If you’re anything like me, the pleasure you get from the modern marvel of email is diminished daily by the need to fend off spam. You might feel that there ought to be a law against it.
Well, there will be, eventually. The Ministry of Economic Development (MED) has released a discussion paper aimed at gathering opinions on the shape of a proposed New Zealand law against unsolicited – or “junk” – email. We’re not the first to try it: the US and Australia are among countries to pass anti-spam laws. Hopefully, we’ll learn from others’ mistakes.
The report opens with a section looking at the background to the issue, which is alarming. The anti-spam software company Brightmail estimates that “unsolicited bulk mail volumes” now account for 63 percent of all email traffic – up from only eight percent in mid-2001. TelstraClear, which uses the Brightmail software, reports that the proportion of inbound emails which were spam grew from 46 percent to 62 percent between October and December last year. Xtra has cited figures of up to 68 percent.
It’s more than simply annoying. A recent European Union study estimated the worldwide cost to Internet users of spam at around $NZ20 billion a year. The American firm Nucleus Research came up with an even higher figure: working on an average of 13.3 spam messages received each day by each of America’s 100 million office workers and calculating that they took six-and-a-half minutes to process, it arrived at a cost to the national economy of $US87 billion annually.
So, what to do? The first and most practical solution is, of course, technical. The big ISPs, either as a premium service or as a matter of course, filter spam as it arrives. But spam filters will never catch everything (and what the ISPs do catch clogs the network before it arrives). And if they do, they’re probably racking up an unacceptable number of false positives – blocked messages that aren’t really spam. You and I might differ on what we even consider spam.
The MED paper acknowledges that the law is just one part of a multi-pronged approach to dealing with the junk mail flood, but that it’s an important one. Most spam in New Zealanders’ inboxes comes from overseas, but we can’t sit on our hands as other countries legislate, and risk being seen as a soft touch for spammers in the future. The more compatible everyone’s anti-spam laws, the easier it will be to co-operate on enforcement.
Which is where we have a bit of a problem. America’s CAN-SPAM Act was one of the first laws of its kind – but since it was passed, junk email volumes from the US have rocketed. In part that’s because of a philosophical quirk in the law. It mandates an “opt-out” approach – meaning that spammers (usually citing earlier, fictional contact with their recipients) can keep on sending you penis-enlargement offers until you contact them and ask to be taken off their list.
Trouble is, clicking on any link in a spam email – even the one that says “click here to unsubscribe” – is precisely the wrong thing to do. It has the effect of validating your email address as that of a real human – raising its value and meaning it will be added to even more lists. Blacklists that ban mail servers associated with spam have their problems, too – it’s easy to have your server added to one in error, less so to get the erroneous entry deleted.
Our law will follow the Australian and European Union “opt-in” approach: you can only legitimately be contacted with bulk commercial email if you have explicitly consented to receive it. But the definition of consent is, as the MED paper notes, not clear-cut. If you have allowed someone to send you emails on one topic, have you consented to getting anything that party wants to send you? Have you consented by giving someone a business card with your email address on it? The Australian law seems vague on this.
It seems likely that we will follow Australia’s lead on transparency (the sender of the message must be accurately identified) and privacy (Australia bans the use of software that “harvests” addresses from the Internet, and of lists compiled in this way), but less likely that we will follow their lead in exempting political and religious organisations from the law.
The ministry is also seeking submissions on the questions of who should bring action under the law, what penalties should apply and whether (as seems likely) our law should cover not just email, but other forms of electronic communication, including fax and mobile text. It’s heartening that a law talked about for so long is finally starting to take shape.