FTC Goes After Spammers

klaun writes: "Yahoo has an article about the FTC launching a crackdown on deceptive unsolicited email. Basically they are after scammers offering easy money quick, not the average 'get porn here' type of spam. There is more info at the in a press release at the FTC's website." TheGreatGraySkwid amplifies, saying that this story "tells of an FTC crackdown on Spammers, that had resulted in charges (settled) against 7 chain-letter ring spammers, and several pending cases. I know I could use some Spam relief..." The settlement, unfortunately, isn't exactly stern stuff: the seven spammers "agreed to refrain from participating in deceptive schemes in the future, or lying about the legality or potential earnings from any such schemes."

Slap on the Wrist

[Renraku]

This is just a slap on the wrist for spammers. What they need to do is impose a per-email fine per recorded spam from a particular company, and if the violations keep stacking up, blacklist them from ISPs or start posting names/addresses of the spammers involved. All of those would be good. Ruin their reputation even more, take away most of their earnings, and make it damn hard for them to get decent internet access again. And if they do get internet access, it should be monitored for large amounts of outgoing mail. Maybe a per-day quota could be set up for the spammer.

Re:We need technical measures, not laws, for spam

[EisPick]

I think these senators don't comprehend the reality with spam

I think there's a glass houses problem here. Someone who makes no effort to understand how government works has no room to say others "don't comprehend the reality ...."
Neither senators nor new laws are mentioned in this article. This article is about the FTC -- an agency within the executive branch -- applying existing law to spammers.

The FTC is applying the same laws that prohibit mail fraud and phone fraud to email fraud. They're not prosecuting spammers, they're prosecuting people who engage in false or deceptive trade practices, regarless of the medium of communication they use.

Re:We need technical measures, not laws, for spam

[ichimunki]

I like the notion of a technical solution to the problem that doesn't rely on simply filtering falsified origins-- since that would eliminate a lot of virtually hosted domains. But another easily implemented technical idea would be to filter all mail based on three criteria: 1) belongs to an allowed list of from addresses (i.e. opt-in lists, friends, family, etc), 2) email contains a valid GnuPG/PGP signature from a key posted to one or more central keyservers, 3) email is encrypted using *my* public key.

Me too, but . . . Re:Just got this spam today....

[StefanJ]

I assumed that me email address had been used BY the spammer as a fake "From:" address.

That worried me more than actual spam. I'd hate to get falsely accused of sending out "HOT SCHOOLGIRL, GOAT, AND LHAPSO-APSO ACTION!" messages.

Re:Crackdowns Unsuccessful

[gfxguy]

Crackdowns on spam have been largely unsuccessful, partly because they pit concerns about privacy against free-speech issues.

I agree with the counterargument that, while you have the right to free speech, you don't have the right to force people to listen. In this case, often enough, the spammers coerce through deception into reading their message. Of course, I personally delete anything from anybody I don't know, but even then there have been spoofs from within my company (email seemingly from someone from my company). That guy stole my time, and even the ones I don't read have stolen my time to delete and add them to filters. When we start to realize that time is more valuable then money, that's when these time theives will get the punishment they deserve.

Frankly, telemarketers and spammers should be considered time thieves. I guarentee you that one of these guys, given six months to live, would want to waste their time with spam.

In addition, although many states have adopted anti-spam measures, spammers have argued that there is usually no way for them to know an e-mail recipient lives in a certain state where some types of junk e-mail are illegal.

That's why it should be illegal everywhere.

Re:Slap on the Wrist

[Matt - Duke '05]

This is just a slap on the wrist for Napster/Morpheus/[Insert P2P program here] users. What they need to do is impose a per download fine per copyright infrigement from a particular P2P user, and if the violations keep stacking up, blacklist them from ISPs or start posting names/addresses of the downloaders involved. All of those would be good. Ruin their reputation even more, take away most of the music/pictures/movies that isn't theirs, and make it damn hard for them to get decent internet access again. And if they do get internet access, it should be monitored for large amounts of incoming and outgoing traffic on the ports used by P2P programs. Maybe a per-day quota could be set up for the file sharer.

You can't have your cake and eat it too. Either the Internet is regulated or it is not. You can't ask the FTC to penalize and enforce the law on spammers when in the next breathe, you ask the government NOT to penalize and enforce the law on intellectual property/copyright.

You feel this way because someone is breaking a law designed to protect you, so you feel violated. Now, the innocent little P2P users may not be hurting you, but they are certainly infringing on laws designed to protect someone else.

Your logic is a great example of the selfish me-me-me whining prevalent in a majority of slashdot posters. Pirated software, MP3s, movies, etc are good because they benefit me!! Don't enforce the laws against this!! Spam is bad because although someone else is getting a free-ride, I am not. Enforce the laws against this!!

Now, I'm not saying by any means that P2P users are evil or should be prosecuted. I just think that before people run around asking for any statutory regulation of the net, they need to think about the flipside of the situation as well. Do you want the net regulated or don't you? You can't have the both and allowing any sort of regulation and enforcement (i.e. spam) only leads the government to further believe that the net should be regulated and all laws fully enforced.

Just my two pennies...

indecision and inaction

[gioan]

Wonderful. People committing clear financial fraud have to "play nice in the future." Oh great. I feel so much better. It's clear that uce@ftc.gov has less productive output than /dev/null.

This isn't about free speech, or "corporate right to send me ads if I opt-in." Don't worry, those companies make sure they pay someone to remind your senators that their god-given-right to send you ads should be permitted. Too bad the rest of the spam won't really let you work part time from home making $10,000/month while watching a legal cable descrambler, happy with a clear credit record, a really large penis, limitless virility, instant weight loss on demand, and the occasional degree from a prestigious unaccredited school.

There are two reasons spam continues. Welcome to economics:

a) there's still no effective financial deterrent to sending spam, regardless of whether it's ambiguously relevant direct marketing, or utter fraud
b) there is some financial benefit for the senders, regardless of amount

There are plenty of other things you could debate...such as when did spam become accepted? Was it when you -- yes YOU! -- made the unconscious decision that "just deleting" the message is OK. You don't have the time to follow up on the headers. If you're in one of the states that actually ban it, you don't have the time to do something...hell it's not worth the effort. It's just an email, right?
Think of this in another way: If random people each stole one cent out of your bank account every month, would you consider it worthwhile to pursue them? Would you want your bank to develop filters to block all small transactions? Would you think such a loss is unacceptable?

Quite honestly, the actions of civil libertarians and "we'll fix this with technology" advocates has not helped. I filter, you filter, we all delete. Guess what, spammers will continue to find ways around filters, so long as conditions A & B hold true. And every online provider will continue to spend lots of money trying to stop this crap. And every user will continue to hit delete. And people will constantly change email addresses to avoid it, spam filters will continue to mislabel valid email as spam. Stop dealing with the symptoms, deal with the problem!

This isn't a technology issue. You will never get every mail server, client, system, whatever to comply to a block-spam standard. Just look at how long it's taken to get even the basic don't-relay habits in place. This isn't a "but what if I want Amazon to send me my favorite buy-me-now specials." This is an issue that someone in power doesn't give enough of a damn to do something effective to create a financial deterrent that makes it preferrable for these people to steal your money some other way. And yes, unfortunately, we're talking legislation, otherwise you will not send a clear message or provide an effective deterrent. Inconsistency on this means ineffective.

Wow, looking back I'm feeling sorry for the rant. It's simply that this kind of cluelessness annoys me. Time to go delete a couple more messages.

Re:Let's get 'em all...

[jesser]

They simply tell a fib to get you to click on over to their site, which upon being rendered throws a half-dozen pop-up windows on the desktop. Let's aim higher rather than just taking out the con artists alone.

The FTC has gone after [idg.net] "trap" sites -- sites with extremely high numbers of pop-ups, or "hydra" ads. In that case, the domain names were misspellings of other popular domains, but I don't think it's a huge leap from misspelled domain names to misleading spam with forged headers.

I'd also like to see the FTC sue advertisers on both porn and non-porn sites that make their banner ads look like browser dialogs windows.

Re:We need technical measures, not laws, for spam

[walt-sjc]

People: Stoping spam by changing email standards WON'T WORK.

First, it will take YEARS to implement any new standard. If you don't believe me, look at IPv6!

Second, any scheme based on charging per email no matter WHAT the details of this scheme is NOT THE ANSWER. It totally hoses things like mailing lists, SMS, autoresponders, email based applications (send an email command, cause something to happen), kiosk email, etc., etc., etc.

Third, (stupid HashCash), how the hell do you hand out a business cards with your email on it and expect people to be able to communicate with you without jumping through hoops.

Bottom line is that SPAM is NOT a TECHNICAL PROBLEM. It's a SOCIAL PROBLEM, like murder, rape, theft, hate crimes, drugs, etc. The reason women don't get raped every time they walk out the door is because we have set moral and legal standards in our society. We need to set those same standards for spam.

No matter WHAT technical barriers you set up, you either make the system virtually unusable (whitelists, auto-responding password challenges,) impractical (hashcash, charging real money, etc.,) or impotent (spammers will find a way around filters...)

Just like we have laws against theft, rape, and murder, we need laws against spam. Sure, we still have some cases of rape, murder, and theft, but I would MUCH rather have a couple spams per year (that I may be able to recover $$$ damages on) than to have a police-state driven, hostile, and unusable email system. These "technological whiz-kid" solutions will screw us all rather than just screwing the spammers.

Think about it.