Slashdot Mirror
Stronger Anti-Spam Law Proposed
NumberField writes "The fight against Spam is making for some strange bedfellows. A new bill sponsored by Senator
Charles Schumer (D-NY)
and the right-wing Christian Coalition
that would let individuals sue spammers for $1000 per message. What isn't clear is how they will define spam broadly enough to outlaw it, but narrowly enough to avoid making it a bonanza for lawyers. For more information, see Schumer's
fact sheet (PDF), or his
press release." Update: 06/13 14:20 GMT by M : The draft bill (pdf) is available.
You can propose all the anti-spam laws you want. But if you keep it restricted to one country, you won't go very far. Spammers will use other locations to send their spam from. So it only works if you have an international law.
That's all very well, but for a large chunk of spam, identifying the spammer if difficult, and to it in a way that would hold up in court would be even harder..
I lay awake last night wondering where the sun had gone, then it dawned on me.
I propose the following:
1. Get local spam under control.
2. Start sanctions agaist countries / ISPs from which spam originates.
Not sure this makes any sense though, but if countries like China find themselves at a disadvantage due to a handful of local spammers I would think they would be more motivated to deal with the problem.
I'm not proposing any tehnical solutions though... anyone have ideas on that?
.: Max Romantschuk
If the law is drafted in a manner which allows authorities to go after the people benefiting from spam, rather than just the people actually sending it, then they could make substantial progress. Most of the spam I receive is for US-based companies, even if it was actually sent from China.
Tarsnap: Online backups for the truly paranoid
let individuals sue spammers for $1000 per message
I don't think many individuals would bother with this, it's easier to just the delete the spam mail than it is to risk loosing money on some lawsuit, and even if they did decide to sue them they would only have "defeated" one spammer (or his team or whatever it could be). 1 down 50000 to go.
Note to self: get smarter troll to guard door.
do we need to prove that those emails suspected of spamming are truly unsolicited? how do we prove that we never subscribed to a certain mailing list? can spammer 'fake' subscriptions?
and with the "Do Not Spam" registry of e-mail addresses, wouldn't it make it easier for spammers to request such do-not-spam list and spam it??
If you outlaw guns, only outlaws will have guns. like the article stated, it might endanger legitimate Internet services.
I don't see the point in having a 'do not spam' list for the US, when the majority of spam the rest of us are receiving on this planet comes from the US. Is the US govt seriously going to compile a list for all 6 billion of us?
This proposal still makes it a civil matter for the recipient, having to sue the spammer for damages. What's needed is a federal US law making mass junk emailing a criminal offense. Instead they are just pushing it back onto the people to fight in civil courts. The only winners here are the spammers and lawyers.
Dude, I feel the Nigerian spammers already trembling;o))))....
1. No sig. 2. ???? 3. Profit!!!
If you'd like to see it passed, ask your Senator to cosponsor
Recently there was an article posted here about taxes on cable modems here, but it occurs to me that spam, like postal junk mail, could help pay for infrastructure just as easily.
Not an original idea, but like a state sales tax (or one of several European VATs), the onus would be on the merchants, or in this case those relaying spam, to collect and pay up.
Now, since American companies are being required to collect and disperse VAT for sales made in Europe, surely there will be some sort of reciprocity there, and in general America (or the states therein) would impose sanctions on countries that did not abide by these new spam tax laws.
With spam in the news as much as it has been lately, surely some government types will take notice, that there is cash sitting in their inbox (or in their filtered spam folder if they're smart). And SpamAssassin catches a huge percentage of the spam I get lately, so if my mail machine has to do a little bit of filtering so that middle America can get cable modems and dsl, and so that maybe the last mile can be fiber someday, well, I'll bite the bullet, as long as I don't have to pay cable modem taxes or any other such things and get this spam.
Any sufficiently advanced technology is indistinguishable from a rigged demo
--Andy Finkel (J. Klass?)
The press release is only about Porn targetted at children, shouldn't that be unwanted email targeted at everybody??
As they stand, the proposals seem to target all spam, not just porn, although it's clear that the christians are in it to stop the porn. It makes me uneasy when reasonable people ally themselves with crazy people, even if the end is good. How long before some of the christians realise that the bill does nothing to combat the exchange of pornographic materials between consenting adults?
It is not the government's place to tackle the spam problem. If they try, they'll just fuck it up, like they've fucked up so many other things in the past. Spam has all the telltale signs of a problem that legislation won't help. It's a relatively victimless crime (or rather, its victims, with the exception of those companies who run the huge backbones, are at most marginally impacted by the problem), it can be done in a relatively anonymous fashion, and any laws banning or regulating it will be very difficult to enforce. Problems like that (drug abuse and so on) are never helped by laws, and instead just get worse with each additional crackdown.
The problem can never be fully solved by technical means, being a sociological problem, but technical solutions can do a much more effective job in curbing the problem than any legislative solution, and cause fewer additional problems in the process. Rather than try to get the government to pass ineffective feel-good laws, let's fix the problem from our end. It's time to replace SMTP with a less trusting protocol - the Internet is clearly a very different place than it was when SMTP was originally created, and we need a new mail protocol to match the times.
Keep the government's laws off my Internet, people. It is a medium that spans the entire globe and is not under the jurisdiction of any one government anyway, so laws will never do the job. They'll just cause more problems and never solve anything.
Most of the spam that I receive comes from South Korea, Russia and China, not the United States.
If the spam is advertising goods or services sold by someone in the U.S., the spam came from the U.S., regardless of what physical server delivered it. As they say, "follow the money." I don't care that Alan Ralsky pays for his spam to be sent through Brazil. His spam still came from the United States. An effective anti-spam law will allow you to sue him for a significant sum of money ($1000 or more) and federal, state, and local law enforcement to prosecute him for a crime.
Want to deal with overseas firms sending spam to U.S. citizens? Then handle it like the "war on terror." Pressure other countries to turn over spammers for prosecution for violating U.S. laws. This can be done with multiple tools, including threats to revoke a country's "Most Favored Nation" trading status, reduction in aide to countries where we provide same, tariffs, and even federally-mandated blocking of Internet traffic to and from that country.
I like the sound of this. Defining Spam would be a problem.
If you could prove that there is either no way of requesting an end to the spam or that it didn't work when you clicked on the link then that might stand up in court.
If you still get spam then you should be able to forward it onto some Government organisation who would deal with the company with an army of beurachrats.
Here in the UK, we have a good system for stopping unsolicited phone calls and text (SMS) messages. It is called TPS (Telephone Preference Service). You basically register your number(s) with this organisation and marketeers aren't allowed to use that number. If they do you can report it, they can check phone records or something and fine them something like £5,000. This system does work.
From the fact sheet:
Anyone who sends spam to these addresses will be subject to stiff fines. The database will be protected by military-caliber encryption to ensure the protection of its contents.
Nonsense. How can the database be encrypted if all potential spammers are deemed to have notice of every address on it?
Spam is so easy to kill: add authentication to SMTP and create a new email network of authenticated email. Servers won't accept email from unauthenticated sources, and spammers will be unable to hide their tracks.
SMTP already supports authentication. My server won't send mail except from someone who has a username and password for it. How do you make everyone configure their mail servers that way? Hell, we can't even get everyone to turn off open relays.
The problem with what you propose is that it is sender-side. How will you know if the sender and/or his server are to be trusted? Will your server ask theirs if the sender is to be trusted? Will yours ask if the e-mail address is valid? It would take spammers about 20 minutes before they had something that mimmicked a legitimate e-mail server.
Or are you proposing something like the third-party system we have for secure web sites, where every person operating a mail server pay hundreds of dollars per year to Verisign (or a handful of other "trust" companies)? How would Verisign determine if a server operated by some guy in Argentina was to be trusted? Would you revoke his certificate if spam came from his server? What if it turned out to be a temporary configuration problem or a bug in his mail server that was exploited by a spammer? What if it was perpetrated by an ISP's customer -- one with legitimate access to that mail server? If I signed up for an AOL account and then started spamming from there, would AOL's mail certificate be revoked?
It's not an easy problem to solve through technology. If it was, a technological solution would have been implemented five years ago.
My suggestion is that the SUPPLIER of the advertised goods is fined, not the spammers. The supplier is, after all, paying someone to send the spam, and they're easily traceable (otherwise they'd have trouble fulfilling your orders for Viagra, septic tank cleaner and goat pr0n).
When I am king, you will be first against the wall.
How many of my email addresses will I be allowed to register? Let me see, assuming a maximum of 64 characters per username (it's probably more), and 36 different characters (actually there's more there, too), that would be potentially 40119919145476304800650533877024438126904024877418 12225955731622655455723258857248542161222254985216 addresses. Of course no one would have that many and no database could store them all. But spammers could dynamically generate random ones. As more and more mail services support tagged addresses, spammers will likely start adding random tags to make sure they have a defense of "no match in the do-not-spam database".
I use a different email address for every mailing list I subscribe to. Should I register every one of them with the database? Most of them have already been spammed (probably harvested from online archives of those mailing lists).
One possibility is requiring that tagged format address be matched with respect to the base address (tag characters usually being "-" and "+"). Another is registering a whole vanity domain making it applicable to every username possibility. I'm sure aol.com will get registered like that, as will just about every domain out there. Mine will be.
now we need to go OSS in diesel cars
To: happy@public.com
From: david@ironico.com
Subj: Spammed? You MAY be intitled to compensation!
Dear Potential Customer,
Have you been spammed lately by some legimate business owner offering you endless underage pornography, ways to enlarge your small penis and those plans that can make you a millionare overnight?
If so then call us now! Ironico: Spam Attourneys at Large promises YOU a BIG CASH SETTLEMENT for every spam mail you've receieved. Act now to get this free jar opener!
Thank you for your attention
David Mirkoff
Ironico: Spam Attourneys at Large