Other PIAC Documents
Tell us your story!
Please contact us with your stories and questions.
The following comments are provided by the Public Interest Advocacy Centre (PIAC) on the Discussion Paper issued by Industry Canada in January 2003 on the issue of unsolicited commercial electronic mail (“spam”).
The Public Interest Advocacy Centre is a national non-profit organization devoted to the representation of consumer interests in matters involving public utilities, essential services, and public interest issues of broad application to Canadians. PIAC has developed a strong record of consumer advocacy since its inception in 1976, and is widely recognized as an important and influential voice for ordinary consumers in a variety of marketplace issues. PIAC is governed by a distinguished volunteer Board of Directors from across the country, and is supported by member groups and donors representing hundreds of thousands of Canadians.
As Industry Canada’s discussion paper recognizes, unsolicited commercial email is becoming a serious problem for online consumers, and thus a serious hindrance to the further growth of this medium of communication and commerce. There have been many studies, reports, and estimates of the extent of the problem. For example:
ISPs estimate that the quantity of spam rose by more than 500% between September 2002 and March 2003;7 AOL’s spam filters block 1 billion messages daily8, or an average of 24 junk e-mails per account per day;9
If 1% of the 24 million small businesses in the U.S. sent an e-mail subscriber one e-mail a year, it would result in 657 messages in the subscriber’s in-box every day;11
Clearly, the problem is significant and shows no sign of abating, despite efforts, both technological and legal, to control it.
It estimated that unwanted commercial e-mail cost
ISPs, regulators, consumers and entrepreneurs have been struggling with the problem of spam for some time. Many different approaches to controlling spam have emerged: technological options, self-regulatory codes, standards development and legal requirements. Those closest to the problem seem to agree that the solution will require action on all fronts: technology, self-regulation, standards development, and law.22
(a) Technological options
The market has produced an array of constantly-evolving filtering and blocking services, now widely used by ISPs as well as individual e-mail users. Different methods of filtering are used, including blacklists of known spammers’ Internet addresses. Companies such as Brightmail Inc. who specialize in anti-spam software are finding a growing market for their services. While these filtering services help to reduce the costly impact of spam on ISPs and users, however, they do not appear to be stopping spammers from engaging in the practice in the first place.
Non-governmental organizations such as the US-based Internet Research Task Force’s recently inaugurated “Anti-Spam Research Group”, are attempting to develop technological means to better control spam. The group’s Charter focuses on the need to allow for “consent-based communication”, under which “an individual or organization should be able to express consent or lack of consent for certain communication and have the architecture support those desires.”23 The Chair of this group noted that technical and legal solutions must work hand in hand.24
Another group recently formed in the USA, “JamSpam”, was created “to produce an open interoperable antispam specification that serves as a universal solution to both edges of the spam sword”.25 Some options being considered include developing e-mail authentication standards to ensure that legitimate messages are recognized and delivered securely, closing “open relays” – insecure servers used by spammers to send bulk e-mail, and creating more transparency for legitimate messages, so as for example to be able to discern whether the message is a newsletter, a bill, or a message from a friend.26
(b) Policy and self-regulatory approaches
There are hundreds, if not thousands, of mailing lists, message boards and anti-spam organizations battling the problem of junk e-mail.
ISPs deal with spam in a variety of ways, including automatic filtering technologies, as well as customer-controlled filtering services. Microsoft recently announced that its MSN Hotmail subscribers would be limited to sending only 100 messages per day, “in an effort to prevent spammers from using Hotmail to spread spam”.27 Prior to this, Microsoft relied on filtering technology: it filtered all messages twice, first through its e-mail servers and then at the subscriber end, based on the subscriber’s own designation of previous messages as junk.28
In January 2003 AT&T WorldNet unsuccessfully tried to use a “reverse DNS lookup” to block spam: ISP servers were programmed to relate incoming e-mail’s originating address to a valid domain name or Web address by looking it up in a DNS database; if not there, the message was dropped. This approach failed, however, as too many legitimate e-mails were dropped.29
In addition to spam filtering and acting on subscriber complaints, AOL tracks the volume of e-mail in its system, and terminates AOL subscribers who have unusually high volumes of outgoing mail.30
ISPs such as Yahoo and Microsoft have also changed their registration processes so as to make it more difficult for spammers to automate the process of creating new free e-mail accounts.
Associations of Direct Marketers are also trying to control their members’ behaviour online. But even effective self-regulation by such bodies is ineffective insofar as spammers are not members of the organization.
In the USA, Microsoft, AOL, Verizon, Earthlink and other ISPs are aggressively pushing for national legislation. Even marketers, who generally oppose more regulation, now support the drive for national legislation, if only to avoid a patchwork of state regulations that vary in strength and approach: in October 2002, the American Direct Marketing Association announced that it supported federal anti-spam legislation that would ban false headers.31
The following approaches are either being taken in other jurisdictions, or are being considered, currently:
(i) Regulate Spammers
(ii) Regulate ISPs
(ii) Regulate Businesses who use e-mail lists compiled by others
(iii) Empower E-mail users and ISPs to enforce law and obtain redress
As others have noted, spam is a serious problem in need of a multi-faceted and coordinated response. Neither technological nor legal approaches alone will suffice; both are needed.
Legal initiatives are needed both to further encourage the development of technological “fixes” and to deter spammers. Even where enforcement of laws is difficult, it is important to establish ground-rules for online marketers, so that the limits of acceptability are clear, and so that enforcement can proceed where possible.
PIAC advocates an internationally-coordinated approach which includes:
Only with a set of meaningful rights and obligations such as those above will e-mail users and service providers be properly equipped to control spam.
Contact: Philippa Lawson Senior Counsel Public Interest Advocacy Centre 1204 – 1 Nicholas St. Ottawa, Ontario K1N 7B7 tel: (613)562-4002 x.24 fax: (613) 562-0007 email:email@example.com
1 “States Still Trying to Stop Spam” Wired News (7 February 2003) http://www.wired.com/news/print/0,1294,57585,000.html
2 Ira Teinowitz, “FTC to Hold Spam Workshop: Three-Day Hearings Could Lead to Reglatory Action” online: ADAGE.com news (3 February 2003).
3 Jonathan Krim, “Spam’s Cost To Business Escalates: Bulk E-Mail Threatens Communication Arteries” Washington Post (13 March 2003)
4 Jennifer Lee “Spam: An Esclating Attack of the Clones” The New York Times on the Web (27 June 2002).
5 Claire Cozens,, “ASA clamps down on spam” The Guardian online: The Guardian http://www.guardian.co.uk/Print/0,3858,47617533,00.html
6 “Spam comprises nearly quarter of email” online: SMH.com.au (11 February 2003).
7 Stefanie Olsen, “Hotmail restricts outgoing messages”, CNET News.com (24 March 2003).
9 AP “AOL Claims Record Block of Spam E-Mails” The Washington Post (5 March 2003) online: Washington Post http://www.washingtonpost.com/ac2/wp-dyn/A47523-2003Mar5?language=printer
11 Jonathan Krim, op cit
12 Neil McIntosh, , “Mail out of order” The Guardian 27 February 2003)
13 Jonathan Krim, op cit
14 James Love, “Taking on Junk E-Mail” online: Consumer Project on Technology http://www.cptech.org
16 Herwig Feichtinger e-mail (18 May 2000), on CAUCE website http://www.cauce.org/tales/retrieve_mail.shtml
17 Neil McIntosh, op cit.
18 E-mail “The High Price of Spam” (1 March 2002; printed 3 August 2002).
20 Brian Morrissey “Spam Cost Corporat eAmerican $9B in 2002” online: Juperiterresearch http://cyberatlas.Internet.com/big_picture/applications/print/0,,1301_1565721,00.html
22 See Stefanie Olsen, “Tech Firms tackle spam”, CNET News.com (14 March 2003); and WIRED NEWS, “Net Gurus Rally Anti-Spam Forces”, 01 March 2003.
23 WIRED NEWS, “Net Gurus Rally Anti-Spam Forces”, 01 March 2003.
25 Stefanie Olsen, “Tech Firms tackle spam”, CNET News.com (14 March 2003).
27 Stephanie Olsen, op cit.
28 Microsoft “Spiking The Spammers” (12 February 2003) online: Microsoft on the Issues http://www.microsoft.com/issues/essays/2003/02-12spam.asp
29 Stefanie Olsen, “AT&T spam filter loses valid e-mail” online: CNET (24 January 2003) http://news.com.com/2102-1023-982118.html
31 Jonathan Krim, op cit.; Ken Magill, “Minnesota Anti-Spam Law Takes Effect, Texas Introduces Bill” DMNews (4 March 2003)
32 E.g., Delaware; France; UK, EU (to become effective end of 2003), Korea (impending)
33 E.g., UK (ASA), California
34 E.g., Minnesota, Washington, Korea,
35 “States Still Trying to Stop Spam” Wired News (7 February 2003)
36 E.g., Japan, Minnesota, Virginia, Washington
37 E.g., Arizona, California,
38 E.g., Japan, Arizona, Minnesota, Ohio,
39 E.g., Japan
40 E.g., Virginia, Washington.
41 Proposed by an M.P. in the U.K.: Neil McIntosh, op cit.
42 E.g., Minnesota, Ohio, Texas, Utah, Virginia, Washington