Brad Templeton Home


Brad Ideas
(My Blog)


ClariNet

Interviews

EFF

Jokes / RHF

Photo Pages

Panoramic Photos

SF Publishing

Software

Articles & Essays

Spam

DNS

Jesus
The Book

Dot!

Packages

Interests


RHF Home

Ty Templeton Home

Stig's Inferno

Copyright Myths

Emily Postnews

Africa

Burning Man

Phone Booth

Alice Pascal

The Rules for Guys

Bill Gates

   
 

Commentary on Ad-Hoc Working group on UCE

Commentary on Ad-Hoc Working group on UCE

This is a commentary on the report to the federal trade commission of the Ad-Hoc Working Group on UCE.

In general, the committee's analysis is reasonable, though the focus on the term UCE is misleading, because the problem of E-mail abuse at this time is effectively entirely the abuse of bulk E-mail, because bulk E-mail is so cheap. Indeed, it's easy to show just with simple mathematics that person to person E-mail can't become a problem of great concern (other than problems from single megabyte E-mails.)

UCE vs UBE

It is important to focus on bulk, and not commerce for several reasons. To deal with commerce requires regulating E-mail based on what it says rather than how it is sent. This is dangerous and probably unconstitutional. While in a minority, there are non-commercial spams, and should commercial ones see regulation, there are many ways to promote commercial causes without advertising a product for sale (just look at all the prescription drug ads before the rules forbidding their advertising were relaxed.) While in theory one could go after unsolicited commercial bulk, this additional content-based determination is not needed.

It is true that technological solutions are immature. However, the problem is fairly young by many measures. I myself write a very effective filter last year which blocks almost all my spam and needs no tuning. Several companies have of late announced, or entered testing stages, on software to combat the problem.

Almost all the committee's arguments apply to things that happen only when bulk mail is abused. You can't get a significant quantity of mail personally without it, and thus your time and resources can't be abused except at very trivial levels. Likewise, ISPs only suffer under the volume of mail, and privacy is only invaded through the use of automated address harvesting -- which is only of value with mass mailing.

Full details on why person to person e-mail should remain unregulated.

Cost-Sharing

The question of cost-shifting is one of the most difficult to judge. While there is no doubt that all E-mail uses the resources of the recipient, it should be noted that this was a deliberate design decision. The internet was built on a shared-cost, flat-rate model with the following basic contract, "I pay for my end, you pay for yours." There were pay-to-send E-mail systems in earlier eras, such as MCI-Mail and Compuserve. They were wiped off the map by the shared-cost, flat rate internet cost accounting contract.

The whole system was designed, to avoid the need for accounting, not to worry about who initiated traffic and who it served as long as the volume was too small to be worth billing about. Bulk abuse creates volumes that are worth dealing about, but we must be cautious not to abandon or damage the flat-rate model on non-bulk traffic by demanding an accounting because an E-mail annoys us or is sent for selfish reasons. The real offence is against ISPs who find their machines slowed down, and the net as a whole, since in aggregate mailboxes get filled up.

In other words, the cost-sharing (a more precise term than cost-shifting) is a feature of the internet, not a bug. It is, however, a feature that is being abused.

See this link for full details on internet cost sharing.

Identification

While we are not opposed to rules requiring advertisements to contain real contact information for the sender, this must be done with care. Non-advertisements can't be made subject to such rules by U.S. law, and regulating only advertising E-mail because it is easier is also not allowed. E-mail must be at least as unrestricted as paper mail, or so ACLU v. Reno implies, and there is no such rule for paper mail.

This does not stop recipients of mail from demanding identification or certified digital signatures on mail they receive, of course.

Trial Accounts

It should be noted that one possible weapon against abuse is to encourage ISPs to restrict the access of trial (or "throwaway") accounts, giving them a lower level of service than established customers. In particular, the ability to send bulk E-mail can be denied them until they become established customers who have signed a terms of service contract.

A full analysis of blocking trial accounts.

Wasting our time

There is no doubt that SPAM wastes our time. We must be cautious about any regulation that forbids people to "waste our time," especially with a single message. To waste the time of millions with a mass mailing, this is perhaps an offence -- but the precedent of forbidding one person to waste a small amount of another's time to communicate with them is drastic.

State Law (Washington, California, etc.)

While one might agree with the state of Washington's desire to insist on accurate return addresses on advertisements, the idea that individual states should have the power to regulate any of the otherwise geography- independent aspects of the internet is dangerous and violates the commerce clause. By its very nature, the Washington law puts a burden on people outside Washington who use E-mail in the normal way -- which is to say often not knowing where the recipient of their E-mail is -- to have to check as to whether their recipient is in Washington, and then learn and conform to Washington state laws. Multiply this requirement by 50.

It matters not what the law says -- the burden is the vast change in the way E-mail works, requiring people to take steps to know where the recipient is. If their recipient is outside Washington, then Washington has stepped over the line and altered interstate commerce outside the state. You might like the Washington law, but do you like the New Mexico law prohibiting material that is "harmful to minors?" Or any other law any other state might have the power to enact?

Labels

I believe we need only label 2 things. The number of recipients of a message and a simple 4-way flag about the relationship of sender to recipient (stranger/known/solicited/non-bulk). No subjective statement about content is needed, or desirable.

Current Proposed Laws

You can find EFF's commentary on the Murkowski-Torricelli bill at the EFF web site.

You can find my comment on the Smith Netizen's Protection Act at this link.

Other methods

You can see a summary of other methods with comment on this page.

Opt-out vs opt-in

We live in a society where communications are by default free unless a person asks they not be sent. If a person states no preference, in a free society, they can be approached. As much as people would like to change that default for everybody in an effort to stop E-mail abuse, this does not match how a free society works. We have no duty to limit the mail of those who will not take the step to ask for protection.

It is likely however, that most people want to receive no UBE from strangers. In this event, the system turns into an opt-in system where people block the basic affront, and then tune what they wish to ask for. However, society should not make that first decision about whether people's E-mail is filtered -- they should.

It is possible to devise "opt-out" schemes which are global and do not require disclosing policy until mail is attempted. One is described at this page.