|Received:||6/14/2005 7:35:06 AM|
|Organization:||Cambridge Electronics Laboratories|
|Agency:||Federal Trade Commission|
|Rule:||Definitions, Implementation, and Reporting Requirements Under the CAN-SPAM Act|
|Attachment:||516736-00048.pdf Download Adobe Reader|
Comments:Please refer to the attachment <eat-spam.pdf> which will be placed in the public domain at <http://www.freesoftwaremagazine.com> in August 2005 and the draft RFC at <http://www.camblab.com/misc/univ_std.txt) which form the reasoned basis for the brief conclusions in this covering note. While the so-called CAN-SPAM Act and the proposed rule-making are welcome as indicators of official interest, I commend to the Commission the idea that these efforts are doomed to failure to achieve their objective (reducing spam's grave economic and security impacts) because they focus of technical solutions while ignoring a basic principle of human behavior known to everyone. This basic principle (actions have consequences) applies to every other area of human existence and forms the basis of civilization. The failure heretofore of standards bodies, and of the Congress in the abovementioned Act, to apply this principle to the Internet leads to the nightmare we face today. Therefore I propose that to the extent possible the measures specified in the two documents cited above be applied to your proposed rule-making, and further to your future recommendations to the Executive and Legislative branches as the failure of the Act and your rules becomes manifest. The five types of measures which must be adopted are: (1) Use of blocklists to refuse mail from polluting mailservers. If properly organized and announced, this measure has been proven to cause NO significant interruption to communications. This measure should be approved by official agencies like the FTC and by industry standards bodies. It is the sine qua non of exterminating spam. The logic of this measure is elaborated in the first cite above and a specific practical execution plan is elaborated in the second. (2) Service providers should be required (by the government and by industry standards bodies) to verify that all downstream users are non-polluters. Service providers shall not be deemed invading privacy by employing such verificatory measures. (3) ICANN and the RIRs must aggressively ensure the total accuracy and public accessibility of their databases. This will require amendment of the RIR charters. (4) Official agencies and industry bodies should encourage by the wording of their standards and policies that private litigants and litigant classes litigate against spam-enablers. Details are in the cited documents. (5) Pursue exemplary prosecutions. (6) Remove existing legal immunities which motivate service providers to ignore the pollution which they cause to the Internet. Simplify procedures to establish identities. Comparable measures in other areas of life (airline safety, drug use, credit availability) maintain grave threats at tolerably low levels as illustrated in the first citation. Their adoption vis-a-vis the Internet requires only a limited coordination effort so "everyone jumps at once". When that is done, the economic and security burdens of spam, viruses, DOS attacks, Trojans, phishes and the like will rapidly (months or days) diminish.