Mr. Gates has proposed his solution to spam. Unfortunately, it is yet another idea that will not work.
The problem the MSFT solution aims to solve is the problem of distinguishing good spam from bad. The proposal has a clever (though I think dangerous) safe harbor provision to “create incentives for email marketers to adopt best practices, and to certify themselves as trusted senders who can be more easily identified by consumers and filters alike.” Presumably, if we know which marketers are “trusted senders” we can accept their mail, and block all the rest — spam and non-spam alike. Thus, email would become a more effective channel for trusted marketing — but little else.
The safe harbor provision could make sense if there were a background requirement that all spam be labeled. There’s a hint of that requirement in the letter Mr. Gates wrote to the Senate Commerce Committee (“participants would be entitled to avoid the burden of additional labeling requirements (such as “ADV:” )”). But the proposal doesn’t actually endorse a labeling requirement. And without it, the proposal does nothing to distinguish real email from HGH sellers. The proposal would help distinguish HGH sellers from, say, Amazon. Wonderful, but I didn’t know that was the problem.
The proposal does say lots about making sure ISPs and state attorneys general have the power to sue — again, like most (but not all) solutions, centralizing the enforcement function. But all such solutions will fail because a centralized system for enforcing spam regulations will never be enforced. ISPs and state attorneys general have better things to do than enforce spam regulations. They always have; they always will.
This is the key point: the enforcement problem. Whatever the requirement, if it is not effectively enforced — meaning that most spammers do not fear that they will be caught and punished for failing to obey a requirement — then it will fail. And if it is effectively enforced, then it will work even if its penalties are not harsh. Solve the enforcement problem, and a slap on the wrist will work. Fail to solve the enforcement problem, and even the death penalty would be ineffective.
It’s no surprise that Congress doesn’t get this. Congress gets points for “seeming” tough. If you seem tough, it doesn’t matter if your ideas work. So puffed-up “get tough” rhetoric tied to totally ineffective legislation is the norm.
But it is a surprise that a company as skilled as MSFT would make the same Washington (DC) mistakes. Mr. Gates has done extremely well in world where mistakes hurt profits. He is doing extraordinary good in the world where generosity (indeed, astonishing generosity) corrects for policymakers’ mistakes. But as a policymaker himself, he is still MSFT v1.0.
Let’s hope he gets to MSFT v3.1 soon.
Did someone say spam? 😉
I’ve been following the threads on unwanted email for years (I suffer from 200+ spams daily, only about 80% of which are caught by my filters, spamassassin, and domain blocking) but the story is always the same: the ‘bad guys’ are smarter and quicker than the legislature, filters, antispam software…
I think spam’s ultimate defeat (or at least attenuation) is in the hands of ‘good guys’ – because if we let the lawmakers handle this, they most definitely infringe on our freedom. I am a big fan of encryption and digital signatures, but those technologies are insufficient and too complicated to use to become mass-popular. Not to mention fake’able.
Out of curiosity, what do you think is the right approach to handle the Spam problem?
ps. we all read your blog here at the office. good stuff.
The right approach and the approach I’ve bet my job on is here.
Now when Mr. Gates gives a money back guarantee on his policy proposals, then I suspect we’ll be at v3.1.
ISPs and state attorneys general have better things to do than enforce spam regulations.
ISP’s have the most to gain from enforcing spam regulations. In the US, most home users are charged a flat fee for their bandwidth. If they send (or receive) one email or a thousand emails a month, they pay the same fee. But ISP’s pay for metered access. The more bandwidth they use, the more they pay for. For most home users, spam is merely a nuisance. For ISP’s it’s a very real, measurable cost. This is why user-end filters don’t work. By the time it’s gotten to the filter, it’s already cost the ISP money. ISP’s would enforce the regulations if they could (and the legal fees didn’t cost more than the spam did).
Right: “if the legal fees didn’t cost more than the spam did.” Bandwidth (the product of competition in the market) is a falling cost resource; lawyers (far from a competitive market) is a rising cost resource. Lawyers will cost more than the bandwidth, which is why ISPs will not waste their time enforcing spam laws.
If the ISP’s were able to recoup their court costs as well as the damages, they would be more likely to take action. Or, if spam was a crime, prosecuted by the state, the legal fees to the ISP would be minimal. It would just be a matter of filing a complaint and providing the necessary evidence.
This is not to say that I think legislation alone is going to solve the spam problem, but I think it’s unfair to dismiss it out of hand. We can argue till we’re blue in the face about how much spam hurts the ISP and end user, but until it’s illegal, most spammers won’t even see what they’re doing is wrong. We’re talking about people who can’t put together that the very filters they have to work around are there because people don’t want their ads.
UK bans spam messages
Story from BBC NEWS
Published: 2003/09/18 15:35:34 GMT
� BBC MMIII
The UK has made spam a criminal offence to try to stop the flood of unsolicited messages. Under the new law, spammers could be fined � 5,000 in a magistrates court or an unlimited penalty from a jury.
But they would not be sent to jail, according to the new measures introduced by Communications Minister Stephen Timms.
Spam has become the bane of internet users, with junk messages making up more than half of all emails sent.
Permission to send
“It’s crucial that people feel safe and have confidence in utilising electronic communication technologies,” said Mr Timms.
“These regulations will help combat the global nuisance of unsolicited emails and texts by enshrining in law rights that give consumers more say over who can use their personal details. ”
The measures take effect on 11 December and will be enforced by the Information Commissioner.
Under the new law, companies will have to get permission from an individual before they can send them an email or text message.
But the regulations do not cover business email addresses, despite some calls for a blanket ban on spam.
The anti-spam group, Spamhaus, has criticised the law for excluding work addresses.
“Britain has disappointed the internet community by actually legalizing the spamming of British businesses,” said a Spamhaus statement.
“From 11 December it will be legal to send spam to the millions of hapless employees of British businesses.
“Britain’s firms will continue to suffer the onslaught of ever more spam, now from spammers claiming legality,” it said.
Jail in Italy
The British measures are not as drastic as Italian anti-spam laws.
Earlier this month Italy imposed tough regulations to fine spammers up to � 90,000 (� 66,000) and impose a maximum prison term of three years.
EU legislation banning unwanted email is due to come into force on 31 October, but correspondents say that, given the global nature of the internet, it may have little effect.
Most spam comes from the United States and Asia, and will be outside its reach.
The EU legislation leaves it to each member state how to enforce the legislation, as long as the enforcement is “effective”.
The UK legislation also sets guidelines for the use of cookies, electronic tags that help websites keep track of visitors.
In future, people will be able to insist that sites do not store their personal information.
———————————————————————–
Italian spammers face jail
Story from BBC NEWS
Published: 2003/09/04 16:50:04 GMT
� BBC MMIII
Senders of unsolicited junk emails in Italy will now face jail sentences of up to three years, according to Italian media reports.
The country’s privacy watchdog issued the ruling in an attempt to limit the huge amount of advertising and promotional material sent online.
Sending emails without the permission of the receiver is against the law in Italy.
Offenders now risk fines of up to � 90,000 and between six months and three years in prison, if it is proved that they did it to make a profit.
The ruling follows estimates by the European Commission that spam emails cost EU companies approximately � 2.25 bn in lost productivity last year.
EU legislation banning unwanted email is due to come into force on 31 October, but correspondents say that, given the global nature of the internet, it may have little effect.
Most spam comes from the United States and China, and will be outside its reach.
The EU legislation leaves it to each member state how to enforce the legislation, as long as the enforcement is “effective”.
It is hosting an OECD workshop on the problem in January in an attempt to boost co-operation.
The European Commission says that between one-third and 50% of all emails sent or received are now junk or spam.
The problem is being compounded by virus writers using similar tactics to spammers to spread their malicious creations.
———————————————————————–
EU businesses count spam costs
By Patrick Bartlett
BBC European business correspondent
Story from BBC NEWS
Published: 2003/07/15 14:18:45 GMT
� BBC MMIII
Unsolicited email, or “spam”, cost European businesses an estimated two-and-a-quarter-billion � (� 1.5 bn) in lost productivity last year, according to the European Commission.
The figure was cited by the European Commissioner with responsibility for information technology, Erkki Liikanen, as he appealed for international co-operation to fight the unwanted, mostly sales-related messages.
European Union (EU) legislation banning unwanted e-mail is due to come into force in November, but given the global nature of the Internet, it is feared it will have little effect.
The scourge of unwanted email is now so serious that it is threatening to stifle the Internet as an effective means of communication.
Legal constraints
Mr Liikanen said between a third and one-half of all e-mails sent and received was now spam or junk mail.
If spam is not checked, it is feared it could severely undermine the appeal of mobile-phone-based Internet services, which are about to come onstream in Europe.
Under a new EU directive, it will shortly be an offence to send any unsolicited mail without the recipient’s prior consent, but most spam comes from the United States and China and will be outside the law’s reach.
In contrast to Europe, the United States is considering a variety of laws which would regulate spam, but essentially allow it unless an individual specifically opts out.
The European Commission readily admits international co-operation is vital.
Today, Mr Likanen offered to host a special summit on the problem at the OECD next year.
———————————————————————–