untouchable a canadian perspective on the anti spam battle l.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
Untouchable?: A Canadian Perspective on the Anti-Spam Battle PowerPoint Presentation
Download Presentation
Untouchable?: A Canadian Perspective on the Anti-Spam Battle

Loading in 2 Seconds...

play fullscreen
1 / 25

Untouchable?: A Canadian Perspective on the Anti-Spam Battle - PowerPoint PPT Presentation


  • 304 Views
  • Uploaded on

Untouchable?: A Canadian Perspective on the Anti-Spam Battle October 2004 Michael Geist Canada Research Chair in Internet & E-commerce Law University of Ottawa, Faculty of Law The Spam Myths spam originates offshore the delete key the private sector law is powerless

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'Untouchable?: A Canadian Perspective on the Anti-Spam Battle' - Patman


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
untouchable a canadian perspective on the anti spam battle

Untouchable?:A Canadian Perspective on the Anti-Spam Battle

October 2004

Michael Geist

Canada Research Chair in Internet & E-commerce Law

University of Ottawa, Faculty of Law

the spam myths
The Spam Myths
  • spam originates offshore
  • the delete key
  • the private sector
  • law is powerless
  • canadian anti-spam legislation
outline
Outline
  • The spam problem
  • Three Phases of Dealing With Spam
    • Phase One - Spam as an Annoyance
    • Phase Two - The Three Anti-Spam Pillars
    • Phase Three - Getting Serious About Spam
spam growth
Spam Growth
  • Estimated Cost - $10 - 87 Billion/year
  • 70% of email now spam
  • 90% of S. Korean email now spam
  • AOL - Blocking over 2 billion spam per day
  • 75% of spam now uses HTML
  • Profitability at response rate under 0.0001%
  • Brightmail estimates $250 million in profitability for spammers in 2003
canadian spam
Canadian Spam
  • 10 of the 200 spammers worldwide (Spamhaus ROKSO list) are Canadian
  • Top 200 spammers responsible for 90% of global spam
  • Sophos ranks Canada as top ten source of spam worldwide
the spam problem
The Spam Problem
  • Cost shifting
  • Privacy
  • Intermediary effects
  • Deception and fraud
  • Lost e-commerce confidence
  • Lost e-communication confidence
phase one spam as an annoyance
Phase One - Spam as an Annoyance
  • 1995 - 1999
  • Anti-spam groups form
  • Sporadic legislative initiatives but emphasis on private sector leadership
  • Private sector legal tactics
    • Contract
    • Criminal
    • Trademark
    • Trespass
  • Private sector technical tactics - MAPS RBL, UDP
  • Public sector enforcement - FTC brings first action in 1998
  • Spammers fight back with own suits
phase one spam as an annoyance8
Phase One - Spam as an Annoyance

The federal government believes that its current policy and legal frameworks will continue to foster strong Internet growth and development in Canada while at the same time dealing adequately with computer abuse and criminal activity. Spam is but one of the new elements emerging from increased Internet growth and development. The government believes that an appropriate mix of policies and laws, consumer awareness, responsible Internet industry stakeholders and technological solutions is the best and most appropriate way to deal with behaviour in the new and evolving on-line environment. The government believes that Canada has this right mix today but will continue to monitor developments and consider changes if they are required.

- Industry Canada, 1999

phase one spam as an annoyance9
Phase One - Spam as an Annoyance
  • Problem -- doesn’t work
    • Spam continues grow
    • Isolated private sector actions have limited deterrence value and are expensive
    • Inconsistent legislative proposals
phase two the three anti spam pillars
Phase Two - The Three Anti-Spam Pillars
  • 2000 - 2003
  • Spam problem worsens
  • Focus shifts to three pillars
    • Technology
    • Education
    • Legal Solutions
phase two the three anti spam pillars11
Phase Two - The Three Anti-Spam Pillars
  • Technology
    • Filters
    • Authentication
  • Problems:
    • Cost
    • False Positives (Solution worse than the problem)
    • Privacy
    • Spammer technological response
phase two the three anti spam pillars12
Phase Two - The Three Anti-Spam Pillars
  • Education
    • Educate businesses via industry codes
    • Educate consumers on how to respond to spam
  • Problems:
    • Lack of legal weight to codes
    • Bad actors
    • Inconsistent consumer messaging - opt-in vs. opt-out
phase two the three anti spam pillars13
Phase Two - The Three Anti-Spam Pillars
  • Legal Solutions
    • Global shift toward anti-spam legislation including US, Europe, Japan, South Korea, and Australia
  • Key provisions
    • Definitional issues
    • Private rights of action
    • Significant damages
    • Labeling requirements
    • Deceptive practices (headers, spoofing, etc.)
    • Email harvesting/Dictionary attacks
    • ISP immunity
    • Opt-out vs. opt-in
    • Do-not-spam lists
    • Commissioning spam
phase two the three anti spam pillars14
Phase Two - The Three Anti-Spam Pillars
  • Legal Solutions - Canada
  • Consider prospect for anti-spam legislation in 2003
  • Focus on four main legislative solutions
    • PIPEDA
    • Criminal Code
    • Competition Bureau, Fair Practices Branch
    • Telecommunications Act
phase two the three anti spam pillars15
Phase Two - The Three Anti-Spam Pillars
  • PIPEDA
    • Email addresses as personally identifiable information
    • Respecting opt-outs
    • Harvesting email addresses
    • Accountability
    • Security
phase two the three anti spam pillars16
Phase Two - The Three Anti-Spam Pillars
  • Competition Act
    • Sections 51(1) and 74.01 - false or misleading representations for purpose of promoting product or service
    • Significant fines
  • Could target:
    • False or deceptive headers
    • Content of certain email
  • FTC focused on deceptive practice legislation
phase two the three anti spam pillars17
Phase Two - The Three Anti-Spam Pillars
  • Criminal Code
    • Section 380 -- fraud
    • Section 372(1) -- false messages
    • Section 342.1 -- fraudulently obtain computer service
    • Section 342.2 -- device for committing 342.1
  • Could cover --
    • Fraudulent spam
    • Unauthorized use of email servers
    • Email harvesting
    • Email harvesting software
phase two the three anti spam pillars18
Phase Two - The Three Anti-Spam Pillars
  • Telecommunications Act
    • Section 41 -- CRTC order prohibiting unsolicited communications
    • No action yet from CRTC but theoretically section appears to cover spam
phase two the three anti spam pillars19
Phase Two - The Three Anti-Spam Pillars
  • Problems
    • Enforcement challenges
    • Ineffective legislation
    • Unnecessary legislation?
phase three getting serious about spam
Phase Three - Getting Serious About Spam
  • 2004 - ??
  • Anti-spam activity is an enforcement problem…

NOT a legal or technological problem

phase three getting serious about spam21
Phase Three - Getting Serious About Spam
  • The spam problem will get worse if nothing is done
    • Less email communication
    • Less e-commerce
    • More wireless spam
    • More IM spam (spim)
    • More phishing
phase three getting serious about spam22
Phase Three - Getting Serious About Spam
  • Resourcing anti-spam efforts
  • Follow the money
  • National anti-spam actions
    • Canadian-specific action plan
  • Multinational enforcement co-operation
    • Australia - S. Korea model
    • Operation Secure Your Server
  • International organizations
    • ITU
    • WSIS
    • OECD
  • Contemplating legislative alternatives
slide25
Michael Geist

mgeist@pobox.com