1 / 25

Untouchable?: A Canadian Perspective on the Anti-Spam Battle

Untouchable?: A Canadian Perspective on the Anti-Spam Battle October 2004 Michael Geist Canada Research Chair in Internet & E-commerce Law University of Ottawa, Faculty of Law The Spam Myths spam originates offshore the delete key the private sector law is powerless

Patman
Download Presentation

Untouchable?: A Canadian Perspective on the Anti-Spam Battle

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Untouchable?:A Canadian Perspective on the Anti-Spam Battle October 2004 Michael Geist Canada Research Chair in Internet & E-commerce Law University of Ottawa, Faculty of Law

  2. The Spam Myths • spam originates offshore • the delete key • the private sector • law is powerless • canadian anti-spam legislation

  3. Outline • The spam problem • Three Phases of Dealing With Spam • Phase One - Spam as an Annoyance • Phase Two - The Three Anti-Spam Pillars • Phase Three - Getting Serious About Spam

  4. Spam Growth • Estimated Cost - $10 - 87 Billion/year • 70% of email now spam • 90% of S. Korean email now spam • AOL - Blocking over 2 billion spam per day • 75% of spam now uses HTML • Profitability at response rate under 0.0001% • Brightmail estimates $250 million in profitability for spammers in 2003

  5. Canadian Spam • 10 of the 200 spammers worldwide (Spamhaus ROKSO list) are Canadian • Top 200 spammers responsible for 90% of global spam • Sophos ranks Canada as top ten source of spam worldwide

  6. The Spam Problem • Cost shifting • Privacy • Intermediary effects • Deception and fraud • Lost e-commerce confidence • Lost e-communication confidence

  7. Phase One - Spam as an Annoyance • 1995 - 1999 • Anti-spam groups form • Sporadic legislative initiatives but emphasis on private sector leadership • Private sector legal tactics • Contract • Criminal • Trademark • Trespass • Private sector technical tactics - MAPS RBL, UDP • Public sector enforcement - FTC brings first action in 1998 • Spammers fight back with own suits

  8. Phase One - Spam as an Annoyance The federal government believes that its current policy and legal frameworks will continue to foster strong Internet growth and development in Canada while at the same time dealing adequately with computer abuse and criminal activity. Spam is but one of the new elements emerging from increased Internet growth and development. The government believes that an appropriate mix of policies and laws, consumer awareness, responsible Internet industry stakeholders and technological solutions is the best and most appropriate way to deal with behaviour in the new and evolving on-line environment. The government believes that Canada has this right mix today but will continue to monitor developments and consider changes if they are required. - Industry Canada, 1999

  9. Phase One - Spam as an Annoyance • Problem -- doesn’t work • Spam continues grow • Isolated private sector actions have limited deterrence value and are expensive • Inconsistent legislative proposals

  10. Phase Two - The Three Anti-Spam Pillars • 2000 - 2003 • Spam problem worsens • Focus shifts to three pillars • Technology • Education • Legal Solutions

  11. Phase Two - The Three Anti-Spam Pillars • Technology • Filters • Authentication • Problems: • Cost • False Positives (Solution worse than the problem) • Privacy • Spammer technological response

  12. Phase Two - The Three Anti-Spam Pillars • Education • Educate businesses via industry codes • Educate consumers on how to respond to spam • Problems: • Lack of legal weight to codes • Bad actors • Inconsistent consumer messaging - opt-in vs. opt-out

  13. Phase Two - The Three Anti-Spam Pillars • Legal Solutions • Global shift toward anti-spam legislation including US, Europe, Japan, South Korea, and Australia • Key provisions • Definitional issues • Private rights of action • Significant damages • Labeling requirements • Deceptive practices (headers, spoofing, etc.) • Email harvesting/Dictionary attacks • ISP immunity • Opt-out vs. opt-in • Do-not-spam lists • Commissioning spam

  14. Phase Two - The Three Anti-Spam Pillars • Legal Solutions - Canada • Consider prospect for anti-spam legislation in 2003 • Focus on four main legislative solutions • PIPEDA • Criminal Code • Competition Bureau, Fair Practices Branch • Telecommunications Act

  15. Phase Two - The Three Anti-Spam Pillars • PIPEDA • Email addresses as personally identifiable information • Respecting opt-outs • Harvesting email addresses • Accountability • Security

  16. Phase Two - The Three Anti-Spam Pillars • Competition Act • Sections 51(1) and 74.01 - false or misleading representations for purpose of promoting product or service • Significant fines • Could target: • False or deceptive headers • Content of certain email • FTC focused on deceptive practice legislation

  17. Phase Two - The Three Anti-Spam Pillars • Criminal Code • Section 380 -- fraud • Section 372(1) -- false messages • Section 342.1 -- fraudulently obtain computer service • Section 342.2 -- device for committing 342.1 • Could cover -- • Fraudulent spam • Unauthorized use of email servers • Email harvesting • Email harvesting software

  18. Phase Two - The Three Anti-Spam Pillars • Telecommunications Act • Section 41 -- CRTC order prohibiting unsolicited communications • No action yet from CRTC but theoretically section appears to cover spam

  19. Phase Two - The Three Anti-Spam Pillars • Problems • Enforcement challenges • Ineffective legislation • Unnecessary legislation?

  20. Phase Three - Getting Serious About Spam • 2004 - ?? • Anti-spam activity is an enforcement problem… NOT a legal or technological problem

  21. Phase Three - Getting Serious About Spam • The spam problem will get worse if nothing is done • Less email communication • Less e-commerce • More wireless spam • More IM spam (spim) • More phishing

  22. Phase Three - Getting Serious About Spam • Resourcing anti-spam efforts • Follow the money • National anti-spam actions • Canadian-specific action plan • Multinational enforcement co-operation • Australia - S. Korea model • Operation Secure Your Server • International organizations • ITU • WSIS • OECD • Contemplating legislative alternatives

  23. Untouchable?

  24. What are we prepared to do?

  25. Michael Geist mgeist@pobox.com

More Related