Seller of AOL List Gets Prison, LA Times,
8/18/05
A former America Online Inc. engineer who sold 92 million stolen
e-mail addresses to an alleged spammer was sentenced Wednesday to 15
months in prison, but spam fighters said the punishment was too
lenient to stem the flow of junk messages.
Jason Smathers, 25, pleaded guilty in February to hacking AOL's
customer database and selling the e-mail addresses of customers for
$28,000. His case was among the first prosecuted under the federal
anti-spam laws that took effect last year.
"The case is significant because it demonstrates the commitment of the
prosecutors to follow through" to crack down on spam, said Anne
Mitchell, president for the Institute for Spam and Internet Public
Policy. "But the actual length of the sentence is not all that
significant. It probably will not deter spammers at all."
...But the battle is far from won.
"The list that Smathers stole had 92 million e-mail addresses, and
it's still out there," Mitchell said. "Spammers are still using it."
...more
Most Users Now Safe from Spam, Dallas Morning News, 8/14/05
Ten years ago, a librarian posted a message on one of the first
online discussion groups devoted to battling spam.
"Is it just my imagination, or is the spamming rate suddenly picking
up?" she asked in August 1995.
It wasn't her imagination, of course. Spam has come to dominate
e-mail traffic, making up at least half of all messages transmitted
over the Internet - and morphing from mere online distrubance to
looming threat to productivity.
Yet for all of today's frustrations over unwanted e-mail, an uneasy
balance has been struck.
... "The average inbox doesn't have that much spam anymore," said Anne
Mitchell, chief executive of the Institute for Spam and Internet
Public Policy. "The end user would probably say the spam problem is
not so bad. They only get a few a day." ...more
Spam Block Has Its Own Ethical Issues, Boston Globe, 7/25/05
A couple of years ago, this column featured the prediction that the junk e-mail problem would be coming under control right about now. So much for clairvoyance.
Blue Security's system, called Blue Frog, is available free at bluesecurity.com. Blue Frog registers the user's e-mail address, then creates a dozen or so fake addresses linked to the real address. The phony addresses are ''honeypots," designed solely to trap spam. When junk mail turns up, the Blue Frog system analyzes the spam to identify not its sender, but the advertiser that uses the spam to sell his wares -- cheap Viagra tablets, for instance. These sleazy entrepreneurs put Web links in these e-mail messages, so they're easy to find.
Then Blue Frog generates a program that goes to the site's order page, and types in a message demanding an end to the e-mails. Every time a Blue Frog user gets a spam message at any of the honeypot addresses, the system automatically complains. Reshef is betting that if he can get a critical mass of 100,000 users, Blue Frog will overwhelm spam advertisers with a relentless barrage of complaints, eventually driving them right off the Internet.
It sounds deliciously nasty. But in the view of expert spam warriors, it's a lousy idea, and perhaps even illegal. "How the heck he got funding for this is a mystery to me," said Anne Mitchell, CEO of the Institute for Spam and Internet Public Policy.
For one thing, there's the risk of sending complaints to legitimate e-mailers, like banks or travel services. When a traditional spam filter makes a mistake, people don't get their credit card bills. If Blue Frog screws up, an honest company's website could be crushed under a landslide of gripes, and Blue Frog gets clobbered with a lawsuit.
Reshef said that Blue Frog uses human checkers to make sure that spam really is spam. But with billions of messages, good and bad, racing across the Net every day, the company can't manually check enough of them to do any good.
"Either they're not going to automate it, in which case it's never going to grow," said Mitchell, "or they are going to automate it, in which case it's going to start making mistakes." ...more
States Tackle Unsavory E-Mails, InternetNews.com, 7/18/04
Moving ahead with a program the feds didn't want to touch, Michigan
and Utah are will have e-mail registries to protect children from
unsavory content.
The "Child Protection Registry" is a database containing the e-mail
addresses that children use or have access to that will soon be off
limits to e-mail senders pitching deals on everything from pornography
to gambling to firearms.
...Anne Mitchell, president and CEO of the Institute for Spam and
Internet Public Policy (ISIPP), said it doesn't matter what e-mail
senders think of the laws in the two states that now make the
registries a reality.
It's critical to understand, she said, that this law is not a measure
to protect people from spam but an effort by state legislators to keep
unwanted material out of the hands of children.
"Their intent was to force online merchants to sort of clean up their
act and tow the line in the same way that bricks-and-mortar merchants
have had to in terms of their advertising models and whether they
target minors," Mitchell said. ...more
Commtouch Reports 60% of All Spam in March Originated
from the United States, TMCnet, 4/1/04
MOUNTAIN VIEW, Calif. - April 1, 2004-- 3 months after CAN-SPAM law enacted, no slow-down in spam volume
-- Head of Institute for Spam and Internet Public Policy sees more
concerted effort in prosecuting companies making a difference in the
long-run
Commtouch(R) (Nasdaq:CTCH), a global developer and provider of
proprietary anti-spam solutions featuring Recurrent Pattern Detection
(RPD)(TM) technology, said its spam detection center and Commtouch Spam
Lab saw a new record high of spam outbreaks and spam messages in the
month of March 2004.
Analyzing over one million spam messages in the month of March,
Commtouch identified spam being sent from Internet Protocol (IP)
addresses in 152 countries. The volume of spam email was greatest from
the following countries:
US - 60%
China - 6%
Korea - 5%
...
Said Anne P. Mitchell, president and CEO of the Institute for Spam and
Internet Public Policy: For the immediate future and long run, anti-spam
technologies that identify and block spam emails sent in large volumes
from anywhere on the globe, no matter their language, are useful and
will continue to be vital in the fight against spam. But legal processes
that can be set into motion now and result in the collection of damages
down the road is necessary to make spam an expensive proposition. The
fact is that the majority of spam is U.S.-based. With that acknowledged,
CAN-SPAM, which now empowers U.S. prosecutors to go after those that are
actually advertised in the spam emails, can in the long-run yield
verdicts that attach a high price to associating with spammers, and in
effect undermine the business of spam. ...more
First CAN-SPAM Suit Filed, Internet News.com, 3/5/04
A California ISP filed suit Friday in the first action under the recently
enacted federal Can Spam Act, naming BobVila.com as the defendant.
...Anne P. Mitchell, president and CEO at the Institute for Spam and
Internet Public Policy believes this lawsuit sends a message to e-mail
marketers that ISPs intend to fight back using the new federal law.
"I think that perhaps one of the most important aspects of this lawsuit
is that it was filed by an ISP, under Can Spam," she said. "That is
important for many reasons, not the least of which is that it
demonstrates that ISPs both can and should take action under Can Spam."
In fact, she thinks the lawsuit was a great idea.
"Hypertouch is to be applauded for standing up and saying 'not here, not
in our Internet space you don't'. If more ISPs would get involved on
this level, we'd make a much bigger dent in the spam situation much more
quickly," Mitchell said. ...more
Stop the Cash Flow, Kill the Spam, Wired News,
2/6/04
The entertainment industry manages to locate movie pirates, even
overseas. The government supposedly tracks terrorists' conversations
over the Internet. The IRS will find you if it wants to. So why the heck
can't we track down spammers?
Most spam experts say we don't have to -- not directly. The experts
don't agree on how spamming might end, but most say the answer isn't in
sophisticated tracking technology. It's in what's dear to the hearts of
spammers and the people who hate them: money.
...
"Spammers are using very sophisticated methods -- hijacking people's
open proxies, using open relays, zombies," said Anne Mitchell, president
of the Institute for Spam and Internet Public Policy. "It's very
difficult to find the sender, but if you have enough resources,
financial and person power, and the understanding to delve into, analyze
it -- it's not impossible."
Mitchell is an advocate of the new Can-Spam Act. She's particularly fond
of Section 6, which she helped write. Bypassing issues like zombie
computers and elusive spammers for hire, Section 6 targets the company
whose product is being sold, not the spammer.
"The vast majority of spam has a U.S. connection: the vendor. So you
don't have to go to Romania to find the spammer," Mitchell said. "It's
easier to find the vendors. When they are on the hook legally, they are
all too happy to point the finger at the spammer."
Little Hope Seen for Spam Relief, San Jose Mercury News, 1/24/04
New Federal Law Not Stopping Flood of Bulk E-Mail
E-mail users should be ready to keep zapping unwanted messages because
more spam is on the way.
...
"It will be a total failure," predicted Stanford University law
Professor Larry Lessig, speaking at the Spam and the Law conference this
week in Millbrae sponsored by the Institute for Spam and Internet Public
Policy. ......more
With This Law, You Can Spam, Wired News,
1/23/04
SAN FRANCISCO -- California lawyers and law enforcement officials
continued their assault on the Can-Spam Act Thursday, calling it
ineffective and warning attendees at a conference on spam and the law
that a solution to the spam scourge is still a distant dream.
Signed into law by President Bush on Dec. 16, 2003, the Controlling the
Assault of Non-Solicited Pornography and Marketing Act requires e-mail
marketers to include legitimate return addresses and opt-out information
in all e-mail messages that they send.
However, many in the technical and legal professions have questioned the
federal government's ability to enforce those restrictions and have
criticized the way the act supercedes stricter state laws.
"(Can-Spam) is an abomination at the federal level," said Stanford law
professor Lawrence Lessig to the more than 100 attendees at Thursday's
Spam and the Law conference. "It's ineffective and it's affirmatively
harmful because it preempts state legislation." ... ...more
Can-Spam Conference: How to Comply with a "Total
Failure", InternetNews.com, 1/24/04
SAN FRANCISCO -- The federal Can Spam act will be "a total failure,"
legal Internet authority Lawrence Lessig told an audience of Internet
service providers, e-mail service providers and spam-blocking companies
&&
[April 01, 2004]
Commtouch Reports 60% of All Spam in March Originated from the United
States
MOUNTAIN VIEW, Calif. --(Business Wire)-- April 1, 2004 -- Commtouch
(Nasdaq:CTCH)--
-- 3 months after CAN-SPAM law enacted, no slow-down in spam volume
-- Head of Institute for Spam and Internet Public Policy sees more
concerted effort in prosecuting companies making a difference in the
long-run
Commtouch(R) (Nasdaq:CTCH), a global developer and provider of
proprietary anti-spam solutions featuring Recurrent Pattern Detection
(RPD)(TM) technology, said its spam detection center and Commtouch Spam
Lab saw a new record high of spam outbreaks and spam messages in the
month of March 2004.
at the National Spam and the Law conference in San Francisco Thursday.
Lessig, a Stanford law professor, said the act won't stem the tide of
spam, variously estimated by the event's 12 speakers at 55, 60 and 77
percent of current e-mail transmissions. The act became effective
Jan. 1, setting in motion the first national standards for sending bulk
unsolicited commercial e-mail.
"The resources we have to enforce the act are modest," said California
Attorney General Bill Lockyer in the keynote speech. "My budget was cut
22 percent in the last four years." Lockyer asked audience members to
help by reporting abuses, to share anti-spam ideas, and to volunteer to
help the fight..
Most of the 100-plus audience members attended the conference, held by
the Institute for Spam and Internet Public Policy (ISIPP), to learn how
to comply with the act. About half identified themselves as commercial
mailers, some one-fifth as ISPs, and a brave two self-identified as
spammers. ......more
California 'Disempowered' by Federal Spam Law,
CNet News, 1/22/04
Californians will have less protection against spammers under a new
federal antispam law that recently superceded a stricter state law,
state Attorney General Bill Lockyer said Thursday.
...
"Thirty-four million people were disempowered by the enactment of that
act and left only the small resources of my office," Lockyer, a
Democrat, told a group of attorneys and antispam executives at the "Spam
and the Law" conference in San Francisco on Thursday morning. ......more
There's More Spam Out There Than Ever, KPIX, 1/22/04
Experts on spam at a conference in Millbrae said laws alone cannot stop
the onslaught.
The unwanted and sometimes offensive email is a bigger problem than
ever, despite a few federal law that went into effect this year. Spam
accounts for about 80% of the messages that some people receive, up from
about 60% last year.
"It's frustrating," said Michael Osterman, an Internet marketing
researcher who works out of his home. ... ...more
Leading Authority and Anti-Spam Expert Provides Her
Views..., CIPS Connections, 12/14/03
This week, Stephen Ibaraki, I.S.P., has an exclusive interview with the
internationally known, widely respected attorney, President and CEO ofthe Institute for Spam and Internet Public Policy (ISIPP), Anne
P. Mitchell Esq.
As an original founder of Habeas Inc., Anne Mitchell served as President
and CEO through its first year, establishing Habeas as an industry
leader and changing the face of whitelisting of legitimate email. In
addition, she served as the Director of Legal and Public Affairs for
Mail Abuse Prevention System, one of the original and most
well-respected anti-spam services on the Internet. Anne has actively
consulted on legislative anti-spam issues on a state and national
level. Mitchell is a graduate of Stanford Law School, a Professor of Law
at Lincoln Law School of San Jose, and a member of the California Bar.
Discussion:
Q: Anne, with your demanding schedule, we appreciate you taking the time
to do this interview - thank you.
A: And thank you so much for the opportunity to speak with you!
Q: You have a most remarkable career. Please describe the challenges,
successes, milestones, and the valuable lessons learned in each of your
roles.... ...more
Stuffing for the Tip Box, eWeek's Spencer Katt,
12/01/03
The Katt fills up on tech tips in preparation for the holiday.
As his co-workers scurried to meet holiday deadlines to produce this
issue of eWEEK, the prescient Puss procrastinated, knowing his
Thanksgiving routine consisted of a Banquet frozen turkey dinner, a case
of Schlitz and 500 hours of football.
...
Spence wondered if readers experiencing Post-Butterball Syndrome might
feel sympathy for their overstuffed mailboxes and wonder whether the new
federal anti-spam law will have any teeth. Spence recently asked
President and CEO Anne Mitchell of the Institute for Spam and Internet
Public Policy about the bill the prez is willing to sign. "Senders now
really need to understand the ramifications of hitting the send button,
and ISPs need a greater understanding of the rights and responsibilities
they face as well," said the Diva of Deliverability. "The law doesn't
preclude ISPs from reviewing or blocking mail, but now more than ever,
they need to be aware of the obligations and pitfalls they may face."
The ISIPP will host a conference titled "Spam and the Law" Jan. 22,
featuring Lawrence Lessig, among others. ... ...more
Senate OKs Wyden's spam bill, The Oregonian, 11/26/03
The legislation goes to the House next month, but consumer groups warn
that it would override stronger state laws
WASHINGTON -- The Senate gave final approval Tuesday to a bill written
by Sen. Ron Wyden, D-Ore., that would nationally regulate junk e-mail
for the first time.
...
But some experts say such fear is unjustified. Unlike smaller spammers,
professional marketing companies realize that flooding inboxes with spam
can alienate customers, said Anne Mitchell, president of the Institute
for Spam and Internet Public Policy
"The mainstream online senders are already trying to do the right
thing," Mitchell said.
Also, in a provision of the federal bill that has received little
attention, regulators could sue vendors that are advertised in illegal
spam. Previously, they had usually been able to hunt only for the
spammers, who can use technology to disguise their identities.
"If you can stop the vendors from paying spammers to vend on their
behalf, you have stopped one of the root causes," said Mitchell, who
helped write the amendment that would make vendors liable.... ...more
E-mail Tax May Help Stop Spam, Dayton Says,
Minnesota Star Tribune, 11/19/03
WASHINGTON, D.C. -- If Congress is going to stop unsolicited commercial
e-mail from swamping computer users, Sen. Mark Dayton says legislators
might need to consider "a minuscule tax" on e-mail.
"It's difficult to prevent the use of spam when there's no cost
associated with sending thousands, tens of thousands or even millions of
e-mails," Dayton, D-Minn., said in a recent conference call with reporters.
...
But Dayton's idea is being met with plenty of skepticism, too.
"Even if you find a way to realistically create an Internet usage fee or
tax, spammers will just find a way around it," said Anne Mitchell,
president of the Institute for Spam and Internet Public Policy, adding
that spammers could just use phony credit cards. "There is really no
mechanism set up that would actually cause them to have to pay the
money," she said.
...
Mitchell said the best way to stop spam is to "follow the money."
"The senders are only secondary," she said. "Go after the people who are
advertising their product through spam, because that's why spam
perpetuates."... ...more
Web Giants Move To Slash Spam, NY Post, 10/22/03
Sneaking, spamming, spoofing - it isn't the junk e-mail marketers who
are playing dirty these days. It's Internet companies.
Faced with a deluge of spam and angry customers, e-mail providers are
experimenting with more radical solutions. Though experts expect these
feints will cut down on junk messages, which make up about one-third of
all e-mail traffic, they warn that there's no panacea.
...
Both strategies will dam some spam, said Anne Mitchell, president of the
Institute for Spam and Internet Public Policy. But they're also
imperfect, labor-intensive solutions.
"E-mail is suppose to be simple, and this makes it complicated,"
Mitchell said. "But users are so fed up that they're demanding an
alternative with little to zero spam." ...more
Experts Disagree on Impact of Anti-Spam Law, CNET News,
9/20/03
Experts disagree over the impact of a new state law that targets
unsolicited bulk e-mails peddling everything from low mortgages to
Viagra that are clogging Californians' e-mail boxes.
Some say even if the law, scheduled to take effect Jan. 1, passes
expected court challenges, it's unlikely to stem the flow of spam.
...
But even though individuals can sue, experts say it would be a mistake
for spam victims to count on a windfall to buy, say, overpriced
California real estate.
"I don't think it's going to have much of an impact at all," said Anne
P. Mitchell, executive director of the Institute for Spam and Internet
Public Policy.
Companies that have some sort of relationship with a consumer may
continue to send mass mailings, she said. For example, Microsoft could
send unsolicited e-mail to everyone who has purchased a computer with a
Windows operating system or downloaded an update for that software.
Also, Mitchell said the section aimed at holding advertisers liable is
too vague. "It's just not specific enough."... ...more
Legislators Take Shots at Spam, Wired News, 9/25/03
Legislation to ban or limit spam is proliferating almost as rapidly as
the e-mails that promise to provide a slim, wealthy, well-endowed,
sexually satisfied life.
...
"One of the big advantages to this sort of legislation is that it
addresses the issue of spammers who hide their identity, are overseas or
are otherwise hard to ferret out," said Anne Mitchell, president of the
Institute for Spam and Internet Public Policy.
...
But Mitchell said she believes that the California bill won't withstand
vigorous legal challenge. "The language used states that someone who 'initiates' spam is liable
under the bill. 'Initiate' is defined as 'to cause to be sent.' That's
far too fuzzy, and a good attorney could defend a vendor out from under
that." ... ...more
Ode to Joy, eWeek's Spencer Katt, 9/22/03
Ah, the City by the Bay! Spence was there, yet again, this time for the
SunNetwork show and seeking a fix of McNealy one-liners.
...
Running up his cell phone bill, Spencer found time to chat with Anne
Mitchell, CEO of The Institute for Spam and Internet Public Policy. The
Digital Drudge was dying to know why she left her gig as CEO of Habeas,
the anti-spam company that embeds haiku poems in its e-mail delivery
solution. "Because I was asked to leave," said Mitchell. "They wanted to
bring in a CEO with more of a sales and marketing background." A frank
admission from Mitchell but an odd move by the company, considering the
unique knowledge of spam and the law possessed by Mitchell, the former
legal director for Mail Abuse Prevention Systems. Last week, as she
co-chaired an ISIPP-sponsored summit in Frisco, which produced a
cross-industry working group of top ISPs and spam-filtering companies,
she was jokingly dubbed "The Yenta of E-mail Deliverability." "Sounds
like poetry to me," laughed the Lynx. ... ...more
Email Summit Recommends Standards, Email Universe, 9/19/03
SAN FRANCISCO -- Recommendations for industry standards on email issues
including bounce handling, unsubscribe requests, publication of email
permissions requirements and communication between the sending and
receiving industries came out of the second summit of email-industry
executives Tuesday.
"The Summit was the most productive event of its sort that I've ever
attended," said George Bilbrey, vice president and general manager of
deliverability services for ReturnPath. "It provided both senders and
receivers a set of concrete steps they could take to improve the
deliverability of the legitimate mail that end users want." ... ...more
Anti-Spam Forces Prepare For Second Summit, InternetNews.com, 9/12/03
Hoping to wipe out the spam epidemic, ISPs, anti-spammers, and e-mail
marketers are scheduled to descend on Silicon Valley next week as part
of the Email Deliverability Summit II.
Sponsored by the Institute for Spam and Internet Public Policy (ISIPP),
spam-fighting software company Habeas and direct marketing agency Rapp
Digital Innovyx, the idea behind the summit is to bring together two
(usually opposing) sides of the spam debate. ... ...more
ISPs offering help against spam, Stockton Record, 9/4/03
Facing an increasingly hostile Internet -- with malicious computer
viruses afflicting systems worldwide and junk e-mail choking electronic
in boxes -- users are getting more help from service providers.
Where Web surfers once were expected to buy and apply their own spam
filters and anti-virus measures, companies such as InReach Internet in
Stockton and Galt's Softcom Internet Communications are providing
solutions for all their customers.
"I know very few ISPs of any size ... that aren't doing something,
because you can't operate without doing something," said Anne
P. Mitchell, executive director of the Institute for Spam and Internet
Public Policy. "It's a huge, huge problem."
...
While Parker could install security software on his own system to
achieve the same results, he likes that the work is done elsewhere.
"It protects us from a distance," he said. "... Anything that is bad is
on their computers, not ours."
Not that ISP anti-spam and virus systems are perfect, Mitchell said.
The automated systems produce varying amounts of false positives, "good
mail that gets tagged as spam."
"They don't realize the businesses that are harmed, seriously harmed, by
false positives," Mitchell said.
She recalled the case of a Macintosh news site that lost rights to its
domain name because the registration renewal e-mail had been blocked by
the company's ISP. In another case, an e-mail newsletter saw 10 percent
of its subscribers' deliveries bounce because the word "Viagra" -
frequently touted in spam messages - was used in an article. ... ...more
