SEATTLE — Kaspersky Lab has won a key legal victory against adware firm Zango that sets a precedent for future nuisance lawsuits from malware and bot operations aimed at security software developers.
The judgment filed June 25 by the 9th U.S. Circuit Court of Appeals disagreed.
Circuit justices Betty B. Fletcher, Pamela Ann Rymer and Raymond C. Fisher “granted summary judgment in Kaspersky’s favor, holding that it is a provider of an ‘interactive computer service’ entitled to immunity for actions taken to make available to others the technical means to restrict access to objectionable material.”
The court ruled, as had a prior lower court, that Kaspersky had every right to develop its security technology and was already protected under provisions found in the Communications Decency Act.
As it is, Zango can’t contest the ruling because it went out of business in April, crushed by debts and numerous lawsuits.
A “Good Samaritan” provision is part of the safe harbor section in the Communications Decency Act, and allows for the blocking and identification of harmful or unwanted material.
The ruling may also protect security researchers from future legal threats when identifying vulnerable system and revealing the cause.
The judgment is also seen as protecting consumers and their decision as to what software should be on their PCs with their expressed knowledge. Also, anti-malware firms are shielded from legal retribution for finding such unwanted programs.
In a statement, Kaspersky Lab Americas President Steve Orenberg said the company’s corporate mission “is and has always been to warn users and protect them from malicious programs that exist online.”
“We feel it’s our responsibility to warn a user when we classify an application as malicious, thus giving the user the choice to stop the application or let it run,” Orenberg said. “We are thrilled with the outcome of this case because it supports the key message of the information security industry — consumer protection comes first and that a legal suit cannot force a vendor to classify a potentially malicious program in a certain way.”