Slashdot Mirror
E.U. Employers To Be Held Liable For Porn Spam?
Cowards Anonymous writes "Yahoo News has a story about a study of Europe's new anti-spam legislation. The overly broad wording of the legislation, according to the study, could allow employees to sue employers for not doing enough to stop porn spam. Businesses could be sued by their workers for allowing a hostile work environment. The author of the study advises companies running email servers to use filtering technology, and warn employees about the sometimes sleazy content of spam."
You can do the same for any US employer using existing discrimination / harrassment laws.
In Soviet Russia, I ruled you
We should be celebrating laws that require business to do something about user-annoying IT problems. Legislating a need for IT translates to tech jobs that can't be cut... and that's more work for us.
There are solutions to Spam that companies can use, they just keep getting killed because PHB's say they fail the cost-benefit tests. However, when you throw the prospect of a big lawsuit in the face of a PHP, it changes the balance of the scale.
I stole this sig.
I thought the U.S. had the market cornered when it came to ridiculous PC requirements in the workplace. Honestly, you'd think that in all places, EUROPE...where there is topless advertising in magazines...would be sensible enough to tell its users, "Look, we're all grownups here, and we all know how hard spam is to deal with. There is no magic solution yet, you're going to have to deal with it." I mean honestly, how many people have spam tackled at home on their own, anyways? It seems nuts to ignore the difficulty of stopping spam in an enterprise environment when coming up with guidelines to punish companies for not doing so.
For your security, this post has been encrypted with ROT-13, twice.
Funny part is snail mail has the same bugs and I don't hear anybody yelling "Snail mail must die!"
Mod +5 Drunk
Or is it vice-versa? Idiots can be well-meaning people?
Where I work, we installed a Barracuda Spam Firewall. It works fairly well, but crap still gets through. And as we add our own REGEX filters, we find the false-positive rate increasing. The only real solution is to expand existing mail protocols to account for spam. Specifically, some changes to the SMTP protocol that require the sender definitively ID themselves before sending. This would provide accountability of some sort. I know, I know. Some people are going to attack me for proposing the modification of SMTP. What, then, do YOU suggest Oh mighty one?
Who is Twirlip of the Mists?
I doubt this new law will cause any type of lawsuit. Holding a company responsible for having a crappy spam filter is ridiculous.
It is one thing if they are contributing to the hostile work environment but failing to prevent a hostile work environment is not the same thing. This is like suing a company for a gay co-worker grabbing your ass as if the company somehow created a randy gay guy in accounting that loves Christopher Lowell and your ass.
As for SMTP based e-mail; it's like VHS to Beta. They'll use it just because it's cheaper even with the porn. And who doesn't like a little bit of donkey love on a Monday morning?
I agree with this. This might help reduce the number of viruses today as well.
Is there any such project currently being pushed to resolved this?
No e-mail client should ever request content from a remote server and/or load images without a direct action by the user.
Most porn spam loads images via html image tags or some other remote mechanism. (Usually with a web bug to figure out which address downloaded it so they can send you more spam.)
If the user has an e-mail client configured by default to download contact automatically then it needs to be corrected. That is the fault of their IS/IT department or whoever ordered the IS/IT department to use that client. I don't even think Outlook is that stupid anymore.
The other problem is that there are a whole lot of people who are unable or unwilling to just grow the hell up. So you get e-mail that describes sex. So what? Big deal! Sex is a part of life. Just delete it and move on.
But instead, these growth stunted pod people want to obscess over that part of life that they have not learned to accept. Instead of blaming themselves and their upbringing (or lack thereof) they are going to take it out on ANYONE else.
The best thing to do to avoid such legal problems is find out who these people are in your company and deny them ANY outside e-mail whatsoever until they can behave like a grownup.
"Trademarks are the heraldry of the new feudalism."
That's because there is a cost to the sender involved in sending snail mail. Sure you can send a lot of it without a return address, but you are limited by how much money you can spend on postage. SMTP does not have this limitation which is why spam is such a problem. Also, the penalties for mail fraud are so severe that most people won't even try it.
because the law requires something that is impossible.
thats why it is an evil intrusive regulation.
spam filters are not perfect ands never will be, suddenly a company is liable for someone else sendign their employee material.
i never realized employers had to shield the employee from reality
You first. Stop using email amd we'll talk. Of course you'll have no way to talk to me, but that sounds like a good idea. I for one have a problem with punishing everyone because some people are being jerks.
"Have you ever thought about just turning off the TV, sitting down with your kids, and hitting them?"
Well, there's the proper point of attack for the law. We throw people in jail for cracking other forms of computer security in order to gain unauthorized access to other people's systems; we need to enforce the same laws against this subspecies of cracking.
/. If the government wants us to respect the law, it should set a better example.
So is firing employees who cause unnecessary IT expenses. But it seems that the current managment thinking is that its the IT departments fault when other people look at porn and download spyware.
"Have you ever thought about just turning off the TV, sitting down with your kids, and hitting them?"
Comment removed based on user account deletion
It is a category error to treat spam as a software bug rather than as human misbehavior. It's true that technical measures can reduce or ameliorate the spam problem, just as technical measures such as locks and sturdy vaults can reduce or deter robbery. However, that doesn't make spam (or robbery) a technical rather than a behavioral problem.
There is no technical fix for spam. Real fixes for the spam problem must take place on the human level: enforcement of laws against spam and spam-related computer crime; refusal of connectivity to spammers and spam supporters; boycotting of firms which spam or benefit from spam.
>Nobody forces you to use email, right?
er, yes they do actually. it's a requirement for study at my uni at least.
(next lame argument: "no-one's forcing you to get an education...")
it's also a requirement for many other things that aren't gun-to-head-forced but neither do they actually truely require email anyway e.g. buying things online.
I've had an email account for 3 years that was totally spam-free. I was careful with it, wasn't "promiscuous" with it. I carefully shielded it by using a "spamtrap" address to vet companies - any company I start doing bidniz with is "on probation" for a coupla months, then if they behave and don't send me ads, I'll update my addy with them to my protected account. I do several other things also to protect myself.
Then a person to whom I'd given my email to stupidly answered the ebay-phishing email, got trojan'd and harvested. No, I wasn't stupid to give my email to that person. I needed to communicate.
I received 10 spams the next day, and I'm "WTF is all this $&#^@????". I'm soon gonna have to change my email cuzza this.
No matter how careful a user is, he/she must actually share his/her email address for it to be of any use at all (by definition).
There's no way to be sure that absolutely everyone to whom you MUST provide an email is as careful as you are.
Even if they and you are both careful, there's no garauntee that the M$ critical-security-flaw-of-the-week isn't going to be exploited and hit you or them 10 seconds before you/they click the button to apply the patch.
Pavlov wouldn't be so famous if he'd used a can opener instead of a bell.
The answer to this is so simple it frustrates me, just add a DNS record for SMTP servers and the problem is solved! It stops spammers from sending mail from unauthorized hosts and hijacked PC's and lets SMTP filtering and rate limiting do its job.
Saying Java is nice because it works on all OS's is like saying that anal sex is nice because it works on all genders.
While a legal solution to this problem may help a little, it's not going to be a sliver bullet. What we really need is a technological solution.
There is also a cost to the sender of spam.. It's called bandwidth, time, resources, etc, and it can be just as expensive as hand delievery. Everyone is quoting this 40 cent per package price, but that's meaningless since most of the junkmail I get is hand delievered.. (You pay some kids 5 cent a house to drop it off, for example)..
IMHO spam is very much user fault. Even my specially created spam email accounts get hardly any spam, my house gets hardly any junkmail (except, as I said, the junkmail that's hand-delievered, because obviously, they don't need an address to send it to you). And what about junk phone calls? Aren't they the cheapest medium?? Face it, as long as people subscribe with there ISP email accounts (or work email accounts) to dumb ass promotions, give out their business card to every raffle they see, etc. etc. the problem will never be solved.
Maybe one solution would be whenever you get spam, and your thinking about buying a product, make _SURE_ you go to the competitors that aren't spamming..
Mod +5 Drunk
[Emphasis in your quotation added by me]
If every one of your employees has to delete 95 copies of...
"XX3NICAL__ ULTR@M__ F!0RIC3T__"
" Pills You Want. Many On Stocks. abreact omrgphh"
"G.1.ANT T.1TS 4 HER 4914"
"horse fux my girl N.U.D.E on internet" and
"hoi pliancy herbul penls"
[remainder of my past hour's spam filter hits deleted for brevity]
...for every legitimate business email they receive, and that doesn't constitute a Denial of Service attack, may I politely inquire as to what the f.u.c.k. would?
i agree. my typewriter statement was factitious in order to show how the law could adversely affect small business. my point is that it should be important for these legislators to consider the financial impact that this would have. not only would it drive up cost for everyone but would favor large businesses with preexisting IT infrastructures over smaller companies whose IT person might some multipurpose employee that by chance knows how to reboot computers, share printers, and run windows update (which, for a majority of small businesses, is all the IT expertise you need).
more importantly, the whole premise of the law, in my opinion, is garbage. i believe that the law puts an unreasonable amount of responsibility on the employer rather than the employees. people need to start being proactive in protecting themselves from the internet.
if implemented, choosing *who* to sue would also be a litigious nightmare. do you sue the IT girl? if so, do we start selling IT malpractice insurance (i would need some)? do you sue the 3rd party ISP? What about the company that wrote the spam filter, should it fail to work? if a company filters their corporate mail but not, say, the employee's hotmail account, are they still liable for damages?
but even if i can prove that the legislation would create a litigious nightmare isn't sufficient to show that the law shouldn't exist. The *real* problem with this legislation is how it holds the entity that provides the transport for the offensive material responsible for the offensive material. would we sue the phone company or the USPS for sending us audio and paper versions of porn spam? do we do so now? no, we (united states) create things like the do-not-call list and find methods of empowering the consumer rather than punishing the provider. to me, and i think most people, holding the service provider responsible sounds absurd.
however it seems that legislators have taken a different view of this in when it comes to the internet (the first death of napster, for example, and all the stuff that's happened in the wake of the DMCA). i have theories, but i'm not yet sure why this is.
i have to admit that i'm really excited to see what happens. thankfully, i'm not in the E.U. so i can watch from afar. and after belaboring the topic a bit more, an etch-a-sketch is sounding pretty appealing. ^_^
That's funny because my email account has never received pornographic material, nor anything about a Nigerian scam either. I did receive a couple chain letters (you mentioned you've got 2), but after politely asking my ex-gf to stop sending them, she did, and I never got any others. My current email statistics are: 16,231 Received, 24,321 Sent, quite a large number I'd say. Oh yeah, I've never received stock tips in my email either (except from my broker). So I guess since this is my personal experience it must be the same for everybody right? So why is everyone complaining then? Why was everyone complaining 5 years ago about the amount of junk mail they receive? I mean, you've made it very clear that junk mail, simply doesn't exist?! Maybe because it's moved to electronic medium? In that case, isn't it more environmentally friendly? (I remember that being a huge argument against junk mail myself), so maybe your just anti-environment?
I don't like spam, but people are so damn aggressive and bitchy these days. RELAX!! Learn how to joke around again. Life is short, enjoy it. In Canada we all joke about the constant frivolous lawsuits that happen in the USA (burglar sue's homeowner after falling threw roof), creating laws, and sueing everyone into bankruptcy isn't the answer. You want to set up a spam filter, great! But don't get so worked up because someone wants to make your penis bigger.
Mod +5 Drunk
As an european living in North-America, this article , although true in its content, plays a lot of noisy drums for nothing.
Contrary to USA, europe does not have a culture of suing people or companies, and in particular against "hostile work environment".
I don't think the situation were an employee sues his company for receiving p0rn spam will arise often, since the employee will have nothing to win apart from losing his job and never find another one (suing your company is generally not a good thing on a resume). (I dont say you lose your job if you sue your company - legally you cannot, but we all know how easy it is to for companies to find other supposedly legal reasons to fire you).
Moreover, if your receive spam, it generally means that you have used your work e-mail address for non-business related issues, and you'll end up walking on dangerous grounds if you try suing your company for that.
So, to me, this article has been written by someone who knows laws, can forsee their effect, but do not know the european culture enough and makes the common mistake of comparing it to north-america. Or maybe he never worked in a company where e-mail is used for work.