The federal government will not create new laws to ban spyware after a legal review found existing legislation already does the job for most miscreant acts the technology can be used for.
A joint review by the Department of Communications, IT and the Arts and the Attorney General found six existing laws - some with lengthy jail terms for their abuse - can be used to prosecute acts such as stealing people's financial details, unauthorized surveillance and browser hijacking.
"The most serious and culpable uses of spyware do constitute criminal offences under existing legislation," the review states.
The document also provides a lengthy list of illegal "behaviours" facilitated by spyware for which government can currently fine or lock people up.
These include deception, fraud, unauthorized access, content modification, invasion of privacy, browser hijacking, cyber-stalking, computer hijacking, theft of software, resources and bandwidth; anti-competitive conduct, and denial of service attacks.
However, IT security experts like Queensland University of Technology's head of software engineering and data communications Professor Bill Caelli warns that, although existing legislation may be legally adequate, technical solutions still lag behind.
Caelli said the current spyware plague represented "a total failure of operating system integrity", adding that two decades of commoditized operating system development had come back to haunt the IT industry.
"Current operating systems are less secure than Multics which was first defined in the 1960s," Caelli said.
Caelli added that a recent US report from the President's Information Technology Advisory Committee (PITAC) warned that in security terms, current IT research and development is so inadequate, it constitutes a national crisis.
The report states current US "federal support for research in information technology is seriously inadequate," and warns substantial new investment must be made swiftly to "protect us from catastrophic failures of the complex systems that now underpin our transportation, defence, business, finance, and healthcare infrastructures."
"We have become dangerously dependent on large software systems whose behaviour is not well understood and which often fail in unpredicted ways," the report adds.
Asked about the PITAC report and its dire findings, a spokesperson for IT Minister Senator Helen Coonan said the government currently had a research policy, but would continue to consult with the community and stakeholders to find better ways to tackle spyware.
"Spyware is a complex issue and the government will work closely with stakeholders to ensure a measured and practical response," Senator Coonan said.
Microsoft Australia managing director Steve Vamos said the government's spyware approach demonstrated "pragmatic leadership."
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.