On DDoS, SPAM, Telemarketing And Harrasment?

Slak asks: "Just wondering if the laws under which the U.S. Government is pursuing the DDoS attacks on Yahoo! and Amazon could be applied to telemarketers. I mean, here we have a group that is using a public network to bother end users. " This is a good point. We now have fledgling laws against unsolicited commercial e-mail. What about unsolicited commercial phone calls? They are both forms of harassment. However, protections in the digital world have caught up and surpassed the legal protections we have in meatspace against such annoying practices. Could such laws be written without becoming Draconian in nature? Updated

I should clarify. When I speak of "commercial" phone and "commercial" e-mail, I mean unsolicited contact from a company with the intention of selling you something. Telemarketing has become a large problem in the past decade and I see the spammer as the digital cousin of the telemarketer. However, we now have protections from SPAM yet no protection from the telemarketer (believe me, I've tried ... there was no way I could get an anonymous call block in my area and most telemarketers will not identify themselves via CallerID).

How does the Denial of Service attack fit into all of this? It may not be "commercial" traffic, but it is unsolicited and dealing with it does consume your precious time to get the problem fixed. It's yet another form of harrassment, albeit a different and malicious form. It's like someone calling you up every five minutes and then hanging up. Sure it's harmless, but what happens if someone is trying to make an important phone call to you and can't get through?

Will laws be written to combat such behavior? Can such laws be written?

I'd be interested in hearing what you think.

Update: 04/19 05:49 by C : CuriousGeorge113 beamed us this little tidbit: "There's a very interesting SPAM article over at Salon.com today. The article talks about a new SPAM law soon to be in front of Congress, why it won't work, why people SPAM, and why ISP's dont bother to sue SPAMers." so it looks like our protections against SPAMers although in-place rather ineffective. This situation bears watching.

Re:An idea I had

[crow]

You can already do that, but you have to do it yourself.

Telemarketers use computers that detect answering machines (based on tape hiss and such). If you had a phone that put out such noise for the first second or so, telemarketing calls would simply hang up.

Blocked Caller ID's

[marko_ramius]

In my area (Chicago) the telco is offering a new(ish) service where any caller who's phone number is NOT presented by caller id is asked to introduce themselves via a short recording. THEN your phone rings and you hear the recording. You are then given the option (via touch tone keys) to accept the call, reject the call, or reject the call informing the caller you don't want to hear from them again (to be used in the case of a telemarketer).

SS7

[Mr.+Slippery]

Does the Plain Old Telephone System have the installed equipment to combat telemarketers?

Yes. This is not your father's POTS.

I know that you can trace a call, but how fast can that be done?

Instantly. In fact, they don't really trace calls anymore, all the information come in with the call setup request.

On the Internet, you have IP's that may or may not be spoofed, but unless you pay a premium for callerID, you don't have that luxury with telephone.

You can't get the info without paying the phone company their premium, but they have that info. (At least in almost all parts of the US and Canada. YMMV.) Telephone switches are connected to each other not just with voice lines, but with data lines that form the SS7 (Signaling System 7) packet-switched network. This network carries messages that instruct the switches to set up and tear down voice connections. (Yes, the connections could be dial-up data connections with modems but that doesn't matter at this level.)

The basic idea of SS7 is reasonably simple; it's a protocol to tell telephone switches how to connect voice lines together to make a voice circuit. The implementation, however, is very complicated (because of over a century's worth of cruft) and will hurt your brain. Anyway, one of the message fields in a call setup is the telephone number that originated the call.

If you pay the telephone company for Caller ID, they'll send you that info modulated onto the ring signal (unless the caller has requested Caller ID blocking); or if you dial a certain code (*57? I forget) immediately after a harassing call they'll record the number and pass it on to the police. People with toll-free numbers also get a list of the calling numbers.

The "keep them on the line so we can trace the call" bit you see on cop shows predates the use of computer-controlled digital switches. Forget about it. The call is "traced" before the it is even connected.

The two-second turnover time.

[devphil]

Another very effective technique keys on the fact that it's a computer that's actually doing the calling. If your telephone picks up and starts talking constantly, then the computer knows it has an answering machine and disconnects.

But if your telephone picks up, says something brief ("Hello?") and waits, then the computer knows it has reached a victi^H^H^H^H^Hhuman, and transfers the line over to a human telemarketer. The time it waits for silence plus the transfer time is just over two seconds.

So pick up your phone, say hello, and if you don't get an answer in two seconds, hang up. I've been doing this for months and have never had any complaints from friends about accidentally hanging up on them -- two seconds in which to respond is a lot longer than it sounds. Every human-to-human call I've ever had has started off within that window of time.

Is this rude to the telemarketers? Fuck 'em; they're the ones interrupting my dinner, my shower, my time with friends. (If I /do/ get trapped into talking with one, I am polite enough to say, "No thanks, I'm not interested," etc.)

wrong question

[streetlawyer]

Will laws be written to combat such behavior? Can such laws be written?

Such laws will, eventually be written. Such laws can, trivially, be written. (Soviet Russia had no telemarketing problem)

The question we ought to be asking is: when such laws are written, what other important freedoms will they be used to restrict?

Since slashdot readers are, it would seem, quite keen on sending large volumes of email to people with different views on intellectual property law to themselves, you ought to be wary about this. If Be, Corel, and the Holland, Michigan Public Library system were to have access to such a law, then there could be trouble for all concerned.

How inconvenient is it to deal with telemarketers? How inconvenient is it to live in a society with no free speech?

I'll answer the second question for you; for a lot of the people on slashdot, it would not be inconvenient at all. No regime in history has put people in jail for mindlessly parroting the party line.

The Telemarketing Sales Rule, Dont Call Lists, etc

[Pulsar]

I've been thinking about putting together a page on telemarketing, I've been doing a lot of research and found out a lot of crap lately. I wish I had because there's no way I can post everything here!

A few really crappy things about the telemarketing industry:

1) They hire prisoners. I personally am not making any decision on the merit of this process, so let's not get into a big debate about that. The thing that I take exception to is that they don't really monitor these prisoners well and convicted rapists, etc are using these telemarketing companies to contact minors and attempt to establish a "relationship" of some form with them.

I must admit I have a personal interest in this - my girlfriend (I'm 18, she's 16) was recently conned by a telemarketer (I've since seen the transcript of the conversation - this dude was SLICK...I think even a genius geek like myself might've fallen for it) who managed to get her name from her...he then used the data the telemarketing company gave him to write her a letter. Turns out this fellah is a convicted felon in the Utah State Pen...and this wasn't exactly a "Hi, how ya doin`, my name's Bob" sort of letter. Her mom saw it and freaked and has since contacted the Utah State Prison people...they've been really helpful, but the company that hires these prisoners, Sandstar (Who happens to run http://www.familyfilms.com of all sites!) has basically said "We're terribly sorry" and then continued business as usual - and this kind of stuff happens OFTEN. ABC News in Utah said they were interested in the story, but they wanted to finish up one they were already working on involving the same thing happening to a girl from Utah with another company & prison!

2) This is the part that really pisses me off. Lots of people have posted about the "do not call lists" - this is a part of the Telemarketing Sales Rule (Which the FTC is currently reviewing - check http://www.ftc.gov/opa/2000/02/tsr.htm - they ARE accepting public comments via email but only until Thursday April 27th, 2000). The TSR means well but it's NOT WORKING. Try bringing up charges in a small claims court against a company for violating the TSR by calling you after you were asked to be placed on the do not call list. These companies disappear, change names, go under, merge, etc so often that by the time the case comes up, you have no hope of even getting the 500$. Plus they often use delaying tactics because by law after 24 months they can purge their records.

The telemarketing industry is VERY screwed up. I have already put together a 10 page analysis of this all and the Telemarketing Sales Rule and all the problems with it but that might be a bit excessive to post here.

OT: Anyone else noticed that is dying? I haven't seen that used much at all lately...it's just so much more versitile and less AOL-ish than :)

Anywayz, I've posted my comment at:
http://www.galahad.cx/FTCComment.html
and the original message her mother sent out asking people to be wary of this practice at:
http://www.galahad.cx/OriginalMessage.txt
Please read them and feel free to email me about some of the efforts I'm organizing to get the Telemarketing Sales Rule patched up so that this and many other practices will at least be regulated. Or even email the FTC as detailed at http://www.ftc.gov/opa/2000/02/tsr.htm with your comments sometime before April 27th - we can use all the help we can get. And the Telemarketing Sales Rule covers ALL aspects of telemarketing, so feel free to comment on anything and everything about it on your mind, just please don't flame them too much.

Oh, and galahad.cx is my little 486 Linux box on a cable modem, so it might be kinda slow to respond at times. Sorry!

Opt-in marketing only

[crow]

Why not ban unsolicited commercial direct marketing? What would happen?

Well, the US Post Office would get an exemption on the grounds that junk mail subsidises other mail (or at least it should; I'm not sure if it's really not the other way around).

For phone, fax, and email direct marketing, a new business would be created. Consumers would get paid to opt-in. You could fill out a marketing demographic survey, and then you would get a credit on your phone bill paid for by the direct marketers who called you.

With opt-in systems, consumers get paid for putting up with advertising. Those who don't want the advertising pay their own way. This is already happening with ISPs. This is also how TV works (you can get free TV with ads, or premium/rental services without).

getting rid of telemarketers

[palerider]

actually, it's pretty easy. do not hang up, do not yell, do not curse... very nicely say "please put this number on your company wide 'do not call' list". http://www.junkbusters.com/ht/en/telemarketing.htm l for a full explanation it works..