Wired reports that new anti-spyware legislation [via Internet Cases]:

would represent one of the more significant updates to federal computer-crime law in the last two decades.

One gets the impression that faced with the scourge of spyware, legislators finally decided to take action - and drastic action at that.  Not so.

John Ottaviani Prof. Goldman at Technology & Marketing Law Blog characterizes I-SPY as follows:

I-SPY's main operative provisions overlap existing provisions in the Computer Fraud & Abuse Act. Thus, I don't think the law creates any new limitations, which makes the law a harmless/ineffective trifle.

That's absolutely right.  I have a tough time seeing how you can violate I-SPY without also violating the Computer Fraud and Abuse Act.  The grey area inherent in what constitutes "authorized access" under that statute will not make proving any I-SPY violations any easier.  Most people who are proponents of spyware legislation are looking for some bright line rules in this area.  Unfortunately, I-SPY does not provide any.

Alex from Sunbelt predicts a dark period following post-anti-spyware legislation.  He comments on the other possible anti-spyware proposal (the "SPY-ACT") which has thus far received a pretty chilly reception:

You know what would be really scary? To have the same “success” with the SPY-ACT as we did we CAN-SPAM. In that event, the only people being helped would be security vendors. In other words, good for me, bad for you.

It’s absolutely certain that this law will lead to unintended consequences. And, quite possibly, will support the very people we don’t want to protect.  

By all accouunts, the SPY-ACT looks much less likely to pass, but is definitely the more far reaching of the two.  (CAN-SPAM deja vu, anyone?)