The information collected by the spyware can vary, and may include the user's web browsing habits, search strings, site preferences and similar kinds of information. While these details cannot be used to exactly identify a user, and may not be considered confidential, the data gathering may be considered intrusive.
Once the information is gathered, it is transmitted to another party. The exact details of how the spyware sends out the data can vary, but the most common method is by connecting to a remote site or server and transmitting the gathered data to it.
Some spyware also perform other actions that can impact the user's privacy or productivity, or their control of the computer or device. Examples of such actions include displaying unsolicited pop-ups, hijacking a browser's home or search pages, redirecting browsing results and monitoring user activities.
Spyware may be legally and ethically ambiguous. Depending on how it gathers data, the context of use and any applicable laws, the spyware may be considered legal and acceptable; dubious but unlegislated; or outright illegal and unethical.
Examples of spyware include: