H.R. 3113: Spam Bounty Hunters Wanted

belgin writes: "According to this ZDNet article, the U.S. House Commerce Committee is considering a law that places a bounty on illegal spammers. These bounties would be paid to ISPs and individuals who track down and turn in spammers. Specific types of spam mentioned by the article include fraudulent spam and spam that attempts to falsify its origin. Fun to think about if you've landed on one too many spam lists, but a little scary in 'leads to ...' department." The bill, called H.R. 3113, or the Unsolicited Electronic Mail Act of 2000, would impose Federal law in the form of what seem to be common-sense restrictions on electronic junk. But belgin is right -- what consequences might laws like this have that we don't want to trade for, even in spam? Would private solutions be better in the long term?[updated 18th May 2000 13:45GMT by timothy] Not to be confused with last year's H.R. 3113.

No More Spammer Excuses

[Accipiter]

See, the typical spammer response to general complaints is "But 94% of internet users WANT to receive junk E-Mail!" Now, this excuse won't work anymore.

User@domain.com receives spam.

User complains to ISP about spam.

User takes approproiate action against spammer.

Spammer cries "But people WANT spam!"

BZZZZT! That's where the excuse dies. If users want spam, there wouldn't be such an outrage against it. Now when this little law goes into effect, and people see the percentages of internet users complaining about spam, Spammers will have to come up with another excuse.

Then in turn, tougher rules will be enacted. This seems like a Good Thing to me. Here's hoping Internet Spam goes the way of Fax Spam.

-- Give him Head? Be a Beacon?

Re:I can see it now...

[orpheus]

>>> rush to see how many SPAM lists you can get Therein lies one danger of this plan.

Other have addressed some of the reasons why this is hardly the panacea it seems at first glance. I just want to note that whenever a law is passed to control an 'out of control' practice, the public's resistance to that practice diminishes.

Even the most inept telephone telemarketer has a few stories of conversions: people who start off following the "Put me on your No-Call list" script of DMA-supported so-called 'consumer' groups, but end up as buyers. The secret is that the longer you talk, the more likely you are to buy. Most people who follow a No-Call script would have hung up point-blank before. The 'don't call' script offers a tiny foot in the door of otherwise definite no-gos. The Telemarketers have scripts of their own to capitalize on this.

Why do you think Publisher's Clearinghouse makes you fiddle with so many stickers to complete one of their sweepstakes stickers? So the visions of payoff, and other irrational notions can dance in your head. Even after you hang up after your Don't-Call spiel, don't you secretly wish they call back, so you can nail them in small claims. Only a tiny handful of people have ever successfully sued (not enough to pay for a single DMA trade seminar luncheon) while telemarketers do many successful conversions every hour, in every state.

And now we dangle the 'bounty' of a potential windfall, albeit a modest one, in front of every newbie, casual user, and kid?

Less spam will get filtered and discarded unread and more spam will be scrutinized for 'illegal' elements that qualify it for the bounty. People will be less cautious about prtecting their e-mail, because it's a potential pay-off as well as an annoyance, and because watching your privacy is hard work, and humans will seek any rationalization to avoid such a tedious and thankless task. "Spam is illegal" is just such an excuse

Publishers Clearing House would love this! PCH spends several times as much on its interactive sticker-laden mailings than it does on the grand prize - and made decades of tidy profit on this marketing model. They are proof of concept.

Salesmen - especially shady ones - are cynical masters of psychology, unlike engineers.

I'll close with a general warning tht you should keep in mind for the next year of so:We are at a critical time when private data is still largely unregulated in the US, and is not as tightly regulated as it will be, even in Europe. They can gather and share information now that they may never be allowed to gather again.
_____________

Spam bounty hunting - Sweet!

[Chairboy]

I could see it now, cruising around newsgroups and SMTP servers looking for spam with my Boba Fett outfit on. People could contact bounty hunters and offer added incentives for giving the personal data of the spammer to them first before passing it along to the government.

Spammed person: (getting ready to freeze the offending account and dispose of the spammer)

Me: He's no good to me dead.

Spammed person: (pausing) Don't worry, you will be properly compensated.

Spammer: (screaming as the torture began) Aaaaaaaarrrggh! They didn't opt out, they didn't opt-AAAAAAAAAAAAHH! NO! Not my e-mail finger-GNNNAARGH!

I like it.

Congress ahead of its time?

[Jim+Tyre]

The actual Bill provides, among other things:

(a) FINDINGS- The Congress finds that:

(1) There is a right of free speech on the Internet.

I'm so happy Congress found it, I thought it was lost before.

Nice HR!

[Rei]

Aww, why couldn't it have been HR 31337? That would have been so much more fitting ;)

- Rei

Spam vs. Junk Mail

[khog]

Spam and junk mail, at the first look, seem very similar. In fact, they are quite different. Those of you geeks who bother to leave the house (myself included) know that you need a stamp to send snail-mail. Stamps, as you know, are not cheap. What is it now, 34 cents? I can't keep track. (I just don't leave the house enough, that's my problem.) To send an e-mail? With an unlimited internet access plan, nothing, really. On bandwidth rated connections it could end up costing you a pretty penny if you were really high volume. Notwithstanding, spam is, on the whole, free to send; junk mail isn't.

This presents quite a conundrum. In the "real" world, junk mail isn't free to send, so there's less of it. Telemarketing isn't viable, either, because you need to pay people. Spam, on the other hand, can be efficiently run on an old computer with a 56K, or 33.6K (if you're patient) modem. What is there to do?

Well, nothing good. Government regulation (as in USA government) of anything on the internet is just wrong -- the internet belongs to no one, at this point. If the government wanted to regulate it, it shouldn't have ever left our borders; not so quickly, at least. It's too late for wide-scale regulation -- it'd be trivial and stupid. Trivial because anyone can route through some foreign server and stupid because it's no one's place to go around making regulations.

As mentioned previously, I think the best solutions are private. Set up some filtering software. Or, god forbid, delete the crap. If you're on a per-bandwidth payment schedule...sorry. It's what you have to deal with. The whole point of freedom is that anyone, not just geeks, can do what they want. If what they want to do is sell printer toner then by all means, sell away.

As a side note, doesn't this all seem a bit trivial to anyone?

Mikey G.

Re:Dammit

[gilroy]

Quoth the poster:

Same basic idea goes here - it's just not the right way to handle things.

I disagree ... this is not the same basic idea. In the WAVE thing, kids were paid to inform. Here, Congress is defining the right of a private citizen to recover damages incurred by a violator of civil law. Read carefully ... it is not all spam, only those that falsify origins or defraud the recipient.

The issue is, spam costs time and money. Unlike even junk mail, the sender suffers effectively no cost, but the recipient does. It's annoying enough when this is "legitimate" but it's maddening when the message is fraudulent.

Despite the wonderful Wild West connotations of "bounty", this isn't a bounty ... it's not a reward, it's a right to recover damages.

I can see it now...

[DgtlGhost]

The rush to see how many SPAM lists you can get on so as to track the origin of the msg, just to turn them in. Undercover SPAM cops! Oooo, I think I see a new Fox Show for next fall, following the special, When SPAMmers attack!
Is it just me or does this sound damned hard to work out details for?

-Earthman

Private solutions? Sure, they're waiting for you!

[Frater+219]

Ummm.....If there are viable private solutions to this scourge, then why haven't we seen them already?

There are viable private solutions to spam. See the Mail Abuse Prevention System. Using MAPS's lists to filter your incoming mail will significantly reduce the amount of spam you receive. No, it will not eliminate all spam -- but neither does any "solution" to a social problem entirely eliminate that problem. (Certainly law is not a perfect solution to problems -- otherwise, why do we still have murder, theft, and copyright violation?)

(One of the great things about MAPS is that the more participants, the better it gets. If you use MAPS to filter your mail, then report spam you receive back to MAPS appropriately, you will be helping to improve the service -- thus reducing your future spam intake and everyone else's.)

I am not sure if a private solution would work in this situation because of the "free speech" arguements and also of the multi-juristdictional nature of the problem.

It's funny you should mention those -- because those are, in fact, two problems with law-based solutions which do not affect private solutions.

"Freedom of speech", as protected by the U.N. Declaration of Human Rights and the U.S. Constitution (among others), is more accurately described as the freedom to use your own resources, including your voice and your property, to speak your mind. It does not justify your use of other people's property to speak your mind. That, however, is what spammers do -- they use my mail server, without my permission, to spam me, my users, and others. In the civilized world we call that "theft of services" -- just as if I owned a printing press and you crept in by night and used my press to print up your leaflets.

The legal trouble, then, lies in defining "permission". Some would argue (and have argued) that by connecting a mail server to the Internet you are implicitly granting everyone permission to use it as much as they want, for whatever purpose they want -- including spamming. The opposite extreme is to hold that only explicitly solicited mail is granted permission -- which would rule out a lot of perfectly legitimate mail. Both of these are IMHO ridiculous extremes. A legal attempt to stop spam, however, must deal with these issues in defining spam. Veer to far towards the first position, and you violate property rights; veer too far towards the second, and you violate freedom of speech. A private attempt to stop spam can define permission extensionally -- i.e. by example. This is exactly what cooperative, voluntary systems like MAPS's lists do. The lists are made up of addresses associated with actual pieces of spam received and reported by participants.

You also mention the "multi-jurisdictional nature of the problem". This, too, is a problem solely for legal attempts to stop spam, and not private ones. Private cooperation among ISPs and among users may easily ignore governmental borders -- indeed, it already does. MAPS participants come from all corners of the globe.

For all those anti-government folks, I am surprised to see that a creation of a civilian anti-spam force is so distrubing to you.

What's so "anti-government" about bounty-hunters and more laws? That's about as "anti-government" as any other case of stool-pigeonry.

As a Libertarian, I object to government meddling in private affairs. I also object to crime (i.e. the violation of people's rights), and I consider spamming to be criminal, regardless of whether or not government thinks it is. Spamming is a violation of the property rights of those spammed, and of the owners of mail servers that relay and store the spam. I support people taking private action to protect themselves from crime, insofar as they feel the need to do so, and can do so without violating others' rights in the process -- and that is exactly what MAPS and similar systems do.

If you are emotionally dependent on government to protect your rights -- in other words, if you are unwilling to protect them yourself -- what rights do you really have?

what consequences?

[geekpress]

The ./ summary hints at some potentially scary future as a result of the precedent set by this bill. Well, we already have worse incentive programs. Thanks to DARE, kids turn in their parents for smoking pot. Compared to that, the precedent set by hunting down spammers seems pretty benign.

Nevertheless, any program where people are rewarded for turning in other people for alleged misdeeds has a KGB aura to it, no doubt. But why should we be so suspicious if the misdeed is, in fact, A Bad Thing?

Well, we should be suspicious if it is only A Bad Thing and not An Evil Thing. SPAM is a pain, but it's just not on the same level as rape or murder. There is a real difference between giving someone an incentive to turn in their rapist neighbor vs their spamming neighbor. The law ought to see a difference between the magnitude of those two acts, rather than lumping them together as "lawbreakers."

Then again, if they'll let me hunt them spammers with my shotgun in hand, to hell with the precedents! :-)

-- Diana Hsieh