ABSTRACT Spyware poses a serious threat of privacy infringement to unassuming internet users across the globe. Existing European legislation attempts to protect end-users from unethical review and use of their personal data. Outlawing spyware technology and strengthening the legal consent requirement for data-mining may offer end users additional assurances that their privacy rights are upheld, as well as more tangible shelter from the existing spyware epidemic. These proposed solutions, however, will only create successful safe havens for internet users by obtaining international buy-in. INTRODUCTION With today's rapid rate of technological advancement, it is imperative that judicial systems around the world involve their legal systems to address the global problem of spyware. Because digital privacy is not limited to a specific geographical boundary, protection of privacy must be regarded as a global issue. As society world wide becomes more dependent on technology, the risk surrounding its misuse increases exponentially and demands greater awareness and action by the average citizen. Spyware, whether in Europe or the U.S., is flourishing. A recent International Data Corporation (hereafter IDC) survey identified spyware as the fourth greatest threat to enterprise security (Gordan, 2005). An AOL/National Cyber Security Alliance (NCSA) Online Safety Study also recently reported that 80 percent of scanned computers contain a variety of spyware or adware (Gordan, 2005). Thus, we must address the existence of spyware and its ever-growing, evolving nature due to our computer-driven society. Despite the strict data processing protection laws adopted by the European Union (hereafter E.U.), little has been done to protect European Internet users from spyware (Levy & Stone, 2005). Left largely unchecked by legal remedies, spyware has infiltrated and overrun personal computers worldwide. This paper expounds the threat of spyware in light of its technical capabilities, analyzes how spyware violates existing European law, and proposes both statutory and non-statutory methods to successfully defeat this parasite (For a description of losses due to identity theft and the potential liability of those stealing the information, see Byers, 2001). TECHNOLOGICAL OVERVIEW OF SPYWARE Understanding spyware requires the realization that any connection to a site on the World Wide Web [hereafter Web] is not passive and the visitor does not wander around invisibly. Connecting to the Web is not like opening a book in the library and looking at its contents. While the person accessing the Web is gathering information from the site, the site knows the visitor is there, is monitoring the visitor's actions and has varying levels of access, by the visitor's invitation, to that visitor's computer. One of the earliest forms of this active interaction was cookie technology.(Gordon, 2005). Most users find cookies beneficial because they [e]liminate the need to repeatedly fill out order forms or re-register on Web (Gordon, 2005). For instance, with passwords being increasingly difficult to remember, some sites that require user names and passwords place cookies on the hard drive so that the user has the option to log-in automatically when visiting. The reality is, however, that many businesses seek more competitive advantages, and, consequently, have developed a variety of legitimate and illegitimate technologies to enhance their market advantage. Some modifications that transform legitimate cookie technologies into illegitimate ones include data miners that actively collect information, dialers that change the computers dial-up networking, worms that create self-replicating viruses, and hijackers that hijack a user's home page are (Lavasoft, Spyware & Harmful Technologies, 2005). Spyware Defined Spyware is generally defined as software that, once installed on a person's computer (usually without consent), collects and reports in-depth information about that end-user (Gordan, 2005). …