Last week, the Federal Trade Commission released a 62-page staff report on spyware (PDF version here). The conclusions are sound, the writing is crystal clear, and there are excellent recommendations in the report. The brief press release summarizes the issues well:
Based on discussions at the workshop and more than 750 comments submitted to supplement the workshop record, the FTC staff has concluded that spyware is a real and growing problem and that spyware can impair the operation of computers and create substantial privacy and security risks for consumers’ information.
[…]
[T]he problems caused by spyware can be reduced if the private sector and the government take action. The report suggests that technological solutions – firewalls, anti-spyware software, and improved browsers and operating systems – can provide significant protection to consumers from the risks related to spyware. The report recommends that industry identify what constitutes spyware and how information about spyware should be disclosed to consumers; expand efforts to educate consumers about spyware risks; and assist law enforcement. The report further recommends that the government increase criminal and civil prosecution under existing laws of those who distribute spyware and increase efforts to educate consumers about the risks of spyware.
So what’s the problem? This report was issued in March 2005. It was based on a one-day workshop held in April 2004. When it takes 11 months just to publish a report, you know you’re dealing with a bureaucracy that simply doesn’t know how to respond to a “real and growing problem.”
Ed Bott 
When you read that it took 11 months to publish, I started laughing, but wondering why I wasn’t weeping. I’m surprised they even bothered after that long.