Anti-spam legislation is virtually certain one day, suggests Pegasus Mail founder and InternetNZ councillor David Harris, in a white paper on the spam problem for InternetNZ.
But those seeking to minimise spam must take care they are lobbying for the right kind of law, he says.
“There is a real risk here [that] if the wrong legislation is enacted — if governments are overwhelmed by commercial lobbying or fall back on knee-jerk reactions to the problem — then there is every chance that we may end up getting legislation that exacerbates the problem of spam rather than alleviating it.
“It is critical that the anti-spam lobby presents a united front with clear, sensible arguments backed by compelling evidence to ensure that the legislation we get is legislation that actually minimises the problem as much as possible.”
According to Harris, it is “neither possible nor desirable” to ban all unsolicited promotional email. Instead, the focus should be on ways of clearly defining what mail the user does not want.
The paper’s discussion of this leads to the contentious concepts of “opt-in” and “opt-out”.
Organisations such as the NZ Direct Marketing Association say they tell their members “opt-in” is the preferable course — where a customer does not receive promotional mail unless they specifically volunteer to receive it. Their written rules still, however, give members latitude for “opt-out” schemes, where the user has specifically to request the seller to stop the mails.
As Harris points out, the way spamming is practised today opt-out requests are routinely disregarded, or are used by the spammer as a verification that the address is still “live”.
“Even if [optimists are] correct and no spammer ever abuses requests in this way, the sentiment that this type of abuse is common is now so prevalent that a significant majority of people will never use ‘remove’ facilities even if they are a legislated requirement,” the paper says.
Any law, Harris says, must give attention to appropriate penalties and to the bodies responsible for enforcement. Legislation before the US Congress and Senate (for example, Senator Charles Schumer’s proposed bill S. 1231) would only allow the US Federal Trade Commission to bring actions against offenders.
“It remains to be proven whether the FTC has the resources or will necessary to take action against all spammers who might abuse the act.
“Effective legislation must not place arbitrary restrictions as to who may initiate proceedings against spammers for breaching it.”
The white paper discusses at length the various kinds of spam, spammers’ organisation and techniques and technological protective measures. These include the maintenance of blacklists of spammer sites, which can be automatically blocked, less practical “whitelists” of acceptable email sources, and text-sensitive filters, including the more adaptive kind such as Bayesian tools.
The long-established practice of listing for avoidance open relays, through which spammers can forge a message’s origin, is less important now, says Harris.
“Open relays have been getting rarer and rarer since the advent of blacklists and spammers now typically have other ways of propagating their product.”