Slashdot Mirror
Spam Under Legislative Attack in Europe
Anonymous Coward writes: "CNN has an article in their Science and Technology section detailing how the European telecommunication ministers have agreed that unsolicited e-mail and wireless text messages should be prohibited under a new data protection law. They also are agreeing to allow leeway for law enforcement to access logs of e-mail and telephone traffic.
Spam is no joke when consider that in some parts of the world, Internet service is pricey and there is no such thing as a flat rate. If you paid per MB or per minute of connect time, you would "get it" for sure. As the U.S. concept of "unlimited" internet service gets less and less "unlimited", the spam issue will only get hotter.
Personally, I have a zero tolerance policy -- I trace the headers and file complaints. No exceptions. I managed to get one spam website TOS'ed off 3 ISPs, as well as a direct hit on their DNS capability, just by recycling the same message headers as the spammers got booted from one ISP to the next. I find that complaint messages work better when I have a meaningless bunch of keywords at the bottom. Wonderful things like DMCA, copyright, infringement, litigation, trademark, liability, etc.
On to the telemarketers. If you live in a state that has a manadatory "do not call" list, get on it. Otherwise, write to your state rep. and lobby for one. I live in Connecticut, where the DNC list has hit the telemarketers like a "bunker buster".
Then we have the junk mail. That gets stuffed back into the "business reply envelope" and returned at the sender's expense. I heard someone suggest keeping a supply of junk mail on hand at all times, so as to overstuff whatever business reply envelopes you might receive. I pay for trash removal. The people who send me this junk can pay to take it away, not me.
If I could set up my email system in such a way that it will only receive email after receiving notification from paypal that an amount X has been transferred to me, I would cease to receive spam overnight. My personal threshold would be 25 cents - less than a stamp but enough to be noticed. This would deter spammers, but not keep entities with a reasonable expectiation that I want the mail from emailing me. It might even deter those pesky friends that keep sending me copies of jokes that were already old when I was still young.
Between friends engaging in conversation, the amounts paid would balance out. But in the case of one way communication, I'd get paid a bit for the time I spend looking at my emails.
Obviously, this can be implemented with reasonable effort pretty quickly. There are some minor details to deal with, nothing traumatic though: The sender would have to be able to determine what the going receiving rate of the recipient is. There needs to be a functional and pervasive micropayment system (paypal). Mail programs would need to be updated to deal with the added protocols.
I find it amusing how politicians still think they can regulate the Internet by way of stroke of pen. They'll have to learn the hard way. Sadly, we'll have to suffer in the meantime.
Most reasonable countries and reasonable laws are aware of the contract killer/spammer/whatever. What makes you think these laws will be any exception? I would expect that a well worded anti-spam law would choose its phrasing such that it didn't matter how many levels of indirection there were; if you are anywhere in the chain of "spam him" instructions, you're guilty.
Remember, The Man(tm) may be an asshole, he may be an ignoramus, but he is very rarely a moron. Morons aren't very threatening and if they are, they are easily controlled and manipulated into doing something less threatening.
-Cheetah
This may be one of the best legal solutions. Simply ban the "harvesting" of e-mail addresses from web pages and newsgroups and/or the selling of those addresses. Obviously, those things have no legitimate use, and are used only to send me crap that I don't want.
It would also be easy to catch people to prosecute them. Set up a web page that, when it's hit, generates an e-mail address, and logs that address along with the IP address and timestamp of when and from where that page was requested. When an e-mail comes to one of those addresses, get a little help from the ISP and you're well on your way to finding out who did it! Not just who sent it, but the scum that harvested the address!
Those people are the worst of all Internet citizens. If I was alone in a room with an e-mail harvester, and I had a baseball bat in my hand, it wouldn't be pretty.
That and banning ANY sender info or header forgery, require a valid mail or phone AND e-mail contact in all commercial e-mail, and I think the spam problem will be pretty much done. You might still get a few UCEs, but not the sheer quantity of stupid and annoying ones we get now.
If the government had those sort of powers to fight terrorism you'd all be up in arms, but if it's to fight spam you're all for it.
Interesting idea, but doubtful to work with the current system in any way. (You really want to have to declare all of those micropayments on your 1040?)
Personally, I think some kind of pre-authorization scheme is better than a pay system - remember, this has to work in third world countries, too.
Brad Templeton has a neat system in place that is not too difficult to use at all. If you send him an email, you get the following:
OK - there goes 99% of your spam.
If spammers figure a way to reply, add a question and answer feature:
You could make the questions progressively tougher
Procmail could handle the rest of the mail, too, (if it weren't so damn hard to write recipes for. Yes, I know about the perl mail filters - I'm looking into them now.)
Imagine a procmail-type system that could strip attatchments and process them:
Since I get a lot of mail in Japanese, I could choose to detect DBCS text and run it through babelfish before I read it.
Most of these things could be and are being done. I bet there would be a market for a prewritten package customizable through a web interface. I would buy it.
What you do with incoming mail is a very personal decision - some people *like* mails that you and I would consider spam. There are always exceptions to the rules:
What happens when your mail filter blindly drops a mail from your wife telling that the baby just ate the Copier Toner or your housemate writes to tell you that a group of Real Naked Coeds are waiting in your room - get home quick! OK, neither of those situations are likely to occur, but you get the idea...
Cheers,
Jim in Tokyo
-- My Weblog.
However, how about the following idea: if a spam relay is not closed within, say, 2 business days, we start using it ourselves... to spam thousands of Chinese email addresses with anti-communist articles from various news sources. I betcha, that relay will get closed down real quick.
Mail clients should have a spam-vote button, a button that lets you vote for blacklisting the sender of the message you are just viewing.
If you press the button you get a warning, explaining what you're about to do. If you accept, a message including all the headers of the spam mail is created automatically and sent to a spam-vote server at your e-mail service provider. This vote server verifies that the vote comes from you, and then, possibly after some processing, sends your vote to one or more blacklisting services chosen by your e-mail service provider.
If there are just a few votes to blacklist a particular sender it's considered a mistake and no blacklisting occurs. The sender is blacklisted only if the number of votes is large. If a provider has a very large number of blacklisted senders, that provider may be blacklisted.
This would give technically clueless users a say in the matter. It would let clueless users send proper spam complaints, complete with all the headers. And it would allow people to stem the flood without revealing their e-mail address to fake opt-out lists that just increase the spamming.
When you press the spam-vote button, the mail client not only sends the spam vote. It also puts the sender in the client's own list of blocked senders, and removes all the messages that came from that sender. You can change your mind and remove the blocking, so you can receive messages from that sender again. Then the mail client creates another automatic message revoking the blacklist vote.
This way even the clueless will see what happens. A clueless user can't just keep sending a lot of blacklisting votes by mistake. Mistakes have consequences that have to be rectified.
At the server side, the system can be refined and improved over time. For instance, the voting services should count percentages rather than absolute numbers. They might also keep karma points and reputation scores. They might use collaborative filtering. Lots of different refinements are possible. Hopefully there would be several different services trying different strategies so the system evolves.
Users can then try different e-mail service providers with different spam-vote and spam-block policies. Probably many providers would let users choose among several alternatives. Tastes differ very much in this matter. You try different alternatives and see what works best for you.
Give a man a fish and you have fed him for one day. Teach him how to fish and he'll eat for a lifetime. Unfortunately, he'll call you a miser for not giving him your fish.
Terrorists can't threaten a country's freedom and democracy. Only lawmakers and voters can do that.
What makes you think a working opt-out is not possible ?
We do infact have such a system in Norway. There's a single webiste, operated by the government whee you can register yourself, and mark check-boxes for which kind of targeted marketing you accept. (postal or by phone ? Not from anyone, or do you still accept postal marketing or phone-calls from charities?)
Anyone who does direct marketing is legally obligated to wash their adress-lists against this one atleast once every 3 months. Sending postal mail, or doing phone-marketing to a person on the list is a crime. Punishable by fines or prison up to 2 years. (In theory, in practice you get a fine offcourse)
When it comes to email we've got opt-in though. Sending marketing to individuals without *prior* *informed* *active* consent is a crime. Same punishment as above. And it *does* Work. I get about 200 spams a month. And this far in 2001 I've gotten *2* Count them - *TWO* spams from Norwegian spammers. Naturally I've reported them and had them fined.
Opt-out is actually acceptable if there's *one* single point where you opt out, and if there's punishments attached to ignoring your opt-out. I still prefer opt-in, but the opt-out on phone-marketing does work. I've got ZERO phone-marketing-calls after I registered myself on the opt-out site.