Slashdot Mirror
Microsoft and the SPAM Game
The Seattle Times reported a while ago that Microsoft is pushing for Washington State Senate Bill 5734 which will overturn most of Washington State's laws that specify monetary penalties for companies who send out spam. This will completely exempt ISPs from current Washington spam laws, which Microsoft just happens to be. It seems that they are jumping the gun a bit. They are having a company named Digital Impact (save that address for you spam filters) send the email for them. Thankfully I live in Seattle so maybe I can collect an easy $500 before Microsoft guts the current law.
Slash-dodo-dot.
Is that a skin cream? Micro-so-soft!
I rejoice that there are owls.
First they invade Userfriendly, now even Slashdot has advertisements for them, now they are going to spam us directly. I wonder if you use that stupid MSN spam filter to filter them out, if it would do it. Maybe it "accidently" lets them through. Hmm...anyone try it?
JoeLinux
Arguing on the internet is like winning the special olympics: even if you win, you're still retarded.
This will completely exempt ISPs from current Washington spam laws, which Microsoft just happens to be.
So Microsoft, aka Micrososoft, just happens to be a Washington spam law, or maybe you meant they happen to be an ISP? Nice job.
Come on now. Spam is so old school. It's legacy. The wave has already crested.
Why can't they come up with some new inovative way to plaster ads in front of internet users? These people control the desktop, and 99% of the browser market after all.
At least companies like Gator offered new and different technology to monetize the users.
Microsoft is better than this. I never thought they would have to stoop as low as sending spam. They must really be hurting for new cashflow sources to impress "The Street."
-Pete
Soccer Goal Plans
Thankfully I live in Seattle so maybe I can collect an easy $500 before Microsoft guts the current law.
I also live in Washington state, and I can tell you from experience: collecting the $500 will not be easy. Here are the ideal conditions for a lawsuit (taken from the Peacefire webpage, which I have been a member of for four years now):
* The defendant is a corporation, and you know the state where they are incorporated. (Usually, the state where they're incorporated is either the state where they're located, or Delaware -- because Delaware makes it easy to incorporate there.) Legally, a company cannot use "Corporation" or "Inc." or "Incorporated" anywhere, unless they really are a corporation -- but that won't tell you where they're incorporated, or even if they're incorporated in the U.S. Unfortunately, with most spam, you can't even find out the name of the company that sent it, much less whether they're a corporation.
* You can easily prove one of the following (one of these conditions must be satisfied to show that the spam violated the law):
* The sender address ("From:") or return address ("Reply-To:") was forged. If you get mail from an address that looks blatantly forged, like "98of292h38h2r@hotmail.com", send a blank message to that address, and keep the error message that comes back to you saying that there is no such address. This can be used to prove, in court, that the spammer violated Washington's anti-spam law by forging the return address. The subject line was "misleading". This is a subjective determination, one that will ultimately be made by the judge. One of the spammers that I'm suing, sent me an advertisement with the subject line "Shareholder request", which I considered blatantly misleading since Peacefire doesn't even have "shareholders". (The gist of the advertisement was, "You will look good in your shareholder's eyes if you use our product.")
You have registered your address with the WAISP (http://registry.waisp.org/) registry -- to sue a spammer under Washington's law, you have to be able to show that there was some way for the spammer to determine that you lived in Washington.
More power to you if you can collect the $500, but it's a tough road ahead.
I am John Doe, loyal employee of Microsoft. I seek the assistance of someone who is genuinely interested in entering into a business relationship with me. As you know, Bill Gates was the ruler of Microsoft before quietly resigning a few years back. Corrupt governments deemed his business illegal, and as a result, his business accumulated assets were frozen.
I therefore seek your assistance in providing a safe and genuine bank account to temporarily store my leader's rightfully owned assets. For your assistance, 0.01% of his assets ($2.76 Million Dollars) will be left in your account as payment.
Note that there is no risk for you or your family, but keep this correspondence private, as this is a matter of great secrecy. As soon as we receive your letter of acceptance/acknowledgement/, I shall give you more on this transaction.
Doing the Right Thing should not be preempted by making a buck.
Frankly it sounds like a good bill, and just because MS is supporting it doesnt mean you shouldnt.
Do you want the laws to lead down a path where your ISP is financially liable for your actions? Because that road goes to the place where your ISP turns over audited logs of everything you've done to avoid liabilities.
I don't need no instructions to know how to rock!!!!
Nice idea, but flawed. Spammers do not normally use real e-mail addresses anyway, and their invalid ones may actually map onto innocent collateral damage victims.
I track known Slashdot scumbags on my foes list!
How many people have actually gotten spam from Microsoft? I get a few newsletters which I can unsubscribe to at any time. I get very infrequent mails (once every month or two) which are generally pretty targeted to my interests, I think most of them have an opt out.
This sounds like the way "spam" should be sent - target, restrained, and with the option to opt out. I don't see a problem.
What experience have other people had?
Read reviews of shopping cart software
Why don't they just obey the law if they want to send spam? Spam isn't illegal in WA, just forging the header or providing a misleading title. If they'd send mail on the up-and-up, there's no problem.
Taken from the WA lawbook, it's illegal when it:
(a) Uses a third party's internet domain name without permission of the third party, or otherwise misrepresents or obscures any information in identifying the point of origin or the transmission path of a commercial electronic mail message; or
(b) Contains false or misleading information in the subject line.
Or maybe for a loss. It is Microsoft after all.
Imagine the power they could weild if they put most of the other spammers out of buisness.
The current law can be found here. A report on a successfully prosecuted case can be found here. If one reads either, it's easy to see that the current law only applies to fraudulent headers.
Given that the current law only covers fraudulent headers, I doubt that Microsoft is maliciously trying to destroy the current law.
However, last year the senate introduced bill 6568 which extended the old law to require that commercial e-mail contain ADV: as the first 4 characters of the subject line. That bill passed the senate with flying colors. Unfortunately, it got locked up in committee in the house and died.
House bill 5734 is a watered down version of last year's senate bill 6568.
I don't like Microsoft much. That said, the story at the Seattle Times is riddled with half-truths and inaccuracies. For example, it claims that 5734 completely exempts ISPs. The senate summary of the bill says
So, ISPs aren't liable for transporting SPAM, as they aren't liable for transporting copyrighted material or child porn. They can still be liable for originating, or aiding in the origination, of spam. I think that's a reasonable exemption.I'd be really interested in knowing whether lobbyists that are partially funded by Microsoft also supported senate bill 6568 from last year. If so, this is definitely unjustified Microsoft bashing. However, if their lobbyists locked it up in the house then we can villify them for weakening a good bill.
Too bad the article doesn't comment on that, and I don't have a way to find out.
I used to be a narrator for bad mimes. (wright)
..like an Anonymous Coward post on Slashdot!
Okay, I have a few problems with this, especially the comment, "Make ISPs responsible for ANY fraudulent email they transmit or relay. Legally reposnsible as in fines and jail terms.".
:)
I work for an ISP. I spend about 30 minutes to an hour of my 8 hour day, 5 days a week, tracking down and banning people who spam through our network. Our SMTP server is locked down to our own IPs, and limited to the amount of email it will send for one user, and we have outbound port 25 filters in place across the network. But, people still spam. They run form mail scripts against unsecure servers (we can't exactly block port 80, now can we?). They find open relays running on other ports. And they spam, and I ban their asses.
Considering the amount of money and time (I'm not the only one at my company who devotes part of my workday to killing spammers) we spend fighting spam, you now suggest we become criminally liable for it? I can tell you right now, if that law passed, we would shut down our SMTP server and that would be that. No outbound mail for anyone. Don't have to worry about spam when their is no email, period.
You want a workable solution? Allow us to block access to anyone blocking caller ID. Most professional spammers block caller ID because they know we can and do block them by their phone number, if we can get it. But blocking access to anyone who blocks caller ID violates privacy rights according to the FCC and we can't do that. (Mom and Pop ISPs might be able to, but we are a wholesale ISP.)
Why would blocking by phone number work? Because professional spammers use stolen IDs (credit cards, names, etc) to buy a throw away account that they use until we knock them offline. (We get the subpeona's for logs all the time to track down these people. Most never get caught.) They can get 10 stolen credit card accounts in an hour. Phone numbers aren't as easy to change.
Take it from someone fighting spam in the trenches, the concept of billing an ISP for any "bad" mail that passed over their server would simply shut down email. Period.
I won't even get into the debate that if an ISP *were* responsible and accountable for every email you sent, you better damn well believe that they would read and approve of every email you sent before forwarding it. Yay Free Speech! (Free as in hand-cuffs.)
Whew. Enough ranting. Mod away...
WWJD?
JWRTFM!
Before everybody jumps on the bandwagon to castigate the slashdot editors for poor spelling has anybody considered the following:
That it was not a typo but a secretive heads-up to Microsoft changing both their name and business focus/strategy.
That's right!. In the very near future Microsoft is to be known as MicroSoSoft. The new ad campaign will feature, among other things:
*Fluffy white rabbits and ducklings
*Adorable scamps kicking a MicroSoSoft plush football around a park.
*Picnics by beautiful undulating streams.
*The amazing results of MicroSoSoft fabric softener on both whites and colors.
Now lavish your kudos on krow for his timely covert communique. Dissemination for the people!
Don't jump on digital impact too hard. I work for a MAJOR e-commerce site that contracts with Digital Impact. They are very good at sending out large volumes of e-mail reliably. We use them purely for legitimate, non-spam-type e-mails. Sure with time we could write the code to do it ourselves but they specialize in it. I'm not sure what MS has contracted them to do but as much as I hate to say it, it could be on the up and up. Not all high volume e-mails are spam.
As for overturning spam laws I'm skeptical that it is in the public's best interest but Digital Impact does offer valuable services.