Microsoft this week defended its Windows Genuine Advantage (WGA) tool against charges that it acts like spyware because it constantly checks in with Microsoft when a user boots a PC with the tool installed.

When first introduced last year, the WGA, which checks a user's copy of Windows XP to ensure it is not counterfeit or pirated, ran only on Windows PCs when a user would install automatic updates. Microsoft updated the tool, which is still in pilots, in April with a WGA Notifications feature that checks the legitimacy of Windows on a machine regardless of whether update services are being used.

In a statement through its public relations firm Waggener Edstrom Inc., Microsoft said that when the WGA Notifications checks in with Microsoft when a PC is booted, it is not providing any information to the vendor if a PC's copy of Windows has already been validated. Instead, it is checking with a "server-side configuration setting to determine if WGA should run or not." The check-in also gives Microsoft the ability to disable the WGA program, if necessary.

Microsoft's defense of WGA came after Lauren Weinstein, co-founder of People For Internet Responsibility, International Open Internet Coalition, and the Electronic Entertainment Policy Initiative, noticed that even on Windows XP systems that WGA already had verified as legitimate, the tool will repeatedly attempt to contact Microsoft every time the PC is booted.

He wrote a posting on his blog about the behavior of the tool and suggested it may be acting like spyware, which is software that gathers user information through his or her Internet connection without the user's knowledge.

"I fail to see where Microsoft has a 'need to know' for this data after a system's validity has already been established, and there may clearly be organizations with security concerns regarding the communication of boot-time information," he wrote on his blog.

Weinstein posted another blog entry after he spoke with Microsoft to get the company's side of the story, and said he is still not convinced the behavior of WGA Notifications is above board.

More importantly, he said the issue raises privacy concerns about how companies going forward will control software that increasingly is being delivered over the Internet as a rented service, as well as how they control and disseminate information by communicating with the renters of those services.

Today, most users purchase software and maintain control over it themselves because they own it outright, and their communication with vendors is limited, Weinstein wrote. But that will change when more software is delivered as services, and companies may exploit both the relationship they have with customers as well as their ability to make users authenticate themselves to use services.

"The old models are dying, and if we don't get ahead of the curve by understanding and properly framing the new models, we are likely to be very sorry after the fact," Weinstein wrote.