Slashdot Mirror
Minnesota Senator Says Email Tax Might Reduce Spam
indros13 writes "The Hon. Mark Dayton, Senator from Minnesota, is reportedly considering a "miniscule email tax" to counter the flood of spam. Thinking like an economist, he's obviously hoping to make mass emailing unprofitable. 'You can't say, "We want it to be totally free and unrestricted and on the other hand we want it to work smoothly and civilly," he said.' No word on how all those lobbying groups that use mass emails will respond, but I'm sure there are a few emails on the way..." Politician weasel words are part of the package, though; Dayton says a tax is "just one of the tactics that should be considered, but I don't favor it at this time."
Spammers tailor the stream of bytes to get into other people's computers, bypassing various measures the owners have taken to keep them out. Does this sound like "computer cracking". That's because it is. Did you think that computer cracking is illegal? All together now: That's because it is.
/. If the government wants us to respect the law, it should set a better example.
The funny thing that these moron legislators don't understand is, if they could collect the tax on mass e-mailing then they could just as likely just outlaw sending UCE entirely and hold the people doing it responsible. The problem is it's nearly impossible to pinpoint who is sending all this garbage. Why would they pay the e-mail tax when they're already conducting fraud?
I've never understood why this isn't something that the OSS community hasn't tried to tackle.
For business purposes, I want an email system that:
1) Is Spam free.
2) Is secure.
3) Is failsafe - i.e. if the recipient doesn't receive the message, I want to know about it.
Surely from a technical perspective, this isn't that difficult?
Why can't the OSS mail clients agree on a standard for doing this. I don't see why it shouldn't be possible, for instance, to have two mail boxes (or whatever you want to call them) for a single email address - one for "secure emails", and the other for the rest. The secure email box would only recieve emails that were from an approved address.
This could be a great way for OSS software to creep into organisations - I could tell my clients, for instance, hey, if you use Thunderbird, we can email each other more securely/without spam/in a failsafe manner. The network effects of this kind of promotion for OSS could be fantastic.
This looks like an opportunity that's going to waste for the OSS community. Come on guys, or people will start saying we don't innovate!
(Checks computer specs) Nope, nothing about it being government property or a marketing channel. However, if someone said that skipping commercials is theft, someone will say this. (But I really had to go to the washroom, honest!)
One line blog. I hear that they're called Twitters now.
Ok, there are already some wingnut posts on this story, so I feel the need to set the record straight:
This is not just a case of RTFA, it's a case of RTFP (post). Fortunately the post quotes Dayton as saying Dayton says a tax is "just one of the tactics that should be considered, but I don't favor it at this time.".
It's just an idea folks. Obviously we all know it isn't workable, but at least these guys are thinking about the issue in general.
There probably isn't a legislative solution, and I think Mark Dayton is open minded enough to reach that conclusion and then say it publicly. Of course, I don't think it would get as much coverage as this story, because here's a Democrat trying to raise taxes! For shame!
My Karma was at 49, then they switched to words. All that work for nothing!
Do Nigerians pay Taxes in the US?
If not? Will George W. Bush invade Nigeria because of eMail-Terrorism?
NoSuchGuy
Grundgesetz * 23. Mai 1949 - 30. November 2007 - http://www.vorratsdatenspeicherung.de/
Next, the blog post tax. Hey, it would make trolling far more expensive, right?
Between this story and the story of third world countries wanting the UN to "control" the Internet because IANA is too US-centric, I really get the idea that government-control types really have no clue what the Internet is. If you "regulate" the Internet with taxes, restrictions, etc, another network will rise to take it's place. The main feature of the Internet is relative anarchy (also called freedom). Are there rules on the net? Of course! It's called "consensus"! Deal with it.
You don't get 100 to 200 of those postal mail junk things every day, because of the cost. THAT is what's stopped, not all junk, but most of what would come if it were totally free free free.
There is nothing at all in the mechanisms of sending e-mail to prevent the volume of spam from increasing another 10- or hundred-fold over the next year. Spam volumes under present conditions will only stop increasing when every spammer is spamming at maximum velocity... that's their incentive and it's a vicious cycle as spam crowds mailboxes, causing spammers to send MORE to try to get THEIR messages read.
Economic solutions using real money can work, and needn't cost much for those who are sending legitimate mail. The devil is in the details -- some proposed implementations really suck, others get closer to something that regular people could live with. I would not mind spending 25 cents a month for all the e-mail I send, if the volume of spam could be cut dramatically.
The biggest problem with the economic-using-real-money solutions is that when you distill them down to their essence, it turns out you can implement the same solution WITHOUT using money... and then the problem is revealed to be what it's been all along -- issues of protocols and trust and distributed senders and the reality that many legitimate messages move between strangers (I write to someone I've just met in a meeting), or between systems that don't haven't talked to each other previously (I write to a friend, but via dialup from some place I've traveled to)
And the issue with THAT is that it's considered a given that all the mail servers in all the world cannot be updated at once... that we still need to receive mail from those that aren't updated... and so, the spammers end up using those.
yada yada
anyway, there are economics-based solutions to spam, but they don't necessarily have to involve real money. Using real money makes some things easier because the "system" doesn't have to track credits and debits internally then, anyone can cash out or add funds because the credits and debits are liquid.
The problem with any type of fees like this is that only big spammers and corporations will be able to exploit it. I run a non-profit site that sends out approximately 50,000 emails per months. These emails are REQUESTED by the members of my site as they are updates about transactions they are involved in, notices of responses to messages they've posted in the forums and other items.
I do not make a penny running my site and have to pay most of the cost of the server and the colocation and bandwidth out of my own pocket. Even if they charged one penny per email, I could not afford an extra $500/mo or $6000 per year just for the right to send out email notices to users. I couldn't even afford $50/mo or $600/year if we charged one tenth of a penny per message.
Besides, what about system notices? And who/how will the email fee be collected? And why not just support an alternate RFC to promote more secure email standards like secure SMTP?
Like /.! If there were only a miniscule tax on Slashdot posts... (then this one wouldn't be here).
Seriously, how could this ever be implemented? Who's going to track who sends how many emails, and to where? Furthermore, the logical spaces of the Internet don't correspond very well (at this time) to physical spaces in the world. Do you have to pay export taxes if you're emailing someone overseas? Do you have to pay import taxes to receive an overseas email? Will it cost more to email someone "further away" from you?
How would this tax apply to *my* email server?
How do we even define "email"? Would this apply to messages sent to a different port, or a different protocol? If we do, then where do we draw the line?
In the end, taxing one type of Internet communication differently from any other type doesn't make sense. If all that's moving are logical bits, then distinguishing between the types of bits for taxation purposes seems silly. Either tax bandwidth usage, or don't, but don't tax only some.
Now, if there is $$ changing hands, taxation at least makes sense, even if you don't like it. If something other than bits is being moved (whether it's money or some other type of property), then taxation starts to make a lot more sense.
How long will it take before everyone simply drops email, and creates a better IM network to handle both delayed communication and real time chat (ICQ? but they're owned by AOL)
Will they move one to put taxes on IM's too?
Basically every services they throw a tax on will be abandoned by sane people, and the government will end up putting taxes on everything.
Beyond this, as stated above, how do you even implment such a thing?
Go ahead and tax it all you want. A new and free protocol will just pop up in its place. Is it even really feasible to tax email? The nature of the internet really does not allow for socket services to be tax- I do not see how it is possible. The only way to really tax such a thing would be if you controlled the service and then you still have the problem of new free services/protocols popping up. Of course, if they controlled the who network- which there is no way for the us gov to control the internet- then taxing such things would be possible and they could squash alien protocols.
If you could track spammers down and collect a tax, then you could just as easily track them down and prosecute them for fraud, which the majority of spammers commit in one way or another. All this would do is tax law-abiding citizens, and encourage more credit card fraud, viruses, trojans and ID theft on the part of Spammers so they could stay anonymous (or pay the tax with someone else's credit card). We need a new branch of government - the IT branch - because no other branch has a clue when it comes to this crap.
666-607: 6th floor apartment of the beast
A Minnesotan here, and I like Dayton and all, but he isn't exactly the most compelling public speaker you'll find. I get the feeling when he qualified himself that he isn't dissembling, he just has a nervous habit of qualifying *everything*. ...which is a politician trick, I know...
Anyway, the point is that this is more "Hey, this might be an idea, or whatever, I really don't know," than it is "I have this secret plot I want to enact, but I'll throw you off the trail by claiming I'm unsure about it."
Obviously, it would be shitty to pay more for something we already know and love (or you might have email for free, in which case paying anything would stink). But here's what I like about it. They could set it up in some kind of tiered system, kinda like cell phone usage plans, where it's pretty cheap if you stay within your expected usage, but totally unreasonably expensive if you go over. So maybe you pay one penny per email sent during the month, with a cap of 500 emails sent (I'm just throwing that number out there, because it seems like a huge number for an individual). If you go over 500 emails, you pay $1 per email. You could then regulate email traffic and collect taxes at the ISP level, since they're the ones who own and control the smtp servers.
Yes, there would be implementation issues and privacy concerns, problems, etc., but if this were in place I can't help but think it would make a positive difference. And before I get slammed by everyone, I realize there are all kinds of problems with legislating spam behavior in this country. The most obvious of which is the spammer's ability to simply relocate their operation outside the U.S. border where U.S. laws will have a much more difficult time taking effect.
Keep in mind that I'm not trying to invent the solution in this post, so don't take it like I'm defending the silver bullet to the problem of spamming, or go on a crusade to prove why I'm wrong. I just think this is an interesting idea. There are problems with every other spam prevention idea, evidenced by the continued (and growing) presence of spam for the majority of people (ie, not just computer geeks; spam reduction has to work for people like our grandparents and non-nerdy friends, and it will have to be transparent for it to work).
I think the email tax seems like one of the least shitty solutions out there. Anyone else have other, not-so-shitty solutions to spam?
For the purposes of this tax what exactly constitutes an email? Is it any communication on port 25? What if I use some other port? Would I get still taxed if I ftp'd a text file? What if the file were compressed. What about message board traffic? What about IRC? What about Instant Messenger? What if I mail someone a floppy with messages on it?
What happens with email from outside of the taxing jurisdiction? Does the receiver pay? (That would be cool. I could just 'drive' across the border and mail bomb people I don't like. POW! right in the checkbook!)
...and then I realised it would kill mailing lists, too.
Then again, it might be made to work if, instead of the government taxing every outgoing mail spool, ISPs charged other ISPs for the privilege of sending mail to their users. That is, when fred@aol.com sends a mail to jim@hotmail.com, AOL has to pay Hotmail 1/10 cent, or however much the "tax" is set at. These charges would be aggregated, so there would be one monthly bill instead of trillions of nano-payments. Your ISP subscription could include, say, 1000 free emails per month, or 12,000 per year.
I would expect that for normal email traffic, the amount flowing in each direction would be about equal. When someone starts spamming, though, their ISP is slapped with large invoices. If the ISP has any sense, they pass those invoices on to the spammer. If the invoices aren't paid, the ISP that sent them refuses any traffic from those IP blocks.
For spam that comes through open relays or proxies, invoice whoever runs the open machine, and let them worry about where it really came from. If they can find the spammer and recover the cost from him, great. If not, they'll have learned a valuable lesson about not leaving an unsecured box on the open Internet.
A scheme that requires all (or many) ISPs to change their behaviour would be difficult to get working, but easier than one that requires all (or many) email users to change. The biggest problem I foresee is that it's notoriously hard to extract money from a spammer. Still, if ISPs who are currently spam-friendly know that selling connectivity to a spammer will cost them a large amount of money, they might be more careful about whom they sign up.
Just another wannabe fantasy novelist...
I think the industry as a whole would be *MUCH* better off looking for a technical solution rather than hoping for government intervention.
Ahhha, but what would force the industry to move forward together and adopt a "new" secure public key based electronic mail protocol?
Incompetent government intervention
Yeah baby, bring on the e-mail tax!!
I could not afford an extra $500/mo or $6000 per year just for the right to send out email notices to users.
Would the law apply overseas? I could see lots of people abandoning MSN, Hotmail, & Yahoo mail to use overseas mail services. Would they be able to tax you if you went to the off shore mail server and sent from your account there? What's to keep a spammer from doing the same thing?
I got my first e-mail account while overseas. It's still my primary account. The ISP is a small one so it isn't the target of dictionary attacks like the US nationwide ISP's. After 8 years of use, it seldom gets more than 3 SPAM's per week. It's the main reason I keep it.
I think one of the things that is overlooked in reducing the success of dictionary attacks is what mega ISP's can do. They need to divide up their mail servers so each would have no more than say about 5000 mailboxes. It would make the addresses a little longer maybe. Instead of having an address such as technician126@msn.com, I would have an address like technician@mail3275.msn.com. A Mega ISP is a sitting duck for a dictionary attack. A dictionary attack on a small domain could easly be detected and rejected. As an example, more than 5 invalid emails from one TCP address in a day would block the sender for like a week. Attacks like bob@ bob1@ bob2@ bob3@... would quickly blacklist the sender for all of the ISP's inboxes, not just the server being attacked (@mail3275.msn.com would also block @mail****.msn.com). The inboxes would be protected by a virtual minefield. The spam failure rate would be high and the valid mail would not be impeded as a valid address is already known to the sender.
(disclaimer not my real addresses. I'm a member of a small ISP, not a national)
The truth shall set you free!
How I would implement a tax on "spam-free email":
1. (given) SMTP+TLS+key management Internet standards
2. Draft a new RFC that establishes an identity system for email using (above)
3. USPS provides servers for (above) at a micro-payment fee
No one is forced to use this system, and it doesn't cost much (some basic fee to register and maintain your identity, and some much smaller fee to validate one, or perhaps a flat fee to have a "validation service"). However, what it does is creates a new "class" of email that you have to be identified to use and which costs you a small amount of money. You can now reliably do things like:
* Only accept mail from known parties and/or
* File complaints against abusers and/or
* Tier the classes of serivce, charging more for business-class communications (further hurting ROI for spam) and/or
* Pay a little extra for delivery status tracking (did the recipient validate the sender?) and/or
* Pay a little extra for key escrow of encrypted data (the channel would most likely be encrypted anyway) and/or
* Maintain external grey-lists of trust relationships and/or reputation, based on sender identities.
Make no mistake. This is where we MUST go eventually, and I'm just as happy to have a U.S. government organization do it as the E.U. or a private company, as long as no one tries to tear down good old free-for-all clear-text, unauthenticated, SMTP (why tear that down, when those who don't like it can simply not accept it?)
One of the flaws in the whole sender pays idea is that the cost of collecting any charge is vastly greater than the amounts people propose.
At this point well over half the resources of the telephone system are dedicated to billing. That equates to billions of dollars a year. There is no reason to believe that the problem is any easier on the Internet.
The most expensive system would be a payment transfer mechanism so when Alice emails Bob, Bob or his ISP gets paid for handling the message. This is expensive because it needs racks of controls to stop Bob defrauding Alice with bogus emails. One of the early phone phreak hacks was to set up a premium call number then hack into company PBXs to call it.
The cheapest system would be for all the charges to be paid to the company that runs the charging system. If you want the system to be telco system reliable it will not be cheap to deploy. Essentialy you are building a database that is going to be involved in every email conversation. Using the DNS systems as a guide, the fixed capital costs of deploying a scheme of this kind would be at least $100 million and the ongoing maintenance costs would be at least $20 million/year. I suspect these are massive underestimates.
Work out for yourself what you think the impact on email cost would be. Remember that in addition to the cost of the central system there would have to be expenditure by every ISP to pass on those charges.
And this before we consider the fact that the US is only one country that uses the Internet.
Looking for an Information Security student project suggestion?
Try http://dotcrimeManifesto.com/
It's clear that if the sender of an email suffered a cost above just paying for the computer and bandwidth, the problem of spam would be mostly eliminated. A fee of even just $0.00005 would cancel out the profits from the typical spam business plan.
But, also clear is that a government mandated tax would be absolutely the wrong way to impose this cost.
If a citizen wants to setup his email client so that all messages from strangers are deleted unless accompanied by a $5.00 paypal donation, that's his business! "Pay for email" can be implemented without government help. If we ever get a functioning micropayment system so that transactions of less than $0.05 can be cheaply exchanged, then it's quite probable that big ISPs (starting with AOL) will let their users elect to block all non-whitelisted emails unless the sender paid a minor fee to compensate for time wasted reading.
If the question is: "Should email require a stamp-like payment?", the answer is maybe.
But "Should the government tax email?", no.
If consumers decide that per-email fees are a fair price for eliminating spam, then private enterprise can provide it without state meddling. Pay-email poses technical and administrative challenges, so it might not ever really work- but sticking the IRS in there would just strengthen the obstacles.
I think the industry as a whole would be *MUCH* better off looking for a technical solution rather than hoping for government intervention.
I've been hearing that for over five years. Entire businesses have been built up around seeking a technical solution to spam. Fighting spam with these various half-assed "solutions" is costing every online business and Internet user money. Every person in the computer industry realizes that a practical technical solution could make the inventor rich.
Yet no universally appealing technical solution has been developed. But every time that legislation is proposed, someone goes into the anti-government rant mode.
I've got a better idea: Pass legislation now and if any of you "technical solution" gurus has a brainstorm that really solves the problem, repeal the legislation.
That said, I am strongly against an e-mail tax. I support criminalizing the sending of spam or causing the sending of spam. If Alan Ralsky wants to pay some ISP in Brazil to send spam, fine. Put Alan Ralsky in federal "pound me in the ass" prison.
Here's why that won't happen. I don't know what Bayesian filter is. Sounds like something from Star Trek to me. If I don't know what it is, how is some 55+ yr old congressman who can't operate his VCR expected to understand it?
People who sufficiently understand the technology are a miniscule minority that dedicate much of their lives to it. They fail to realize the rest of us are thrilled if we can get something to work. The knowledgable folks don't get involved with politics, leaving the business of setting policy to crusty old Politicos who know nothing about it and don't have the time needed to learn such intracies.
The only way to get realistic solutions is to:
A: make technology simpler and more accesible so that you don't have to be a geek to understand. Not going to happen. It just keeps getting more innaccesible all the time, demanding more and more effort to keep up.
B: Elect people who have first hand experience. Nevermind the completely broken poltical system, these folks are too busy downloading copies of yet-to-be-released movies anyway.
So we're stuck with these kinds of half-assed solutions. Sometimes that's better than nothing. Sometimes (RIAA)it's much worse than nothing. Even if this solution reduces my Spam by one e-mail a day, I'm probably in favour.
and take government control out of the picture. I agree wholeheartedly that email should never become a revenue source for any government or organization.
If you want to make micropayments the vehicle to stem the tide of spam, go ahead, but let the recipient receive the payment.
The cure for cancer is coming: Reovirus
Here's an idea that has been mentioned before, but merits a mention here. It's not clear how we would "get there from here," but it's food for thought.
Imagine an e-mail system in which the sender of an e-mail would have to pay the recipient a fee specified by the recipient. The e-mail simply would not show up in the recipient's inbox unless the fee is paid.
You would be able to provide "keys" to regular correspondents, legitimate mailing lists, etc., that would allow them to reach your inbox without paying a fee. The keys would be revokable, in case they are abused or fall into the wrong hands.
It would be an expected courtesy, but not enforced, that legitimate e-mail that pays a fee would have the fee refunded once the recipient recognizes the mail as legitimate.
Now, if you're actively seeking e-mails from unknown senders -- for example, if you advertise a product or service and tell people to e-mail you for more information -- then you probably wouldn't charge a fee to reach your inbox. If you're a more typical user, you would set a small fee, probably just a few cents, so as not to deter legitimate mail.
A spammer, assuming he doesn't have keys to millions of inboxes, would need to pay tens of thousands of dollars in order to reach them all, assuming they each require a payment of a few cents.
This would not only deter spam but also compensate its victims. However, it would have little effect on legitimate e-mail.
Have all email compared against a white list of email addresses in your personal email program.
If they match your white list, no tax.
If they do not match your whitelist, they get taxed.
Friends, some family members, newsletter groups, business groups and the like will just ask that the address they send from get added to your whitelist so they don't get taxed.
Your first email to a new address can be a freebee if it is added to the recipients whitelist. This allows new customers of businesses to avoid the tax, but still taxes one time spammers.
Make violation of forging the "from" address 10 to 100 times the tax rate.
Tax is charged to the ISP who collects it from your account. ISPs who do not pay it get blocked. Free email hosts can set whatever limit on daily/weekly outgoing email they want before making you sign up for a pay account, or have you show that your outgoing email is not getting taxed. Everyone I have ever come across who uses free email accounts do not put out large volumes of daily emails to people they don't know, unless they are spamming.