Last week I sent out a note wondering about the Feds forcing security
companies to whitelist police spyware (either through a court order or
Subsequently, a colleague at CNET and I did a survey asking 13 of the
top anti-spyware vendors, including Symantec, McAfee, IBM, and
Microsoft, three questions:
1. Have you ever had any discussions with any government agency, not
counting conversations related to a lawful court order signed by a
judge, about not detecting spyware or keystroke loggers installed by a
police or intelligence agency?
2. Is it your policy to alert the user to the presence of any spyware or
keystroke logger, even if it is installed by a police or intelligence
agency in the absence of a lawful court order signed by a judge?
3. Have you ever received such a court order signed by a judge requiring
you to cooperate with law enforcement authorities in terms of not
detecting government-installed spyware or delivering government spyware
to your users?
The short answer is that we received "No" answers from all 13 companies
to the second question. But not all would reply to the third.
The article with the summary of the survey is here:
The actual survey results, verbatim, are here:
Politech mailing list
Archived at http://www.politechbot.com/
Moderated by Declan McCullagh (http://www.mccullagh.org/)