and malicious software ( Boldt 2010 , p. 110)