|You are in: Technology|
Monday, 21 October, 2002, 09:39 GMT 10:39 UK
Looking forward to a spam-free future
What is the best way to rid the internet of the nuisance of spam asks Bill Thompson
Sometime soon I'll stop having to check my HotMail account every week or two in order to remove the couple of hundred of spam e-mails that clutter it up.
Currently it is effectively unusable for anything other than filing articles when I'm unable to get to a sensible computer that will let me talk to my own network server directly.
Around the same time customers of BTopenworld will benefit from the same sort of relief.
They can expect to wake up in the morning to find only two or three unwanted and implausible commercial messages waiting for them, instead of the several dozen that have become the typical burden of the long-term Net user whose e-mail address has been 'harvested' and added to junk mail lists around the world.
The reason is that both Microsoft (which runs HotMail) and BTopenworld have signed up with Brightmail, an e-mail filtering company, to install the Brightmail Solution Suite on their e-mail gateways.
The result should be a significant reduction in the numbers of spam messages that get through to users' accounts, because Brightmail is rather good at spotting identical or near-identical messages that are sent to large numbers of addresses.
Admission of failure
Recent research by Brightmail themselves indicates that this is what users want - 55% of the respondents to their survey felt that filtering spam was a responsibility of the Internet Service Provider.
Presumably many felt that blocking viruses was also a job for the ISP, since BTopenworld is installing the Symantec anti-virus server software at the same time as it starts filtering spam.
I have two problems with this approach. The first is that installing filters is in many ways an admission of failure, accepting that the spam merchants are going to carry on sending stuff out regardless, and that any attempt to control what is sent over the network is destined for failure.
Instead of trying to create legislation that controls the commercial use of e-mail and makes it possible to track down and prosecute the fraud merchants, we are simply letting them get away with it.
It could be argued that this is only a temporary state of affairs, because once most ISPs filter spam then its effectiveness will diminish and fewer will be sent.
After all, the point of these invitations to buy generic Viagra, receive weight loss potions, join pyramid-selling schemes or visit pornographic websites is to get customers.
Even the obvious frauds, like the Nigerian money-laundering invitations, are sent out because they work.
Unfortunately the most likely effect is simply escalation in this particular arms race: while sending spam is not illegal those who want to do it will find ways around the filters, just as virus developers have repeatedly found ways around scanning software.
I fear that the end result will be a network which is slowed down more because every e-mail is scanned multiple times by inadequate software than it would have been if we'd just let the spam through.
The alternative seems to be more effective regulation. There have already been attempts to control spam through the legal system. The European Union's Electronic Data Protection Directive gives national governments, including ours, until the end of 2003 to pass laws which make it an offence to send commercial e-mail to someone who hasn't opted in to receive it.
But this only applies within Europe, and most spam comes from elsewhere, and from companies who don't care too much about the legal niceties anyway.
A better solution - and one I've advocated in the past - is simply to tighten up the network itself. Most spam comes with no effective return address and no easy way to trace the sender, because it is inserted into the network using a variety of techniques that rely on badly-configured mail systems, web servers and other network components.
It would also preserve people's freedom to use the net without being watched, because this is the other major issue I have with ISPs who sign up with Brightmail or other mail scanning.
And I'm not alone: over the past few weeks an extensive and heated discussion has been taking place on the uk-crypto mailing list about just this issue.
The list, where those interested in issues around encryption and the interception of communication, has been arguing over whether scanning for spam - or viruses - counts as an 'interception' of a communication under UK law.
In other words, if a program reads your e-mail and decides whether or not to send it to you, is that the legal equivalent of a systems administrator or police officer doing the same thing?
The general consensus - but I am not a lawyer - is that scanning is not interception and so is legal without a warrant.
However, it is clearly interference with messages which are addressed to me, and it worries me that this will happen without explicit consent.
There is no indication that BTopenworld will let customers decide that they don't want their messages scanned, even if that means they receive a lot of spam, but surely there are those who would rather receive everything and decide for themselves what they want to disregard, or install their own spam filtering so that it is under their direct control?
Those who have seen me argue in the past for increased regulation of the Net may think that I'm contradicting myself here by arguing for the freedom to receive spam, but I don't think this is so.
I want an internet where nations and communities can set their own standards for what they do online, where national borders can be erected on the Net and where those borders will be respected.
We work like this in the real world, and I do not consider it an unreasonable restriction on my freedom that I can't sell certain medicines in the UK even though they are available over-the-counter in Italy or other countries.
The same applies with e-mail - if the law says that obscene websites should be blocked, then that is a decision that the community has made as a whole and I can either respect it or try to get around it and accept the consequences if I am caught.
But why should BTopenworld and Brightmail get to decide what counts as 'spam' and stop me receiving it? I will accede to the laws of the land, but don't want the big corporations making what are effectively the laws of the internet.
Disclaimer: The BBC will put up as many of your comments as possible but we cannot guarantee that all e-mails will be published. The BBC reserves the right to edit comments that are published.
16 Oct 02 | Technology
19 Sep 02 | Technology
27 Sep 02 | Technology
11 May 02 | Science/Nature
20 Mar 01 | Business
The BBC is not responsible for the content of external internet sites
Top Technology stories now:
Links to more Technology stories are at the foot of the page.
|E-mail this story to a friend|
Links to more Technology stories
To BBC Sport>> | To BBC Weather>> | To BBC World Service>>
© MMIII | News Sources | Privacy