Policy Insights: The Stopping Grinch Bots Act

Yesterday, lawmakers reintroduced the Stopping Grinch Bots Act, a bill aimed at outlawing the use of bot technology for buying up inventories of in-demand products for profit on the resell market. Such Grinch Bots have been the bane of retailers, their security teams and consumers, particularly this year as supply chain shortages have created an open season for bot activity.

Policy Insight:

According to Jason Kent, hacker in residence at Cequence Security

“Is it a good idea to have legislation around this? Yes. Will this bill stop bots? No. It’s complicated but it is nearly impossible to trace where a bot is coming from. Identifying someone operating a bot, gathering evidence and getting an understanding of intent are much harder than keeping the bots out. Is this the way to get rid of a bot that runs on a residential proxy network, hiding millions of transactions behind a veil of technology? Also, no. We need to approach the issue of Grinch Bots with the available tools. Public companies should be compelled to have a bot mitigation strategy that puts them under scrutiny rather than trying to make the boogeyman illegal. Reintroducing this legislation is important but now is the time to make it illegal to host the infrastructure, ignore the problem or allow it to happen.”