Andrew Pollack's Blog

Technology, Family, Entertainment, Politics, and Random Noise

Time for a new approach to anti-spam laws

By Andrew Pollack on 08/09/2004 at 11:10 AM EDT

Anti-spam laws are hung up on definitions in two fatal ways. First, they try to define spam; and second, they try to define the techniques used to send spam. Often the latter is an attempt at the former. This is a hopeless legal strategy and too easily subverted.

The definition of spam itself will never be pinned down because its clear that one man's meat is another man's poison. What I consider spam you may not, and of course the inverse. On top of that, legitimate advertisers are terrified of not being allowed to send mail of any kind and will thus use their considerable spending power to lobby for the very loopholes that spammers can then use to send more junk.

There are two places we can look to learn about what does and doesn't work, however. The first is telemarketing laws. In many locations within the United States now, it is a violation of either law or regulatory statute to perform any telemarketing activity without a valid and descriptive "caller id" tag on every call. This works to varying degrees, but works best where two key details are in place. First, the definition of "telemarketing activity" must be fairly broad, and interpreted by actual people rather than strictly defined in legal code. At its best, a regulatory body has initial review with a jury providing final determination on what is or is not "telemarketing activity" in any specific case. This simple process thwarts those who otherwise use the definitions in the law to get around the law itself. The second key factor is how well defined the required caller id tag must be. The more generic or misleading a tag can be and stay within the law, the less effective the law.

The second place to look is existing counterfeit law. Successful anti-counterfeit laws do not attempt to define each and every possible way to copy things. So then, should anti-spam laws stop trying to define all the ways to hack smtp headers or whatever. No sooner can these laws be passed than they will be outdated. A solid anti-spam law needs to more broadly define the act of deliberately placing deceptive information on the message.

Given these things, a successful anti-spam legislation is actually an adjunct to existing anti-deception legislation. What makes spam bad is the act of deception itself. A law that makes intentionally sending or paying to have sent communication through print or electronic media which contains information that is deliberately deceptive or inaccurate to more than one thousand people in the course of a single day or ten thousand people in the course of a single month would do the trick.

Why the numbers? Simple. If you don't specify a minimum then anyone who sends a bad message is subject to this law, which may be valuable to but for reasons unrelated to spam and thus not part of this particular legislation. If you try to be more specific about the information to be sent, or try to say the same communication, simply altering the text or the header could make it a "different" communication. This definition would be limiting on a per-day basis to one thousand for any spammer regardless of which customer -- he couldn't, for example, send 999 message for each of a thousand different customers. In addition, he cannot do even that for more than ten days in a month. Also, and more important, the advertiser cannot hire a hundred different spammers organized into some kind of resource pool to each send 999 messages a day.

What about the content, what is "deliberately deceptive" -- well, first of all that's why we have juries. Clearly a falsified mail header would be deceptive. I'd imagine most juries would be convinced that the intentional misspellings, word character substitutions, random word lists (for foiling bayesian filters), background colored text, and subject lines starting with "re:" are all deliberate deceptive.

Will this stop off-shore sourced spam? Of course not. Nothing is perfect. However, it would stop U.S. based companies from paying off-shore spammers. That's a start. If this and a few other countries took the same action, a vast quantity of the stuff would go away.


  • car icon

    On Site Training

    We can bring the same kind of top quality training you get at conferences right to your offices. If your team needs training in a single topic, or you want to do a whole series on site, we can put a mini-conference together just for your team. For more information, Contact Me.
    • There are  - loading -  comments....

    Site Links

    Useful Links



    Other Recent Stories...

    1. 04/24/2012The next iteration in using Twitter to market -- if Twitter doesn't find a way to control some of this, it will die off in favor of something else.Twitter becomes more and more a vector for marketing and less and less a path for valuable (or even just fun) information. If Twitter can't find away to curb this use of their system, they're leaving themselves wide open to be replaced by some other simple tool. To combat almost ubiquitous "reply spam", many of us have closed our Twitter accounts so that our tweets are not public. By keeping them out of the public timeline, we don't get reply spam most of the time. It reduced the value of Twitter, however, ...... 
    2. 04/21/2012IBM, this is the worst way to handle browser compatibility issues.What you succeed in doing with this method of handling browser compatibility is take something that MAY NOT work, and turn it into something that DEFINITELY DOESN'T work. I know for a fact that this browser works just FINE with the template, because if I change the browser's identifier to claim it is a different version the template works. More important, you've removed the decision from me. This is the kind of arrogant, unthinking, over-controlling, poor user interface design that has users hating the ...... 
    3. 04/13/2012The usefulness and utility of Notes browser plug-in - promised for 8.5.4 around the end of 2012Sorry for the long time between posts. I've been working on things most of you wouldn't be interested in, and with other social media outlets better suited to the day to day trivialities, I've wanted to keep this blog for things less quotidian. I've also been spending almost no time keeping up with what we call the "Yellowverse". I keep half an eye out through friends in the community but mostly I rely on them to tip me when something really interesting is happening. I'm happier staying out of the rest of ...... 
    4. 04/01/2012Really enjoying XPages and thrilled to see the market so attracted to it. 
    5. 03/02/2012Ok. I was wrong. This is me eating crow. You CAN separate the validation events on the XPages 
    6. 03/02/2012Agh. Just when you think your XPage is behaving -- something else IBM failed to do right. Validation on multi-document XPages 
    7. 03/02/2012XPages - Suggestion and a Tip for Newbies on Repeat Controls 
    8. 03/01/2012Making progress working with TrialandErrorPages. Some things I've learned 
    9. 03/01/2012XPages bug - computewithform option for data sources with some formula language commands 
    10. 02/25/2012Companies that avoid telling the truth about their products and services to avoid losing customers, lose customers 
    Click here for more articles.....


    pen icon Comment Entry
    Subject
    Your Name
    Homepage
    *Your Email
    * Your email address is required, but not displayed.
     
    Your thoughts....
     
    Remember Me  

    Please wait while your document is saved.