Home/red-rock-eater/[RRE]spam self-regulation is one of the really bad ideas

[RRE]spam self-regulation is one of the really bad ideaswriting

militaryinternet-policyprivacycommerce
2000-01-13 · 4 min read · Edit on Pyrite

Source

Automatically imported from: http://commons.somewhere.com:80/rre/2000/RRE.spam.self-regulation.html

Content

| | | | --- | --- | | Red Rock Eater Digest | Most Recent Article: Mon, 17 Sep 2001 |

[RRE]spam self-regulation is one of the really bad ideas

``` [I have heavily reformatted this message.]

---

This message was forwarded through the Red Rock Eater News Service (RRE). Send any replies to the original author, listed in the From: field below. You are welcome to send the message along to others but please do not use the "redirect" option. For information about RRE, including instructions for (un)subscribing, see http://dlis.gseis.ucla.edu/people/pagre/rre.html or send a message to requests@lists.gseis.ucla.edu with Subject: info rre

---

Date: Thu, 13 Jan 2000 11:56:42 -0800 From: PRIVACY Forum

PRIVACY Forum Digest Thursday, 13 January 2000 Volume 09 : Issue 05

(http://www.vortex.com/privacy/priv.09.05)

---

Date: Wed, 12 Jan 2000 22:37 PST From: lauren@vortex.com (Lauren Weinstein; PRIVACY Forum Moderator) Subject: Direct Marketing Association's "Spam Solution"--Useless, or Worse!

Greetings. The Direct Marketing Association (DMA), which has long championed the notion that self-regulation and "opt-out" programs are the main solutions to consumer privacy concerns and commercial information gathering, have just announced their idea of a major step towards cutting back on unsolicited e-mail spam--their "e-Mail Preference Service" (http://www.e-mps.org). This site allows users to provide the DMA with their e-mail address, which DMA says will then be used to purge DMA member organizations' e-mail mailing lists of those addresses (unless you already have an existing online business relationship with a member firm, it seems...) This preference must be renewed at intervals or it will expire.

The reasons why this whole thing is a bad idea are almost too numerous to list, but let's briefly look at a few of them, shall we?

-- The concept puts the burden on individuals to "opt-out" of receiving unwanted materials filling their e-mailboxes. Why doesn't the DMA support "opt-in" programs instead, where users would affirmatively indicate that they want to receive particular materials? I think we all know why--most people don't want to see the kind of garbage that shows up as spam, and the opt-in rate would probably be pretty darn low...

-- The DMA has a long-standing similar opt-out list for physical mail advertising. If you've signed up for it in the past, did you notice a significant decrease in the junk, er, I mean unsolicited mail you received? No?

The reason the physical mail opt-out list doesn't have much impact for the average individual is that so much junk mail is generated from organizations who are not members of the DMA. This is but one fallacy of many self-regulation proponents' arguments. Self-regulation only impacts those who choose to play by those guidelines, for everyone else it's open season.

In the case of spam, the impact of such an opt-out list is likely to be even less. Most reputable firms and organizations already know (or learn very quickly!) that sending out unsolicited e-mail spam is one of the surest ways to create upset or angry recipients, who consider spam an invasion of their privacy and a waste of their resources. Sending spam is also a sure-fire method to get any associated sites onto the various public spam e-mail block lists, which are referenced by vast numbers of ISPs and individual servers to determine which e-mails they are willing to accept. No legitimate organization or firm wants to be on those block lists. (By the way, my own public e-mail block list is always available via the link at http://www.vortex.com.)

So, most large, established firms, the very ones most likely to be DMA members, already know better than to send out spam.

You know where this is going... A very large percentage of spam, often sent through hijacked open e-mail relay servers, promotes illicit pyramid schemes, multi-level marketing frauds, hardcore pornography, and other similar "products"--from the sorts of folks who are the least likely to be DMA members or have any desire to purge addresses that are on the DMA's list. But they might still have an underhanded use for the DMA's service! See the next item...

-- For $100/year, the DMA will let non-members upload their e-mail mailing lists, after which the lists will be returned to them "cleansed" of addresses on the opt-out list (the actual DMA opt-out list itself is not made available). Unscrupulous spammers (are there really other kinds?) could use such a procedure to determine which addresses on their original lists are likely to be valid. If an address is purged from the returned list by the DMA processing, that means it existed on the DMA opt-out list. By feeding vast quantities of addresses through this system, spammers could end up with "higher quality" spam lists to use for mailings and to sell to other spammers. Oh boy! The DMA opt-out list usage agreement would seem to prohibit such a use. Will most spammers care about that prohibition? Unlikely.

-- The very existence of such an opt-out list could have the effect of "legitimizing" spam to many observers. "After all, if an address isn't on the DMA spam opt-out list," they might think, "it must mean that they want to receive spam!" Right? So by that sort of twisted logic, it's OK to send them as much garbage as the machines can generate, since they're not on the list.

But as I've noted, being on the list carries risks as well, and is unlikely to accomplish much beyond advancing the DMA's public relations agenda.

Overall, the whole concept seems to be misguided at best. I'd urge individuals to think very carefully about whether they really want to add their e-mail addresses to the DMA's opt-out list database. By participating in the expansion of the list, you're likely to be contributing to the DMA's "self-regulation" and "opt-out" arguments, while spam will still be flowing unabated and as disruptive as ever...

--Lauren-- lauren@vortex.com Lauren Weinstein Moderator, PRIVACY Forum - http://www.vortex.com Co-Founder, PFIR: People for Internet Responsibility - http://www.pfir.org Member, ACM Committee on Computers and Public Policy

---

End of PRIVACY Forum Digest 09.05

--- ```