![[Feedback]](/images/fb.gif){kind=small}
Background about Junkbusters
Acknowledgments · Databases and Privacy · Online Privacy · Spam · Additional Comments
Material added after the version submitted to the FTC is marked [Addendum: thus]. A few minor typographical corrections are not marked. The original version filed is Document No. 32 in project number P954807 and may be inspected at the FTC's offices in Washington, DC.
Many other submissions are available on the FTC's web site. Of the ones we read, we were particularly impressed by those of EPIC, Panix, Netcreations, the Center for Media Education, Russ Smith's Consumer Information Organization, David Sorkin, Ray Everett, and Ram Avrahami.
Background about Junkbusters
Junkbusters is a privately-held Delaware-registered for-profit corporation whose mission is to free consumers from junk communications of all kinds. Our web site (junkbusters.com) is visited by tens of thousands of people per month, despite the fact that we do not advertise. Since its opening in August [1996], the site has been featured in dozens of newspapers, magazines and other media organizations. The LA Times described it as a magnet for activists on the issue of junk email. Hundreds of individuals and organizations on the Web have linked to its pages. Each day visitors send Junkbusters email telling us how happy they are to find an organization dedicated to giving them individualized services to help them preserve their privacy; one thanked us for providing ``one-stop shopping'' for dejunking. Many express anger and frustration that they had suffered for so long because they lacked effective means to deal with junk and threats to their privacy.
In addition to publishing extensive and detailed information on how to stop all kinds of unwanted communications and disclosures, Junkbusters provides free individualized services and configurable software to help consumers regain their privacy. All these are free of charge.
The Internet Junkbuster TM allows users to control commercial communications to their web browser. It provides for selective blocking of ads, sites, cookies and the disclosure of sensitive information such as the email address and hardware/software configuration of the user's computer. Several thousand copies have been downloaded from Junkbusters' site, but the number in use is probably much larger because it is also distributed through many mirror sites around the world, and everyone is permitted to give copies to others under a very liberal license.
Junkbusters' flagship service, JUNKBUSTERS DECLARE SM allows consumers to state (in as much or as little detail as they want) exactly what kind of organizations they allow or encourage to send them mail. Some consumers publish the detailed ``No solicitations'' sign it produces on their home pages on the Web. These notices also state that they don't want their name sold without consent. The service also drafts opt-out letters for printing and mailing to direct marketers. Thousands of these letters have been generated and presumably mailed.
Junkbusters' service to deter junk email, JUNKBUSTERS SPAMOFF, builds a personalized ``No email solicitations'' notice that can be published on home pages. Part of this is a strongly-worded reply that can be sent to spammers, saying that they will have to pay $10 for each further piece of spam. It has become one of the most popular ways of fighting spam and is discussed favorably in many current articles on Usenet.
Junkbusters' alerts on cookies and other Web surveillance technologies include interactive tests that consumers can perform to assess what information is being disclosed by their particular computing environment. Many are shocked to find that their ISP is making their email address available to companies every time they click on a new page.
Junkbusters' goal is to be the leading consumer privacy resource on the Internet. Its rapid success can be taken as an indication of frustrated consumer demand for privacy.
Acknowledgments
This submission has benefited from discussions with many people, including Ram Avrahami, Robert Bulmash of Private Citizen, Julian Byrne, Pat Fahey of the Direct Marketing Association, Russ Smith, and consumers who have provided feedback to Junkbusters. This is not a claim to endorsement by any of these individuals or organizations; any shortcomings of this submission are the exclusive responsibility of Junkbusters.
Workshop One: Data Base Study -- Comment, P974806
Session One is titled
Computerized data bases containing sensitive consumer identifying information.
Even apparently innocuous information can pass up the information value chain to become part of uses that are plainly sensitive. Attempting to classify data bases as sensitive or non-sensitive is like trying to classify oil paintings as dark or light.
Much information is demographic and psychographic (lifestyle), but probably the largest amount of information comes from transaction behavior. For a recent assortment of lists based on transactions see a trade newspaper such as DM News. Rich data from the transaction may be available: some floral delivery companies record the ``occasion'' and recipient of gifts. Such information may be useful for both marketing and investigative purposes. Most of the top tier offer ``enhancement data'' such as whether pets are kept in the household.
On the Web, Cookies provide long-term identification of the browser, not the individual. With supplemental methods individual identity can be disclosed and subsequent visits attributed to that individual with some likelihood.
Consumers widely consider their Social Security Numbers to be sensitive, as the public outrage over P-TRAK demonstrated. Household income is another factor that the vast majority of consumers consider sensitive, but it is routinely provided to direct marketers without consent.
Consumers may change their ideas of what is sensitive as they discover how the information is being handled. For example, Ohio grandmother Beverly Dennis was happy to volunteer the fact that she lives alone and to name the personal care products that she used, until she discovered that this information was being key punched by a convicted rapist, who used it in a highly offensive letter expressing interest in visiting her after he was released.
For example, although few Americans would consider information about their country of birth to be sensitive, those whose relatives suffered as a result of the use of genealogical records by the Nazi regime of 1933-45 may not want such information propagated across thousands of commercially available databases.
Even a very diligent and rational assessment of risks may not adequately reflect the distress caused by the threats perceived by consumers, which may be real or imagined, exaggerated or understated. For example, some Americans object to the fact that extensive information about their financial history is now owned by a foreign company.
Another factor that a naive risk-benefit analysis may overlook is who is taking the risk and who is reaping the benefit. In most cases the consumer is taking the risk, and a company is reaping the benefit. Adding to this inequity is the fact that most consumers are unaware the specific risks to which they are being exposed, except for an unhappy few such as the grandmother who received a letter from a prison inmate.
Such procedures would impose additional (but in our opinion entirely justifiable) costs on the data base owners. A consumer might lose the benefit of a receiving a catalog that he would otherwise have ordered from, but who would try to tell such a person that the right to determine information held about him or her is being diminished for the greater good of commerce?
It strikes us as problematic to expect the government to determine on behalf of the entire public a break-even point at which privacy risks outweigh commercial benefits. What a government can more reasonably be expected to do is to give each citizen the means to discover risks imposed on them by others, and to transfer those risks back to their source in the form of legal liability and obligations.
The 1996 Equifax/Harris Consumer Privacy Survey found that 73% of the public would want their names removed from some lists if such procedures were available (only 44% were aware that any are available). We can conclude that the vast majority of American want to be able to assert some control over the data about them, but that most are unaware of the means to do this.
The Survey also estimates that some 25 million Americans (11%) want their names removed from absolutely all lists. That group can be assumed to perceive all possible benefits as nugatory compared to the risks, and to deem all non-consensual use as unacceptable.
Ram Avrahami's suit based on a Virginia statute concerning the use of a person's ``name or likeness'' is an example of legal interest being implicated.
For many commercial purposes aggregated data can be as effective as personally attributable data, but effort is required to determine this, and in the absence of compelling privacy concerns companies may not bother to try. But even where aggregated data delivers inferior results, this does not justify intruding into peoples' privacy. There are conceivably benefits that would be available to supermarkets if they could scan barcodes off peoples' foreheads, and by no other means, but this is not an adequate justification for subjecting consumers to involuntary tattooing.
See also the ethical distinction and the equity considerations raised in our answer to Question 1.11.
Supposing that the situation were vastly improved to the point where users could be determined, attempts to fix the use of data face intrinsic difficulties. Even with the best will and intentions, it is difficult in practice to restrict future use.
A more revealing question would be ``Is there an effective mechanism for an individual to remove his or her name from all data bases?'' The answer is clearly no, because there is no way of even finding out where half of them are.
As another example, AT&T Universal Card has won Baldridge Quality Awards for considerably improving the standards of credit reporting information, yet the number of errors under the best current practices in that industry still strikes the lay person as surprisingly high.
The Telecommunications Act of 1996 is one example where the use of data is restricted according to purpose. Data used from long-distance telephony must not be used for the purpose of marketing cellular service, for example. This is easily said but harder to carry out in practice.
It is extremely difficult to limit the use of information once entered into a database, even with the best intentions on the part of the owners. One of Larson's laws states that complementary data sets will be fused. Marketers are constantly coming up with new sources and uses for data, and it is impossible for them to anticipate every possible use. Rather than requiring them to do this it seems to us more reasonable to ask that they disclose which data are currently being used for which tasks, and for them to provide opt-out mechanisms from the data and the tasks.
The OECD's 1980 Guidelines on privacy are an obvious starting point. Very basic principles such as the right of data subjects to examine the data held about them need statutory support.
Some organizations advocate immediate legislation that would prohibit all non-consensual use. If introduced suddenly, such restrictions could cause considerable disruption to the direct marketing industry. Consumers who regard name ``sharing'' as a benefit would lose some of the ease of access they currently enjoy, or would at least have to take action to maintain it. Consumers would have to be informed about opt-in procedures, a process that would require time to implement. Switching straight from a system where no consent is required to one where affirmative consent is required would imply such enormous changes that we would counsel extreme care in the preparations for such a move. On the Internet opt-in is natural and the population is accustomed to a fast pace of change, but for the ``off-line'' world a more cautious course may be prudent.
Rather than jumping straight straight to an ``opt-in'' system, we would instead recommend as a first step the introduction of an ``opt-out'' system that gives those consumers who want to prohibit non-consensual use a simple way to do so. The best way we can think of doing this would be a mechanism similar to the one introduced around 1970 following 39 USC 3008. USPS Form 1500 already contains options allowing consumers to prohibit all pornographic mailings and to prohibit specific mailers; it could be expanded to include two additional options: one prohibiting all entities from non-consensual use of data about the subject, and another to prohibit disclosure by specific organizations. A statute would require every supplier of data on consumers to suppress the names of individuals that appear on either the ``blanket'' list or on lists specific to the particular supplier. The USPS already has mechanisms in place for distributing both general and company-specific information about individual households to the direct marketing industry, such as its general NCOA system and its specific prohibitory orders. Since the USPS is perhaps the greatest single beneficiary of the list trade business, it seems equitable for it to bear the costs of sustaining that trade in a manner acceptable to the public.
Individual owners of databases may choose to provide such mechanisms based on their own policies, such as Web-based opt-out procedures. The recent uproar over the Social Security Administration's policy and procedures for disclosing information over the Web can be taken as an illustration of technology showing up flaws in policy.
The natural reaction of many consumers to technologies that scavenge data about them is to avail themselves of technologies that promote anonymity. Our company's free software product, the Internet Junkbuster helps protect online consumers against many threats to their anonymity, such as cookies. It is discussed in Section 2.15.
See question 2.15 for comments relating to our privacy-enhancing Web software.
Most companies (including the commercial media, which is the source of information for the vast majority of people) actually have a disincentive to educate the public on this issue. If more Web users refuse cookies or discover that they can protect their privacy by filtering out banner advertisements for example, they could suffer a loss of revenue. Many large organizations including magazine publishers sell lists of their customers as an additional revenue stream, so ``opt out'' procedures do not feature prominently in their materials addressed to the public.
In November 1996 Privacy Journal commented ``News reporters are always ready to write the generic Orwellian privacy story that "views with alarm" the threat that computer databases pose to privacy... [but] when there are discrete newsworthy events that are part of this trend, where is the press?''
The FTC is already educating the public about various risks including privacy through its Web site and other communications channels, and we hope it will continue and extend this activity. The government clearly has a duty to inform consumers about threats to their privacy, as well as to give them the means to protect themselves.
Two: Online; Consumer Privacy 1997 -- Comment, P954807
We have been alerting consumers to the possibilities that web organizations may be ``synchronizing'' cookies: once a user's identity becomes known to a single company with a cookie set, it is technically possible for any of the others to discover identity with every visit to their sites. We know of no organization that currently admits to doing this, but many have the means and a strong economic incentive to do so, so we expect it is already happening or will be soon.
However, the claim made by some Web advertisers that their economic viability depends on cookies is not persuasive. As counter-evidence one advertiser, WebConnect, which is owned by a list broker, argues that cookies are unnecessary and often counterproductive in targeting.
Certain statistical techniques can often be used to extract individual information from apparently aggregated information. The U.S. Census uses sophisticated methods to alter aggregated information to thwart this; we are unaware of the extent to which these methods are used or even known to information vendors.
Some of these statements and agreements are bewilderingly complex, and revolve around the definition of what is attributable to the individual. On close examination many companies are found to be retaining the right to sell information about the household, which is unacceptable to many people.
There are attempts by various organizations to simplify these issues with what e-Trust calls trustmarks: graphics certifying a certain level of compliance.
The setup costs of offering choice are small; administration has some cost, and the list revenue foregone from people who opt-out is an opportunity cost.
At the
FTC's previous workshop one representative claimed
``cookies technology could be used by Web sites to facilitate
communication of consumers'
privacy preferences.''
Even though our
software
gives consumers the power to send any message they choose in cookies,
we don't consider that cookies will prove to be an appropriate vehicle
for this task,
because they are under the control of each separate Web server.
And we believe that the word ``privacy'' should be followed by the
words such as ``rights,'' ``requirements'' or ``instructions,''
not ``preferences.''
Spam factories claim to be able to send out millions of items per day. There is a widespread consensus that UCE started becoming widespread in 1995 and has grown considerably since then. [Addendum: In late April a major ISP announced its will form a trade association of spam factories.]
One factor that is easily measured is the number of public postings
mentioning
UCE.
An analysis conducted by
Junkbusters
using
Deja News
(an archiver of public online forums)
counted the number of times in a year that certain keywords were
appeared on Usenet postings indexed by that company.
The count:
sex: 651,186,
spam: 537,311,
Clinton: 373,417,
drugs: 264,153,
censorship: 115,384.
Assuming that the
processed meat product
also named
SPAM
accounts for only a small percentage of these discussions,
UCE
appears to rank high on the list of issues for the online population.
Are privacy ... interests implicated by this practice?
Certainly, even under the older definition of privacy as ``the right to be let alone.'' People have written to Junkbusters saying they get 50 or more items of UCE per day, and express a feeling of helplessness in stopping them. Consumers also dislike the idea of their email addresses being traded on lists without their consent (an example of the more modern conception of privacy).
In 1996 a single piece of
UCE
made hundreds of thousands of people feel their privacy was violated,
because it began with the assertion that the addressee was
on a list of people interested in
child pornography.
In this particular case the solicitation appears
to have been hoax in the sense that the sender was not genuinely
offering the articles for sale,
but the apprehension of the recipients is genuinely applicable in many
real cases.
Assuming it was a hoax victimizing the person named,
his privacy was certainly violated.
The
FBI
reported hundreds of calls due to this incident.
Are [other consumer]... interests implicated by this practice?
The practice concerns anyone who has an interest in the well-being of the Internet and electronic mail as a medium of communication between individuals. Consider the economics of a future where UCE becomes a marketing medium analogous to direct mail (which many businesses are trying to position it as). The number of direct mail articles sent in the US each year is currently approximately 70 billion, roughly one per day for each adult. The average cost of sending those articles is perhaps a dollar for paper and postage. If that average dollar were being spent on UCE instead, the average individual could expect about 10,000 items per day. Optimistically hoping for 99% accurate email filtering software, this would mean reading 100 unwanted messages a day (and losing some small number of wanted messages in the process). Even ignoring the burden such volumes would place on an already strained Internet infrastructure, email could turn from an efficient medium to a difficult chore or an unworkable burden.
Many people go to considerable efforts to conceal or disguise their email address because they believe that it will be difficult to stop UCE once their address is compromised. These efforts have intangible costs to both those people and to others who might have a legitimate reason to want to email them. The reluctance of some consumers to use email as a means of communicating with companies means lost opportunities such as lower transaction costs.
What are the sources of e-mail addresses used for this purpose?
Some on-line services provide directories of their customers' email addresses. Email addresses are often ``harvested'' from Web pages, Usenet groups, and other public machine-readable texts. This is an automated process performed by software packages. Only one such process we know of takes any heed of markings consumers often leave trying to indicate they don't want UCE. In a piece of UCE forwarded to Junkbusters by a consumer, the spammer claims to have software that can to extract 260,000 distinct addresses per hour. Its $100 price tag includes a bonus ``e-book'' titled How To Make Obscene Profits On The Internet. That asking price is high compared to competitors, which usually ask $30-$50.
The current primary beneficiaries are spam factories who are paid by individuals and small businesses to send it. Their customers are able to make their solicitations to consumers in numbers that they would not otherwise be able to afford to reach, but we see no evidence that consumers benefit because of this: online consumers have ample access to online purchasing opportunities. UCE is almost universally despised by consumers on the Internet: it and privacy were the top two concerns in the GVU Survey. Some larger companies are also concerned at the loss of productivity caused by their employees having to process junk email.
Some consumers incorrectly believe that certain email messages can introduce viruses into their computers. [Addendum: However, trojan horse attacks are possible if the recipient executes an attached program.]
At least one spam factory makes the specious claim that he is trying to save trees, but we are unaware of any evidence or even plausible economic mechanism to support the idea that an increase in UCE results in a decrease of direct mail. The history of advertising in suggests that new media tend to supplement rather than displace old media.
The fact that the addressee pays to receive UCE is the basis of JUNKBUSTERS SPAMOFF, where the addressee tells the sender that UCE is unwelcome and that the sender must pay $10 for each further item. Users report that such notices are relatively effective in convincing spammers to desist. Many people post such notices to the Web on their home pages, along with permissions that may assist class action suits against spammers. We believe that economic disincentives are likely to prove the only lasting way of discouraging would-be spammers. Spammers could easily circumvent legislation by routing their spam through other jurisdictions, and enforcement would face many other difficulties and deleterious side-effects. However, we wish that the FCC or other authority would end debate on the question of whether UCE is subject to the sanctions and restrictions of the TCPA.
As with any filter, there are inevitably errors of two types: items passed through that should not have, and items rejected that should have passed through. Both errors can cause grief, and there is an unavoidable tradeoff between them.
Some people reject messages without notifying the sender; others produce automated replies issuing one-time passwords and asking the sender to resend the item quoting the password. UCE thus burdens not only recipients, but legitimate senders also.
Several mail handling packages now include filtering features (performed at the time it is delivered to the user's computer). Among them are NetManage, Eudora Mail Pro, Claris Email, and Netscape Communicator. [Addendum: The spam factory Cyber Promotions also offers a filter for sale, a business strategy that its President, Sanford Wallace, has acknowledged as ``analogous to robbing a bank and then selling a security system.'' The distinction between this kind of enterprise and extortion through harassment is unclear to us.] Various software packages, such as Spam Hater attempt to track down the (often clandestine) address of the sender, and send the addressee's choice of text, such as threats of legal action. (Spammers often make their email appear to come from addresses other than their own: mostly from nonexistent addresses, occasionally from real but unrelated third parties.) Filtering can also be performed before it is delivered to the user's computer. This is the approach taken by AOL's ``Preferred mail.'' Some ISPs have instituted communal filtering systems; filters are also offered as part of mail aliases by non-ISPs.
Angry consumers often propose ``mailbombing'' spammers, but no responsible organization endorses such action.
The idea of imposing an ``impact fee'' on spammers has been proposed, in fact according to GVU over 16% responded in favor of this, versus 5.9% in favor of government regulation. But we have seen no credible proposal for how this might be done other than by private legal action.
All these measures remind us of the old saying that an ounce of prevention is worth a pound of cure. An exaggerated analogy may help clarify this principle: suppose that the EPA were to ask environmentalists whether there are technological developments that might serve the interests of owners of beach-front property who prefer not to receive oil spills. Doubtless there are, but no offshore barrier imaginable would be preferable to the obvious solution of discouraging oil companies from polluting in the first place. It is unfair to burden the consumer with the task of filtering large numbers of unwanted messages that they have to pay to receive, especially since the means of doing so are imperfect and impose further expense.
But the DMA's principles do not condemn the practice of sending UCE; they simply recommend doing so in a certain manner, such as making it easily identifiable as a solicitation and providing an opt-out mechanism. At first glance the DMA's position might sound fairly reasonable: they are saying that each company should be able to send one piece of UCE, but no more if they are told to desist. The danger is that if UCE becomes destigmatized, even in the restrained manner advocated by the DMA, there would be no economic reason for any business not to start sending large amounts of UCE, other than the fear of alienating the consumer, which is a strong factor only for the relatively small number of large established companies.
In an argument similar to that in our answer to question 2.16, assume that say, half of the US retail businesses connected to the Internet decide to send just one piece of UCE to half of the email addresses in the US. Each consumer could expect to receive at least 10,000 solicitations. The figure may be higher than this: the DMA's 3,700 members probably account for only a small fraction of all such organizations.
In our opinion the opt-out model is inappropriate for email; the only responsible way to market by email is through opt-in. Established companies have ample opportunity to tell consumers how they can request information on buying opportunities via email.
We consider the DMA's failure to condemn UCE to indicate their lack of consideration for how severely the public would suffer if it became widely used.
Additional Comments submitted after the Workshop
In questions to panelists at the Workshop, Commissioner Varney expressed interest in knowing more about the commingling of information from web site, traditional marketing and reference services. Commissioner Steiger's question of ``what's new'' about information services also attracted considerable discussion. The following recent developments may be of interest to the Commission.
In late June AP reported that Microsoft has formed a joint venture with First Data Corp. that will present bills to consumers and receive payment via the Internet. First Data is based in Omaha, NE, and maintains a database of more than than 160 million individuals and 10 million businesses nationwide.
The Microsoft Network announced separately earlier this year that it would be ``working with'' Metromail Corp., which sells ``demographic, geodemographic, psychographic and behavioral information on 95 percent of U.S. households'' and runs the ``nation's largest commercial lettershop operation.'' (A lettershop is a junk mail factory.) Metromail's On-Line Services division calls itself ``the premier source of content for reference services on the Internet.'' Their January 29 press release said that details of the arrangement are not being made public.
An article in Advertising Age titled Web publishers expect juicy revenues by selling user lists names two companies that sell email addresses (both with the addressee's consent), and one that sells the visitor's residential mailing address for traditional direct mail.
Metromail's http://www.cooloffers.com online coupon Web site asks consumers for both their email and postal address and instantly checks them against their database that includes almost all U.S. households. If the address doesn't match, they ask for corrections. The online behavior of those who make it through is added to their ``BehaviorBank'' database, which currently monitors 30 million households.
A product from Intelligent Interactions ``represents a step toward the integration of direct marketing data and the online world.'' Its President is has said that that the product ``allows us to take in third-party data and advertisers' lists, and overlay them with databases and lists of subscribers that visit a Web site.''
Acxiom Corp., listed on NASDAQ and headquartered in Conway, AR, has annual revenues exceeding $400 million. The firm says it aims to be ``the leading provider of information services for marketing and other selected information dependent applications.''
Acxiom's home page has a link marked ``Privacy Assured'' to http://www.acxiom.com/privdetl.htm -- its privacy policy. That page does not mention opt-out procedures or any specific restrictions on information use. However, in correspondence with one of Acxiom's consumer advocacy associates, Junkbusters was given several reassuring answers to specific questions. Consumers can opt out from Acxiom's proprietary databases by writing a letter to Acxiom, and even by email to info@acxiom.com. (Acxiom is the only major marketing information company that we are aware of that accepts opt-outs by email.) Acxiom also said it does not maintain the names of children.
Acxiom was not one of the group of companies that proposed self-regulatory measures for lookup services on 10 June 1997, but Acxiom told us they are considering applying them. At the time of writing we had not received a reply to our question of whether Acxiom currently sells SSNs. The page http://www.acxiom.com/interact.htm states it provides ``[g]ateway access to Trans Union's ReTRACE services'' which ``appends social security numbers to incoming name and address inquiries.'' [Addendum: The page was removed soon after this document was submitted.]
Acxiom recently announced a ``comprehensive marketing data bundle'' under the densely-bracketed name of ``(IB)Consumer InfoBase(TM)'s PowerPak(SM).'' It includes information on ``home market value, home equity, age, financial stability information, marital status, estimated income, length of residence, dwelling size, affluence code, credit card holders,'' together with financial information from Trans Union and psychographic information from Claritas.
Copyright © 1996-2005 Guidescope Inc ®. Copying and distribution permitted under the GNU General Public License. 2005/01/15 http://www.junkbusters.com/ftc.html