Slashdot Mirror
Spam Under Legislative Attack in Europe
Anonymous Coward writes: "CNN has an article in their Science and Technology section detailing how the European telecommunication ministers have agreed that unsolicited e-mail and wireless text messages should be prohibited under a new data protection law. They also are agreeing to allow leeway for law enforcement to access logs of e-mail and telephone traffic.
In a place where Internet traffic is priced by the megabyte or minute and SMS service by the message, I would imagine the motivation to eliminate spam is a little bit higher than in the country of flat rates.
Most of the spam that I receive is coming from China and South Korea. I don't think legislation will help much. I would rather see them BGP'd to /dev/null.
Mea navis aericumbens anguillis abundat
Most of the spam I get now, is from companies that are using "contractors" to spam, or spam from offshore (i.e. China) ISP's. The advertised product is from the US often, but the advertisee is not. Therefore, shutting down the "spammer" isn't going to do anything.
Now I don't know how to practically impliment this, as there are some pitfalls, but with some decent legislation, we could make it possible to target the beneficiary of the spam. That makes it possible to attack the real reason for the spam - where we can use our laws etc to attack it.
Sure, there will be spam that also has you send you money to China/Afganistan etc, but that will make the spam much less profitable, as most people won't do so. Lastly, most people will use credit cards, and I assume that most SPAM scams are frauds too, so the chargebacks will be hell for the spam beneficiary.
Anyway, it just seems that we can't just attack the spammer, we really need to attack the beneficiary. Then the spammers will go away, as they can't find anyone to demand their services.
Sure, I'm crazy, but what the heck!
We spend hundreds of kilobytes yammering about the great firewall of China, in particular laughing at the futility of it--legislation that stops the flow of information seems to be something we protest when implemented, and deride when proposed.
This is of course, while we upgrade our procmail recipes and secretly wish for a legally-mandated X-this-is-spam header.
In the end isn't stemming the flow of unwanted spam essentially the same thing? Going with the datahaven theory, eventually all your spam will come from the countries that _do_ allow spamming. And then all your bulk-marketing companies will set up branch offices there.
It starts making draconian black hole lists start seeming like the only viable solution. Because legislation sure don't work.
I have a fax number attached to my mobile phone as part of my plan. I don't use it much, so I didn't bother finding out the number for the first few weeks I had it. In that time period I got no less than 84 pages of, you guessed it, spam. Although this pales next to the amount of email spam I receive, it is shocking to know that I can get spammed when even I don't know my address.
Anything that reduces the volume of electronic junk I receive is good. I applaud the Europein Union for this, and I hope that it comes to the USA very soon.
Even Slashdot wants to hide some things
It seems to me that the telecommunications ministers have much larger things to deal with than cookies. Do they really have the power or reason to deal with the Application layer of the system? Now my site needs a policy to tell people that my app server likes to set cookies? Anyone wish for the time when the web was less commercial?
The right honorable Mr. Coward wrote:
Phone solicitation is soooo much more annoying. Why don't people enact laws against that.
The Telephone Consumer Protection Act was signed by George Sr. in 1991. The link also has some cute advice about how the law applies to you.
Of course, this is in the states - I don't know where Mr. Coward is from.
Anyway, the FCC/FTC/DOJ/park service etc. periodically come by and close down a telemarketer, but it is pretty much for show, and in every case the telemarketer has actually been charged with fraud, not with calling people who've been asked to have their numbers removed. In general, it being the law anyway, telemarketers will take your # off if you ask (unlike spammers.)
The good and new comes from no quarter where it is looked for, and is always something different from what is expected.
Yeah, and you can screen your calls using Caller ID. That's hardly an argument, of course. Besides, automatic spamfilters are ineffective; they either let spam through or block legitimate mail. Companies cannot afford any risk of legitimate business mail being inadvertently caught in the filter, and therefore will not filter at all.
Here are some more reasons why people get up in arms:
Spam is no joke when consider that in some parts of the world, Internet service is pricey and there is no such thing as a flat rate. If you paid per MB or per minute of connect time, you would "get it" for sure. As the U.S. concept of "unlimited" internet service gets less and less "unlimited", the spam issue will only get hotter.
Personally, I have a zero tolerance policy -- I trace the headers and file complaints. No exceptions. I managed to get one spam website TOS'ed off 3 ISPs, as well as a direct hit on their DNS capability, just by recycling the same message headers as the spammers got booted from one ISP to the next. I find that complaint messages work better when I have a meaningless bunch of keywords at the bottom. Wonderful things like DMCA, copyright, infringement, litigation, trademark, liability, etc.
On to the telemarketers. If you live in a state that has a manadatory "do not call" list, get on it. Otherwise, write to your state rep. and lobby for one. I live in Connecticut, where the DNC list has hit the telemarketers like a "bunker buster".
Then we have the junk mail. That gets stuffed back into the "business reply envelope" and returned at the sender's expense. I heard someone suggest keeping a supply of junk mail on hand at all times, so as to overstuff whatever business reply envelopes you might receive. I pay for trash removal. The people who send me this junk can pay to take it away, not me.
Within the midst of the world out there, there's a subworld. Communications developing to a point that I can hit on a girl in Indiana from Vancouver Canada through that simple "uh-oh" sound that we've all grown to despise and eventually thalamus out of our minds. My friend was convinced she was going to go on a trip to Holland to meet this guy she met over AIM.
And it goes on.
In the meantime, governments are trying to make the world more comfortable for... well... themselves... without even understanding what's going on.
The ramshackleness (is that a word?) of the world almost resembling the Austro-Hungarian empire prior to World War I is being manipulated by the people with access to this technology to transcend borders. Pornography of 14-year olds is illegal... except in the old Soviet republic of Fookerplakistani (apologies to Austin Powers)...
So it's possible, no matter where you are, to have access to pictures of naked 14-year-old Fookerplakistinians.
This is another attempt of them trying to regulate this borderless world. It's not bloody possible. 50% of the spam mail I get is in some foreign language that is neither french nor english, which suggests to me that it's from outside of Canada, and thusly any regulation the Canadian government will try to do will be in vain because it'll probably cut down on about 2% of my spam mail.
They're slowly trying to work their way into the internet, between Gore "fathering" the internet and the crackdowns on filesharing (I still say that Napster getting shut down was the greatest thing to happen to MP3s since WinAmp...) are becoming more and more regimented (Even audiogalaxy has filters now. Damnit).
So, I guess the point I'm getting at is that this is going to be a slow process because they're just not going to understand that it's a futile move on their part and that the more they try to regulate, the more loopholes the l33t h4x0rz and bored computer geeks will find. But they'll bury their heads in the sand and say that they've won the war on "indecent internet usage" or something like that simply because they've instated a sieve.
Karma: Non-Heinous
No. In the case of the Great Firewall of China (and Saudi Arabia), a third party is attempting to block information people want. As such, the sheer number of minds applied to circumventing those artificial barriers all but assures they will be overcome.
Contrast with spam filtering, where a third party is attempting to block information people don't want, with the full support and agreement from said people. This makes the number of sociopaths trying to circumvent the barriers vanishingly small. Moreover, because people support the blocks, the number of people willing to report spammers who penetrate security is considerably higher (as opposed to the China/Saudi situation, where there's likely a silent agreement that the authorities are not informed when the barriers are breached).
Schwab
Editor, A1-AAA AmeriCaptions
Anti-spam legislation is intended to allow people to stop receiving information (?) they don't want.
This is not about control of the Internet. This is about control of my e-mail inbox, the one I pay for.
If I could set up my email system in such a way that it will only receive email after receiving notification from paypal that an amount X has been transferred to me, I would cease to receive spam overnight. My personal threshold would be 25 cents - less than a stamp but enough to be noticed. This would deter spammers, but not keep entities with a reasonable expectiation that I want the mail from emailing me. It might even deter those pesky friends that keep sending me copies of jokes that were already old when I was still young.
Between friends engaging in conversation, the amounts paid would balance out. But in the case of one way communication, I'd get paid a bit for the time I spend looking at my emails.
Obviously, this can be implemented with reasonable effort pretty quickly. There are some minor details to deal with, nothing traumatic though: The sender would have to be able to determine what the going receiving rate of the recipient is. There needs to be a functional and pervasive micropayment system (paypal). Mail programs would need to be updated to deal with the added protocols.
I find it amusing how politicians still think they can regulate the Internet by way of stroke of pen. They'll have to learn the hard way. Sadly, we'll have to suffer in the meantime.
At least in most of the US, that is. All you have to say is "do not call this number again" and they are legally obligated to put you on a do-not-call list. If they call again within 10 years (the time limit may vary state to state), you can take legal action against them.
New York even has a website where you can submit your name, address & phone number for a semiannually-distributed list from the state of people who have opted out.
Try that with SPAM, as things sit right now.
If you want freedom, you have to support everyone's freedom... -- dawgfacedboy
Your right to free speech doesn't extend to my living room. I assert that it shouldn't extend to my inbox or my telephone either, unless I've explicitly published my desire to receive such contact.
A working opt-out would be great, of course, as you say. But such a thing is not possible, or at least there's been no proposal yet that doesn't just make the spam problem worse by disseminating my email address to the very folks I want to shut up.
That's why the only route is draconian: ban ALL UCE entirely, until and unless somebody comes up with a safe, non-spamming mechanism for blocking UCE.
-- We all have enough strength to endure the misfortunes of other people. La Rochefoucauld
The article doesn't have much meat to it. Boiled down, it says "The Council of Ministers think unsolicited email and SMS messages should be legislated against. Two weeks ago, European Parliament voted against a ban on spam".
Or, more briefly:
Council: Spam bad. Anti-spam laws good.
Parliament: We disagree.
I wish something had been said about how the Council plans to enforce anti-spam laws. I live in Washington (US), where the state government passed anti-spam laws several years ago.
I still get spam. Anti-spam legislation is well and good, but it doesn't seem to work.
If you outlaw mass-mailers, only outlaws will mass-mail. Or something like that.
Cool! Tomorrow I'll make use of my freedom to come to your house and dump a truckload of cow shit in your back yard. As a sign of my dedication to Freedom and the American Way, I'll even put a brand new US flag on top for you. How's that?
Don't like it? Sorry. If you want freedom, you have to support everyone's freedom, even if you hate them.
Yeah, that's reasonable I guess. I should stop dumping cow shit in your back yard if you tell me to stop, I can accept that. However, since you have now yelled at me, I now know for sure that you exist, and I'll be sure to sell your address to at least ten fellow cow shit dumpers as confirmed live!
There are how many millions of businesses in this country? And you're saying they should all have the right to send you their sales pitches by e-mail, but as long as you reply with "remove", they have to honor it?
You want to reply to 5 million e-mails with "remove" in the subject?
Sorry, try again.
I disagree. Spammers are soooo much more annoying than phone solicitors.
-Phone solicitors don't immediately engage in sex talk with your 7 year old when he picks up the phone.
-Coming home from a long vacation doesn't usually mean you're going to have to sift through a blizzard of thousands of phone solicitation calls. (Interspersed by warnings from the phone company about how you're getting too many phone calls and would you like to buy more space?)
-When a huge amount of phone solicitations overwhelm the phone company and force them to invest in additional infrastructure, the cost is passed to the phone solicitors, not to you.
-If you have an unlisted number, and a phone solicitor calls, it doesn't automatically mean that the gig is up and the number is no good anymore.
-There actually exist phone solicitors who are not running scams.
-You don't get hundreds of phone solicitations in the space of 24 hours.
-Phone solicitors don't try to fool you by pretending to be people you know.
-Phone solicitors don't call you and offer to sell you a CD of the phone numbers they're calling.
-Phone company operators aren't kept awake at the phone company at 3 AM clearing wayward phone solicitations out of the equipment after a torrent of wrongly dialed phone solicitations.
-You don't get the same phone call from the same solicitor five times in a row in immediate succession, unless he has an organic brain disorder.
-While they can sometimes block the number from appearing at all, phone solicitors don't intentionally send forged numbers to your Caller ID box.
-If you tell a phone solicitor to take your phone number off his list, he doesn't immediately sell your number to all the other phone solicitors in town. ("It works, someone picked up the phone!") This is because we have laws dictating that phone solicitors cannot do this.
-And you can at least be rude to a phone solicitor. In fact, a phone solicitation from the PBA offers the quick-thinking solicitee a rare opportunity to safely tell off a cop. And you can do stuff like this:
ME: Hello?
PHONE SOLICITOR: (bubbly female voice) Hello, do you subscribe to the <name of local newspaper>
ME: Uh, no...
PHONE SOLICITOR: Oh my GOD! How do you get your news?
ME: Well, if you must know, the government implanted a chip in my brain, and now God and aliens just beam all that news right into my head. Why, isn't the chip in your brain working?
PHONE SOLICITOR: Uhh, OK, ummm... goodbye!
And in other news, the USA has approved a measure under which spammers will be execu^H^H^H^H^Htried in secret military tribunals
This may be one of the best legal solutions. Simply ban the "harvesting" of e-mail addresses from web pages and newsgroups and/or the selling of those addresses. Obviously, those things have no legitimate use, and are used only to send me crap that I don't want.
It would also be easy to catch people to prosecute them. Set up a web page that, when it's hit, generates an e-mail address, and logs that address along with the IP address and timestamp of when and from where that page was requested. When an e-mail comes to one of those addresses, get a little help from the ISP and you're well on your way to finding out who did it! Not just who sent it, but the scum that harvested the address!
Those people are the worst of all Internet citizens. If I was alone in a room with an e-mail harvester, and I had a baseball bat in my hand, it wouldn't be pretty.
That and banning ANY sender info or header forgery, require a valid mail or phone AND e-mail contact in all commercial e-mail, and I think the spam problem will be pretty much done. You might still get a few UCEs, but not the sheer quantity of stupid and annoying ones we get now.
Some replies have already indicated how legislation in one jurisdiction may not be very effective in the jurisdiction-less world of the 'net.
I very rarely receive spam these days. This is my self-help tactic:
1. buy a domain name from a registrar that offers email aliases (this is inexpensive, 12euros from gandi.net, or US$15 from a few others). (i use gandi.net for registration and zoneedit.com for dns.)
2. set up an email address to forward to your normal ISP, or hotmail or whatever account. only give this address to trusted people.
3. set up a temporary spam email address (eg. temp1@yourdomain.com) and also forward it to your normal ISP/hotmail account. this is your 'public' address for web sites that require one. when you start getting spam, simply change it to temp2@yourdomain.com. no more spam.
at one stage i had about 10 different addresses all forwarding to my ISP account - it's interesting to see how and where they get around. i used one in usenet and one for web sites - the usenet one seemed to generate more spam.
another advantage is that you can keep the same 'main' address when you switch ISP or employer.
make sure you never give out your real ISP address.
for US$10-15 per year i have found this to be a very cheap and very effective spam-busting solution. it's worth registering a domain just for the control over email addresses. the ability to simply 'kill' the email address that's getting the spam is great.
Interesting idea, but doubtful to work with the current system in any way. (You really want to have to declare all of those micropayments on your 1040?)
Personally, I think some kind of pre-authorization scheme is better than a pay system - remember, this has to work in third world countries, too.
Brad Templeton has a neat system in place that is not too difficult to use at all. If you send him an email, you get the following:
OK - there goes 99% of your spam.
If spammers figure a way to reply, add a question and answer feature:
You could make the questions progressively tougher
Procmail could handle the rest of the mail, too, (if it weren't so damn hard to write recipes for. Yes, I know about the perl mail filters - I'm looking into them now.)
Imagine a procmail-type system that could strip attatchments and process them:
Since I get a lot of mail in Japanese, I could choose to detect DBCS text and run it through babelfish before I read it.
Most of these things could be and are being done. I bet there would be a market for a prewritten package customizable through a web interface. I would buy it.
What you do with incoming mail is a very personal decision - some people *like* mails that you and I would consider spam. There are always exceptions to the rules:
What happens when your mail filter blindly drops a mail from your wife telling that the baby just ate the Copier Toner or your housemate writes to tell you that a group of Real Naked Coeds are waiting in your room - get home quick! OK, neither of those situations are likely to occur, but you get the idea...
Cheers,
Jim in Tokyo
-- My Weblog.
You're correct for the most part, but I think that if it was legitimized in ANY way, more legitimate businesses would get into the act and start spamming.
However, how about the following idea: if a spam relay is not closed within, say, 2 business days, we start using it ourselves... to spam thousands of Chinese email addresses with anti-communist articles from various news sources. I betcha, that relay will get closed down real quick.
In most states, you can collect $500 from the originator for each violation.
Sounds like a good model for spam legislation.
I do not deploy Linux. Ever.
If only the governments of the world didn't have such a stringent, screwy obsession with "cyber crime legislation." Rather than whining and lobbying to our jurisdictional nannies to do something about spam, the more clueful private citizens could harass, berate and take action against spammers better, using less white-hat tactics than are required right now.
When we were growing up, absolutely no good ever came from telling your mom to beat up the bully's mom, so why are we telling our governments to beat up spammers and soft-line governments all the time?
"Look at me, I invented the stove!" -- Ben Franklin
Mail clients should have a spam-vote button, a button that lets you vote for blacklisting the sender of the message you are just viewing.
If you press the button you get a warning, explaining what you're about to do. If you accept, a message including all the headers of the spam mail is created automatically and sent to a spam-vote server at your e-mail service provider. This vote server verifies that the vote comes from you, and then, possibly after some processing, sends your vote to one or more blacklisting services chosen by your e-mail service provider.
If there are just a few votes to blacklist a particular sender it's considered a mistake and no blacklisting occurs. The sender is blacklisted only if the number of votes is large. If a provider has a very large number of blacklisted senders, that provider may be blacklisted.
This would give technically clueless users a say in the matter. It would let clueless users send proper spam complaints, complete with all the headers. And it would allow people to stem the flood without revealing their e-mail address to fake opt-out lists that just increase the spamming.
When you press the spam-vote button, the mail client not only sends the spam vote. It also puts the sender in the client's own list of blocked senders, and removes all the messages that came from that sender. You can change your mind and remove the blocking, so you can receive messages from that sender again. Then the mail client creates another automatic message revoking the blacklist vote.
This way even the clueless will see what happens. A clueless user can't just keep sending a lot of blacklisting votes by mistake. Mistakes have consequences that have to be rectified.
At the server side, the system can be refined and improved over time. For instance, the voting services should count percentages rather than absolute numbers. They might also keep karma points and reputation scores. They might use collaborative filtering. Lots of different refinements are possible. Hopefully there would be several different services trying different strategies so the system evolves.
Users can then try different e-mail service providers with different spam-vote and spam-block policies. Probably many providers would let users choose among several alternatives. Tastes differ very much in this matter. You try different alternatives and see what works best for you.
Give a man a fish and you have fed him for one day. Teach him how to fish and he'll eat for a lifetime. Unfortunately, he'll call you a miser for not giving him your fish.
Terrorists can't threaten a country's freedom and democracy. Only lawmakers and voters can do that.
Your comment about paying per SMS message makes no sense to me as it's the spammer that has to pay, not the recipient. Care to elaborate?
Monkey sense
I think legislation is the Right Thing[tm] to do right now. I'm not going into details, but the privacy concerns with ISPs stopping their customers from spamming is so great, I wouldn't want my ISP to be able to tell if I spammed.
The most significant problem is that the US is right now a spam haven, as about 90 % of my spam (get about 10 a day) comes from the US. If the US gets some good legislation too, the spam-havens will die, as the rest of the world will block them back to the stone age untill they get some good laws.
Employee of Inrupt, Project Release Manager and Community Manager for Solid
Who cares where they send spam from! If they are a business that operates in a country where spam is illegal, sending spam to that country's citizens they are breaking the law and they can be tracked down! They have to provide SOME sort of contact information in the spam - otherwise you have no way of ordering their product.
What makes you think a working opt-out is not possible ?
We do infact have such a system in Norway. There's a single webiste, operated by the government whee you can register yourself, and mark check-boxes for which kind of targeted marketing you accept. (postal or by phone ? Not from anyone, or do you still accept postal marketing or phone-calls from charities?)
Anyone who does direct marketing is legally obligated to wash their adress-lists against this one atleast once every 3 months. Sending postal mail, or doing phone-marketing to a person on the list is a crime. Punishable by fines or prison up to 2 years. (In theory, in practice you get a fine offcourse)
When it comes to email we've got opt-in though. Sending marketing to individuals without *prior* *informed* *active* consent is a crime. Same punishment as above. And it *does* Work. I get about 200 spams a month. And this far in 2001 I've gotten *2* Count them - *TWO* spams from Norwegian spammers. Naturally I've reported them and had them fined.
Opt-out is actually acceptable if there's *one* single point where you opt out, and if there's punishments attached to ignoring your opt-out. I still prefer opt-in, but the opt-out on phone-marketing does work. I've got ZERO phone-marketing-calls after I registered myself on the opt-out site.
I work for a company that has offices in both the US and England. I get about 50 spams/day on my work mail account. I wonder if I could get our IT department to move our mail server to the other side of the pond, and would that provide legal leverage to nuke these offspring-of-unmarried-syphillic-camels?
www.eFax.com are spammers
I do not deploy Linux. Ever.
No. In the case of the Great Firewall of China (and Saudi Arabia), a third party is attempting to block information people want. As such, the sheer number of minds applied to circumventing those artificial barriers all but assures they will be overcome.
Contrast with spam filtering, where a third party is attempting to block information people don't want, with the full support and agreement from said people. This makes the number of sociopaths trying to circumvent the barriers vanishingly small. Moreover, because people support the blocks, the number of people willing to report spammers who penetrate security is considerably higher (as opposed to the China/Saudi situation, where there's likely a silent agreement that the authorities are not informed when the barriers are breached).
But obviously some people want spam. Thsi stuff is profitable. IF it wasn't it would have ended a long time ago. Spammers may be slimy, but they aren't stupid. If it costs them 5 cents per email (which I am completely making up, it's probably lower, but for this arguement, we'll say 5 cents) and they only get an increase in hits and sales which equals out to 2 cents per email, they would quit doing it. It's like the X10 ads, everyone complains about how they hate them, but they work. When they started doing them, the traffic on their site skyrocketed. So some people obviously do want them, they use them. Same thing with spam. If no one wanted it, then no one would click on the link and give them money.
"Information wants to be expensive" - Stewart Brand, the same guy who said "Information wants to be free"
Banning header "forgery" is a very bad idea, if you mean that (as people usually do) to indicate making the email appear as if it came from someone other than the actual sender. [You may not have meant it so broadly, but a lot of people do, so I feel justified in pointing a few things out for at least their benefit, so forgive me for taking this opportunity to make a general rant about the issue.]
Note that RFC 822 explicitly allows the From: header to be something other than the actual sender of the message (though it does require a Sender: header, but MUAs tend not to display that). It's easy to "forge" From: addresses because email was designed with this "forgery" in mind. Note also that because of Received: headers, it's actually difficult to mask the message's true origins. It's just that most people don't know about headers, so they focus on the From: line.
RFC 822 gives several examples of how this feature of email can be used, but here are a couple from my daily life:
1) I am a sysadmin at a rather large organization. I often find the need, when acting in an official capacity, to send email to users as "manager" or "postmaster" or "security" or as some other hat that I wear. This makes people notice the email, marks it as a formal note, allows the other admins to deal with responses to the mail, and has a number of other benefits. For a variety of reasons, it would be rather unprofessional for me to send out such email as myself. (Should the tens of thousands of users we support have to keep track of the staff changes in the our department?)
2) On the side, I do hosting for a number of smaller organizations. Sometimes the people who run these organizations feel the need to send out an email in an official capacity. In this case, they often send the mail with a From: address of something like info@foo.org, and the message originates on a totally different network than the one on which the foo.org machines live. Should the senders be forced to log into the foo.org machines as the "info" user and run mutt or maix? It's much better for them to be able to use their preferred MUA and their ISP's MTA. [This is why I get worried when I hear about ISPs requiring certain From: addresses.] Also, the people who send the message are not always the ones who answer mail to info@foo.org. Should organizations be forced to structure themselves around the requirements of email?
That's just my personal experience -- there are lots of other cases, I am sure.
Keep in mind that email was in large part modelled after the US postal system. It's interesting to note that return addresses are not always required by the USPS (think about post cards).
That said, I do think that some sort of valid return contact information is important (and I do hate unsolicited {mail,email,faxes,phone calls}). We should, however, be careful when recommending that certain things be outlawed -- just because we can not see a legitimate use of something does not mean that such a use does not exist and that the people engaging in that use should be punished for the bad behavior of others.
<offtopic rant>
It seems like this issue arises a lot on slashdot, and among the newbies I talk to. People tend to bash large, highly featureful packages or protocols (e.g. sendmail and X11) because they think that the particular ways they use them apply to all other cases. It's a natural tendency, I suppose, but sometimes I feel like I should wear a button reading "that doesn't scale" or "what about the corner cases" or something similar when talking to junior sysadmins.
</offtopic rant>
That's because they can't.
You see, you don't get this list from the government. What you do is you send in your adress-list, then they'll wash it for you and send you back the remaining adresses.
So you can deduct who's on the list by running diff on your input and your output, but you'll never be told the adress of anyone unless you already have it.
This is very wonderful. I guess I'm not really surprised. Relatively small close-knit communities often have good strategies for dealing with this kind of social problem. (Spam is best viewed as a social problem rather than a commercial or civil rights problem.) I'll bet there's not a lot of spam originating in Orkney either. Again, I'm afraid I don't see this system being replicated in the US. Too bad.
-- We all have enough strength to endure the misfortunes of other people. La Rochefoucauld