73 Pa. Stat. § 2330.3

Current through Pa Acts 2024-53, 2024-56 through 2024-111
Section 2330.3 - Computer spyware prohibitions

A person or entity that is not an authorized user shall not, with actual knowledge, with conscious avoidance of actual knowledge or willfully, cause computer software to be copied or procure the copying onto the computer of an authorized user in this Commonwealth and use the software to do any of the following acts or any other acts deemed to be deceptive:

(1) Modify through deceptive means any of the following settings related to the computer's access to or use of the Internet:
(i) The page that appears when an authorized user launches an Internet browser or similar software program used to access and navigate the Internet.
(ii) The default provider or Internet website proxy the authorized user uses to access or search the Internet.
(iii) The authorized user's list of bookmarks used to access Internet website pages.
(2) Collect through deceptive means personally identifiable information that meets any of the following criteria:
(i) It is collected through the use of a keystroke-logging function that records all keystrokes made by an authorized user who uses the computer and transfers that information from the computer to another person.
(ii) It includes all or substantially all of the Internet websites visited by an authorized user, other than Internet websites of the provider of the software, if the computer software was installed in a manner designed to conceal from all authorized users of the computer the fact that the software is being installed.
(iii) It is a data element described in paragraph (2), (3), (4) or (5)(i) or (ii) of the definition of "personally identifiable information" that is extracted from the authorized user's computer hard drive for a purpose wholly unrelated to any of the purposes of the software or service described to an authorized user.
(3) Prevent, without the authorization of an authorized user, through deceptive means an authorized user's reasonable efforts to block the installation of or to disable software by causing software that the authorized user has properly removed or disabled to automatically reinstall or reactivate on the computer without the authorization of an authorized user.
(4) Misrepresent that software will be uninstalled or disabled by an authorized user's action with knowledge that the software will not be so uninstalled or disabled.
(5) Through deceptive means, remove, disable or render inoperative security, antispyware or antivirus software installed on the computer.

73 P.S. § 2330.3

2010, Oct. 27, P.L. 855, No. 86, §3, effective in 60 days [ 12/27/2010].