Slashdot Mirror

← Back to Stories (view on slashdot.org)

Still No Federal Spam Law

Posted by michael on from the weak-and-weakerer dept.

jdedman4 writes "Declan McCullagh writes in c|net that the Congressional Republicans and Democrats are quibbling over proposed federal anti-spam legislation. The root of the disagreement is the class action, a specialized joinder rule in lawsuits which needs little or no introduction, and which is prohibited in one version of the legislation. The new anti-spam legislation in Texas, which is to take effect September 1, has a similar prohibition. (See here for an analysis of the new Texas anti-spam law.) It is certainly true that the class action joinder rule can take a relatively frivolous individual claim that an attorney would not pursue and transform it into a lucrative and dangerous claim with a potential for high recovery. However, the measure can be appropriate when large number of individuals' rights are violated by a defendant's course of conduct but the cost of vindicating those rights is too great. With spam, the latter situation seems to be the most logical, as recipients of unsolicited commercial email are harmed, but their economic damages are not severe enough to merit an individual lawsuit on their behalf. Even with relatively high statutory penalties against spammers, the cost of locating the offender and investigating its corporate structure, if any, might dissuade a plaintiff's attorney from pursuing the claim. Plus, it seems the problem with class actions in this context would be practical, not philosophical, as most spammers would be either judgment proof or out of the jurisdiction."

30 of 255 comments (clear)

  1. It's not a bad thing by Stargoat · · Score: 5, Insightful

    It's not a bad thing that there is no federal anti-spam law. I would rather see some thought and consideration put into this than a law that is badly written and allows spammers to get around it. Or worse, a law that allows Ashcroft and Poindexter to get even further into my computer. No, Congress, take your time and do it right.

    --
    Hoist Number One and Number Six.
    1. Re:It's not a bad thing by TopShelf · · Score: 4, Interesting

      Just some extra time for thought and consideration isn't enough, though. What is needed is time for the "laboratories of democracy," the states, to work through the various laws that have recently been passed, and see how they work out. Does the Texas model work better or worse than what's being done in Virginia, for example? Only time and a few high-profile cases will tell, and we should wait until then before enacting something at the federal level...

      --
      Stop by my site where I write about ERP systems & more
    2. Re:It's not a bad thing by missing000 · · Score: 4, Interesting

      The truth is that none of them work well.

      Laws against spammers just makes the problem more complicated. Sure, it looks like you are doing something. Maybe you even collect a few settlements.
      But the people making spam just change their methods. Maybe they start hijacking machines overseas, or using Trojans to spam from others machines.

      The spam problem is huge no doubt, but the answer is not some silly anti-spam law.

      The answer is a technical one. The systems we use for email were designed without any regard for trust. We live in a different world today.

      Don't invest your time in trying to get laws passed to deal with a problem we ourselves created.

      Lets instead try and move to trust based systems for communication. I don't have the technical expertise to provide the systems, but a lot of people who do are working on such systems right now. Let's direct our efforts to getting those systems implemented.

    3. Re:It's not a bad thing by schon · · Score: 4, Insightful

      Maybe they start hijacking machines overseas, or using Trojans to spam from others machines.

      And the fact is they're still spamming, and would still be affected by the law.

      The answer is a technical one.

      Why, exactly? Spam is a social problem, just like any other type of fraud. Please list one social problem that had a technological solution.

      The systems we use for email were designed without any regard for trust.

      Why is this an issue? I've seen dozens of papers outlining a "spam-free" email system, and in every one of them, there are two outcomes: email becomes useless, or spamming is no more difficult than it is today.

      To use your own words, all that will happen is that the people making spam will change their methods.

      Anti-spam laws are a good start, because they send a clear message that it's unacceptable. The average computer user finds spam annoying, but doesn't do anything about it, because it's not illegal. Some stupid people even say "well, people do it, and it's not illegal, so I might as well do it too."

    4. Re:It's not a bad thing by One+Louder · · Score: 3, Funny

      Please list one social problem that had a technological solution.Spousal fidelity - chastity belt.

  2. Lets make people more aware. by danormsby · · Score: 5, Funny
    Can we make more people aware of these law discussions?

    Lets forward it to all our friends, and tell them they have to forward it all their friends.......

    --
    Omnis amans amens
    1. Re:Lets make people more aware. by bathmatt · · Score: 4, Funny
      Lets forward it to all our friends, and tell them they have to forward it all their friends.......

      Here is a good idea, lets get a huge mail list and send it to everyone in the world. Like some sort of mass e-mailing.

  3. Maybe a little cruise missle diplomacy is needed. by mikeophile · · Score: 5, Funny

    We just need to connect the word "spammer" with "terrorist" a little more firmly in the Congressional mind.

  4. Another law by stanmann · · Score: 5, Insightful

    Despite popular opinion, a US law will only stop domestic spam, and the weaknesses of punishing the actual company hiring the spammer have been made clear before e.g. Hiring someone to spam your competitors product.
    Why not continue working on more effective spam traps and stop legislating morality.

    --
    Food not Bombs is a nice platitude but it breaks down when you notice that the Bombees are usually well fed
    1. Re:Another law by aborchers · · Score: 3, Insightful
      Despite popular opinion, a US law will only stop domestic spam


      And once that's done, blocking network traffic from countries that refuse to get spammers under control will cojoin it as an effective solution.

      Hiring someone to spam your competitors product.


      I doubt you will see much of that. If the spammers can be located, and the entire premise of a law is that they can, it would be easy to demonstrate that this was what was happening, at which point we could slap the offenders with charges appropriate to corporate espionage or anticompetitive practices as well as spamming.

      Why not continue working on more effective spam traps and stop legislating morality


      Because we cannot afford to tie the entire industry and every system administrator up in an spam vs anti-spam arms race. The fundamental problem that makes spam such an issue (cost-shifting to the receiver) is just exacerbated in this model. Not only do networks have to waste resources processing the spam, they have to purchase additional tools to defeat it? Uh-uh...

      I generally agree that morality should not be legislated, but I don't think that's what's going on here. Spam is an economic problem, not a moral one.

      --
      Trouble making decisions? Just flip for it.
  5. you may say im a dreamer but im not the only one by sirinek · · Score: 5, Interesting

    Fat chance I know, but they could model it after Germany's (or was it Denmark's) law banning companies from soliciting to you directly unless you have requested their service or purchased from them recently

  6. Anti-spam laws and freedom by Lane.exe · · Score: 5, Insightful
    As much as I hate to say it, I'd rather not see an anti-spam law on the books. I think it infringes too much on one of the greatest things about the Internet, which is that the 'Net is by its very nature hard to regulate. It's not owned by any one country, and it can be used by virtually anyone.

    What I would not mind seeing, however, is a system of torts that would allow users to take on spammers the same way that people get to take on telemarketers and junk mailers who do the same things. There are all sorts of scams, frauds, blackmails, etc... that come over the phone and through our postal system. Currently, US law provides for people to be able to sue up to $5,000 for teleblackmail and telefraud scams. Although this number is pitifully small, there does seem to be some interest in raising the bar a little.

    We don't need a law banning spam. It would just be circumvented somehow anyway. What we need is a weapon for the people to fight back against the spammers with, a law that allows us to take them to court for practices already illegal that they have carried over into the digital domain.

    --
    IAALS.
    1. Re:Anti-spam laws and freedom by bfields · · Score: 3, Insightful
      As much as I hate to say it, I'd rather not see an anti-spam law on the books....

      What I would not mind seeing, however, is a system of torts that would allow users to take on spammers the same way that people get to take on telemarketers and junk mailers who do the same things.

      You understand that what you propose is pretty much exactly the sort of legislation that groups such as cauce have been proposing for years?

      Also, it may be just a consequence of my massive ignorance of the law, but I'm finding the distinction you make between "anti-spam law" and "a system of torts..." a bit subtle.

      --Bruce Fields

  7. Don't Legislate by Alethes · · Score: 5, Insightful

    Educate the sysadmins who are presumably inadvertently allowing spammers to use their SMTP servers. Educate the users about spam filters. The last thing we need is the incompetent government getting their grubby hands on yet another piece of technology they don't understand.

  8. Re:No more spam by Bob+McCown · · Score: 3, Funny

    Ramen, obviously...

  9. Spam laws suck by grub · · Score: 5, Funny


    Spam should be protected as Freedom of Speech (Freedom of Expression in Canada). How else would I have learned about how unsatisfying I am with my small penis? Oh, let me also tell you about the great deal I got on herbal Viagra! And I'm not "seek of spam", thankyouverymuch! If people would quit bitching and actually responded to some of this informative mail they'd be MAKING MONEY FAST! In fact my contact in Nigeria, DR. FRED MBOGO assures me that I'll have millions more in just a few days as I sent my banking details to him!

    Laugh away, cretins, spam made me what I am today!

    --
    Trolling is a art,
  10. Give me a break... by avalys · · Score: 3, Interesting

    People complain about government intruding in our lives, restricting what we do, not protecting our rights when the RIAA attacks, but that all goes away the minute the same stuff happens to people you don't like.

    Spam is a problem that should be taken care of by the free market, not government. Just because it's easier to pass a law than deal with the actual issues doesn't mean that's the better choice.

    --
    This space intentionally left blank.
  11. The Key by somethinghollow · · Score: 3, Interesting

    I think the key is "out of the jurisdiction". How much spam do you get from US IPs? When I was actually attempting to figure out where my spam came from, it went back to chello.nl and their sister domains. If it really is a domain that is out of the US, US law can't really do much about it. Luckily, within the US, major ISPs don't allow spam and have methods to prevent it (earthlink makes you send outgoing mail through it's servers, for example, so it can monitor for potential spamers accounts).

    I think, perhaps, the best way to get rid of spam is to find out what ISP has the account that the spam is being sent from, then tell them how much you hate that they let that happen (one letter for every spam may add up). Maybe one day they will take precautions to prevent spam if consumer demand really means anything any more (and, yes, I think there are more people that dislike getting spam than people that want to send it).

  12. No, No, No !!! by Crusty+Oldman · · Score: 3, Insightful

    .
    We don't WANT the government to get involved with the internet, EVER!

    Do you really want to hand over all that power? Do you want TONS of crappy legislation? Do you want to conform to guidelines and regulations for all of your messages? Do you want the NET POLICE monitoring your communications and writing citations? Do you want a "War on Spam" that does nothing other than to suck up billions of dollars?

    NO. Keep the Feds out of it! Stupid idea!!!

  13. Opt out...defeating the purpose? by GillBates0 · · Score: 4, Insightful
    In a floor statement last month, he suggested the creation of "an 'opt-in' system, whereby bulk commercial e-mail may only be sent to individuals and businesses who have invited or consented to it."
    Burr, champion of the RID Spam Act, dismissed the idea Wednesday as thwarting legitimate transactions. "We'd like to get the discount hotel offers," Burr said.

    I have nothing against getting discount hotel offers too, as long as they are sent by travel companies which I have signed up with. Companies like Hotwire, Travelocity, and even Airline companies like Delta provide an option to select receiving special travel deals, etc. I don't mind getting routine weekly updates about their webfares, etc...because I created an online account with them. So as such, as business agreement does exist between me and the company. Such mails, according to me, don't even fall into the unsolicited category.

    What I do not want is unsolicited mails from companies or faked email ids when I never signed up for any of their services. An optin option would prove to be most effective in countering unsolicited mails, since the optout option defeats the very purpose by requiring to initiate spam before it can be prevented. Doesn't make much sense to me, but ofcourse the companies would love optout.

    --
    An Indian-American Hindu committed to non-violent thought/speech/action alarmed by the global explosion of radical Islam
  14. Who needs more laws? We know our Math! by Pac · · Score: 3, Insightful

    After migrating to Mozilla Mail from Eudora and seeing its simple bayesian filter solve my spam problem in a week, I became a firm believer that we can solve this problem without laws, politicians, police or any other bureocracy. All we need is Math and a campaign for filter deployment akin to the innoculation campaigns that erradicated smallpox and polio.

    I think that when most of the userbase has trainned filters installed, the spam problem will disappear into irrelevance. The half-a-dozen renitent spammers that will suffer the pains of creating the bland texts capable of fooling the filters can then be blacklisted. Even the Usenet can be retaken this way. And the beauty of it is that each person will have its own set of filters, trainned locally and directed at what that person considers spam.

    If you think about it, even the shaddy and inneficient centralized web filters can be thrown away and replaced by this kind of filter, allowing each school and each library to filter only the content its local community considers harmful.

    I don't know about the rest of you, but if this dream/wish happens, we (as in "we the people who care about it") will once again have a reason to be very proud, having proved this network is capable of taking care of itself like no previous human technical work could.

  15. Re:What do you expect by MarcT969 · · Score: 3, Interesting

    In my opinion, the probleme is not with the law but with the mail protocol :

    The mail protocol is making the recievers pay (and not the senders as with phones, real mails,...). In fact, as anybody knows it, there is no real price in sending or recieving a mail beside the cost of the internet connexion. But, there is a price for the recieving mail server : disk space.

    When a mail is sent, the incoming server has to store the incoming mail. That's why, when lots of users of a single mail server are spammed, the mail server is on the verge of exploding and has a heavy price to pay : lots of disk space lost (and lots of money too) for junk mails !

    A solution could be to keep the mails on the outgoing mail server. The incoming mail server could only recieve for instance a header acknoledging the final recipient that he could download a mail from the expeditor. If and only if the final user chooses to download the message, will it be downloaded from the outgoing to the incoming mail server.

    But, why ?

    Because which such a system it will cost disk space (and money too) for the expeditor and not the recipient (like with phone, real mail,...)
    So that, if you are spamming someone, you will have to pay for the spamming ! If nobody wants to read you're junk mail, your mail server will suffer from it !

    There is still lots of problem :
    - with small tuning, the outgoing mail server could reduce the size of its ougoing spams (for instance, if it's always the same message, or...)
    - you will still recieve lots of acknoledgment about spam (and lose a lot of time to sort it)

    But, some problems generated by spam could be over with such a protocol:
    - less traffic generated by spam (just the header of the mail is transmitted)
    - less disk space generated by spam (at least for the incoming server)

    Finally, I would just say that this idea is just stupid because we could never evolve from our current mail protocol to this knew one because of backward wompatibility problems.

    PS : forgive my bad english
    PPS : yes...it's a stupid idea, but interesting though ;-)

  16. It seems that they all want spam by derF024 · · Score: 4, Insightful

    Joe Rubin, director of public and congressional affairs for the U.S. Chamber of Commerce, disagreed. "I wouldn't be upset to see a cheap airfare e-mailed to me," he said. "If Sears sends me an e-mail regarding a discount on a lube job at Sears, that's something that most consumers probably won't be upset about."

    Who the hell are they kidding? I don't want to hear about cheap airfare or a discount lube job, first because I don't need either of these things (Does anyone randomly decide to go on a trip just because they get a cheap rate on airfare? If you've got 2,500 miles before you need another oil change, would you bring your car into sears now anyway just because it's 30% off? No!) and also because I don't want Sears, Delta or Congress deciding what I'm interested in hearing about at any given time. If I'm interested in a cheap oil change, I'll look for one. If I'm interested in low-cost airfare, I'll look for it. And if I really want them to send me these offers in the mail 15 times an hour, I'll sign up for such a service.

    I can't believe that these congressmen don't feel the same way as 99.9999999999999999% of the american public do about this. Maybe it's because they've been living under a rock for their entire term and they don't know that the rest of the country is under attack from these marketing monkeys. The fact that both proposed legislations allow opt-out mailings is insane. The fact that some idiot decides that there are 100,000 viagra buyers using email addresses under my 1 user domain, and so he's going to cost me lots of money sending gigabytes of mail traffic to them every day, but because he's piping his mail through thousands of open proxies I can't do a damn thing about it is insane. If I were to dump several tons of garbage in his living room every day, he'd call the cops and I'd be arrested.

  17. What about accidental e-mails? by Eric_Cartman_South_P · · Score: 3, Insightful
    Much like dialing a wrong number, what if I meant to send an e-mail to a customer about a new product to JOHNSMITH@SOMETHING.COM and I mistakenly send just the one e-mail to JOHNSMITT@SOMETHING.COM

    Am I now going to be fined thousands of dollars because of ONE wrong e-mail?

  18. Class action? I can see it now... by Zapman · · Score: 3, Funny

    Subject: You have been selected...

    You have been selected as a recipient of spam. Go to this website to collect your damages. Make money fast.

    --
    Zapman
  19. Re:you may say im a dreamer but im not the only on by MS · · Score: 3, Interesting
    It's both. Actually it's valid for all of the European Union:
    • You are no allowed to collect personal data (including e-mail adresses) without prior written consent by the person itself
    • You are not allowed to sell personal data (e.g. CDs containig millions of adresses)
    • You are not allowed to send UCE to people you have no business relation with, or which do not have explicitly requested for it (opt-in)
    And yes, it works. There are virtually no spammers in Europe. Well, there are some who try once in a while, but at least they get sued and put out of business real fast.

    You may argue, you got a lot of spam from EU countries, but did you look at those originating IPs? It's 99% open relays/proxies, which unfortuntely cannot be eliminated by law, beeing the result of amins' ignorance/stupidity.

    Spam usually originates in the USA and is targeted to US-citizens. Europeans have no way to benefit from all these penis-enlargements, cheap viagra, breast-increasements, ...

  20. Re:What do you expect by letxa2000 · · Score: 3, Insightful
    A solution could be to keep the mails on the outgoing mail server. The incoming mail server could only recieve for instance a header acknoledging the final recipient that he could download a mail from the expeditor. If and only if the final user chooses to download the message, will it be downloaded from the outgoing to the incoming mail server.

    That's a good idea in theory, but in reality I doubt it would work.

    The header would have to have at least enough information for the receiver to make an intelligent decision on whether or not to download the message. Probably that means at least a Date/Time, Subject, From, and To header. All you would see is the spammers putting their spam message, in condensed form, in the subject. Sure, you might reduce the bandwidth consumed by spam a bit, but you're not going to reduce spam itself.

    Plus this gives users less information on which to perform Bayesian filtering which, for me, has caught 1024 of the last 1025 spam I've recieved.

  21. Re:Will it help? by andreMA · · Score: 3, Interesting
    This means that John Q. Neverpatches is going to be in a lot of trouble if this law gets written incorrectly!
    You say that as if it's a bad thing. I'd like to see moderate fines imposed on those people who - for example - still have unpatched IIS and still attempt to spread Code Red. Ditto for those who run an open mail relay.

    Not a complete solution by any means, but it would help. Call it "maintaining an attractive nuisance" and we might not even need new laws.

  22. What is this, 1997? by skookum · · Score: 5, Insightful

    I am truly shocked at the level of clulessness that lawmakers show with regard to spam. Or maybe it's not so much cluelessness, but rather shrewd cunning in being able to pass what amount to pro-spam bills under the guise of anti-spam measures.

    First of all, the "opt-in" vs "opt-out" debate was cute and everything in 1997 when we didn't get more than a handful of spam, but it's embarrassing that anyone is seriously maintaining that there's a need for debate on this issue. Opt-out roughly translates to "anyone can spam the living hell out of you and get off scott-free." The notion that it should be OK to send ANYTHING unsolicited, regardless of its advertised removal procedure is simply ridiculous. Imagine if just a fraction of every business (in the US alone) that wanted your attention sent you an email - email would instantly become useless. But on top of that, rule 1 of spammers is that spammers lie, and hence the burden of trust must NOT be on the end user to trust that the spammer will do what they're supposed to with those removal requests. Sure he'll remove you, from list 12499-B, but add you to lists 12499-C through -Q. Hey, it's a "functioning opt-out procedure", whaddya whining about? Only someone that is either clueless or is backed by advertising money would advocate something as idiotic as "opt out" as federal policy.

    Next is the notion that it's okay as long as you put some token in the subject or promise not to fake headers. Here's where I make some bad joke that ends with "...and which one picks up the $100 bill first? The man-hating dyke, because Santa Claus, the Easter Bunny, and Spammers That Give A Shit About Not Forging Headers are all FIGMENTS OF YOUR IMAGINATION." But seriously, this [Adv] subject line stuff is a joke. First of all, it's a bad way to filter spam because you have to accept the entire message in the DATA section before you can reject it, as opposed to rejecting it based on blacklists or other details of the "RCPT TO " phase. In other words it still costs your mail server bandwidth, time, and space. Additionally, this whole "put a tag so we can block it" makes the implicit statement that EVERYONE wants to block this unsolicited swill... which pretty much means that no marketer that wants to play by the rules is ever going to spend the time, effort, or money to send out email that's been self-immolated in such a way, and no spammer is going to give two shits about what he is or isn't supposed to be doing, otherise he wouldn't be a spammer. Therefore, adding "[Adv]" is a completely worthless idea, a conclusion that most clueful people made, about, oh, 5 years ago.

    On top of that, I would really like to see any of these US lawmakers do something about the anonymous proxies strewn about Korea, China, Argentina, Brazil, Nigeria, and a handfull of other third world places. "Forcing" spammers to not forge headers is like "forcing" a mugger not to stick a knife in your gut and rob you when you stroll down a dark back-alley street with a huge wad of cash bulging out of your pocket.

    What other inane things have congress-critters proposed? A national do-not-email list? Oh that's rich. Did the idea that it could be abused ever once cross their mind? Don't even get me started on this "prior business relationship" loophole either. It's not so much a loophole as a gigantic gaping gash. They've been playing that game for years already: "At some point in time you visited some web site of some affiliate of ours, and therefore this is a previous business relationship." Uh-huh. Riiiight.

    Here's the point of this rant. I'm glad they can at least recognise the need for action but their attempts to do anything about it are so pathetically awful that I'm GLAD no such laws have passed. In my opinion, the best way to effectively combat spam is to force ISPs to enforce their own AUP's/TOS's. Spammers pay good money for so-called

  23. Try this to convince them.. by avij · · Score: 4, Interesting

    Oh yes. Here's an excerpt of an actual HTML mail that I received just a few seconds ago (no kidding!)

    W<!--46jq8c1th8zav-->e c<!--aj9ljc101w7w3-->an conso<!--da7zq11y1s-->lidate
    yo<!--fvuygn1ybyh0e3-->ur bi<!--fadm0927fjcz-->lls in<!--7c04qy2madz6k-->to
    ju<!--c6vh5j2rrxgn41-->s t o<!--69mmaa1pexd-->ne <br>
    mon<!--8abwm21wqapw-->thly pa<!--trnntizw6rn72-->yment
    a<!--592r8h3ym1u-->nd he<!--6lmv9k1zkj17sx-->lp achie<!--5my15e3y59yvl-->ve
    t<!--eoor4v63f2-->he foll<!--m74b39gb19df-->owing:

    When viewed with an email program that understand HTML, the above fragment is displayed as "We can consolidate your bills into just one monthly payment and help achieve the following:". However, notice the random characters inside the comments -- what if they were encrypted orders to detonate a bomb at some specific location?

    And I'm only half kidding...

    --

    Follow your Euro bills at EBT