Spam: The Growing Scourge - Government Activity

It's all too common: You arrive at the office refreshed after a week's vacation, and after showing off your tan to jealous co-workers, you open your e-mail. In your inbox are hundreds of messages from people offering get-rich-quick schemes, opportunities to buy things below wholesale, and slightly seedier offers. Armed with the goodwill that a week off brings -- and the Delete key -- you simply trudge through the unsolicited mail to find the nuggets of wisdom from your colleagues and marching orders from your superiors.

It's a process that plays out in offices worldwide every day: Unsolicited mail -- often called "spam" -- takes time to sort through and delete even if you never read a single item. The common perception is that spam is merely an annoyance and that a combination of intelligent filtering and active deletion of the offending mail will take care of the problem. It turns out that was never the case. At the North American Network Operators Group meeting in Phoenix in October this year, network engineers estimated that the annual cost for coping with the excesses of bulk e-mail were more than $44 million last year. The costs are rising, and those expenses are borne by the customers of Internet service providers (ISP).

Even more sinister are the potential costs to organizations that do nothing about the problem. Employees, offended by graphic pornography that lands in their inbox, might be shocked to discover that their organization has done nothing to protect them from this offense. One possible outcome is a sexual harassment suit aimed at the company that did nothing to protect employees from this unsolicited mail. The direct cost to the organization could be enormous.

The problem with spam is that the underlying economic model is screwed up. Junk e-mail shifts the costs of advertising from the advertiser to the recipient. With a single e-mail account, a distributor of mass e-mail can send one message to millions of recipients on the Internet. That turns a single message into thousands of megabytes of data to be transferred over the Net. It costs a junk mailer a tiny amount to send the spam, but it costs Internet backbones and service providers dearly to transfer and store the junk. Those costs are passed along to consumers of Internet mail services.

The problem has become so bad that several organizations have come together to fight the problem cooperatively. In a session chaired by Paul Vixie, the author of the software that makes the Internet's Domain Name Service work, the North American Network Operators Group discussed approaches that ISPs could use to protect themselves and their customers. The session at the Phoenix meeting underscored the message that there is no technical way to eliminate unwanted bulk e-mail. However, the group spent some time discussing techniques that effectively block IP connections from sites that are known to be the sources of bulk e-mail.

One resource for network administrators is the Coalition Against Unsolicited Commercial Email (CAUCE), a group that is attempting to amend the law that makes it illegal to send junk faxes over telephone lines to include bulk e-mail. The amendment, sponsored by Rep. Chris Smith of New Jersey, is called the Netizens Protection Act of 1997. The Act makes it illegal to transmit unsolicited advertisements by e-mail and requires that senders always provide identification in e-mail messages. CAUCE's Web pages are at www.cauce.org and are a valuable legislative contribution to the fight against unwanted commercial e-mail. Another terrific resource for those trying to understand the legal possibilities for controlling bulk e-mail is an article in the Berkeley Technology Law Journal's Fall 1996 issue titled "Garbage In: Emerging Media And Regulation Of Unsolicited Commercial Solicitations." The article can be found at http://server.berkeley. edu/BTLJ/articles/11-2/carroll.html.

In addition to the legislative resources of CAUCE, there are also some sites that provide technical help. A terrific resource on Internet abuse in general is the Net-abuse FAQ at www.cybernothing.org/ faqs/net-abuse-faq.html. The Net-abuse FAQ covers unwanted e-mail, but also includes discussions of USENET abuse, and the reasons that these issues matter. A very recent contribution to the war on unwanted e-mail is the Internet Mail Consortium's Unsolicited Bulk E-mail pages at www.imc.org/imc-spam. The Internet Mail Consortium, based in Santa Cruz, Calif., has provided two useful white papers for the Internet community. The first describes the varieties of unwanted e-mail that have appeared on the Internet, and the second inventories the technical solutions that have been applied to the problem.

As the North American Network Operators Group realized last month, the problem of spam is growing and is becoming costly to everyone connected to the Internet. Because there is no effective technical solution, the resolution will eventually have to be based on legal and social tools. That's why you can expect to see more cases in the courts regarding spam. Support for those who are fighting spam is crucial: They're acting in your best interests.

-- Mark McFadden is a consultant and is communications director for the Commercial Internet eXchange (Washington). Contact him at mcfadden@cix.org.

COPYRIGHT 1997 101 Communications, Inc.
COPYRIGHT 2004 Gale Group