Legitimate spammers

It’s not the death penalty as demanded by Stephen Landsburg for hackers, but the nine-year sentence handed down to megaspammer Jeremy Jaynes should mark the beginning of the end for spammers physically located in the US. But that’s small comfort, since spam can be sent from anywhere. A less mobile target can be found in the businesses that ultimately sell stuff through spam. These include some very large firms indeed.

I was struck, a few months ago, by an article in the Kansas City Star (free subscrption required, reprinted from the Chicago Tribune), which details the activity of a spammer, Ryan Pitylak, selling various kinds of insurance. The money quote (literally) is

Completed forms, in turn, are sold to agents of legitimate companies, such as IndyMac Bank, ADT Security and MEGA Life and Health Insurance. The agents say they pay $3 to $7 for each referral. (emphasis added) I can’t see anything legitimate about a company that employs criminal methods in its business, while pretending to be at arms length from the whole thing. It seems pretty clear that the way to make this kind of spam uneconomical is to make the employers of spammers liable for civil action. Estimates of $2000/employee, mentioned in the story,may be a bit on the high side, but the economic damage done by spammers is immense – more than enough to put firms like those mentioned out of business if they were forced to bear their share of the bill.

I thought perhaps these firms might be unaware of how Pitylak was getting his referrals, so I emailed them with links to the story1. Of course, I got no reply.

It strikes me that John Edwards has a bit of free time on his hands and that, if there’s one thing that could make plaintiff lawyers universally popular, it would be a class action lawsuit against the employers of spammers. Put me down for $2000, please, John.

Of course, this wouldn’t work so well against the purveyors of generic viagra, penis enlargement and so on, where the businesses are just as fly-by-night as the spammers. But every little helps.

1 BTW, it’s surprisingly hard to locate corporate email addresses for the purpose of making complaints like this. Perhaps they’re afraid of being spammed.

8 thoughts on “Legitimate spammers

  1. I was struck, a few months ago, by an article in the Kansas City Star….

    ..which I was browsing. As you do.

    Myself, I also like to take in the Cheyenne Daily Sun and the Brown Daily Herald on days when I don’t start work before 6.30.

  2. Spam may be a nuisance, it may be against the law, but can it ever warrent a jail term? Deprivation of liberty is surely one of the harshest sanctions availible in western legal systems, I can see the need for its application in serious crimes. But Spam is not violent crime, its not property damage in any real sense, it doesn’t prevent others exersizing their rights, how can we morally justify imposing such penalty upon spammers? We hate spam, but is this sufficient grounds to warrant that level of sanction?

  3. Almost as bad as commercial spammers are those execrable outfits like C2 media who invade your computer with unwanted toolbars and popups. I guess we have to accept that the Internet is becoming as pervasively commercialised as free to air TV. But many of the popups are sleazy enticements to Internet gambling and Dating services. I wish the Christian Family lobby would get concerned about that.

  4. I think there are two important issues here. First, I agree with JQ’s point that large corporations that make spam profitable should be just as accountable as the actual spammers. The easy avoidance of responsibility is yet another deliberate feature of outsourcing and labour hire. Other examples currently in the news are aggressive debt collecting practices for phone bills. The phone companies obtain the benefit of those aggressive practices but escape liability by blaming outsourced collection agencies.

    Another example of corporations escaping responsibility is the banks’ deliberate selection of internet banking systems they knew would expose customers to phishing scams. All phishing scams could have been prevented if the banks wanted, using 2-factor security as the ATO and Telstra do. Instead the banks use simple username, password systems which attract more customers, benefiting the banks at the customer’s cost.

    The second point that’s interesting is the extent to which legislated penalties reflect sociological patterns of computer use. As Kieran B points out, the penalties are pretty stiff for the nature of the offence. If an advertising agency floods our mailbox with garbage catalogs, or illegally erects a giant billboard, no-one goes to jail. The reason spamming attracts such ire is that it’s an activity that, unlike many criminal actions, directly affects the professional middle classes, especially journalists, government and lawyers. In fact, it disproportionately affects them. Other parts of so-called cybercrime legislation reflect this imbalance too.

  5. Following on from Tony’s post:
    But it’s interesting that the object of the Virginia prosecution was a private individual, not a corporation. And that what made his offence a crime was the fact that he disguised his identity. Presumably an agent of a corporation would have got off more lightly, and as Tony says, the corporation would have distanced itself from the agent and avoided penalty.
    In the case of those blasted popups I was raving about earlier, one company supplies and instals the popup software onto your computer, and their clients are the advertising agencies, whose clients are the companies trying to flog things.

    In my neighbourhood shopping centre, there is a sign on a wall warning that the proprietors will prosecute The Instigators of any posted bills. Perhaps we need a class action against the suppliers of Internet gambling.

  6. While we’re busy prosecuting spammers, I’d like to add another group: academics spamming their conferences.
    Just because I’ve published a paper in one field of IT doesn’t mean I want to go to your conference in a totally unrelated field, thanks?

Comments are closed.