The other day I sat behind my computer, logged into my account on
Hotmail and was blown away by the number of unsolicited e-mails I had
received in one day. I have no doubt that many of you can empathize with
my situation and many of you have probably opted to use one of the many
available filtering software products to stop the spam. Now I can almost
hear your voices of sympathy echoing the condemnation of the spammers, but
please spare me. It only took me about 10 seconds to delete these unwanted
messages. I simply scanned the sender names and the titles, marked them,
and filed them under my most important folder: The trash folder.
As a matter of fact, I have become so adept at it that receiving spam
is no longer a source of anger. I have far more important things in life
to get angry about. So does that mean that I condone the spammers'
actions? Absolutely not. In fact I believe that there should be
appropriate punishment for their deeds. I also feel the same way about
child pornographers, financial scammers, and unauthorized cookie
depositors. But unfortunately the growing trend of these activities has
given rise to another disturbing trend: Online vigilantism.
MAPS
The headlines have been clogged with story upon story about the
Microsoft and Napster proceedings, but there is a lawsuit brewing in the
shadows whose ramifications might prove just as far reaching. Brought
about by Harris Interactive, Inc., the lawsuit alleges that Mail Abuse
Prevention System (MAPS) has unjustly added Harris' e-mail servers to its
blacklist of IP addresses, known as Real-time Blackhole List (RBL).
E-mails originating from Harris' poll database, and bound for Microsoft
and AOL users, are blocked by RBL. Harris' suit against Microsoft, AOL,
and MAPS represents a groundbreaking manner of dealing with mass e-mail
generation and distribution. It begs the question: Who is responsible for
saying what mail is allowed and what mail isn't?
MAPS started its life as a non-profit organization back in 1997 with
the intent to create a list of spam offenders and to offer the list to
anyone who wished to use it to block spammers. MAPS has grown considerably
since its inception and it now offers several lists, the most famous of
which is RBL with over 3,000 IP addresses. Over the years many small and
large companies have been added to list. Some have become permanent
prisoners in RBL while others have been able to negotiate their way out by
accepting the MAPS terms on e-mail policies, chief of which is the
closed-loop double opt-in. Two high-profile companies who made it to the
list but were eventually paroled are Ziff-Davis and ironically, AOL.
The problem with MAPS and the like is not their goals and objectives,
but their execution which can easily lend itself to abuse. Over the years
MAPS has become as feared in the online space as the Mob once was in the
streets of Chicago. Extortion, kickbacks, and corruption may not be easily
identified with MAPS today, but at the rate MAPS is garnering control and
power, such activities may not be too far away.
In defense of MAPS, they also offer some positive services. Take, for
instance, their open relay identification service through which they
identify e-mail servers with open relays that might have fallen victim to
spammers. In fact, a few months ago MAPS notified us of such a potential
within our network. They were right. One of our Linux servers had
inadvertently been left with an open relay allowing spammers to use it as
a jump-off point to send e-mails.
BUT, WHAT IF...?
MAPS contends that their list is private property and that it is no
one elses' business who they choose to include on this list. I would be
inclined to agree with their reasoning except for one major issue. RBL
usage has now reached a critical mass affecting millions of people. It can
no longer be regarded as a private list, and therefore it cannot be
allowed to continue its operation untethered. MAPS, however indirectly, is
regulating spammers. The question, however, is who is regulating MAPS?
Suppose a MAPS employee decides to add a TV station's site to the list
just because she doesn't approve of their programming. Or what if a true
spammers can get off the list by bribing someone at MAPS? Perhaps the
worst issue is that one person gets to define and control spam for the
rest of us. But what is spam? By some definitions, it is unsolicited
e-mail sent from one party to another. What if I sent an e-mail to a
cousin, inviting him to a family reunion? Does that mean that my cousin,
who may secretly hate me, can ask for my e-mail server to be black-listed?
What if I mistype someone's name and the e-mail is accidentally sent to
another person? Or what if a person who verbally agreed to be contacted at
a business meeting, forgets the agreement? Would we need a notarized
agreement from every party before we can e-mail them?
The point is that once a service has gained critical mass, the
potential for abuse can increase dramatically. A private list is private
so long as it is kept within the boundary of family and friends. But once
it breaks out into mainstream and turns into a business, it becomes a
public list with potential to damage. And that is when it needs to be
regulated and kept under scrutiny. Online vigilantism, while well meaning,
could be just as bad as the problem it wants to solve.
What do you think of online vigilantism? E-mail your comments to rhashemian@tmcnet.com.
You have my permission.
Robert Vahid Hashemian provides us with a healthy dose of reality
each month in his Reality Check column. Robert currently holds the
position of Director for TMCnet.com -- your online resource for CTI,
Internet telephony, and call center solutions. He can be reached at rhashemian@tmcnet.com.
[ Return
To The October 2000 Table Of Contents ] |