Based on the strong response to the recently-launched national telemarketing do-not-call registry(Sign-up begins for do-not-call list) , is a similar bill for spam right around the corner?
Congressional leaders are always looking to pass legislation that is both high-profile and communicates a very simple value proposition to consumers. Would anything win the hearts and minds of your average American on the Internet like ridding his or her inbox of spam? Suffice it to say that somebody must be working on a bill that would seek to restrict spammers in much the way that telemarketers will be restricted in the very near future. In thinking about this topic, two questions come to mind:
Is it Enforceable? Assuming that it is feasible to build such a system (I imagine that consumers would have to log into a database and register email addresses that they wanted to put on the “do not spam” directory. How on earth would you enforce violations? Spammers are well-known for the tricks that they employ. One need look no further than the “Buffalo Spammer” case that gave Earthlink fits for over a year. What agency, consumer protection organization, or other entity has the resources and know-how to prosecute the multitude of amateur and professional spammers? Would this law make people feel any better if it didn’t have any teeth?
Is it Too Early to Call Donotcall.gov a Success? Consumers, myself included, are excited about the prospect of being completely free of telemarketing phone calls. However, I don’t expect that direct marketers worldwide will take this lying down. Perhaps some of the more hardcore direct marketers will set up shop in countries where U.S. laws do not apply. I can imagine an inventive direct marketer using VoIP to do telemarketing from India or Ireland. While that last comment was something of a joke, I do expect that direct marketers will push on the law to find the edges and ways in which they can comply with the letter of the law.
The problem with this is that there’s no way to make a do-not-spam list that doesn’t in some way give the spammers an advantage. A do-not-spam list is a list of “known good” email addresses, for which spammers have a voracious appetite. Even if each address were hashed, spammers could hash the addresses they’ve gathered and–because the hash algorithm would have to be public for legitimate email marketers to use it–spammers could still verify that an address is genuine. Sure, they’d be breaking the law. But in most cases, they’re already doing so, and they’re beyond the reach of law enforcement.
The best answer to spam in the foreseeable future seems to be technical means (Bayesian analysis, etc), laws to outlaw the practice, and law enforcement resources dedicated to going after the worst offenders. But there’s no surefire means to prevent people from getting any spam at all–and for most people, that’s not really the issue. One or two a week is manageable, but two or three hundred a day is not.
The problem with this is that there’s no way to make a do-not-spam list that doesn’t in some way give the spammers an advantage. A do-not-spam list is a list of “known good” email addresses, for which spammers have a voracious appetite. Even if each address were hashed, spammers could hash the addresses they’ve gathered and–because the hash algorithm would have to be public for legitimate email marketers to use it–spammers could still verify that an address is genuine. Sure, they’d be breaking the law. But in most cases, they’re already doing so, and they’re beyond the reach of law enforcement. The best answer to spam in the foreseeable future seems to be technical means (Bayesian analysis, etc), laws to outlaw the practice, and law enforcement resources dedicated to going after the worst offenders. But there’s no surefire means to prevent people from getting any spam at all–and for most people, that’s not really the issue. One or two a week is manageable, but two or three hundred a day is not.