Andrew Pollack's Blog

Technology, Family, Entertainment, Politics, and Random Noise

Time for a new approach to anti-spam laws

By Andrew Pollack on 08/09/2004 at 11:10 AM EDT

Anti-spam laws are hung up on definitions in two fatal ways. First, they try to define spam; and second, they try to define the techniques used to send spam. Often the latter is an attempt at the former. This is a hopeless legal strategy and too easily subverted.

The definition of spam itself will never be pinned down because its clear that one man's meat is another man's poison. What I consider spam you may not, and of course the inverse. On top of that, legitimate advertisers are terrified of not being allowed to send mail of any kind and will thus use their considerable spending power to lobby for the very loopholes that spammers can then use to send more junk.

There are two places we can look to learn about what does and doesn't work, however. The first is telemarketing laws. In many locations within the United States now, it is a violation of either law or regulatory statute to perform any telemarketing activity without a valid and descriptive "caller id" tag on every call. This works to varying degrees, but works best where two key details are in place. First, the definition of "telemarketing activity" must be fairly broad, and interpreted by actual people rather than strictly defined in legal code. At its best, a regulatory body has initial review with a jury providing final determination on what is or is not "telemarketing activity" in any specific case. This simple process thwarts those who otherwise use the definitions in the law to get around the law itself. The second key factor is how well defined the required caller id tag must be. The more generic or misleading a tag can be and stay within the law, the less effective the law.

The second place to look is existing counterfeit law. Successful anti-counterfeit laws do not attempt to define each and every possible way to copy things. So then, should anti-spam laws stop trying to define all the ways to hack smtp headers or whatever. No sooner can these laws be passed than they will be outdated. A solid anti-spam law needs to more broadly define the act of deliberately placing deceptive information on the message.

Given these things, a successful anti-spam legislation is actually an adjunct to existing anti-deception legislation. What makes spam bad is the act of deception itself. A law that makes intentionally sending or paying to have sent communication through print or electronic media which contains information that is deliberately deceptive or inaccurate to more than one thousand people in the course of a single day or ten thousand people in the course of a single month would do the trick.

Why the numbers? Simple. If you don't specify a minimum then anyone who sends a bad message is subject to this law, which may be valuable to but for reasons unrelated to spam and thus not part of this particular legislation. If you try to be more specific about the information to be sent, or try to say the same communication, simply altering the text or the header could make it a "different" communication. This definition would be limiting on a per-day basis to one thousand for any spammer regardless of which customer -- he couldn't, for example, send 999 message for each of a thousand different customers. In addition, he cannot do even that for more than ten days in a month. Also, and more important, the advertiser cannot hire a hundred different spammers organized into some kind of resource pool to each send 999 messages a day.

What about the content, what is "deliberately deceptive" -- well, first of all that's why we have juries. Clearly a falsified mail header would be deceptive. I'd imagine most juries would be convinced that the intentional misspellings, word character substitutions, random word lists (for foiling bayesian filters), background colored text, and subject lines starting with "re:" are all deliberate deceptive.

Will this stop off-shore sourced spam? Of course not. Nothing is perfect. However, it would stop U.S. based companies from paying off-shore spammers. That's a start. If this and a few other countries took the same action, a vast quantity of the stuff would go away.


  • text bubble icon

    Security Review

    How secure is your Domino environment? A security review doesn't have to be expensive to be helpful. If you're interested in finding out more, Contact Me.
    • There are  - loading -  comments....

    Site Links

    Useful Links



    Other Recent Stories...

    1. 07/20/2010IBM has invented the time machine - and not in a good waySteve Mills is now in charge of both hardware and software. According to The New York Times.... The management changes, announced in an e-mail message to I.B.M. employees, were intended to improve the company’s products and services, Mr. Palmisano wrote. For example, computer hardware and software are for the first time being placed under the oversight of one executive......Increasingly, Mr. Palmisano wrote, computer systems must be “designed and brought to market as tightly integrated” packages of ...... 
    2. 07/18/2010A lot of work, but something I've always wanted to do -- Fixing up a car for one of my kidsOne of the things I've thought about for years and have always wanted to do, is to fix up a car for one of my kids. I'm not sure why, but its just something that I've thought about since they were really small. Of course, daydreams being what they are, the reality is never quite as grand in scale -- the 70's era muscle car turns out to be a 2002 Kia, and instead of an old pole barn to work in, the car is up on ramps in my driveway. Still, I'm really enjoying getting to do the work, being able to do the ...... 
    3. 07/13/2010Old Spice -- Their marketing team fully groks social media. You know the old spice guy (I'm on a boat)? I don't care for their products, but their ad people have gone social nuclear. Read this to see how they've totally "Got" social media promotion. ...... 
    4. 06/22/2010Product Review: Plantronics Savi Office wireless headset 
    5. 06/16/2010Ed Brill has a blog. Peter O'Kelly has blog... 
    6. 06/15/2010How about Traveler for Desktop? 
    7. 06/15/2010Why XPages is not LCD any more 
    8. 06/15/2010Fixing Domino Designer -  
    9. 06/14/2010Bandwagon: Why the decline in Notes seats, when the Domino server is still the best value on the marketplace? Here's why.... 
    10. 05/17/2010Unified Comunications Server? That ship sailed -- it's time to move on. 
    Click here for more articles.....


    pen icon Comment Entry
    Subject
    Your Name
    Homepage
    *Your Email
    * Your email address is required, but not displayed.
     
    Your thoughts....
     
    Remember Me  

    Please wait while your document is saved.