Slashdot Mirror
Judge Deems Washington Anti-Spam Law Unconstitutional
ThatGuyAZ writes "A King County (Wash.) Superior Court Judge threw out a lawsuit under the tough Washington Anti-Spam law, calling the law "unduly restrictive and burdensome" in limiting interstate commerce. While the state can appeal this low-level ruling, this is definitely the opening shot in the coming legal battle over state attempts to regulate spam. "
You certainly have come up with a way to exploit the law, but no argument to refute the previous poster's claim that the judge was correct and that it's a bad law that tries to implement a wrongheaded method of solving the spam problem.
After reading the article and ruling, I have a few issues and comments about it.
First, I thought the semantic games over what to call the messages were stupid. "Spam" is obviously derogatory, and "direct marketing" is a spinmeister's word for what the messages really are, "unsolicited advertisements." Might as well call them what they really are.
Second, I agree that asking businesses to check every email address on their list against a database for each and every jurisdiction that has its own laws regarding email would create an undue burden on businesses.
Third, isn't there already a law that states that people should be allowed to have themselves removed from mailing lists at their request? If so, then shouldn't advertisers have to provide some straightforward means of doing so?
Fourth, I don't have enough knowledge of interstate commerce laws to even begin to comment on whether the law violates them or not, and the article didn't say much of anything about it either.
Finally, I don't know of a fair way to allow people to opt-out of receiving unsolicited advertisements. Every possible solution I've come up with has also had a high possibility of adverse side-effects. They would also be subject to various courts' interpretations of the words "advertisement", "unsolicited", etc. Anyone have any good ideas?
It's not enough to bash in heads, you've got to bash in minds. - Captain Hammer
I think it depends on what the regulation entails. In this case, the law requires that unsolicited advertisements be labeled as such and that they contain a reply-able address so that someone may ask to be removed from the mailing list if they do not wish to receive any further mail from that source. Doesn't sound all that restrictive to me. Basically it tells companies that they aren't allowed to try to deceive people with their subject lines and that they must provide a means for consumers to opt-out of the mailing list. Sounds perfectly reasonable.
It's not enough to bash in heads, you've got to bash in minds. - Captain Hammer
I hate spam as much as anyone, and I report both the spammer and any drop boxes to the appropriate service provder. That said, though, this ruling is good.
Anyone remember the case of the California resident who set up a web site that some sheriff in Tennessee (I think) decided was indecent? The sheriff entrapped the guy by sending him a package of kiddie porn. The California cops were tipped off, and the guy was arrested and extradited to Tennessee. Of course, the kiddie porn charges were dropped (there was obviously no case), but he was now in Tennessee and tried -- and convicted -- for indecency or obscenity based on his web site in California.
Distinguishing addresses in Washington from addresses anywhere else in the world is well-nigh impossible, a fact that we all recognize when it comes to porn, or the CDA. An electronic registry is really no better. Think about how many jurisdictions there are in the US, not to mention the world, each of which might have their own registry (think Australia, with its new censorship laws!), and it's clear that this is an impossible burden. Furthermore, the act of gathering such a list itself has its own privacy implications, and I could well imagine some spammer taking revenge on this registry.
Now, prohibiting the SENDING of spam from Washington would be quite another matter -- a state has legitimate jurisdiction over what takes place within its boundaries. A federal law prohibiting the sending of spam from anywhere in the US, or by any US citizen from anywhere, would also be another matter. Putting a burden on the sender to prove that a potential recipient or consumer of information is not a member of a certain class is just asking for trouble.
>>"That's just a derogatory term that's on the other side of the
>>table," he said. "Direct-marketing people don't like to hear the
>>paper mail called `junk mail.' "
>But it IS junkmail, and "direct marketing" is just a good name from
>the other side of the table.
Exactly. Pedophiles don't like the terms "pervert" and "kiddie-f******",
but it doesn't make them any less true. Nor do we agree to call hookers
"sexual service professionals," etc.
A rose by any other name . . .
1. Content-neutral: For instance, a ban on bulk unsolicited e-mailing in general would pass muster, a ban limited to porn spam would not.
But then you have to consider the definitions of all of those words, particularly "unsolicited" and "bulk." These definitions can be twisted quite a bit if you are creative enough.
If everybody on the Net is officially permitted "one bite of the apple", the flood of spam would be worse than it is now (with a tiny minority spamming as often as they can get away with it). There are (at a conservative estimate) 10^7 people on the Net with something to sell or a message to spread; if each of them sends their one spam over the course of the next year, that's one spam every three seconds.
Yes, after which you can never be spammed ever again. I'd gladly take a year's worth of crap in exchange for never having to put up with it for the rest of my life, wouldn't you?
The fact is, we can't go censoring speech just because we don't like it. I don't like spam any more than you do, in fact I probably like it even less. But I can't deny that they have the right to speak, just as I have the right to subsequently tell them to stop bothering me.
The problem is, spam is protected by the First Amendment, as is every other kind of expression.
However, implicit in the right to say what you want is the right to hear what you (and, by extension, others) say. Implicit in that right is the right to not hear what others say, if you so desire.
I would propose a solution like this. All commercial e-mail, solicited or not, must include an opt-out function (opt-in would be better, of course, but we're talking about setting a bare minimum here). Now, let's say I opt out of e-mail lists from, say, l33tpr0n.com using this. If I ever get another e-mail from l33tpr0n.com again without first giving my permission, then it is considered harassment.
This protects l33tpr0n.com's right to free speech, while protecting my right not to be harassed by them. It's not an ideal solution, but I can't think of anything better that continues to protect people's Constitutional rights.
Firstly, my ISP only supports POP3 mail access. They're moving to IMAP, but it's not there yet. Secondly, assuming that I have access to my mail via IMAP, what software should I be using? fetchmail is working fine for me at the moment, and will continue to do so, but I don't know how I could persuade it to downlaod headers only and then selectively choose which messages to junk and which to download. So what else is there?
"The invisible and the non-existent look very much alike." -- Delos B. McKown
only those who aren't super-protective of their e-mail will get it.
Overly critical? I think not. Spammers stop at nothing, but I'm sure they love people who defend them.
"Here is the information you requested" is the subject and it links to porn banners. Should spammers have the right? Three people have been fired at my employer because of viewing porn sites.
So its ok for me to routinely portmap those who send spam to see if they have an open relay, investigate and throw out 20-50 spams a day in my personal mail box? Should a spammer have a right to DOS my mailbox by stuffing it so full of junk I don't have time to find mail that was from people who really need to reach me?
Spud Zeppelin dun said:
Well, among other things, it doesn't force me to store his offers for watches on private property, and it doesn't cost me money and/or labour costs to listen to him try to sell fake Rolexes, not to mention telling him to perform impossible acts of self-copulation with aforementioned watches. ;)
The same cannot be said of spam (including UCE). First off, the vast majority of sites with full-time Internet connections pay by the byte or by the hour (and, especially outside North America, a non-negligible number of home users, too; UUCP connections (where you HAVE to download all the mail) are still relatively common in Europe, Asia and South America, and are STILL some countries' only connection to the Internet (if memory serves, Mongolia's main ISP is UUCP-only, and this is also true for most African ISPs outside of South Africa and africa.net accounts), and people in most countries pay by-the-minute for phone calls period (incidentially, most countries also ban telemarketing--North America is one of the few places where it is legal--because it costs folks to receive it; this is also why junk faxes and telemarketing calls to cell-phones are illegal even in North America)...); the costs are often non-negligible, especially with the volumes of spam being sent (I did a quickie analysis around two years ago, which is posted here under the title "Spam By The Numbers"--this gives you a really good idea of the sheer amounts of crap that get sent to your local ISP daily if they aren't using specific block-lists like the MAPS-RBL list; nowadays it is also probably a very conservative estimate--with big mailspams on big ISPs, it can easily hit the gigabytes). This cost will, eventually, be passed on to the consumer-level (stuff like unlimited access being cut, or prices going up because they have to pay for the new RAID-5 array just to store all the spamaceous crap), so don't think you home users get away without paying the costs of spam.
Secondly, tracing down a source of a spam and getting them to stop spamming you is not exactly trivial. Spammers very commonly use throwaway accounts at freemail providers (and previously, AOL, Netcom and Compuserve accounts due to the sheer number of "free trial" CDs they would give out) and will obfuscate the hell out of headers (this is, in part, what the Washington bill was aimed at); not only that, they will often "relay-rape" servers, routing spam through insecure third parties' mail servers (there are a rather surprising number of these out there--Sun and SGI have notoriously insecure versions of Sendmail shipped with their programs, boxes in a lot of third-world countries and @Home boxes are insecure, and I won't even go into Windows mail daemons or mail daemons on old IBM mainframes--suffice it to say that spammers are the main reason most sites worth their salt don't relay mail anymore except for customers, and an increasing number won't even let you post mail without downloading mail first--Mindspring and Broadwing, among others, had to implement this). To make things even worse, spammers have over the years either set up shop at outright spam-friendly ISPs or at sites that couldn't be bothered to give a damn about net.abuse; at one point an entire backbone site on the 'net, Agis.net, had to be literally "IDP'd" (basically: many, many sites started refusing to share any traffic--not just mail and news, stuff like FTP and HTTP and the like) because AGIS hosted literally seven or eight of the worst spammer's havens on the Internet (including Sanford "SpamKing" Wallace's site, etc.) and refused to give them the boot after nearly EVERY other national-level ISP at the time HAD given them the Golden Boot. (Eventually AGIS did boot them and wrote up a strong, anti-net.abuse AUP. The AGIS boycott wasn't trivial--they were literally the third or fourth largest site on the net, many national-level ISPs had them as a primary or secondary network service provider, and they provided the only network service for a lot of sites including all of Alltel's Internet network.) And to make things even WORSE, many (if not most) spammers actually use "remove lists" or "do-not-spam" lists as actual confirm-lists for live addresses to spam; these lists are even bought and sold among spammers, and it is literally next to impossible to get one's address off one of these lists once they have been added on (about the only way I've found is for the email account itself to go dead).
It doesn't help that most of the folks in the "serial spamming" business--the hard-core folks-- are sociopaths (no, I am not making this up--most of them would actually be diagnosed as sociopaths). Sanford Wallace, for example, was in the junk fax business before he went to spamming--he is also widely regarded as being the person most responsible for junk faxes having been banned. Wallace is also almost singlehandedly responsible for most of the anti-spam AUPs in place, with a few other folks was largely responsible for getting AGIS "shunned" a few years back, and is almost singlehandedly responsible for nearly every anti-spam bill that has been proposed to a legislature worldwide. He finally got out of spamming when literally no ISP in North America would touch him with a 40-foot barge pole--and this, only AFTER he'd gotten AGIS IDP'd, been fined well into the millions of dollars for contempt-of-court charges, been literally banned by a Federal court in Ohio from sending mail to any customers of Compuserve, been banned by a Virginia judge from sending any mail to AOL customers, been fined by that judge for disregarding that order, paid well over US$300,000 in Internic charges for domains...this is the psychology we're dealing with. Sad individuals...
It's funny you should mention guys "selling watches", though. If he makes it a business as much as, say, most spammers do, just selling watches on the street is outright illegal in many areas. If it's over a certain volume, in many places he has to buy a specific business license. If he is found selling illegal goods (like, oh, counterfeit watches or selling adult material to under-18s or selling shares in a pyramid scheme or even selling stocks without a prospectus) they can lock him up and throw away the key.
Of note--the FTC has estimated that over 80% of all spams are for "fraudulent" and/or outright illegal schemes. Those that aren't are often adverts for adult sites which are of questionable legality for under-18's (and, depending on local ordinances, may be of questionable legality for anyone--for instance, adverts for marital aids and the sale of marital aids is illegal in Alabama and in a number of Southern counties).
In short, there are a lot of differences. You might visit CAUCE here, or spam.abuse.net for detailed info on the history of spamming and the real costs to Internet users. Those of you running Linux and *BSD boxen might want to in particular hit spam.abuse.net's info on securing your mail server, or hit Sendmail's web site which, along with the latest version, has extensive info on spamproofing your mail (including blocking open relays and spamaceous sites through the MAPS-RBL and stopping Bad Guys from relay-raping your server).
-Windigo The Feral (NYAR!)
It truly suprises me that more people on /. just don't seem to get it. Asking the government to protect you from spam is just as bad as asking them to make laws to protect you from porn
Except that porn on the Net is something you generally have to actively seek out. The existence of porn on some web server somewhere costs me absolutely nothing. It doesn't cost anyone anything aside from a little discomfort for the puritans out there. Spam, OTOH, is delivered every day to just about any email account one creates. It costs me time and money (through increased costs to my ISP which get passed on to me).
Besides, the law in question doesn't require that much. It requires three simple things that any legitimate business should be doing anyway:
1) Don't use misleading info in the subject field
2) Don't disguise the path the spam took across the Net
3) Don't use an invalid reply address
This is not unreasonable.
I wish people would stop begging legislators to inflict laws on the Internet and start asking for a technical solution.
The reason people are clamoring for this particular type of law is that the attempts at technical solutions didn't work. No technical solution is going to be able to eliminate spam that has inaccurate subject information, forges routing information, has invalid reply addresses,etc. People have tried filtering, but spammers create new email accounts to spam from faster than people can add them to blocked-senders lists. Allowing only people on an "approved-senders" list is too restrictive and removes much of the power of the medium. You can't filter based on subject line if the subjects are faked (and 99% of spam does that). You can't even filter based on where they're sending the message from if the route information is forged. The reason we need laws like this is so that technical solutions will be feasible.
And besides, if these spamming asses realize that they could lose big bucks, maybe then they'll realize they shouldn't be doing it. The burden of stopping junk email should NOT be on the recipient. It's just ridiculous to make people expend time and money for being the victim of spam. This is the reason why there were laws passed banning unsolicited commercial faxes. Email is no different.
Isn't protecting spam a lot like protecting someone who walks through the streets at night screaming "PANTS ON SALE AT YOUR LOCAL KMART!!!"
If this guy is arrested for disturbing the peace, then Kmart doesn't sell as many pants.
But who cares???
Does commercialism have a right to seek out the consumer at such lengths? I think I'd rather search for a company I want to do business with rather than having companies come to me.
Know what I like about atheists? I've yet to meet one that believes God is on their side.
how is spam really all that different from someone approaching you on the street and asking "Hey buddy, wanna buy a watch?"
Your question should be, how is spam really all that different from thousands of people blocking the entrances to your store, using your bathrooms, tracking mud all over your nice clean floors, and asking each and every one of your customers, "Hey buddy, wanna buy a watch?"
Sure, you may only have to hit delete three or four times a day, but how many other mail accounts does your ISP support? Do some multiplication here.
--
how to invest, a novice's guide
People may have a right to create "junk speech", but they have no right to do it in my house or place of business. They have no right to use my resources to do it. Perhaps spammers would object if I borrowed spray paint from their garages to paint my message "UCE is Theft" on their houses, cars, and lawns?
Framing the debate in terms of "free speech" occludes the real issues -- trespassing, theft, and harassment. Bulk snail mailers have to shoulder the cost of postal rates and printing. Unsolicited commercial e-mail shifts those costs to access providers.
(I've been to that gas station in rural Idaho, by the way.)
--
how to invest, a novice's guide
uce@ftc.gov to 'register'. Since all uce I get is forwarded to uce@ftc.gov with no consideration, I figure, why not just cut out the middle man (me) and have them send it directly to it's final destination?
Actually I haven't 'registered' for anything 'free' in a long time now anyway.
try { do() || do_not(); } catch (JediException err) { yoda(err); }
> sent to almost a million people in Washington.
Correction: the article says he sent between 100,000 and 1 million spams PER WEEK, although not exclusively to Washington state residents.
The $39.95 packages were "How to Profit From the Internet," which I think is probably just a "you can be spammer too" kit.
-- Don't Tase me, bro!
Your question should be, how is spam really all that different from thousands of people blocking the entrances to your store, using your bathrooms, tracking mud all over your nice clean floors, and asking each and every one of your customers, "Hey buddy, wanna buy a watch?"
Sounds like some gas stations in rural Idaho I've been to, actually *g*. Seriously, if you had that happening in a physical store, you'd put up something to keep them out, so why not do the same with spam? To keep the analogy going, just because the police can't arbitrarily arrest the street hustlers, doesn't mean you can't hire security guards, bouncers, etc.
So in this case, make your "bouncer" a set of filter rules to bounce mail. There's a pretty good set of filters for Netscape Messaging Server (much as I don't like the product, I inherited it in one project) available here that should be readily adaptible to many other servers. If you're an ISP ( Doing some multiplication here...) then not only will this cut down on the amount of crap you're spooling, it also has value as a selling feature; given the tight market for ISPs nowadays, the more value you can add, the better.
I'm going to stick by my original point: inasmuch as we might not like it, people have a right to create "junk speech". The best solution is to implement ways to tune it out....
This is my opinion and my opinion only. Incidentally, IANAL.
MOO;IANAL.
There used to be a picture linked here.
I know all about relay rape, thank you very much, one of the strategies I mentioned in my original post was "closing open relays." And I'm well aware of the cost of spooling the messages -- hence my discussion of applying spam filters if you're an ISP. You almost make it sound like I LIKE spam, or underestimate it's impact. Neither could be further from the truth: I'm in the trenches fighting the battle you describe on a daily basis. I'm asserting, however, that the solutions to the problem must be technical (ways to not listen) rather than legal (attempting to silence the speaker). And like I said, the ultimate technical solution is to simply spread awareness: if the response rate to spam tends much closer to zero than it is already, spammers will (theoretically, at least) finally shut up because they can't support themselves doing it any longer.
:) Oh, FYI the last news report I saw also said Alabama had abandoned its attempt to outlaw marital aids... of course, I currently live in Connecticut, which required a court decision just to force to legalize birth control pills.
;)
And incidentally, since time IS money, it does technically cost you labor to listen to the guy on the street offer you a fake Rolex
One parting thought: In my original post, I also mentioned the potential health risks associated with "telling [the street hustler] to perform impossible acts of self-copulation with aforementioned watches." -- I've found that people in that particular profession tend to be quick to anger, and oftentimes armed. Again, why I said I'd rather receive the "Hey buddy, wanna buy a watch?" via spam than in person
This is my opinion and my opinion only. Incidentally, IANAL.
MOO;IANAL.
There used to be a picture linked here.
I beg to differ.
The company I just recently left had a serious issue with spam mailings. To summarize, about 1/2 of the employees were laser repair technicians, and spent a good deal of time on the internet researching Windows issues both on many public forums, to include USENET. The result was an average of 60K mail messages per month to my site alone that I would term "spam". This is obscene. We had a system in which we were forced to distribute mail services across two servers per site, when in reality, only one should have been needed.
Why? The added traffic from spam was crushing. Ultimately, we were able to get spam filtering enabled pre-mail server at the firewall. Guess what, it didn't knock off nearly enough of the "spam". Why is that? Misleading headers and initial subject lines. I'm in favor of making these laws stick, because there is a legitimate amount of measurable money lost to these spamming imbeciles.
-Jer
Oh, I disagree. If this law goes through, I have a business plan proposition for everyone to join in. Start up a free-web-mail (hotmail-style) service in Washington with the hook of "Since this service is hosted in washington, and the company is a legal resident of the state, all spam mail received through this service that is out of compliance with Washington state law will be prosecuted to the fullest extent of the law" etc. Also, allow forwarding (free or fee? *shrug* tack a text ad onto the .sig of the email?) from this address, so you can not only filter all mischeivious spam, but know that the ISP will prosecute the sender. How many of us would sign up for that service? Especially if it came with lots of fun tools such as bulkmail folders, auto-spam complaint generators (a little scriptlet that reads headers and attempts to contact postmaster@/abuse@relevant.address.com?)
Hell, I'd even pay for it. spammers can FOAD. If states implement it differently, all the better for the consumer (in that it remains only for spam, that is, I admit that caveat), and better for some states in that it will dramatically increase ecommerce through servers in their states because of people seeking protection from spam.
Returned Peace Corps IT Volunteer
Has this judge actually READ the law? It only requires that spammers user real addresses, and don't misrepresent themselves. I thought in general that misrepresenting oneself was illegal, anyway, but a law that spells this fact out for spam/UCE is overly restrictive?
Please. Anyone got this judge's email addy? We could type it in at some nice, Truste-certified websites for him and see if he still feels that this law is too restrictive.
Returned Peace Corps IT Volunteer
Of course, this is easier said than done... but that's what really needs to happen. There are too many holes with anti-spam laws being passed on a state by state basis, and this case brings out potentially the biggest one. Hopefully it will result in a positive result (i.e. moving such a law to the national level).
----------
In a real emergency, we would have all fled in terror, and you would not have been notified.
what do we do when the spammers move off-shore?
They won't move off shore. They can't. At some point, they need to take my money (that's why they're in business, right?), and I'm right here. They might be able to move their servers offshore, but some part of their business must be here in the US so that they can collect my money. Shut down that part of the business, and the spam server will wither and die, no matter where it is.
Suppose, though, that they collect their money via credit card, and they enter the charges from overseas (ie outside US jurisdiction). I would suggest that it could be made legal to refuse payment of charges on your credit card if you can prove that the transaction originated as a result of an unsolicite email, sort of like you can refuse charges that result from unsolicited delivery of merchandise.
The spammer's counterpunch to this would be to accept only money orders or cashier's checks (this after Mastercard/Visa cut them off). There's not much you can do about this, but how many people do you know would willingly send the equivalent of cash to an off-shore address to a recipient who is known to violate US law? The flow of spam would soon slow to a trickle, and the worst offenders would become well-known and be easily blocked.
Comments, questions, or rude remarks, anyone?
Since unsolicited commercial email is acceptable, I'd have to say that unsolicited personal email is acceptable too. Especially when it constitutes political expression and it's directed at a public official.
I encourage all of you to share your political opinions with this court (no terrorist or death threats, please). Email early and email often. Do everything you can to share your opinion with the judge that SPAM costs its recipient MONEY.
I don't doubt that there are a lot of non-residents of King County, Washington reading this, but keep in mind that this is a case of national importance. If anti-spam laws fail at the local and state level, there is little chance of national anti-spam legislation. Share your opinion with this judge that the issue he is deciding is of more importance than he seems to realize.
Basically, what it boils down to is that the servers I maintain are private property. If I post a tresspassing notice on them (or the state sets some sort of tresspassing laws), they ought to be obeyed, and the government ought to support those rules.
You already have the right to sue the spammer if he "tresspasses on your private property", as you do for any other tort. Do we really need to make this sort of thing a criminal offense?
DrLunch.com The site that tells you what's for lunch!
If you come into my house, I am the person who decides whether or not you are trespassing. I can ask you to leave if you do nothing but sit in the corner and rant continuously about laser printer supplies.
(This is going to be unpopular, but) I agree. The judge (from the looks of things, I couldn't hit the ruling) is probably right for the wrong reason(s). Spam is an insoluble jurisdictional issue because Spam is an ECONOMIC issue. Many (not all!) in the anti-spam community might be described as a bit economics-challenged. This is not to poke fun at them, but just to say that follow-the-money applies when it comes to a group of lawyer-politicians proposing a nice-sounding anti-spam law (effectiveness be damned! It employs more lawyers!!!) just as when it comes to a spammer sending nasty ol' spam (and I agree, just about all people dislike UCE, including me).
/. community who asks for it a bit of gold to try the concept out. (I've made this offer on Slashdot in the past, with surprisingly few takers, but now there's a casino and a lottery) so I expect better results. Think about it, with a "stamp" that pays you, you might not mind spam so much. If you keep a Flying Rat e-mail address secret and "blocked" it will never get unpaid spam. The Flying Rat software will be open source, AFAIK.
The question becomes, what can be done that's actually effective? Plenty of laws can be written to sound good and they obviously don't work! (Disclaimer: Warning, the following is going to sound crass and commercial -- spam, if you will -- even though I'm about to offer to GIVE AWAY MONEY!! and I'm not imposing on anyone's e-mail bandwidth, so moderate me down and see if I care.)
Well, after last year's FC99 in Anguilla, and a number of conversations, we came up with The Flying Rat Project (the name comes from an old joke about never seeing baby pigeons, combined with the idea of pigeons carrying messages in ancient times). Yes, right now it only uses e-gold (that will change, this is a kludgy proof-of-concept, not what we have eventually planned) and yes, I dream about eventually making some money on the damthing (horrors! I'm not a lawyer who wants more laws just to make money for the chattering-class, I'm an evil-greedy-capitalist-Firengi-pig who wants there to be a market in e-mail and thinks that economics might -- just might -- work better than yet-another law!). Anyway, it works, and has for a while without much notice.
For now, I'll give anyone in the
Thanks for listening, you can create an account Here (please choose a good passphrase and remember it!) and then just e-mail me the account number and I'll click you a bit. For free (but try to play around with Flying Rat some, before you gamble it away). Thanks.
JMR
Try e-gold - (contact me). I'm NOT e-
Someone posted this on Sitereview.org this morning. It does look like a viable solution to giving out your email address for a particular transaction. The service is pretty new and I haven't tried it yet. Has anyone had any experience with these people?
Geeky modern art T-shirts
When you get spam, you've paid for it. You've spent time to download and delete the messages. The transfer of that data has been paid for by the ISPs, backbone providers, unwiting relay hosts, and in some cases, you the receiving party.
In fact, the only person who HASN'T paid for that message is the person who sent it.
The only thing here that seems absurd is your mischaracterization of the issue. It is a matter of property rights, not "free speach", as you would agree if equivalent actions were taken in the physical world (e.g. someone plastering unwanted bumper stickers on your car, spray-painting a message on your door, throwing notes wrapped around bricks through your windows, etc).
/.
/. If the government wants us to respect the law, it should set a better example.
It's like I always say: Judges should not have the power to nullify a law for any reason. If the law is unconstitutional it should be repealed through the legislative process. The best way to get a bad law repealed is to enforce it strictly, as Abraham Lincoln said.
1: The proof is in the pudding. The strict enforcement of laws that are passed will show whether the law is beneficial in a practical sense.
2: If we didn't have this stupid judiciary back door for unconstitutional laws, there would be much more pressure on legislators to examine the law before it passes.
-JD
Can I point out an important contrast between what you say about how spamming is wrong because its abusing YOUR bandwidth and YOUR servers? Many people on slashdot seem to agree with you (as remarked by your current score)..
Yet there's the other side of it. What about the NAPSTER side of it with colleges. Doesn't the college reserve the right to choose how THEIR bandwidth and THEIR private property are to be used?
You can't have it rabidly both ways at the same time. Choose which one, or give a better way to make that decision.
This ruling was just plain bad. Spam is not helpful, it's not beneficial to anyone but the sender, and it's costly to everyone else. If Washington, who has the toughest anti-spam laws, can't convinct this guy, what good are the laws at all?
/. just don't seem to get it. Asking the government to protect you from spam is just as bad as asking them to make laws to protect you from porn. I wish people would stop begging legislators to inflict laws on the Internet and start asking for a technical solution.
I'll have to respectfully disagree with the first sentence, but the rest is right on. In answer to the "what good are the laws at all?" question, NONE AT ALL.
It truly suprises me that more people on
Think about it. We use a password to protect against illegal entry into your private systems and accounts online. Sure, it's an inconvenience, but honestly, can we really expect any law or government to stop people from abusing an unprotected service on a global network? No. The most we can expect is laws that can be selectively enforced because there's no way to wholly enforce them. I'm NOT saying we wouldn't see a reduction in spam...
Now, if we truly want to stop spam (in the Self-Propelled Advertising Material sense) e-mail clients and servers will need to be upgraded. This is unfortunate, it'll be a real bitch to accomplish, and it will be years before everyone is protected. There really isn't an alternative though.
How: The client software needs to download a 'Terms of Use' unless they are explicitly permitted to send to the e-mail address. The 'Terms of Use' can contain anything really, but it needs to divulge a 'keyword' that the server will recognize and thus permit the client to upload e-mail. The user sending the e-mail of course would need to type in the keyword and the client would send it to the server.1
In the end, the 'Terms of Use' document will prevent spamming because the spam-bot won't know be able to figure out what the keyword is--the server will reject the e-mail.
FSO: (Frequently Stated Opinions)
Mailing lists won't work: Your mailing lists will be on your 'auto-accept' list or whatever you may call it.
Too much extra effort: Not really, you can add people that you frequently receive e-mail from to your list with the click of the button.
Can't be done: OK, then live with spam. No one is going to stop it.
numb
Why people would think of a law prohibiting spam is really beyond me. I get junk mail at home that I can ignore and I have a little button on my heyboard that corresponds to a function known as a "delete message" function that really works wonders.
Slashdot social engineering at it's finest
I propose vigilante justice. If someone spams, give the bastard an old-fashioned kneecapping. If they persist, shoot'em. There's no justice like mob justice.
Yeah and I assume that the person will just stand and take it right? What is so wrong with say giving you an advertisement on something that may in truth be a reputable product so that you might just buy it. There are directed mailings that work the same way. Mob justice will only get you the ire of the people doing such things.
What would happen next would be that the company would need to do other things to make up for the lost data that they wanted. Perhaps making a multi TB database on your and tracking your every move. If I have to choose from having a company have my name and getting junk mail I will choose the later option.
Slashdot social engineering at it's finest
Why is there no law against sending this crap to my house, taking up space in my mailbox, wasting my time just the same as electronic spam?
Because the postal bulk mailer pays postage for the cost of the mailing. A spammer pays no postage, transferring the costs of delivering bulk mail to the ISP and eventually the customer
Costs? The mail has to be delivered somehow (bandwidth), and stored somewhere (mail server). This traffic wastes both storage and bandwidth, and forces the ISP to upgrade to higher capacity equipment than he would otherwise need. The ISP can't recover any of this expense from the spammer, so one way or another, the customer picks up the tab.
Some people pay per-minute charges for their ISP connection--even if they simply delete the spam after they download it, they've still paid for the time required to download the latest "Make Money Fast" mailing.
So what's the difference between getting an email from some unknown person saying that you can order his book for $39.95, and getting a circular in your mailbox from some unknown person/company saying the same thing?
Really, I'm not trying to be a troll, I'm wondering. How is getting junk mail different from getting junk email (spam)? They both are unwanted pieces of mail you received that you'll probably end up throwing away. OK, so those who have dial-up connections actually pay to read spam, but then how much spam does the average dial-up user get in one day? (Unless they're stupid and go with AOL or some other similar company where you can get 100+ porn spams a day, or something like that.) If they get their dial-up access through someone who at least tries to care about their customers, there's less problems with spam (due to more secure information, employees of the ISP who actually care about losing customers, employees at the ISP who will respond to complaints about spam and actually do something about it, etc.).
Throwing away circulars is more of a problem than deleting spam. Circulars are made of paper & ink, they go in the trashcan, they go in a trash-collecting truck, they go to a landfill, they take up space in the landfill, they rot slowly, they hurt the environment. Spam is made of.......umm, electrons, it forces users to hit the delete button/key, it goes away forever. Which one of the two seems less of a problem to you?
I'm not saying spam is good or circulars are bad. I'm not saying that people who send 100,000 useless messages/day shouldn't be punished. I'm not saying we shouldn't have laws against spam. I'm saying that we should decide how much of a problem spam is, how much of a problem circulars are, then create laws based on the seriousness of the problems associated with both spam and circulars. Should the guy in WA have gotten off free? Should companies who do useless mass-mailings get off free? And who decides and how?
Eruantalon
Eruantalon
The Annals of Middle-earth
Washington State Attorney General sues spammer
The text of the law (mirror)
4 individuals sue a spammer
The Washington State Attorney General's Office (spam section)
-ted
One tool that I have found to be quite effective against spammers, especially those with forged headers, is http://www.spamcop.net They are able to scan the spam's email headers, determine the origin of the spam, and then generate an email for the offending spammer's ISP administrator to deal with them. JM2C
The "slashdot position" is that a little bit of censorship is like being a little bit pregnant. There's a "slashdot position"? I thought we were all individuals expressing our opinions. I feel so... homogenized now. Yet the "slashdoterotti" are delighted to have censorship for spammers. Why? Spammers annoy them, porn doesn't. Porn is about content. Spam is content neutral. This is a theft of service issue.
Do I own my mailbox or not? I say I do. Spammers say I don't. The law hasn't figured it out either way yet.
--
I go on the net and LOOK for porn. Spam just gets sent to me whether I want it or not. I hate porn spam as much as I hate "get rich quick" spam.
It has nothing to do with censorship, it's the question of why should I deal with shit I didn't ask for, nor wanted. When I go out, I expect to see advertisements, I expect to see ads in the magazines I read, the webpages I visit. I'm fine with that. I have a problem with people invading my space without my consent and who are definitely not wanted. Junk mail included
The judge ruled that the law is "unduly restrictive and burdensome"?! Since when is having to truthfully represent yourself restrictive? Using fake headers or return addresses or domain names or inacurrate subject lines is forgery or illegal impersonation or misrepresentation. If i opened up a brick & mortar business and misrepresented myself in a similar way, i'm sure i would be subject to legal action. when somebody does the same thing via email, they should also be subject to legal action. having to be truthful is certainly not "unduly restrictive and burdensome"; rather it is just the opposite. this law is nothing but constitutional!
But is junkmail illegal? I personally have more of a problem with getting paper junkmail which takes more time to dispose of as I attempt to be a good recycler...all I have to do is hit the delete key in my inbox
I applaud your efforts and determination to recycle the paper wasted by junk mailers, but you miss the point entirely. Unlike junk mail (and the far more irritating junk phone calls), with email and usenet SPAM the cost of delivery is borne by the recipient, either directly (as in Europe, with their per minutes line and ISP charges) or indirectly as an ISP charges slightly more for internet access to offset the cost of the bandwidth which the SPAM has taken (and SPAM takes a tremendous amount of bandwidth).
Junk faxes are illegal, and have been for years, because the cost of toner and paper are borne by the recipient, and each junk fax costs the recipient real dollars. The same is true of SPAM.
Recycling paper may be more of a hassle than deleting unwanted mail, but multiply the bandwidth and disk usage of your unread mail by several million and the cost to the consumer for unsolicited SPAM is appalling. And while we could stop deforestation and meet our paper needs next growing season by planting hemp and producing paper from it rather than trees, there is no similar way to reclaim the bandwidth, diskspace, and people's time (also a considerable expense) which SPAMmers routinely steal from their victims.
The judge's decision is a farce, both logically in terms of the legalities themselves and in terms of their real-world effects. Not only should the state of Washington appeal the decision, but someone should take a very hard look at his portfolio and bank accounts. And everyone should forward their morning's SPAM to the idiot as well -- let him share in the consiquences of his ill-considered decision.
Finally, I recommend you take a gander at
http://www.privatecitizen.com/
$30 will go a very long way toward helping you avoid those long treks to the recycling center, and help you win back a big chunk of your valuable time. I have used this service and it does stop junk phonecalls altogethre, and junk mail slows to a tiny trickle. Highly recommended!
The Future of Human Evolution: Autonomy
You do make a valid point. I also agree that unsolicted commercial snail mail is a problem I would like to see addressed. Especially AOL CD-ROMs and other similar non paper things. But ...
"There are many ways to deal with spam on your own rather than getting the gov. and courts involved."
This is the loophole spammers are looking for. People who are willing to let tons of e-mail pass over the net because they only associate a line of text in their e-mail client program with spam. In fact, spam causes Gig after Gig of hard disk space to be taken up on servers around the world. Essentially using up someone elses resources against their will for something they more than likely do not want. This doesn't even take into consideration the wasted bandwidth that accumulates as more and more spam is sent off around the world each minute. This is not unlike someone advertising to you via FAX machine and using YOUR ink and paper to advertise to YOU.
Bad Mojo
Bad Mojo
"If you can't win by reason, go for volume." -- Calvin
Really, we shouldn't allow the medium to dictate our metaphor here: how is spam really all that different from someone approaching you on the street and asking "Hey buddy, wanna buy a watch?" It's generally unwelcome, yes, is a low-percentage approach to generating sales, and oftentimes triggers anger on the part of the recipient, but (as others have already said) it's also constitutionally-protected speech. Quite frankly, I'd rather receive the junk through email (if I have to receive it at all) than have my physical mailbox jammed full of flyers and/or have to deal with street hustlers. At least with email relatively few physical resources are being used (at least compared to print) and there's little risk of physical violence (unlike an angry response to a street hustler).
So what's the best remedy to fighting spam, if legally they have a right to say it? The same answer as works best with street hustlers: pretend not to be listening! Close open relays. Run procmail and filter everything, discarding headers that appear to be forged. Refuse to work for people who generate junk mail; there's plenty of work for the technically-savvy in this country with companies that don't send it. And make sure 'net newbies that you know are well aware of the obvious choice: boycott anyone who sends you unsolicited mail, unequivically, regardless of how lucrative it is or how much it fills a need.
This is my opinion and my opinion only. Incidentally, IANAL.
MOO;IANAL.
There used to be a picture linked here.
Yes, and if they do they should be punished for their theft of bandwidth just like anyone else.
I like the idea I read that the sentence for spamming should be to lock the spammer in a cell with a computer recieving a flood of spam. He is let out when he "just hits delete" a number of times equal to the number of spam messages he sent or caused to be sent.
(Oh, and meal announcements would be sent via the same link. Delete those, miss that meal -- so no just tying down the DELETE key....)
/.
/. If the government wants us to respect the law, it should set a better example.
The article does nothing to support the Judges findings. There is nothing in there that shows the arguments from the defense, or why the judge ruled in their favor. I'm guessing that the judge did not understand the case or the ramifications of the ruling very well. I dont see how "having them check an electronic registry of e-mail addresses to determine whether intended e-mail recipients were Washington residents and therefore protected by the law." is hindering interstate commerce. Maintaining such a database would be kind of a pain, but the government created the law, so they should have to go through the motions it entails. I'm sure this will be overturned.
Here's a link to the actual law
//Phizzy
"Most European technology just isn't worth our stealing," -- Former CIA chief James Woolsey, referring to Echelon
I wonder if any of this judge has ever tried to run a business and received spam. Working at an ISP, I know that a lot of spam passes through here and that we have a lot of clients on 56k modems (not ISDN).
When a company has to download, wait, store, read through, and destroy junk mail that's not clearly identifiable as junk mail, it takes time. It hurts their business. Most businesses I know that use e-mail engage in interstate commerce and are adversely affected by spam.
So, in all reality, this judge really has no clue about what will or will not truly adversely affect interstate commerce.
When voting, be sure to elect tech-savvy officals!
The power of accurate observation is commonly called cynicism by those who have not got it. - G.B. Shaw
This ruling appears to have nothing to do with whether spam (or indeed any of the defendant's actions, which included forgery) is OK or not - it is a technical ruling that says that the state of Washington cannot impose a law affecting interstate commerce.
State laws should be drafted with listed clauses stating that an offence is an offence if the spam is:
The laws should also explicitly state that if any of these clauses is held to be unconstitutional, the remaining clauses would continue to have force. States should expect clause 3 to be thrown out, and shouldn't depend on clause 2 to survive either. Clause 1 should survive.
Hopefully this will get appealed. On one of my domains I have the following clause: The sending of any unsolicited email advertising messages to ANY ADDRESS from this domain will result in the imposition of civil liability against you in accordance with Cal. Bus. & Prof. Code Section 17538.45.
I have been spammed 3 times at the email address above (yup, it's active, and yup, some of my other accounts get spam daily... it seems just the email addy discourages spam for some odd reason). I was able to track down two of them, and sent bills for services rendered, as outlined on the site. One ignored it, one paid me $35 in accordance with my pricing policy. All my postings on newsgroups have a disclaimer about entering into a contract. I hate spam with such venom that I spend money just to make an example of the perpetrator. If I find out who they are, I always follow up with a legal notice to their ISP and host. It was drafted by an attorney, so it goes a long way towards shutting that part of their operation down. The second spammer who ignored the bill had his home ISP account cancelled, and it's a remote part of Arizona. He's now stuck with AOL. Yes, spammers hop to and fro getting free remailers, but I doggedly continue to play whack-a-spammer. Did I mention I hate spammers?
Hopefully the legal eagles in Washington will appeal, it looks like they have a good case. It really sucks when laws are made by folks with no concept of new technologies. Some anonymous person here said it best: sign the judge up (and the jerk's new employer) to every spam list... like going to a business opportunity newsgroup and asking for ideas to make money off of the internet.
"First things first, but not necessarily in that order."
- Doctor Who
The bottom line is that everyone wants to censor -- it's just a question of when. Animal farm, anyone?
--
-- Slashdot sucks.
> OR think of them as real life mailboxes. They're on your property, but everyone is welcome to send stuff to you.
You Just Don't Get It.
My servers are private property. I bought them. I own. They are mine because of that. You're quite free to tell me that what I've paid for "shouldn't be" mine, but I'm also quite free to call someone who wants to take from me what is mine, a "thief".
Your analogy with post office mailboxes is deeply flawed. My snail-mailbox is NOT mine. It resides on my property, but only the US Post Office is allowed to place things into it. If I tamper with someone else's snail-mail, I'm not only wronging them, but am breaking a federal law because the US Postal Service has a monopoly on the delivery of snail-mail to snail-mailboxes.
Unlike my snail-mailbox - owned by the USPS and the USPS having the obligation to put things that they've been paid to deliver whether I want those things or not - my /var/mail spool IS mine, and you may not have it.
I don't even have to give you a reason why you can't have it. The fact that it's my property is enough.
Finally, "submitting your name to the DMA" is laughably ineffective. DMA membership costs money. The vast majority of spammers have no reason to join the DMA, nor to abide by its practices. Particularly when the overwhelming majority (>95% by my personal 12-megabyte archive of spam) is for offers that are fraudulent.
You also wrote:
> they [spammers] need to be forced into compliance with some standards.
And what do you think a law telling them "you may not steal other people's time and diskspace, and doing so with fraudulent headers is especially bad, and doing so for the purposes of committing fraud is even worse" is? That law is a standard - a standard approved of by the vast majority of people in WA state - and it says "Theft is wrong. You may not do it."
Your "standard" of opt-out means more people get free reign to steal my resources. Until you're paying for those resources (making them your resources, not mine), may I cordially invite you to go fsck yourself? (Actually, just go fsck yourself. I don't have be cordial to thieves.)
My "standard" means thieves go to jail or end up on the wrong end of collection agencies. Stay the fsck off of my servers or expect punishment.
Anyone who's researchied this issue knows we've tried telling spammers to "be nice". For four years. The fact is, spam is theft, and telling thieves to "be nice when you steal" does nothing to fix the underlying problem. They're still punk spamming thieves.
And they'll continue to get their accounts whacked every time they spam me.
And when there's a federal law allowing for a right of private action in an amount ($500 or higher) sufficient to justify placing claims against spammers, I'll send demand letters to every fscking one of them.
Spam is "all that much." You're making the mistake of thinking that because something doesn't hurt you very much it must not be a problem for anyone else, either. This is very dangerous and sadly short-sighted.
Spam costs my company money in the form of bandwidth and employee time (most notably, my time). World-wide, spam clogs data line and slows traffic, clogs storage and makes some news groups useless while making messages expire faster on others. Spam makes the entire Internet slower and more expensive. Spam makes people afraid to give out their e-mail address, thus hurting e-commerce and legitimate information exchanges.
Spam is a 180-degree reversal of snail-mail direct-marketing, where the transaction cost is paid by the sender. With electronic spam, the sender typically has very low costs; the hapless receivers pick up the tab for him.
Spam should be exactly as illegal as a DoS attack, and there are simple, credible arguments comparing the two.
This isn't as much "normalization" as it is "don't take so many drugs when you're designing tables."
Some exerpts from the story:
Benefits? Consumers? It's SPAM! How can you consider people who get spam to be "consumers"? But wait, let's look at the rest.
So THIS is restrictive? It should be someone's "right" to send you unwanted commercial email that has misleading headings, is spoofed, and you can't reply to? What business would resort to these tactics unless they were pawning off worthless crap?
Apparently the guy who had this suit called against him. Here's another quote:
But it IS junkmail, and "direct marketing" is just a good name from the other side of the table. The article says that the spam was some "special offer for only $35.95" sent to almost a million people in Washington.
This ruling was just plain bad. Spam is not helpful, it's not beneficial to anyone but the sender, and it's costly to everyone else. If Washington, who has the toughest anti-spam laws, can't convinct this guy, what good are the laws at all?
------------
"Okay, who taught the cat how to type ctrl alt delete?"
I warned when this law was passed that it was a tremendous waste of the efforts of the anti-spam community. The judge is entirely right on this one.
States have no business regulating geography-independent things like E-mail or just about anything else on the internet. While a state might regulate mail *from* people within the state, the idea of a state being able to regulate anything -- spam or otherwise -- on mail to the state is an extremely dangerous precedent.
When I send E-mail, I often don't know where the receipient is. State regulation of E-mail would create a requirement that I must know, and that I must then check the laws of that state to see if I comply, or risk being sued or prosecuted there.
"Who cares if spammers have to check where they are mailing?" Indeed, who does. The problem is that states can and have passed other E-mail regulation rules, other than anti-spam. New Mexico tried a law against "indency." But I wouldn't care if the law simply approved of motherhood. The problem is we don't want to have to worry about what states the people we send E-mail to are in, or the people who hit our web sites. Or, if you like, the states that contain the routers that route our packets.
In our eagerness to fight spam in every way possible, it is a mistake to go over the top and use the wrong tools. In the end we would get 50 different sets of E-mail regulations to worry about, and a need to know where every e-mail address is before we mail to it.
That's why it does violate the commerce clause. It makes people outside Washington mailing people in an unknown place (that's also outside Washington, as it turns out) forced to check that their address is not in Washington. The state is not allowed to do that.
Has it been over a year since you last donated to the Electronic Frontier Foundation