September 6, 2007 7:42am by David Farrar

The anti-spam law

I’ve been very involved with the anti-spam law development for several years.  In 2004 InternetNZ had finally got over dealing with the issues of how to run .nz, had sold Domainz and was starting to look at wider Internet issues and spam was high up the list of issues most affecting good use of the Internet.

I personally loathe spammers with a passion.  They started by spamming Usenet, then went for e-mail spam and now do blog spam. I can’t even estimate how much of my time gets used up dealing with spam.   Seriously – give me a gun and a spammer and you’ll have one dead spammer, and best of all no jury would ever convict me.

I raised the issue of a law in June 2004 at a conference and recall the then Minister, Paul Swain, being unenthusiastic about such a law. His successor, David Cunliffe, was far more supportive of taking action.  He has in fact been great to work with on the issue.

As we researched more into the spam area, and talked to ISPs, to anti-spam technology companies, to other Governments, to international anti-spam groups, we found that there was close to universal consenus on the elements needed to effectively combat spam.  They are:

  • Education
  • Technology
  • Industry Self-Regulation
  • Legislation
  • International Co-operation

It was made very clear that there is no one easy solution. No one element works by itself. Education about never responding to spam is essential, but as spam can be profitable if just 1 in 10 million people reply, that will never stop it alone.

Technology is great, but Brightmail for example said they will never win the war by themselves as  it is like am arms race, where spammers always find ways around filters and filters have to adjust.  Also technology only blocks spam from consumer, does not stop spam, and the false positive rate is an issue with some products.

This is why legislation and international co-operation play a part.  And the two are very linked together. Firstly it is important to state that spam is illegal, so action can be taken against spammers.  It is a grievous breach of our property rights and a form of theft.

Secondly most spam is international in nature.  The sender can be in one country, the website in another.  The domain name registration in a third and  credit card processing in a 4th.  At an OECD workshop on spam I attended, the US Federal Trade Commission said that they sometimes need to file a dozen search warrants in four or five different countries, over a period of a week or so -in order to track down and prosecute a major spammer.

Our legislation is partly about us being able to  co-operate with overseas agencies when there is a NZ link.  And there is sometimes.  For example I had reported to me from Spamhaus earlier this year that the No 1 spammer in the world was using a NZer and NZ registered company to act as its domain name registrar to allow it to open and close spamming websites constantly.  If the law had been in force then, someone on the North Shore would have had a knock on their door from someone with a search warrant, and she may have been able to provide evidence to track down the No 1 spammer and prosecute him.

Again none of this will stop most spam, but just as child porn is not stopped by anti-child porn laws, that is not a reason not to have them. And as almost the last country in the OECD to have anti-spam laws, we won’t want to end up as a refuge for spammers driven out of every other OECD country.

I also don’t regard it as being at all a bad thing that NZ companies have to be more careful about checking they get consent before they add you to their mailing list.  I’ve had several companies or organisations add me to their weekly newsletter list simply because I dealt with them commercially on an unrelated issue.

Having said that, many companies are over-reacting to the new law by asking people to opt back in.  My polling company has a mailing list for our free public monthly newsletter on public polls. I have not e-mailed the subscribers asking them whether or not they wish to be on the list. Why?

Because I have already been following the new law by only having people on the list who have asked to go on it.  You can only get on there by using the website to double opt in.  And each message has a footer telling you how to unsubscribe.  So if you have been following best practice with your e-mail lists, the new law basically should not affect you.

The last three years for me has been chairing or attending several seminars on spam and spam laws, having visited the Australian anti-spam agency, having helped MED draft the law, having submitted desired changes to the Select Committee (all of which were taken up) and having also worked with DIA on setting up the new agency, I’m very pleased to see the law take effect.  Partly because I can now retire from active involvement in this issue, but mainly because in a very small modest way, it will help in the battle against spam.

I should also point out that while I have taken a lead role within InternetNZ in regards to the fight against spam, the true champion who provided so much time, expertise and credibility has been Dunedin’s David Harris, the inventor of Pegasus Mail.  My loathing for spammers is mild compared to the other David’s 🙂

Related Stories

  1. 1st Australian spam conviction
  2. Fine the zombie owners?
  3. Aussie Spammer fined $6.5 million

Comments (8)

Login to comment or vote

Add a Comment