The CAN-SPAM bill examined
Posted Nov 26, 2003 14:48 UTC (Wed) by copsewood
Parent article: The CAN-SPAM bill examined
I think that appropriate law on this can have an effect if denial of service starts to be voluntarily operated against email services from IP ranges within countries that don't implement and enforce laws based on certain principles. I suggest these principles are likely to include:
a. Opt in. AnswerGuy's post suggests how a suitable list might be implemented from a technical point of view. This would place an extra burden on DNS administrators, but use of DNS wildcards to opt-out everyone using a particular ISP or domain by default might make a legislated opt-out provision effective if the authority tasked with implementation by the legislation accepts a wilcarded opt-out implemented by ISPs as meeting the requirements of the legislation.
b. Companies are considered accessories for computer crimes or breaches of ISP contracts by third parties used to propagate their marketing messages. A civil liability should apply in civil matters (breach of ISP contract) and a criminal offence should be prosecuted in respect of criminal matters (e.g. causing a mail-relay trojan to be installed). Something similar was done to shut down pirate radio in the UK coastal waters during the 1960ies. Without the advertising revenue to fund it, this activity dried up.
c. Use of forgery and deception to attempt to hide the message origin. Where there is systematic intent to perpetrate a fraud, including deliberately misleading bulk recipients as to the message orgin and the law has loopholes, these need to be tightened up.
to post comments)