This month’s "Spam Summit" held by the All Party Internet Group at Westminster didn’t leave its delegates feeling too optimistic about the future.
We all know spam is a menace, but even with better filtering from the internet service providers and stronger legislation from Europe and the US, it’s unlikely that the efforts at remediation are going to make a great difference before the internet starts grinding to a halt under the weight of unsolicited e-mail.
Steve Linford of Spamhaus tells us that 90% of the unsolicited e-mail we receive comes from 140 spammers and, to qualify as a member of the "Rokso" list, the Spamhaus’ hall of fame, then a spammer has to have been thrown off three consecutive ISPs.
The Spamhaus Block List (SBL) has 140 million users, but although it’s proactive and pre-emptive by blocking known IP addresses, it’s useless against open relays and proxies. The worst offenders on Rokso are sending out as many as 50 million e-mails a day.
It’s a big business and, increasingly, one that attracts racketeering and the Mafia on its seedier pornographic side, and an exploding "service" sector in China, where ISPs are happy to accommodate spam operations for a few hundred dollars a month.
AOL is, apparently, the best place to avoid spam. It blocks two billion e-mails each day to its 26 million customers but the company, like every other ISP and service, such as Microsoft’s Hotmail, is in a technology arms race with the spammers who are constantly searching for new ways to bypass their filtering systems.
Both the US and the Europe are legislating against the concealment of identity or, in other words, sending spoofed headers, as one way of clearly criminalising aspects of the activity. As much as 66% of all the spam received is deceptive in its header or subject line and, as a consequence, violates the laws of 12 US states. The only problem is that enforcement is relatively unheard of.
So what can be done? New EU rules on unsolicited e-mail, which require a strict opt-in and an existing customer relationship, will become law in October. This sounds great until you realise more than 90% of unsolicited mail comes from outside the EU.
The Americans, bless them, have more than 30 state laws and a constitution that guarantees freedom of speech and the right to shoot bears. Unlike Europe, the US doesn’t view information privacy as a fundamental right, and the UK's Direct Marketing Association, rather like the National Rifle Association in the US, believes that the right of free expression should be supported whatever the consequences.
George Bush's administration looks set to pass opt-out legislation, rather than opt-in legislation, which would be a complete disaster for three reasons. First, because you would then have to opt out of any unsolicited e-mail you may be sent; second, because 23 million small US businesses would be free to hit anyone with an internet address; and third, because the Chinese government is more likely to follow the Americans than the Europeans in framing its own legislation. Therefore, the spammers will become very rich and the internet, where half of the traffic is already unsolicited e-mail, will slowly grind to a creaking halt under the weight of freedom of expression.
Ultimately, and if a solution is not found quickly, I can see the appearance of two internets. The free one, which resembles my front door mat, cluttered with credit card offers after I return from holiday, and a private "walled garden", where business pays for its e-mail in a relatively spam-free environment.
Either way, the internet looks set to become a channel of diminishing returns for the rest of us unless Uncle Sam and the European Union start agreeing on laws to stop the spammers.
What do you think?
Will spam ultimatelly render the internet useless? Tell us in an e-mail >> ComputerWeekly.com reserves the right to edit and publish answers on the website. Please state if your answer is not for publication.
Setting the world to rights with the collected thoughts and opinions of leading industry analyst Dr Simon Moores of Zentelligence.
Acting globally, Zentelligence (Research) advises governments, suppliers, business and the media on the evolution, application and delivery of leading-edge technologies and specialises in the areas of eGovernment and information security.
For further information on Zentelligence and its research, presentation and analyst services visit www.zentelligence.com
This was first published in July 2003