Sears, Kmart community software called 'badware'
StopBadware.org said Tuesday it has labeled the Sears and Kmart community software known as My SHC Community as "badware," or spyware.
The nonprofit organization run by Harvard Law School, Oxford University, and Consumer Reports WebWatch said it cited the Sears Holding Corporation community in particular "because of inadequate disclosure of extensive tracking and data collection and because the application does not identify itself while running."
In response to several accusations that it collects personal information without proper disclosure, My SHC Community has dramatically revised its Web site since last week. It has, among other changes, added a prominent link to its privacy policy.
At issue is the installation of tracking software from ComScore, an online data marketing firm. ComScore has maintained over the years that its data collection methods do not qualify as spyware. However, several leading antispyware researchers disagree.
In a statement (PDF), StopBadware.org said: "Sears Holding Corporation (SHC) has informed StopBadware that SHC is significantly improving the My SHC Community application disclosure and privacy policy language and adding a Start menu icon in an effort to comply with our guidelines and address privacy concerns. They expect these changes to be implemented within 48 hours."
However, late Tuesday, StopBadware.org said it has not changed its designation of SHC Community. "We have not evaluated these planned changes at this time. SHC has also informed us that they have suspended invitations to new users to install the application until these changes are implemented."
As CNET's resident security expert, Robert Vamosi has been interviewed on the BBC, CNN, MSNBC, and other outlets to share his knowledge about the latest online threats and to offer advice on personal and corporate security. Listen to his podcast at securitybites.cnet.com or e-mail Robert with your questions and comments. 
By the time Sony, Sears, Apple, Google, all three credit reporting agencies, Microsoft, the FBI, the NSA, AT&T, and the White
House get through with their data mining, the only hope of
getting back our privacy will be to ... well ok, there will be no
hope.
Why do I say "bold"? Because after getting caught, they don't say
"oops, sorry", and pull the offending software. They say "oops,
sorry", and put the link to the fine print (that nobody reads)
closer to the sign-up page.
As for the improvements to the language, I'm not holding my
breath. Anything short of "WE WILL FOLLOW YOU EVERYWHERE!
WE WILL RECORD EVERY URL, KEYSTROKE, PASSWORD,
PURCHASE, DOWNLOAD, E-MAIL, CHAT, SEARCH QUERY, AND
USERNAME THAT MOMENTARILY GRACES YOUR SCREEN. WE
WILL USE THIS INFORMATION FOR MARKETING, SELL IT TO
OTHERS TO USE FOR WHATEVER THEY CAN THINK OF, AND
GENERALLY TREAT IT AS IF WE OWNED IT. PLEASE ENJOY YOUR
INTERNET EXPERIENCE" is deceitful and misleading. (caps
intentional)
Remember when RealPlayer got raked over the coals for a lot
less?
I'll bet the next company doesn't even move the link.
Lampie the Clown