Spam: the counter-attack begins

New laws to deal with unsolicited email

11 June 2003

Although the issue of spam - unsolicited email - is never far from the people's minds, the next few months will see western authorities tackle it head on.

In the UK, the government's consultation period for how to deal with it is due to end on 19 June. E-commerce minister Stephen Timms has proposed that UK companies will only allowed to send spam to customers who have given their permission.

Meanwhile Labour backbencher Paul Flynn is attempting to introduce a bill that would make sending emails without the recipient's consent a criminal offence. An official meeting regarding spam will also take place in July where MPs will argue for stronger measures.

The EU has taken a harder line than the UK government, arguing that people would have to actively choose to accept emails from a company rather than choose not to receive them. Its directive will come into law from October.

On the other side of the Atlantic, even more stringent measures are set to become law. Several anti-spam bills have been put forward in Congress, most of which argue for prison sentences and hefty fines for people caught sending large amounts of unsolicited email.

In fact, hatred of spam has grown so large that it has swung the other way, with the Federal Trade Commission's recent suggestions for changes in the law to give it new powers being described as worryingly open to abuse.

The FTC is renowned for its aggressive investigations and is asking to be granted access to suspected spammers' personal details. This is in addition to its demand to be given a right to secrecy over any such request, so that spammers would remain unaware of any investigation and so not be able to destroy evidence.

While all this is going on, spam is becoming progressively loathed by society at large. It is estimated that 50 per cent of all email traffic is now spam - although as most of those figures come from spam-fighting software companies, they should be taken with a big pinch of salt. That's not to deny that spam is a serious problem for a lot of people, however.

This week, a new report warned that 80 per cent of kids were receiving unsuitable emails and they were leaving them "uncomfortable" and "offended". Of particular concern is the huge number of spam messages that point to pornographic sites.

Despite years of efforts to defeat spam, the Internet's ability to send millions of messages for a negligible amount of money and in a very short period of time has meant people are consistently encouraged to find ways to bypass filters.

The most recent efforts to cut it out are stepping away from filters to try to squash emails even earlier. Yahoo has recently introduced a new system where people are required to type in camouflaged letters to sign up to an account - to avoid automated account creation - plus occasionally are asked to verify their account when sending an email.

An increasingly popular anti-spam solution sends the recipient of an email an email back asking them to confirm they meant to send it. Since the vast majority of spams are sent without a return address and spammers cannot be expected to agree to every spam they send, spam is virtually eliminated - something that people feel is worth the irritation of getting people to confirm they meant to send the message. However, this solution can disrupt legitimate communications between a company's automated service and if widely adopted would most likely soon be bypassed by spammers.

An old and controversial method to cut down spam is the use of server blacklists. Several organisations scour the Internet looking for "open" servers that spammers use to send out hundreds of thousands of spams. If they find one, the server's address is put on a blacklist. The blacklist is then sold to ISPs, and those ISPs then block any emails originating from the servers mentioned.

While this method has been successful, it has created several huge controversies, including one where the owner of one blacklist was taken to court and found guilty of abusing his position. Many companies have also complained of being blacklisted without being informed. And even big companies are not immune - BT this week was apologising to customers after a part of its service was blacklisted because of an open relay and their emails were rejected by ISPs across the world.

However, even when stronger laws are created in the US and Europe, there is no guarantee that it will stop since email can be sent from any server located anywhere in the world. Any measures are better than none though and with the FTC taking a strong interest, the use of spam by any company with interests in the US would become far less attractive thanks to the FTC's ability to freeze account, levy fines and even push for prosecution.

Countries without anti-spam laws will soon find themselves under pressure from Western governments if they become hotbeds of unsolicited email and with society turning against spam, this pressure would be doubled.

We are far from defeating spam. The laws being introduced now are a step in the right direction though and 2003 will no doubt be seen as the start of the world's counter-attack.

Contact | Journalism | CV | Pub Tour | General | Projects | Internet