JUNKBUSTERS Links to Other Resources

  About this collection

New Scientist published the URL of this page as a source of ``more information than you could ever need'' about junk communications. Our aim is to help you find whatever you need to know about how to control them.

1. Suggestions for additions to this list are welcome. Please tell us via our feedback form.
2. Recently added links are often placed in our What's News page before being moved here.
3. Many links that mention us are given in our What They Say page instead of here.
4. Nothing here is an endorsement, and we don't guarantee the information is accurate.

The wide scope of these links reflects the variety of kinds of junk and the reasons why it is judged as such. The main reasons it is disliked are personal privacy and the environment. Some people advocate dejunking on principle, for reasons ranging from the practical to the spiritual.

  New and Noteworthy

In Life's Little Annoyances : True Tales of People Who Just Can't Take It Anymore New York Time reporter Ian Urbina examines reactions to telemarketing (including ours).

Ace Washington Post reporter Robert O'Harrow, Jr. analyses the ``security-industrial complex'' in No Place to Hide: Behind the Scenes of Our Emerging Surveillance Society. [rave review on Wired]

From Brian McWilliams comes Spam Kings: The Real Story Behind the High-Rolling Hucksters Pushing Porn, Pills. Junkbusters President Jason Catlett wrote on the jacket blurb:

"Like a deep-sea photographer, McWilliams brings us a shocking series of portraits of the bizzare creatures feeding and fighting at the bottom of the Internet. Anyone who has wondered what kind of person would send spam can find the answer here. The truth is stranger than fiction, and more disturbing, as their tentacles reach us daily.

From Evan Hendricks comes Credit Scores & Credit Reports: How The System Really Works, What You Can Do. See more on the http://www.creditscoresandcreditreports.com/ Web site.

In The Naked Crowd: Reclaiming Security and Freedom in an Anxious Age Jeffrey Rosen ``makes an impassioned argument about how to preserve freedom, privacy, and security in a post-9/11 world.''

From consumer activist Jamie Court comes Corporateering: How Corporate Power Steals Your Personal Freedom And What You Can Do About It. Court coined the term corporateering.

An excerpt from The Skiptracer's Little Black Book by Robert Scott: ``Here's a little known secret of veteran skiptracers: many of the largest finance and retail comanies in American [sic] will share phone, address and other information on their delinquent customers or "skips" with other creditors and their representatives.'' Many other how-to books on how to invade privacy are available from BRB Publications, Inc.

The Privacy Payoff: How Successful Business Build Customer Trust by Ann Cavoukian and Tyler Hamilton is aimed at business who want to avoid scandals and gain advantages from privacy. The book's web site includes an excerpt. An earlier book by Ann Cavoukian and Don Tapscott called Who knows: safeguarding your privacy in a networked world has been republished in a U.S. edition. [A review] Other papers by Cavoukian, who is the Privacy Commissioner for Ontario, include Privacy: The Key to Electronic Commerce and Data Mining: Staking a Claim on Your Privacy. Her office has also published a Privacy Diagnostic Tool (PDT), a self-assessment program used to help businesses gauge their privacy readiness.

Several new books about online privacy have been published recently. Internet Privacy for Dummies is by John R. Levine , Ray Everett-Church and Gregg Stebben . Also Protect Your Digital Privacy: Survival Skills for the Information Age by Glee Harrah Cady and Pat McGregor, which says it is ``a practical guide for the general Internet user... who'd like to know more about keeping his information private online and off.'' [Authors' description] Also World Without Secrets: Business, Crime and Privacy in the Age of Ubiquitous Computing by Richard Hunter.

(The following book review was written by Junkbusters President Jason Catlett.)

The Hundredth Window by TRUSTe founders Charles Jennings and Lori Fena is a clumsy attempt to push the privacy debate in America back a few years. Take one of the few mentions of the role of regulation in protecting privacy: ``Unfortunately, generic government laws are of little help in moving these kinds of notions forward.'' (p.143) Three decades of history of law and information technology in the US and other countries is simply ignored. Within the space of a single paragraph of opinion, Jennings and Fena glibly dismiss the role of democracy: ``So, with our governmental leaders on the sidelines, are there new rules that online businesses themselves should adopt as core elements of a personal data exchange?'' The answer given is the Online Privacy Alliance's self-regulatory guidelines, which were proposed to forestall legislation.

If any doubt remains that this book is what Silicon Valley's marketing departments would like American consumers to believe about privacy, try reading the following advice out loud without smiling or sounding sarcastic.

Tell the truth. When you find a company or website you can trust, be as open and honest as you can, especially when such information can help provide you with better, more personalized service. ... Failing to give correct information to Excite or Yahoo!--known to us to be trustworthy information partners--would be foolish. (p.16)

Control your data. The greater your personal mastery of your own [personal information] the more valuable that data will be to you. The converse is true as well. [What does this mean?]
Never exchange data without getting something of value in return. [This isn't advice for protecting privacy, it's an excuse for giving it up.]

They argue that with so much information accessible through the Internet, we now need to think of privacy less as an inalienable right and more as a personal skill to be practiced and sharpened regularly.

They argue that because so much information published through the Internet can be blocked, we now need to think of free speech less as an inalienable right and more as a personal skill to be practiced and sharpened regularly.

The dust-jacket endorsement from industry lobbyist Christine Varney suggests that consumers should knowingly compromise their own privacy, accept this as the price of ``personalization,'' and to be deluded into thinking this is acceptable because it was a ``choice.''

Charles Jennings and Lori Fena have provided the first roadmap to navigating the digital age without unknowingly compromising your privacy. They help us to understand the trade-offs between privacy and personalization, and how to make choices that work.

The blurb then goes on to suggest that if consumers deal with large companies, their privacy will be protected through TRUSTe, an organization that the authors helped found. Recent experience suggests that large companies have not protected privacy, and that TRUSTe has failed to require sufficiently high standards or to censure companies when they violate privacy.

Rather, they explain how to become a privacy-savvy user of the Internet and present an overall strategy for finding out who is trustworthy. Many leading companies on the Web, including Microsoft, Yahoo!, America Online, and eBay have signed with TRUSTe to monitor and provide customers with assurances that they are complying with their standards for privacy protection.

The Wall Street Journal, not known as a bleeding-heart liberal apologist, said ``...this book jumbles together horror stories of corporate and government invasion with some useful ideas on self-protection. It pushes rather too intently for industry self-regulation when there is clearly a role for government as well.'' (2000/10/30)

This book is weak excuse for abandoning legal privacy rights. Try one of the year's other three excellent books instead. [Reviews in Industry Standard]

1. The Unwanted Gaze: the Destruction of Privacy in America by Jeffrey Rosen, is a page-turning account of the failure of privacy law to keep up with technology and other infringing public goods. Drawing on examples from the 18th century to Monica Lewinsky, Rosen's analysis is at once witty and scholarly: ``Most of us, thankfully, will never have an affair with the President,... [nevertheless,] many Americans have their e-mail or Internet browsing habits minored at work... (p.13)'' ``Privacy, in an age of primitive technology, was largely a function of inefficiencies in technology of monitoring and searching.'' (p.57) (For a sample see the New York Times article The Eroded Self.) [Slashdot Review]
2. For a technological view on privacy, read Database Nation: The Death of Privacy in the 21st Century (formerly titled 2048) by Simson Garfinkel, published by O'Reilly books.
3. From Privacy Journal's Robert Ellis Smith comes Ben Franklin's Web site, a superb historical panorama of American privacy. [Review]

A chapter on privacy in Code and other laws of cyberspace. by Lawrence Lessig advocates a property right in privacy. [Review by Declan McCullagh] Perhaps best known for his appointment as the ``special master'' in the antitrust case of US v. Microsoft Lessig wrote in Wired 5.07 and elsewhere that ``software code - more than law - defines the true parameters of freedom in cyberspace.'' More recently this thesis appeared as The Code Is the Law in the Industry Standard, which also published Coding Privacy and satirical piece titled Memo to the Leviathan. We see cookies and freedom from the surveillance of advertisers as an example of his thesis. In Wired 6.03 he is further quoted: ``the question of what the architecture of cyberspace should be is not a neutral question. We need to think about it in political terms.'' Code's chapter on privacy, which seems to endorse P3P as the best prospect, has been sharply criticized by EPIC's Marc Rotenberg.

The villain of High Stakes, No Prisoners: A Winner's Tale of Greed and Glory in the Internet Wars by Charles H. Ferguson is Microsoft, one of our least-loved companies.

In Coercion: Why We Listen to What They Say Douglas Rushkoff argues that "Corporations and consumers are in a coercive arms race... Every effort we make to regain authority over our actions is met by an even greater effort to usurp it." Related: The Conquest of Cool: Business Culture, Counterculture, and the Rise of Hip Consumerism by Thomas Frank.

From Adbusters: Culture Jam: the uncooling of America by Kalle Lasn . ``The United States of America was born of a revolt not just against British monarchs and the British parliament but against British corporations,'' says Lasn, citing the British East India Company's tea monopoly. Lasn concludes: ``We, the people, have lost control. Corporations, these legal fictions that we ourselves created two centuries ago, now have more rights, freedoms and powers than we do.

In When Corporations Rule the World David C. Korten argues that ``The continued quest for economic growth as the organizing principle of public policy is accelerating the breakdown of the ecosystem's regenerative capacities and the social fabric that sustains human community; at the same time it is intensifying the competition for resources between the rich and poor--a competition that the poor invariably lose.'' (p.11) He blames advertisers who ``assure us their products will make us whole'' for making us need more money, which causes social alienation, which makes us more susceptible to advertisers. (Figure 21.1)

Our purpose is to consume--we are born to shop. Entranced by the siren song of the market, we consistently undervalue the life energy that we put into obtaining money and overvalue the expected life energy gains from spending it. The more we give our life energies over to money, the more power we yield to the institutions that control our access both to it and to those things that it will buy. Yielding such power serves the corporate interest well, because corporations are creatures of money. It serves our human interest poorly, because we are creatures of nature and spirit. (p. 266.)

In an essay titled the Birth of Mental Environmentalism about freedom in the mental realm, Lasn writes:

It's hard to define exactly, but it has a lot to do with privacy - the right to walk into a bank or a mall or a sports stadium without having your picture taken, to work in an office without having your correspondence secretly recorded, to drive around without being tracked by hidden video cameras. It has to do with dignity - the feeling that you can move through the culturescape and feel like an individual, alive and unique, instead of a datapoint or content receiver or consumer drone. It has to do with reserving the right to beg out of the corporate panopticon.

From Seth Godin: Unleashing the Ideavirus. Its thesis: ``We live in a world where consumers actively resist marketing. So it's imperative to stop marketing at people. The idea is to create an environment where consumers will market to each other.'' His previous book was: Permission Marketing: Turning Strangers into Friends, and Friends into Customers. [Summary] [More from Godin]

The End of Privacy by Reg Whitaker ``shows how vast amounts of personal information are moving into private hands. Once there, they can be used to develop electronic pictures of individuals and groups that are potentially far more detailed, and far more intrusive, than the files built up in the past by state police and security agencies.''

A review of Enemy of the State in Wired News says its scariest implication ``is that technology isn't what's holding the US government back from spying on its citizens. Laws are.'' The movie is basically a car chase prolonged by surveillance technology, but it scores a few good lines on privacy.

Anti-spam books: Removing the Spam: Email Processing and Filtering by Geoff Mulligan. See also Stopping Spam: Stamping Out Unwanted Email and News Postings by Alan Schwartz and Simson Garfinkel published by ORA.

In The Unconscious Civilization John Ralston Saul argues the prevailing ideology of corporatism is undermining individual rights. [comment by John Katz]

Published on the eve of the EU's Directive on personal data privacy deadline was None of Your Business: World Data Flows, Electronic Commerce, and the European Privacy Directive by Peter P. Swire and Robert E. Litan. [Review] Swire appeared in a panel on this topic at Internet World, moderated by Junkbusters President Jason Catlett.

Also from Brookings Institution Press is Privacy in the Information Age by Fred H. Cate. ``It seems that Cate never met a privacy law he liked, an attitude that may resonate among those of you who don't welcome the growing interest in the subject,'' wrote Robert Gellman in a review in DM News [Cate's Reply]. See also: In Pursuit of Privacy: Law, Ethics and the Rise of Technology by Judith Wagner Decew.

The plot of the 2000 movie Charlie's Angels has the trio attempting to recover technology for location and voice recognition that ``in the wrong hands'' could mean the ``end of privacy.'' A review in Salon asks: ``Who cares about the fate of privacy, of all things, when you can watch three sexy babes stamp out crime in zip-off suits and high-heeled boots?''

The Truman Show can be viewed as the struggle of a man who was adopted from birth by a corporation that commercially exploits and controls his private life, making it made public without his knowledge or consent. ``I know more about you than you know yourself,'' says Christof, the producer who zealously guards his own privacy.

The advertising blimp in Ridley Scott's film Bladerunner is a vision of a big intrusive device. ``This announcement has been brought to you by the Shimago-Dominguez Corporation,'' blares the slow-moving audio-video zepplin. ``Helping America into the New World.''

In The Transparent Society: Will Technology Force Us to Choose Between Privacy and Freedom? David Brin argues that instead of trying to defend privacy against technology we should strive for even more openness. [Excerpt from Chapter 1] [Scientific American] [1] [2] [CNN]

Another contrarian book partly on privacy is The Limits of Privacy by Amatai Etzioni [Review by Mike Godwin] [Review by Bob Gellman] Evan Hendricks commented that this book might be a good way to promote communitarianism, but has little to contribute to thought on privacy.

Victim Mari J. Frank wrote a package titled The Identity Theft Survival Kit: A Complete Guide for Restoring Your Credit and Your Peace of Mind (book, cassettes, and diskette) from her ordeal. Related: http://www.idfraud.com/ [Newsweek on ID theft]

Two books about fighting back against companies: Consumer Terrorism: How to Get Satisfaction When You're Being Ripped Off by Frank Burkett, Frank Bruni, and Elinor Burkett is a serious book of practical advice. Related: Bad Software: What to Do When Software Fails by Cem Kaner and David Pels. Counterpoint: Complete Idiot Letters: One Man's Hilarious Assault on Corporate America, Paul Rosa writes to companies with preposterous suggestions (``I would like to urge TV Guide to begin listing all television commercials along with the television programs... Also I would like to see more commercials...) and prints their replies (``Most of our subscribers indicate they would prefer less advertisement.'') [Web Site]

For comprehensive technical textbook, Cookies by Simon St. Laurent. is remarkably sensitive to privacy implications. It ranges from debunking rumors through demonstration examples of typical applications to the ``danger zone'' of the Master Cookie Server used in Microsoft Personalization Sessions. He mentions our Internet Junkbuster and its ``customizable demolition of banner advertisements'' and comments on our ``hardline approach to privacy.''

From the Electronic Frontier Foundation, is Protecting Yourself Online: The Definitive Resource on Safety, Freedom, and Privacy in Cyberspace. and others. And Net Results: Web Marketing That Works by Rick Bruner. [TechWeb]

More cited than read, George Orwell's Nineteen Eighty-Four remains the popular watchword for invasion of privacy almost fifty years after its publication. The novel can be read as a warning against the malign personalization that could be possible with a systematic technological attack on privacy. `The worst thing in the world,' says the hero's torturer, `varies from individual to individual.' (p. 228) The evil state in 1984 sought to control mindspace and to dictate identity to its subjects.

The command of the old despotisms was ``thou shalt not''. The command of the totalitarianisms was ``Thou shalt''. Our command is ``Thou art''. (p.205)

Counterpoint: Orwell's Revenge: the 1984 palimpsest by Peter Huber, which imagines technology turning against the despots.

Technology commentator Esther Dyson devoted a chapter to privacy in her new book Release 2.0: A Design for Living in the Digital Age. ``We and our children will be spending increasing proportions of our social, intellectual, and commercial lives in a digital world. This is how to make it a world we want to live in.''

We believe she was referring to our Internet Junkbuster proxy in a paragraph that discusses ``bad'' hackers putting cookies to nefarious uses:

Recently, some ``good'' hackers have developed tools that allow users to erase cookies or send back a ``wafer'' -- a sort of anti-cookie with a user's complaint on it. (p. 198)

Esther is the daughter of physicist Freeman Dyson. Some samples from his Imagined Worlds:

The widening gap between technology and human needs can only be filled by ethics... engaging the power of technology positively in the pursuit of social justice. The failure of science to produce benefits for the poor in recent decades is due to two factors working in combination: the pure scientists have become more detached from the mundane needs of humanity, and the applied scientists have become more attached to immediate profitability... [In both,] rule by committee discourages unfashionable and bold ventures. To bring about a real shift of priorities, scientists and entrepreneurs must assert their freedom to promote new technologies that are more friendly than the old to poor people and poor countries... In the long run, as Haldane and Einstein said, ethical progress is the only cure for the damage done by scientific progress.

In Only the paranoid survive (p.5), Intel's Andrew S. Grove writes: ``In technology, whatever can be done will be done. We can't stop these changes. We can't hide from them. Instead, we must focus on getting ready for them.'' This doctrine is known as ``technological determinism,'' and is not subscribed to by most policy makers, who tend to harbor the notion that things should be done because they benefit people. Some even go so far as to think that things that harm people should be stopped. Lewis Mumford gave the authoritative rebuttal to the view in 1970. Grove's opinion is consistent with Intel's handling of the Processor Serial Number. When a technologist says ``whatever can be done, will be done'' people should ask if he really means ``we will do whatever we want.'' Historical background: Tim Jackson's page-turner Inside Intel.

An excellent collection of recent essays is brought together in Technology and Privacy: The New Landscape, edited by Philip E. Agre and Marc Rotenberg of EPIC.

Hi-tech marketing is one of the dangers discussed in Moths to the Flame: The Seductions of Computer Technology by Gregory J.E. Rawlins.

An article by Susan E. Gindin in the San Diego Law Review Internet issue (1997/8-9) titled Lost and Found in Cyberspace: Informational Privacy in the Age of the Internet surveys the means of invasion of privacy and legal remedies.

A new book by Janna Malamud Smith titled Private Matters: In Defense of the Personal Life explores the conflicting human desires to maintain privacy and to violate it. Related: Legislating privacy: Technology, Social Values, and Public Policy by Priscilla M. Regan, and Regulating Privacy by Colin J. Bennett.

The Summer 1997 issue of the W3's World Wide Web Journal, titled Web Security: A Matter of Trust discusses privacy and trust management.

A new book, American Scripture: Making the Declaration of Independence by Pauline Maier, argues that the document was ``an expression of the American mind'' rather than Jefferson's in particular.

A book titled Naked in Cyberspace by Carole A. Lane and Helen Burwell tells how to use the Net to research information, especially personal records. It discusses privacy and outlines what information is not usually available on the Net, suggesting measures you can use to protect protect yourself from people searching about you.

A book by Bryan Pfaffenberger titled Protect Your Privacy on the Internet includes a CD of Windows shareware. It gives several examples of companies that say collect data saying they will not use it for certain purposes, and asks: what recourse do we have if the company is taken over by someone who finds those restrictions too financially inconvenient? At the FTC's privacy workshop Evan Hendricks read into the record from page 11 of this book the following quote from an outspoken 1994 article in the trade journal Direct Marketing that argued that the industry needn't make efforts ``pretending to placate the privacy forces with PR.''

In two years technology will have moved beyond the recall of the privacy types. All privacy attacks will be upon an information industry too big to be defeated and thwarted from the historical inevitability of a new society built on this new economy. Our opponents' arguments will be so irrelevant that they will be ignored. We are winning and shall continue to do so.

Another new book is Data Smog: Surviving the Information Glut by David Shenk.

Information has also become a lot cheaper -- to produce, to manipulate, to disseminate. Consequently, virtually anyone can very easily become an information glutton. We now face the prospect of information obesity.

Also reviewed in Wired, Joseph Turow's Breaking Up America: Advertisers and the New Media World analyses the social and cultural effects of target marketing. [Excerpt] We also speculate on the effects of technology creating ``markets of one'' (i.e. a billion ghettos.)

The Privacy Rights Handbook: How to Take Control of Your Personal Information by Beth Givens of the Privacy Rights Clearinghouse ``gives you all the information you need to be aware of threats to your privacy and assertive about safeguarding it.'' An excellent practical guide. See also: It's None of Your Business : A Consumer's Handbook for Protecting Your Privacy by Larry Sontag.

A long article by Michael W. Carroll titled Garbage in: Emerging Media and Regulation of Unsolicited Commercial Solicitations is a very comprehensive consideration of law and public policy issues about spam.

Left unchecked, this flood of advertisements could produce a tragedy of the commons; advertisers, acting in their rational self-interest, will distribute as many unsolicited advertisements as they can until most users of the medium find that the effort of sifting through unwanted solicitations has become too great.

All of the benefits and the marvels offered by the emerging media, however, may be unobtainable if we allow ourselves to be buried in a blizzard of electronic clutter.

  Fundamental issues of privacy

Commercially motivated communications are a specific type of threat to privacy, which has a broader context in the ethics of freedom. ``World history is the progress of the consciousness of freedom--a progress whose necessity we have to investigate.'' said Georg Wilhelm Friedrich Hegel. (Quoted in Reason in History; Hegel by Robert S. Hartman.) This can be applied to the concept of privacy as freedom to act and think unobserved within a certain private sphere. Technology challenges our concepts of what should be private, mostly by raising the possibility of surveillance of what was formerly unobserved.

1. The non-profit Electronic Privacy Information Center (EPIC) is perhaps the foremost privacy resource on the Web. Related pages include privacy and direct marketing, a list of privacy resources, and a summary of several polls on privacy. Together with Privacy International, EPIC publishes a report titled Privacy and Human Rights. on privacy laws around the world. [Business Week on EPIC]
2. An affiliated organization, Privacy International, is an international movement that help ``counter abuses of privacy by way of information technology.'' Its web site includes a list of Country Reports with links to resources in dozens of countries. [EU litigation] [Interview]
3. The http://www.privacy.org/ site gives recent news and calls to action.
4. Another site with a fine list of privacy-related resources from around the world is Global Internet Liberty Campaign.
5. The OECD issued a seminal memorandum titled Guidelines on the Protection of Privacy and Transborder Flows of Personal Data in 1980. Counterpoint: Stopping surveillance: Beyond 'efficiency' and the OECD by Graham Greenleaf.
6. The OECD guidelines built on a code published by the U.S. Department. of Health, Education and Welfare in 1973.
7. The Canadian Standards Association (CSA) issued a Model Code for the protection of personal information.
8. The American Civil Liberties Union (ACLU) is calling for action against electronic threats to privacy with their Take Back Your Data campaign.
9. The independent newsletter Privacy Journal has reported on privacy issues since 1974. A conference paper by its publisher, Robert Ellis Smith, is available on CPSR's Web site. He is also the author of several books and booklets on privacy topics, including Our vanishing privacy, Compilation of State and Federal Privacy Laws (frequently updated, 1999 available), War Stories : Accounts of Persons Victimized by Invasions of Privacy (second volume now published), and The law of privacy explained. In a recent article in Wired titled Privacy: the Untold Stories he lists several recent events impacting privacy that have gone largely unreported. We applaud his publication for being often the only publication to cover important privacy developments. [USNWR profile of Smith]
10. The anti-government Cato Institute published Privacy as Censorship: A Skeptical View of Proposals to Regulate Privacy in the Private Sector by Solveig Singleton. It argues that there is ``little to fear from private collection and transfer of consumer information,'' a statement that Privacy Journal said ``will surprise anyone who has followed news reports over the past two years.''
11. The newsletter Privacy Times is designed for professionals and attorneys who need to follow privacy developments. The editor is also the first author of Your Right to Privacy: A Basic Guide to Legal Rights in an Information Society (An American Civil Liberties Union Handbook) by Evan Hendricks, Trudy Hayden and Jack D. Novik.
12. The Handbook of Personal Data Protection by Wayne Madsen doesn't come cheap at around $170, but he knows what he's talking about.
13. The bestseller The Right to Privacy by Ellen Alderman and Caroline Kennedy examines legal cases where the privacy of the individual has been threatened by the police, the press, the voyeur, and the employer.
14. The non-profit http://www.netaction.org/ is ``dedicated to educating the public, policymakers, and the media about technology-based social and political issues'' (including privacy issues). See also: Electronic Commerce Forum.
15. ``Freedom is independence of the compulsory will of another; and in so far as it can co-exist with the freedom of all according to a universal law, it is the one sole, original inborn right belonging to every man in virtue of his humanity. There is indeed, an innate equality belonging to every man which consists in his right to be independent of being bound by others to anything more than that to which he may also reciprocally bind them.'' -- Immanuel Kant in The Philosophy of Law.
16. Chris Hibbert authored a comprehensive FAQ titled What to do when they ask for your Social Security Number.

  Junk communications as invasions of privacy

Any junk communication can be both an indication of the junk data about you that led to you being a target, and an invasion of privacy through its transmission to you.

Links more specific to the Internet are given in a separate section below.

1. Roger Clarke's excellent paper Direct Marketing and Privacy surveys DM practices and warns that they often conflict with the trust necessary for an ongoing relationship with consumers.
2. An article in the Los Angeles Times by Ram Avrahami titled My life is not for sale eloquently describes why he went to court to protect himself and others from unwanted solicitations. He has initiated an on-line petition to Congress that you can fill in to object to the unauthorized sale of your personal information. The sample of opinions that people have added makes fascinating reading. Avrahami commended the Internet Junkbuster in an interview with Wired News.
3. The author of the 1957 advertising classic The Hidden Persuaders, Vance Packard, told a legislative committee in the sixties that ``The possibility of the fresh start is becoming increasingly difficult. The Christian notion of redemption is incomprehensible to the computer.'' Little progress on this research front has been made since.
4. The non-profit Consumers International has a broad focus on consumer interests.
5. Computer Professionals for Social Responsibility (CPSR) maintains several documents on privacy.
6. The dangers of the sale of information about children are driven home by Marc Klaas and a KCBS reporter who bought thousands of children's names while using the name of a convicted child molester.
7. Each year Equifax, a company known primarily for selling credit reports on consumers, commissions and publishes results of a poll of Americans' attitudes toward privacy.
8. ISP Novagate maintains a list of consumer privacy resources (including us).
9. One of the best-known books about direct marketing and consumer privacy is Erik Larson's The Naked Consumer: How Our Private Lives Become Public Commodities.
10. An article by Malcolm Howard in Wired (97/4) titled No Freedom of Information discusses issues about public access to government records, including their reuse as commercial offerings.
11. For high-quality media coverage, browse CNET's reports on privacy in the digital age. They include audio interviews with EPIC legal counsel David Sobel and PGP author Phil Zimmermann.
12. A good way to keep up with new threats to privacy is to read the direct marketing industry's ``newspaper of record,'' DM News, particularly the sections on Database Marketing and Lists and Databases. Another leading trade magazine is Direct.
13. We think every company that stores information about its customers should publish a privacy policy. (But notice is not enough: [Surfer Beware II] [USAToday.com]) Here are some sample policies: Abacus Direct, ACM, Acxiom, [BW on Acxiom] Alexa, American Express, American Computer Group, Anacom, Altavista, Amazon, Anywho, BonusMail, CallWave, CatalogLink, CASIE, CIO Online, Columbia House, CNET, CNN, Cogit, CreekWalk, Crutchfield, Database America, DoubleClick, Drugstore.com, which in a Freudian slip stated that ``Some of these companies use cookies to conduct tracking, in order to maximize our advertising spending and enhance your shopping experience at drugstore.com,'' eBay, Electricity Choice, E-LOAN, Engage Technologies, Entropy Gradient Reversals [WARNING: Satire; strong language and political message may offend], EPIC, eSweeps (which ``reserves the right to post collected data on Esweeps.com's Web site, or share, rent, sell, or otherwise disclose data it collects to third parties''), Firefly, Game Empire, GoodNoise [refers to our ``rather hysterical'' warning on cookies], Harper Childrens, Harte Hanks, Hotmail, interMute, Intuit, Junkbusters, Jump, Kelloggs, Netscape World, Lexis-Nexis, MatchLogic, Medscape, Metromail, Microsoft, MyPoints, Nabisco Kids, Network Associates, New York Times, Napster, Nvolve Kids, Net-mom, Odigo (which ``may, in its sole discretion, make the information you provide us and the information or data we collect available to our employees and third parties with whom we contract, including without limitation, unique identifiers, aggregate statistics, demographic, and other information about our users'') , Onion, OPEN, Panache(admits participation in Abacus Online), Pathfinder (Time-Warner), PriceLine, Qpass, Replay TV (requires JavaScript includes tracking mechanisms), Riddler, SideWalk [criticism], SimpleNet, sixdegrees, Third Age, VerticalOne, WSJ, Weather.com, WebTV, WholeAgain [includes discussion] , WinFiles, Wired, WiseWire, and Yoyodyne [2].

    The DMA provides direct marketing organizations with an ``add water and stir'' recipe for privacy policies: a form that generate online privacy policies (``without studying the issues at all'' added Privacy Journal 97/6). TRUSTe has a similar ``Wizard,'' which also generates a XML for P3P. Privacybot extends this to applying for a seal. The OECD has also provided one, attracting criticism from privacy advocates. Eric Goldman of Cooley Godward LLP wrote a paper titled Drafting a Privacy Policy? Beware! An article in CIO Magazine surveys policy issues about privacy policies. If you find a particularly good, bad or ugly policy on the Web, please tell us the URL. We call a privacy policy vacuous if there is nothing that it stops the company doing. A vacuous policy is like a pseudo-scientific theory that cannot be falsified by any empirical evidence. Vague statements such as ``we strive to consider our valued customers' preferences'' reassure only the gullible. Of course most privacy policies are the product of PR people and lawyers, so they are made to sound nice while exposing the company to absolutely no risk no matter how badly it behaves. As EPIC put in in the title of its follow up report: Surfer Beware II: Notice is Not Enough. A good privacy policy should be one of many elements of an organization's privacy strategy. Companies that offer consulting services on privacy statements and strategy include Alan Westin's Privacy & American Business, PricewaterhouseCoopers, IBM, Privacy Council, Siegel & Gale, Roger Clarke's Xamax, and Junkbusters.

14. Professor Westin also established the Privacy Exchange site, which has extensive links to policies. See also: Privacy Laws and Business and DiaSystems. [AdAge]
15. As Scott Adams put it in the title of one of his Dilbert collections: I'm Not Anti-Business, I'm Anti-Idiot. A more serious book: Managing Privacy: Information Technology and Corporate America by H. Jeff Smith.

  Junk Mail

How many trees are needed to send a hundred billion pieces of junk mail each year?

1. A cover story titled The junk mail deluge in U.S. News and World Report describes the relationship between databases, privacy and junk mail. (1997/12)
2. Chris Hibbert of CPSR gives several pages of advice on How to get less junk mail. He says that sending negative answers in business reply envelopes is unlikely to be effective. He advocates using variant spellings of your name and address to track who is selling your name.
3. A magazine article by Michael Worsham discusses both environmental and privacy effects of junk mail.
4. The Direct Marketing Association's 1996 Statistical Fact Book is full of figures and graphs, such as estimates that Americans get 21.31 pieces of direct mail per week, 43% wish they got less, 52.2% order something from it, and 46% of it is never read. With $30 billion spent on direct mail, that's a waste of about $15 billion annually.
5. Fred Elbel publishes an extensive page on How to Get Rid of Junk Mail, Spam, and Telemarketers.
6. Several other individuals maintain pages of advice on how to deal with junk mail, including Ron Rogers.
7. Another Do-it-yourself guide is published at obviously.com. Our favorite line: The DMA ``suggests "reusing" your unwanted junk mail, by giving it to schools and libraries. This self-serving suggestion is worth somewhat less than you paid for it.''
8. In The Next Step in Database Marketing: Consumer Guided Marketing: Privacy for Your Customers, Record Profits for You Dick Shaver argues that companies can ``computerize personal information'' while protecting ``each customer's privacy completely'' so that ``Junk Mail becomes a thing of the past.'' We haven't yet read the book. ``Reverse target marketing'' is one of the themes of Enterprise One to One: Tools for Competing in the Interactive Age by ``Direct Marketers of the Year'' Don Peppers and Martha Rogers of Marketing1to1. Peppers has been quoted as saying, ``I get eight or nine, sometimes 15 catalogs every day even though we've never bought anything by mail. To me that's a big annoyance.'' Other books of interest: Database Marketing: The Ultimate Marketing Tool by Edward L. Nash and Emarketing by Seth Godin formerly of YoYoDyne and now VP of DM at Yahoo, a pioneer of consensual marketing. Godin constantly spouts thought-provoking and incisive observations about marketing; our favorite: "No site has a right to my attention, my data or my business." For an audio interview on privacy and marketing with Junkbusters, see our media page. Other books by Godin are listed above.
9. For a fee Outpost, Call Compliance, BOXFree, http:///www.StopTheCatalogs.com/, and http://www.circularfile.com/. offer to send opt-out messages.
10. The Web site stopjunk.com offers to sell you a kit that it describes as ``the result of thousands of hours of research into the cause and prevention of junk mail proliferation.''

  Telemarketing

Our extensive tactics for ridding your home of these long-distance vermin are summarized in our Anti-telemarketing script, which has links to source material from the FCC. The FCC maintains a page for consumers on unwanted telephone marketing calls.

1. When a ``professional telemarketer'' complained to Judith Martin about people who ``verbally abuse us'' when called, she gave the following reply in Miss Manners Rescues Civilization: From Sexual Harassment, Frivolous Lawsuits, Dissing and Other Lapses in Civility.

   What you are doing is rude. Never mind arguing that you need to earn a living, that you personally do not intend to break into people's lives and that many people must be grateful for the opportunity your employer offers for you, or they would not be profitable... Miss Manners is sorry to tell you that she hopes such techniques will not be permitted and that you are able to earn a more acceptable living in another manner.

2. Geoffrey Kloess wrote a freeware package for telemarketer control called Enigma based on our Anti-telemarketing script.
3. Several products are available to deliver a recorded ``do not call'' message when a telemarketer calls. On some you push a button after you have picked up and identified the telemarketer; others delay ringing until they have asked the caller to press 1 unless it's a telemarketing call. Most cost around $30. They include the Phone Butler, Private Line, Privacy Call, callplex, CallMeNot, ScreenMachine, and ``Easy Hang Up,'' which we're told is available from http://www.SolutionsCatalog.com. A demonstration of the Prefone Filter is available by calling 1-800-NO2-JUNK (1-800-662-5865) or from http://www.prefonefilter.com/ In the other corner: autodialers that do predictive dialing. [TeleDirect] [MarkeTel] Counter-technology: TeleZapper, which sends a "dead line" signal that tells the predictive dialers your phone line isn't working. [Business Week] AOL also has a similar feature for users of AOL Call Alert or AOL Voice Mail. [DM News] A cost-free alternative is to record the SIT tones (also known as out-of-service tones) at the beginning of your answering machine message. [Z28]
4. Customers in some of Ameritech's territory can pay a monthly fee to add Privacy Manager, which pre-screens calls not identified by Caller ID. [Radio Advertising Bureau on PM] Verizon announced a similar service under the name Call Intercept. (2001/2/6) Similar functionality could be achieved with a computer, a voice modem, and software such as CallAudit.
5. The FCC's page on the Telephone Consumer Protection Act contains pointers to its actions and fact sheets. [more]
6. A company that trains telemarketers recommends that trainees be prepared to deal with our Anti-Telemarketing Script, which it warns may intimidate them and lead to fines. The page also contains a good set of links to resources on telemarketing. (Beware cookies set by JavaScript.)
7. Russ Smith's Consumer.Net site contains many pages on those topics, as well as an extensive graphically annotated page of links covering other kinds of junk. It documents several cases of telemarketers being made to pay for breaches of regulations.
8. Robert Arkow, a veteran anti-telemarketing litigant, maintains a site at http://www.stopjunkcalls.com/ titled ``Californians Against Telephone Solicitation.'' We were entertained by their .``UnOfficial Hunt for Wells Fargo Bank's "Do Not Call Policy"Web Page
9. Frank Beacham includes details on how telemarketers have been sued using the requirement that they supply a written policy on demand.
10. Robert Braver invites nominations for the ``Telemarketing Hall of Shame.''
11. The "Know Fraud" campaign against fraudulent telemarketing at http://www.consumer.gov/knowfraud/ gives tips on spotting fraudulent telemarketers.
12. Scam artists are tricking people into calling pay-per-call numbers in the 809 area code, which is in the Carribean. Details are available from Scambusters. These area codes are also used by International Dial-A-Porn services.
13. The Federal Trade Commission warns how scam artists sell ``sucker lists'' (a.k.a ``mooch lists'') and try to dupe victims again and again.
14. Karen's Koncepts lists dozens of anti-telemarketing links.
15. A privacy advocate comments unfavorably on the UK ``Telephone Preference Service.''
16. For a list of ``business to consumer telemarketing service suppliers'' (a.k.a. telemarketing service agencies, or bureaus), see for example the December 1995 Buyer's Guide in Telemarketing magazine (ISSN 0730-6156).
17. There are many books by telemarketers for telemarketers, but few mention privacy or even laws or regulations. One that does include a sample do-not-call policy is In-House Telemarketing by Thomas A. McCafferty.
18. Robin Whittle analyses the intrusiveness of telemarketing and its regulation in Australia.
19. Tony Shepps describes one way to avoid junk calls: move, get an unlisted number, keep it secret, and refuse calls that get through.
20. Max Gavaghan is a cat whose owner filled out a warranty card in Max's name. The cat received telemarketing calls and an offer for a pre-approved credit card.
21. Vince Nestico's ``Anti-Telemarketer Source'' is the most colorful set of pages on this topic we have seen on the Web. It includes many stories on tormenting Telephone Sales Representatives (TSRs), and promotes an anonymous author's book called How to get rid of a telemarketer. Some of these stories are extremely funny, but before trying it yourself at home, remember that the TSR didn't decide to call you, the company did.
22. The satirical online newspaper The Onion reported Telemarketing Industry Celebrates First Sale. [Salon review]

  Reducing junk marketing communications

Direct marketers presume unless told otherwise that they can send you whatever junk they want. See also our page on what you can do to tell them to cut it out.

1. The NAMED is a non-profit membership organization that tells companies not to disclose personal information about its members without their permission.
2. People who want absolutely no junk mail and/or telemarketing calls (and are prepared to pay an annual subscription fee) may be interested in becoming members of Private Citizen, Inc. (1-800-CUT-JUNK).
3. The Privacy Rights Clearinghouse maintains extensive practical fact sheets on what consumers can do, including: ``Junk mail: how did they get my address?'' and ``Telemarketing: Whatever happened to a quiet evening at home?''
4. The web site of PerfectlyPrivate ``provides information and tools that enable consumers and businesses to receive the maximum benefits of the Internet while minimizing privacy risks.''
5. One of the stated purposes of Aristotle Publishing (VOTE) is to give Californian registered voters the option of receiving governmental and political messages by email. The organization is also a very outspoken critic of one direct marketing company's abuses of personal data. They also started an opt-out list for junk email. ZD Net News reported on their database for targeting political banner ads. [Vortex on Aristotle] [IPO info] [Industry Standard on Aristotle] [Hunter on Profiling the Electorate]
6. ``Fax me not'' of Littleton, Colorado calls itself ``The Fax Police.'' For a fee, it offers to notify fax senders that their faxes are unwanted and to take legal action against them if they continue. This is the first clear example we have seen of private enforcement services against junk communications. They don't appear to have a Web site, but they offer a fax-back information sheet (800-747-1747, ext. 7).
7. Observing that marketers often make it easier to sign up than cancel, Cancel-it offers a free form to cancel some on-line services such as ISPs and email lists.
8. The Center for the Study of Commercialism (CSC) Director Michael F. Jacobson and Laurie Ann Mazur authored Marketing Madness : A Survival Guide for a Consumer Society, ``a primer on the social ills of commercialism gone rampant--a call to action for all concerned citizens.'' Related: Affluenza on PBS. [The Onion]

  Junk and privacy on the Internet

As the greatest machine ever built for getting information from anywhere to anywhere else, the Internet is perhaps also the greatest threat to privacy since the Chinese invented the census around 2275 B.C.E. The Internet Junkbuster is our main contribution to Internet privacy. But there are many, many more threats to be countered.

1. Though not primarily about privacy, Cyber Rights: Defending Free Speech in the Digital Age by Mike Godwin, counsel to the EFF, is a firsthand account of many struggles involving rights in cyberspace.
2. The Electronic Frontier Foundation (EFF) has various initiatives to improve privacy on the Internet, including newsletters, an archive on Junkmail/Commercial Privacy Issues, and the following project.
3. The privacy initiative of TRUSTe (formerly eTRUST) ``has two significant aims: to stave off prohibitive government regulation in electronic commerce and accelerate growth in the industry by promoting consumer trust and confidence.'' They license their ``trustmarks'' of privacy and security to on-line merchants, and campaign to get them to post privacy policies. [Industry Standard Debate] [Grohol critique]
4. Other similar organizations: the Better Business Bureau Online (BBBOnline) [CNET], PricewaterhouseCoopers BetterWeb, WebTrust, Web Assurance Bureau, PublicEye, BizRate, Gold Privacy Seal, NetCheck, Net Trust, and HonorWeb. [USAToday review] A few organizations distinguish themselves by requiring audits attesting to a set of standards, such as the Personalization Consortium and CPA WebTrust [CNET].
5. A survey sponsored by them concluded most consumers don't trust Web sites with their personal information, and many provide false personal information when asked to register.
6. The Consumer Project on Technology, affiliated with consumer advocate Ralph Nader, has criticized Microsoft for anticompetitive practices and other companies for privacy-invasive actions. [CNET]
7. Nader's Commercial Alert is ``an organization devoted to helping families, parents, children, and communities defend themselves against harmful, immoral or intrusive advertising and marketing, and the excesses of commercialism.''
8. The industry-funded lobbying group Center for Democracy and Technology (CDT) also has pages on privacy issues, including a Roundup of key findings of recent privacy surveys, a chart of the privacy policies of online service providers, and a Privacy Demonstration Page. [Biz2.0 on CDT] Together with Voters Telecommunications Watch (VTW) they created a site called http://www.Junkemail.Org with extensive information about spam.
9. Described by the Industry Standard as the ``Internet pure play of lobbies,'' Netcoalition.com aims to stop Net taxes and privacy legislation. [USA Today]
10. An extensive privacy analysis is available at http://consumer.net/analyze/ including referer, cookies, whois, and traceroute. Another is browserspy.
11. The W3C's Platform for Privacy Preferences Project (P3P) is working on ways of standardizing statements of Web sites' privacy practices and visitors' ``preferences.'' (We would prefer a word such as ``requirements''.) Junkbusters criticized P3P in an open letter.
12. Roger Clarke's excellent paper Privacy on the Internet: Threats, Countermeasures and Policy enumerates and analyses the key factors, with links to his many other papers.
13. The ACM Risks Digest moderated by Peter G. Neumann frequently includes privacy issues. He also has a book titled Computer Related Risks. See also EPIC's page on computer security.
14. The practical suggestions on ``how to add privacy to your life'' in Andre Bacard's Computer Privacy Handbook include using PGP to encrypt your communications. It quotes the Equifax poll reporting that 79 percent of Americans said they would like to ``add privacy to "life, liberty, and the pursuit of happiness" in the Declaration of Independence.'' See also his Anonymous Remailer FAQ.
15. There are many organizations that campaign for the right of people to use strong cryptography to protect their private communications from government surveillance. These include Americans for Computer Privacy (ACP).
16. Computer security is important to information privacy, because much private information is disclosed by accident and through attacks by third parties. A well-known reference on Internet security is Practical Unix and Internet Security by Simson Garfinkel and Gene Spafford. (And more recently, Web Security and Commerce.) Garfinkel has also written extensively on privacy. Related: Web Security: A Step-By-Step Reference Guide by Lincoln D. Stein (which mentions our Internet Junkbuster proxy) and the Web Security Sourcebook by Avi Rubin, Daniel Geer, and Marcus J. Ranum. Counterpoint: rootshell.com. See also the site of the National Computer Security Association.
17. A chapter on ``How much privacy you have on the Net, and how you can get more'' is a feature of Daniel Barrett's book Bandits on the Information Superhighway.
18. The Nation ran a wide-ranging review titled Privacy for Sale: Peddling Data on the Internet.
19. Out of print classics: Jeffrey Rothfeder's Privacy for Sale: How Computerization Has Made Everyone's Private Life an Open Secret and Arthur Raphael Miller's The Assault on Privacy: Computers, Data Banks, and Dossiers .
20. The ``Internet Watchdog Website'' http://www.webguardian.com is a non-profit organization aimed at helping consumers ``to report and recover from cybercompanies who engage in deceitful or fraudulent internet business practices.''
21. Francis Litterio cautions us ``If you want privacy in the electronic age, you have to give it to yourself. Your employer won't give it to you. Your government will not give it to you.'' And we would add: the companies that serve you will not give it to you, at least not unless you ask.
22. Version 2 of Freedom from Zero-Knowledge Systems, Inc. ZKS describes Freedom as ``easy-to-use software designed to give you total privacy while on the Internet [by using] high-grade public key cryptography to encrypt the contents of any Internet transmission, including e-mail, chat room, web browsing and newsgroups. It also protects the source and destination of all Internet traffic. '' For Version 3 ZKS added features such as ad filtering and cookie management, but shut down the encryption network. (2001/10/4) [AP]
23. You can surf through the Anonymizer to avoid handing over so much information with your HTTP requests. Their FAQ page explains how they achieve anonymity in almost all situations, except when using external protocol handlers such as MIME helper programs. One disadvantage with this pioneering service is that they impose advertising and delays unless you pay (they have to support their operations somehow). Another pay-for-privacy service site: Ultimate Anonymity; the company appears to be related to bulk emailing lists.
24. More anonymizers: SafeWeb, which does cookie and script filtering, and Ponoi which offers secure Web browsing, password management and file storage.
25. ``Messaging Incognito'' from Privada ``allows users to send and receive email and post newsgroup messages securely, privately and anonymously.'' [Privada release] [Washington Post/Newsbytes]
26. Separately, Privista, a company allied with Equifax offers an ``Early-warning system against identity theft and credit fraud'' and an ``opt-out manager.''
27. Lucent tried to turn LPWA into a commercial venture called ProxyMate. They appear to have closed it and sold the technology to NaviPath for its ISP. We didn't like ProxyMate's requirement that users turn on JavaScript, which is a security risk. It also adds ads, which can be eliminated with the line bin.proxymate.com/pbar? in an Internet Junkbuster blockfile. LPWA showed a way surfers could register at sites anonymously without having to do a lot of book-keeping of user IDs and passwords. One of its cryptographic features is to provide ``target-revokable e-mail addresses.'' [CNET] See also: SneakEmail's disposable email addresses.
28. There are also few public proxy operations provided by small entities, such as Janus, Interfree, and MagusNet. Also Anonymyth . We don't attempt to determine which proxies are trustworthy. The Anonymity 4 Proxy (A4Proxy) is a proxy server that includes a database of public anonymous proxies.
29. Scientists at AT&T Research have devised a privacy-enhancing proxy server called Crowds that anonymizes surfing by routing requests via a randomly chosen participant. [Wired] Related: Cloudish.
30. Tamos International has a demonstration that detects headers indicating a proxy.
31. The in.identd demon, described in RFC 931, can disclose users' identities to servers. Try our test. If you're being given away, ask your administrator or ISP if it can be disabled or replaced with an encrypted identd. If you're running UNIX ® on your machine, try disabling the auth or identd service on port 113 by commenting it out in /etc/services and restarting TCP/IP.
32. We like Java as a programming language and a way of making applications platform-independent, but we have concerns about the security of implementations in browsers and the threat to privacy that this poses. We recommend disabling Java due to various security loopholes and Hostile Applets.
33. There are also recent reports of security problems with ActiveX and even MS-IE itself. See also: RadioActiveX.
34. Even JavaScript has been used in attacks [ZD] [Wired]. It can also be used by servers to discover your plug-ins and other information, and to set cookies. It has an awful history of security bugs. [CNET] We recommend disabling it.
35. Chip's Closet Cleaner includes many links about privacy. They describe us in three words: ``stop junk everything.''
36. Databases of email and postal addresses such as Peoplefind or the many listed in Yahoo are considered very helpful by some but an invasion of privacy by others.
37. Another service that is considered both helpful and invasive is the archiving and indexing of Usenet postings by sites such as dejanews.com. The profiles easily obtained about a person can be very revealing.
38. The American Association for the Advancement of Science published a report on the importance of Anonymous communications on the internet.
39. The newsweekly Time ran an article titled No Privacy on the Web (June 2).
40. A brochure titled Protecting Your Privacy When You Go Online is published by the Interactive Services Association, an industry group that includes several major web advertisers. It explains the basics of cookies, but is light on detail about how to stop them. [CNET coverage] The DMA also publishes a booklet titled Get Cyber Savvy, mainly concerned with parental control.
41. Sites such as deepdata.com sell various information on most Americans for a few dollars or more.
42. The web site of Privacy, Inc. asks ``What do they know about you?'' They ``help you find out and empower you to take action'' if you pay $30 for an ``Internet Background Check,'' reported Wired News.
43. Or you can learn how reporters do it from Deadline Online: people finding and finding background. Find it online by Alan Schlein is a comprehensive book covering research for all kinds of information.
44. One of the most frightening privacy pages on the Web makes its point by posing as a resource for stalkers.
45. Some similarly disturbing books: How to Get Anything on Anybody by Lee Lapin, Your Personal Netspy: How You Can Access the Facts and Cover Your Tracks Using the Internet and Online Services by Wolff New Media, and Web Psychos, Stalkers, and Pranksters: How to Protect Yourself in Cyberspace by Michael A. Banks, Digital Privacy by M. L. Shannon.
46. The April Fool's Day jokes about Internet privacy are getting closer to reality: ZD PC; macfixit.com.

  Cookies

Our alert on cookies explains how Web browsing can damage your privacy. The Internet Junkbuster stops cookies and other threats to your privacy on the Web.

1. There's a Yahoo category for cookies.
2. The original specification of cookies by Netscape was marked preliminary. It focuses on the technical details on how to use it and rather than the ends to which it can be put.
3. A subsequent Internet RFC (2109) on cookies by David M. Kristol of Bell Laboratories and Lou Montulli of Netscape Communications (who patented cookies) expanded the preliminary specification to many related considerations, including ``Cookie Spoofing'' and ``Unexpected Cookie Sharing.'' There's also a sizeable section on privacy, including the following recommendation: ``...the control mechanisms provided shall at least allow the user to completely disable the sending and saving of cookies.'' Despite this the two major browser makers didn't have such a feature until their level 4 versions. See also an interview with Lou Montulli and the Privacy Foundation.
4. There's an Internet Draft on trust certification of cookies.
5. The U.S. Department of Energy's Computer Incident Advisory Capability issued an Information Bulletin stating that cookies do not pose a security threat, but may threaten privacy by facilitating tracking.
6. Roger Clarke gives a balanced and wide-ranging account of cookies, including legal and historical aspects. A broader article places cookies in the context of Cyber Culture.
7. A review of the legal and privacy aspects is given in Cookie Central.
8. In a law journal article Viktor Mayer-Schönberger examines cookies and privacy legislation, arguing that companies who set them without consent may violate the European Union Directive on the Protection of Personal Data. (Cited in Eichelberger). [Techweb]
9. A New Zealand law firm discusses dangers of cookies from the point of view of privacy legislation and employers' responsibilities (perhaps the Internet Junkbuster would address some of these concerns).
10. A highly readable article by Tom Negrino in Mac World includes sections on good reasons for cookies and their use as marketing tools.
11. Andy's Cookie Notes discusses several aspects of cookies, and provides links. webmaster at HotWired recommended that you disable cookies only when the browser isn't linked to you personally. (We take exactly the opposite view.) After getting a lot of mail he wrote a followup saying that ``on the other hand, personal privacy is a sensitive issue...'' He concluded that ``eventually, most Web browsers (particularly those in the public domain) will come with an option to refuse all cookies.'' More recently, Matt Margolin surveyed technology for protecting user data.
12. A set of test results published by DEC documents the cookie capabilities of a large number of browsers. Most don't support cookies. Three that do are Netscape, Microsoft IE, and NetManage WebSurfer.
13. In 1996 the Federal Trade Commission published a Staff Report titled Public Workshop on Consumer Privacy on the Global Information Infrastructure. Various companies and trade organizations lobbied to defend and promote their technologies and business practices, including cookies and the collection and sale of information about children. Some claimed that their technologies ``could enhance online privacy and at the same time satisfy the legitimate needs of online businesses for information about current or potential customers.'' Here's an outstanding sentence: ``According to the representative of Netscape Communications Corporation, cookies technology could be used by Web sites to facilitate communication of consumers' privacy preferences.''
14. Answering the FTC's 1997 questions about cookies, Netscape commented ``As to risks to web site operators, the risks may rest with possible liability for management of the information that they may collect...''
15. A 1996 article in Interactive Week revealed that search engine companies use sophisticated technology to build profiles of their users based on the history of their search queries. Do you want such a profile about you available for sale to advertisers? If you searched for information about a chronic disease yesterday, you might not get any banner ads from health insurers today.
16. Privacy and security expert Simson Garfinkel declared that cookies can be a force for good or for evil in an article in Wired News. See also: Good or evil?
17. The public was first warned about the surveillance capabilities of cookies by the San Jose Mercury News titled Web 'cookies' may be spying on you. In 1996 they pointed out that cookies violate two assumptions which still prevail: that surfing the Web is anonymous, and that files on the client side aren't changed by servers.
18. Dean Gaudet points out that cookies are just one of many technical means of tracking. We're very interested by his suggestions about how the HTTP Keep-Alive mechanism can be used for surveillance purposes. If anyone has further information about this, we would like to hear it.
19. An article in PC Week asks whether cookies are a treat or a trick.
20. Some sites that set cookies have a page explaining them, such as Interlog.
21. A technical article in Netscape World gives example scripts for setting and displaying cookies. Other published there include a guide analyzing user activity and How popular sites use cookie technology.
22. An article in PC Magazine concentrates on the wonderful technical aspects of cookies.
23. If you don't let Microsoft set cookies, they'll withhold their content. For more on Microsoft's use of cookies, see our News page.
24. If you don't take their cookies, Healtheon tells you to have a nice day.
25. Another dazzling example: ``In order to ensure your privacy, certain areas of the PlanetRx website require the use of cookies.''
26. Ad servers Focalink maintains a page on cookies, which we disagree with on several points.
27. Another FAQ that gives an upbeat view of cookies is from Network Associates.
28. The editor-in-chief of CNET was unconcerned about cookies. Some of his readers weren't.
29. An article in Advertising Age titled `Cookie' proposal could hinder online advertising: privacy backers push for more data controls quotes a survey indicating that some 72% of online users have never even heard of cookies.
30. A coalition of privacy groups including EPIC supported the proposal.
31. Cookies are trashed in www.webpagesthatsuck.com, a magnificent gallery of what not to do in HTML.
32. The GVU's 6th WWW User Survey shows that many people are unaware of what cookies do, and wouldn't want them if they had a choice. (The 7th and 8th Surveys have since been released and contain similar figures.)

    When asked about an identifier that would uniquely label users across sessions at a site, less than one out of every five (19.08%) thought that this should be possible. Yet, identifiers already exist and are widely supported by browsers, aka cookies. There is already evidence of controversy surrounding the use and lack of control over cookies by technically savvy portions of the user community and the advertising community that desires fine grain measurement of usage.

33. Should newspaper sites use cookies? The American Journalism Review ponders cash vs. privacy.
34. An early version of Netscape Communicator contained a bug that allowed sites to gather various data from a visitor's browser, including URLs, passwords, and other sites' cookies, InfoWorld reported. (1997/07/28)
35. Realizing that cookies now have a bad reputation, advertisers and Web companies are preparing for the day when many people will refuse them. An alternative dubbed ``cupcakes'' has been put forward by i33 Technologies. The Open Profiling Standard has been put forward to allow collection of information without tracking. A tracking technology based on ``thunking'' in the DNS developed by http://www.7val.com has been called ``location poisoning'' by Lemuria, which has developed a technical countermeasure.
36. ``Cookie pieces have no calories at all. The process of breaking causes all the calories to leak out.'' At least so claims Weekly World News columnist Ed Anger, in Let's pave the stupid rainforests and give school teachers stun guns (p. 11).

  Anti-cookie measures

The Internet Junkbuster provides extensive cookie-management capabilities.

1. PGP Inc., which was taken over and later somewhat abandoned announced they would sell software called PGPcookie.cutter that allows individuals to control cookies. However, we haven't been able to find it in their list of products lately.
2. In an interview on CBS the President of PGP commented that as people understand what cookies do, ``they really are quite offended by it.''
3. Kevin McAleavey's products on http://www.nsclean.com remove the data on your browsing behavior that Netscape and MS-IE place in your files. His ``cleaning'' software also disrupts cookies and lets you switch the email address given for you to an alias. His description lists several threats to privacy from browsers.
4. Ziff-Davis offer CookieMaster, a free Windows95 utility to monitor and edit your cookies file. A collection of shareware and freeware utilities is maintained by WinFiles.com.
5. The Cookie Crusher from The Limit Software, Inc. features per-site cookie management, as does Cookie Pal from Kookaburra Software.
6. Luckman's Anonymous Cookie is a free utility that gives Windows 95 and NT users a button to enables or disables access to cookies. See also: WebSweep.
7. A shareware program called Buzof can be configured to automatically answer dialog boxes such as warnings about cookies and internet connections.
8. There is also a program called Cookie Monster for the Mac. The name appears to be the subject of a trademark dispute.
9. Internet User published a Product Roundup of Cookie Utilities.
10. Randal L. Schwartz, coauthor of Programming Perl, wrote a program that removes cookies, and the Referer, User Agent, and From variables. It's freely available. Related: htmlf, a content-modifying proxy in Perl.

  Targeted web advertising

Targeted web advertising is a threat to privacy when it's based on information collected without consent. If you don't want banner ads, consider using the Internet Junkbuster if you're a technical expert, or Guidescope if you're not.

1. Chapter 1 of Marshall McLuhan's Understanding Media, titled The medium is the message, warned us that ``we become what we behold.'' What will we become, beholding animated GIF banners? ``To put the matter abruptly, the advertising industry is a crude attempt to extend the principle of automation to every aspect of society.'' [More quotes] But McLuhan was not intrinsically an opponent of advertising; he predicted that it would ``become a personal service to each individual.''
2. At the moment advertising looks more like becoming a personal disservice. In Valuing Your Customers: Quality Database Marketing, Angus Jenkinson warns marketers against the abuses of personal information made possible by recent technology.
3. In an excellent article about Web advertising in Wired 4.12, Hunter Madsen concludes that this isn't advertising after all. ``It is, in fact, a form of highly targeted direct marketing, whose message-delivery costs per capita compare quite favorably with direct mail and other delivery vehicles.''
4. The GVU's 6th WWW User Survey concluded ``The notion that people like to receive targeted marketing material is not supported by the data, regardless of the medium. There is high agreement on these issues across strata.'' Privacy was listed as a top concern in CNN's story on the survey. A study reported by ComputerWorld (1997/05/07) found that 64% of Web users never click on banner ads.
5. According to a study sponsored by the Direct Marketing Association, ``Advertising on the Internet is not currently seen as a major problem for people.''
6. The nonprofit Center for Media Education (CME) has published extensively about Online Advertising Targeting Children.
7. Netcreation's Digital Direct Marketing Letter (97/6) contains a review of Web advertising techniques and examines ethical issues of privacy. See also the August (``The consumer's got the remote, and she's not giving it back.'') and other issues.
8. Ad Resource publishes an extensive One-Stop Directory Of Web Advertising, Promotion, Marketing, Sales And E-Mail Web Resources and a page on banners (including filtering software). Its primer discusses the Internet Junkbuster in the context of measuring ad impressions. Web auditing bureaus such as ABVS Interactive distinguish an ad impression from an ad insertion request, and take care to adjust for the intervention of non-human agents. Unlike some banner busters, the Internet Junkbuster does not distort impression counts.
9. The Conaghan Report, written by the Director of Market and Business Analysis at the Newspaper Association of America, gives a well-linked and comprehensive overview of ``Tracking Audience and Adverti$ing on the Web.''
10. The Internet Advertising Report by Mary Meeker of Morgan Stanley provides a comprehensive analysis of the emerging Web ad market. It cites an I/PRO survey saying that 42% of people never look at banner ads. (Also available from MS: the Internet Report.) Other seminal books: Advertising on the Internet by Bradley Aronson, and What Makes People Click : Advertising on the Web by Jim Sterne of Target Marketing of Santa Barbara.
11. The targeting techniques used by web advertisers are also explained by other major sites in the Yahoo category Web Advertising Management.
12. One cookie critic looks at advertisers' methods and predicts that they will be rolling in cookie dough.
13. Jane Weaver of MSNBC begins with the comparison of the ``Internet's drain on TV to cable's effect on broadcast television 15 years ago and, of course, TV's impact on radio in the 1950s.''
14. The slickest website we have ever seen is Adbusters. Their banner spoofs are almost enough to get us to use more than two colors in our graphics. Related: Subvertise. Counterpoint: Adcult USA: The Triumph of Advertising in American Culture by James Twitchell. [Banner Ad Museum] [Anti-ad Ads] Fellow travelers: Positive Propaganda and BadAds.org.
15. An early article in Wired discussed a future where consumers are paid to watch advertising. Web ad company CyberGold has been trying to do this. [Industry Standard on CyberGold] Counterpoints: software robots that click on ads for you; web sites you can pay not to show you ads.
16. Nicholas Negroponte expects premium-pricing of ad-free content. (p. 170)
17. Marketers are creating their own ``channels'' with the new digital delivery services or push systems that broadcast Web content. We're still trying to figure out the privacy issues with these services; if you see any particular risks, please tell us.

  Filtering and blocking banner ads and other unwanted material

They can run, but they can't hide. A huge variety of technologies let you block junk. If you don't want banner ads, consider using the Internet Junkbuster if you're a technical expert, or Guidescope if you're not. If you just want to stop popup ads, consider Pop-Up Stopper.

1. A brief history of ad filtering is included in one of our presentations at Internet World.
2. Perhaps the first ad filter was WebFilter, (released September 1995). It's a UNIX ® proxy that lets you specify filter scripts that change the content of HTML pages. [WebWeek] Its author also has a page on ``No-Ads'' logos, and blacklisting advertisers (where, incidentally, he describes our pages as excellent.)
3. One popular filter that removes ads and other noisy junk on the web is AdSubtract (formerly interMute). It works on a wide variety of platforms and browsers.
4. Other recent filtering products: WebWasher, Proxomitron [Filters], Interquick, WebWiper Inc.'s AdWiper, Ad Buster, AdEater, AdDelete, Ad Extinguisher, AdFilter, which seems to have evolved to FilterGate, Guard-IE from Failsafe, Pop-Up Stopper from Panicware, Smasher (a.k.a. PopUpStop), webclean, WebMask [see also Don Marti's instructions on killing ad servers with BIND on Linux], AdKiller, and AdsOff.
5. The ``Web accelerator'' WebEarly has options not to prefetch or display ads. So do InterQuick, Naviscope FilterProxy, Smart Cache, and WinProxy.
6. WRQ's AtGuard features adbusting, privacy enhancement and security measures such as selective JavaScript filtering. It has been bought by Symantec and was incorporated into Norton Personal Firewall, which is available for Macs and PCs. We've heard numerous good reports of this product.
7. The ShieldsUP! FAQ shows how to filter ads by creating an "Advertisers zone" in Internet Explorer.
8. A shareware Mac control panel titled WebFree filters ads and cookies. [Alternate Page] There's also a Perl program called Cookie Jar that does cookie management, ad filtering and privacy enhancement. A browser for Macs called iCab includes cookie management and ad filtering.
9. Other filtering proxy servers: Muffin, (written in Java. Users select from a set of filtering modules, such as ``muffin.filter.Decaf: Remove all signs of JavaScript and/or Java from HTML pages.'') nobanner (written in Perl), and ByProxy, which also covers streams other than HTTP. Related: Space Proxy; HTTP Proxy-Spy.
10. For PointCast users on Win95/NT, adchoice disables the ad window.
11. Other filtering technologies: OreO and the V6 Personal Proxy. A survey of filtering technologies by Christopher Browne covers spam, Usenet and the web. It cites a list of freely available software for filtering. For more see ZDNet's list of blocking and filtering software or Yahoo's list, both of which include Cybersitter and Net Nanny. ISP Netcom's Surfwatch has a monthly update service. Some of these products, such as Surfwatch and Cybersitter, allow the user to enter additional sites to be blocked, and some people add the URLs of banner ad networks. At least one company, Security Systems Software Inc., produce different products based on the same idea: one to protect children, another to monitor employees. The New York Times surveyed Orwellware products twice, including SpectorSoft, Websense, Little Brother, and Silent Watch. (1999/07/04) Related: eSniff, Stroz Associates' Narcware, Assentor. Counterpoints: the National Workrights Institute on electronic monitoring, and Privacy International on export of big brother technology. TechWeb reported that WinWhatWhere, a program that ``monitors all keyboard and application activity, then covertly e-mails a detailed report to the system administrator or the employee's supervisor,'' is adding a notification feature. Related: DIRT, and the Privacy Foundation Workplace Project. Counterpoint from Henry Nicholas III, president of Broadcom Corp.: ``If [our workers] are able to meet deadlines while playing video games all day, more power to them.'' (2000/8/8) Similarly from, George P. Schultz, Secretary of State: ``Putting trust in people will produce trustworthy people. That is the foremost of the many reasons against the widespread and routine use of lie detector tests. Management through fear and intimidation is not the way to promote honesty and protect security.'' (Speech, Washington DC, 9 January 1989.) [EPIC testimony on the Notice of Electronic Monitoring Act]
12. ``Derived from the Internet Junkbuster, LeanWeb is a tool for removing user-defined parts from Web pages... [it] is mainly intended for users of 3Com's Palm Computing Platform or a WinCE device who want to view Web pages on their handheld, without having to scroll through all the unnecessary clutter present on modern Web pages.''
13. Leading caching proxy Squid has since version 1.1.0 included an optional patch in http-anon.c that filters sensitive headers. Squid can also be used to block ads. It can be used with the Internet Junkbuster (for RedHat, see instructions by Stefan Waldherr.)
14. Stephen E. Dowdy illustrates how to use Netscape's proxy.pac to suppress ads.
15. The slogan of PrivNet Inc. was ``If it's out there, we can filter it.'' (Their domain name privnet.com doesn't seem to be out there any more.) Their client-side plug-in, called Internet Fast Forward, removed advertising and cookies, and caused a stir when it was first released. In November they were acquired by PGP Inc. The freeware version of IFF seems to have expired, and PGP say it is ``on hold'' and that they would give a status update by November 1, 1997. They now say to check back in December. In December 1996 they announced cookie-filtering software called PGPcookie.cutter. In December 1997 PGP was acquired by Network Associates (formerly McAfee). In March 2001 McAfee announced a product with a banner blocker.
16. When IFF was launched, DoubleClick's CEO was quoted in Web Week as saying ``I think it's a prank, and I don't think it will be allowed to catch on.'' Counterpoint from Kurumi: ``Sorry, advertisers don't have that sort of control over the internet, or the software you choose to run.'' A German company, MediaBEAM GmbH, said it has developed Web server software that can detect whether a home browser is blocking banner ads, Newsbytes reported. (2001/9) Gator was involved in litigation over its substitution of ads on the browsers of users of its software. [Internet News] (2001/8/28) [CNET] (2002/6/27)
17. ClearWay's AdScreen was withdrawn from the Web ten hours after it was originally posted. The company's CEO told CNET that the threat of boycott by sites using his company's other products ``was not his primary motivation for pulling the product.''
18. In DoubleClick's SEC filing the company stated ``Moreover, "filter" software programs that limit or prevent advertising from being delivered to a Web user's computer are available. Widespread adoption of such software by users could have a material adverse effect upon the commercial viability of Internet advertising...'' Other similar companies have made similar disclosures.
19. In Being Digital (p. 180) Nicolas Negroponte predicts that filtering technologies will become so effective that everything that gets through to you will qualify as news. (p. 180) He imagines ``an entire shopping channel, which, unlike QVC, sells only things you really want, not just zirconium rings.'' Counterpoint: RageBoy on Zero-Semantics Advertising (caution: uses strong language and subversive rhetoric).
20. Filtering push channels has been dubbed broadcatching. People unwilling to pay ``will have to eat infojunk,'' says MIT's Michael Dertouzos, author of Individualized Automation in The Computer Age and more recently What Will Be : How the New World of Information Will Change Our Lives. [On Privacy]
21. Banner ads are getting bigger and louder, up to 40k, though most bureaus impose a cap of 8k. Some ad executives believe conventional advertising is bound to fail on the Web.
22. Close Popup from Take a Hike Software closes popup windows from sites such as Geocities and Tripod. [Free alternative] Also: POW from AnalogX. [Cnet on popups] [Cnet on window spawn] Counterpoint: the PopUp Network [CNET] Various enhancements to the Internet Junkbuster have been proposed to filter popups.
23. Attempts by web sites to ensure that their ads are not bypassed using filtering technologies such as the Internet Junkbuster were first reported in a Wired News article titled Intellicast Smartens Up to Banner Bypass by Kristi Coale. They also covered our upgrade that thwarts the bypass technique.
24. The title of ComputerWorld's story said it all: Fiction site won't let Web surfers view content if they use ad-blocking software. (1999/7/8)
25. A mock press release from SAL imagines the technoplutocracy run amok.
26. A story in Wired News discusses X-Ray Vision and products from Finjan for filtering ActiveX and Java programs for Web pages. We recommend setting your browser to disable such programs at all times.
27. Various methods exist to paralyze animated GIFs. [David Simmons]
28. An online service called DeAd (Delete Advertisements From Online Content) provides ad-free versions of a few major sites, such as Yahoo.
29. A word from our sponsors? Not any more. A VCR from Thompson featuring ``Commercial Advance'' deletes commercials from recorded programs. Some manufacturers want to build TV blocking devices using the v-chip that might enable viewers to block advertisements, USA Today reported. (1998/7/22)

    More recently, devices called personal video recorders under brands such as TiVo and ReplayTV have the potential to edit out ads. (TiVo seems to have deliberately designed out this feature, but ReplayTV has a 30-second skip button.) But their nightly dialup reporting and targeted ads introduce privacy problems. [NY Times] [ReplayTV] [Variety on Replay/Neilsen] [Nielsen on Replay] [Slashdot on ReplayTV] [ZD] [IDG on AOLTV, EchoStar and UltimateTV]

    TiVo programmed its sets in England to record a BBC drama titled Dossa and Joe, whether the owners wanted it or not. The recording can't be erased for about a week. (2002/5/24) [The Register] [ZD UK]

    David Burke wrote the book on consumer privacy invasions in interactive television: Spy TV.

    One of our visitors asked whether we had any technology that would remove the ads from his Sunday newspaper. We hope some manufacturer of oversized fax machines looking for a new selling point will take on the challenge.

30. A story in Wired News titled Anti-Porn Algorithm Senses Shades of Smut describes ``ImageCensor,'' or ``Anti-Pornography Software for Windows,'' which disables the viewing of computer-based pornographic images and video. A later article in Wired reported a similar product to be unreliable.
31. There are also tools for filtering and browsing the enormous stream of images flooding through Usenet.
32. Some links on parental filtering, beyond the nannyware listed above: CNET's guide to porn-proofing, the Parents' Guide to the Internet: And How to Protect Your Children in Cyberspace by Parry Aftab and Technology for Kids from AT&T Research.

  Junk email (spam)

Angered by bad government in 1776, Thomas Paine wrote ``Our calamities are heightened by reflecting that we furnish the means by which we suffer.'' Many people in 1997 who are paying to receive junk email feel the same way. We think the problem is getting more and more serious. Our contribution to reducing spam is JUNKBUSTERS SPAMOFF: make them pay.

1. An excellent article in SunWorld includes a survey of legislative responses and some case studies of spammers.
2. The Largactil Café maintains an excellent set of links, including a section on spam humor.
3. Spam is so extensively discussed on the Web that it has its own category in Yahoo!.
4. They also have a different category called ``direct e-mail.'' They didn't make this up: Altavista lists more than a thousand pages touting this euphemism.
5. Some of the most popular sites on spam are listed by CNET (including us). They also have an article on forging email addresses.
6. The EFF also maintains a ``Net Abuse and Spamming'' Archive.
7. A nice table of state spam laws is one of the features of http://www.suespammers.org/
8. The ``Hacking in Progress'' convention includes a session devoted to spamming.
9. Tom Raynor's ``I HATE Junk E-Mail'' sets out several ways to protest against spam.
10. David Topping calls for support for ``O.J.E.N. - Outlaw Junk E-mail Now!''
11. John Rivard maintains a ``Stop Junk Email Home Page,'' which remarks on JUNKBUSTERS SPAMOFF's ``intriguing legal strategy.''
12. Gary McGath explains how to protect yourself against junk emailers and mailbombers, and includes tips on spotting and tracing fake addresses.
13. Julian Byrne provides detailed information on how to ``Get that spammer.'' Another wide-ranging source is titled Spam Delenda Est.
14. Todd Burgess provides detailed advice on tracking spammers through header information.
15. Webworker publishes a Report on how to stop spammers, describing how they get their lists, and praising our Spam Offer notice.
16. Robert Raisch wrote Postage Due Marketing, Revisited.
17. WD Baseley's Email Abuse FAQ includes a list of ``Abuse Addresses of major service providers'' where you can report spammers who used those providers to spam.
18. Marc Rotenberg of EPIC warns how spammers harvest (scavenge) email addresses from Usenet. We coined the term ``address scavenging'' because the euphemism ``harvesting'' implies that the harvester grew and owns the crop, which is not true. As Robert Hughes writes in the Culture of Complaint: `canning companies like to put out flackery about ``harvesting'' tuna, implying that their far-seeing executives had sown the seeds of the albacore and yellowfin and were now merely picking them when ripe.'
19. The term black webspiders was used by Steve Aitkins in an interview in Wired News.
20. Some people attempt to confound scavenging robots (a.k.a spambots) by placing ``bot bait'' on their web pages: fictitious addresses, or sometimes those of known spammers.
21. Tibor Beke considers the possibilities for a high-tech arms race of harvesters versus methods of disguising email addresses in Fending Off Automated Mass Electronic Mail: or, How to Distinguish Yourself from a Computer.
22. Mark Neely explains why junk email is unacceptable, and counters several arguments that have been used to defend it.
23. Bruce Miller published a guide for using Washington State's laws to get spammers to pay up.
24. Mark Welch comments on spam in general and AOL in particular.
25. Mark Eckenwiler explains how a Compuserve subscriber based a suit again spam on the TCPA using the argument that its provisions against junk faxes apply to junk email.
26. A comprehensive page of links was built by students in a course on computer ethics at North Carolina State University. (Also a page of readings.)
27. Many ISPs are adopting strong anti-spam policies and displaying them prominently. Here's an example from Heller, which includes requirements that incoming email must come from domains that accept reply email, and restricts outbound mail that does not come from a related domain (relay mail). Here's a collection of sample policies, such as MindSpring's Appropriate Use Policy (AUP). (aka Acceptable Use Policy).
28. One ISP, Indra, sends back scathing and witty replies to spammers.
29. Some ISPs have taken action against spammers, including ReplyNet.
30. The Jargon Watch column of the May '97 Wired defined spamouflage as ``Bulk email messages delivered from generic email addresses with innocuous subject headers in order to confound filtering programs and spam-hating readers.'' At the time it was published it had not appeared in Altavista, and the only entries in Hotbot were from Wired itself, but it has since caught on.
31. There are many sites where you can register to stop receiving spam'' (a list is compiled by Bob Mascott) but most spammers won't respect such lists.
32. A story in Wired News reported widespread consensus that the person who spammed 100,000 people ``inviting them to add their names to a master "don't spam me" list is wasting his time.''
33. The Direct Marketing Association has issued a set of principles for online and Internet marketing that includes spam and collecting data about children. They fail to condemn spamming; they simply recommend it be conducting in a certain manner, such making it easily identifiable as a solicitation and providing an opt-out mechanism. We think this shows a complete disregard for consumers' interests. The Association for Interactive Media has a more enlightened view of spam.
34. The web site of DM1 offers a ``preference service'' for email. (Though as we have said before, we think the word ``permission'' is more appropriate than ``preference.'') Users can state that they don't want to receive junk email, or that they do. It also includes a small number of categories where they encourage email solicitations, such as jewelry.
35. Commercial email is not spam if the addressee requested it. The only responsible basis for marketing by email is opt-in: send only to people who say they want it, versus assuming you can send unless told otherwise (opt-out). One of the earliest and most successful examples is NetCreations' Postmaster Direct. [Profile] Intellipost's BonusMail is an incentive program that gives people rewards to receive email. CatalogLink gets their email addresses from people who request printed catalogs and OK emailing. Online advertiser Yoyodyne stresses the need and benefits of gaining consumers' permission before trying to marketing to them.
36. In Spamming for Dummies Kristi Coale reports on software that helps spammers find addresses and transmit their junk.
37. Law professor David Sorkin maintains an excellent set of links on junk email.
38. There is an Internet discussion group called List-Abuse working to stop abuse of Internet mailing lists.
39. Occasionally some people, such as a reporter from ZD News, say "spam isn't so bad".
40. Despite widespread belief, reading junk email can't give your computer a virus (though it might trigger a pre-existing condition, and if you execute an attached program, anything could happen).
41. The GVU WWW survey found that about 80% of Americans receive spam, about 10% read it, and 4% claim to retaliate.
42. Roger Clarke maintains a page on Dysfunctional Human Behaviour on the Net as well as a detailed and focused page on Spam.
43. Carmela Sogono has published a poem on guarding your email address from spammers.
44. The Historical Spam Museum stores old spam ``on the remote chance that it may be of value to future net.archaeologists.''
45. And if that isn't strange enough for you, try alt.bad.clams, the SPAM Haiku Archive or Spam.org's poetry section.
46. The Hormel Foods Corporation produces a ``luncheon meat'' under the trademark SPAM. You can even buy branded merchandise at their Spam Museum. [CNET on the trademark issue] [Washington Post on trademark]

  Software for filtering and blocking spam

1. An anti-spam banner, abundant technical and other resources are provided by the Fight Spam on the Internet campaign.
2. A roundup of downloadable anti-spam software is available at http://ftp.cura.net/spam95.html or the ZDNet Software Library, which recommends Spam Exterminator (shareware). Also available for Windows: MailShield, SpamScan, SpammerSlammer, Fundi, Spamicide, SpamKiller, SpamScan 97, Spamex (Spam Exterminator). An apparently different Spamex creates revokable email aliases.
3. There's a Yahoo category for this.
4. Lucent's LPWA invented a system for producing ``revokable'' email aliases that can be used when submitting your address in forms on a web site.
5. A works on any web site with your internet browser and most of the latest Email programs. Once you download the invisiME Browser Extension called invisiME gives you a different email address for each company you deal with. Related: Mailshell.
6. Bill McFadden publishes a UNIX ® Shell Script to automate the sending of complaints to spammers and postmasters.
7. Net Services offers ``Spam Hater'' Windows software for free downloading. It analyses the spam and prepares a reply, including your choice of text (e.g. our Notification and Offer.)
8. The free mail demon exim is similar to smail 3, but with with ``defences against mail bombs and unsolicited junk mail in the form of options for refusing messages from particular hosts, networks, or senders.''
9. There now are also Anti-Spam Provisions in Sendmail 8.8. See also Using check_* for details on restricting relay mail.
10. Spam filters written in Perl 5 include: NAGS Spam Filter, Despam and Sic!

  Upstream technologies for blocking spam

1. Some filtering systems require previously unknown sender to quote a token in their message to avoid having their email bounced. Clearmail has the idea of displaying the token as an image.
2. Leading ISP Mindspring offers a blocking service called the Spaminator.
3. Panix has instituted a shared filtering system. Another ISP that offers filtering is KOS.
4. A proposal to ``link together all the blacklists of known spammers that are kept by Internet service providers'' was reported in Wired News and CNET. See also Blacklist Import Wizard (from Seattle Labs, which also has an excellent page of links), GazNet, Deadbolt, Makebait, and Wpoison, a botbait CGI. Related: Web poison and How to Hide Your email address from Webspiders.
5. Many companies offer an ``email address for life'' such as pobox,
6. Other companies that provides a permanent email address are NetAddress, RocketMail, and Hotmail. There are many such free web-based email services. Unless you pay, most attach ads to your incoming email and make show you ads as you read your email.
7. The spamometer is perl script that attempts to guess whether a given mail message is spam. It is mostly used with procmail [FAQ]. See also a tutorial on getting started with procmail.
8. Bitgate's Anti-spam project includes an anti-spam mail demon.
9. InNet sells Blocaide for Sun Solaris systems, a modified version of Sendmail that stops unauthorized use of a mail server. See also: BSDI MailFilter.
10. A passive-aggressive response to spam coming from blacklisted IP addresses is to use a teergrube, a modified MTA (mail transport agent) that holds open the connection for a very long time, slowing the spammer's output. This differs from a denial-of-service attack in that the service was requested by the spammer, and it's a delay rather than a denial. All mail can eventually get through, especially in small quantities unlikely to be spam.

  Legal issues in direct marketing

See also our pages on U.S. laws concerning direct mail and telemarketing.

1. Legal action by individuals against direct marketers is often made is small claims courts in their county of residence. On-line excerpts from the legal encyclopedia of Nolo Press answers some common questions about small claims; they also publish a do-it-yourself book titled Everybody's Guide to Small Claims Court by Ralph Warner (A new edition is due in January 2003, ISBN 0873378075. They also publish special editions for California.) A few such courts, such as San Mateo provide information on the Web on how to file and other procedures, some of which may be similar for other courts. Yahoo has a category with a few.
2. People who tape record inbound telemarketing calls for possible use in court may be interested in the RCFP's Practical Guide to Taping Conversations, especially the State-by-State table which specifies which states allow taping with the consent of just one of the parties (versus those requiring consent of all the parties).
3. Laws on direct mail and the USPS are Section 39 of the U.S. Code. We maintain excerpts.
4. All U.S. legislation, including 39 USC Section 3008, is available from the House's database.
5. A magazine article by Michael Worsham tells how he has used U.S. Postal Service Form 2150, to restrain over twenty direct marketers from mailing him. (Form 1500 has since superseded it.)
6. The American Teleservices Association maintains a list of pending bills.
7. In addition to the TCPA, the Telemarketing and Consumer Fraud and Abuse Prevention Act (1994) (15 U.S.C Sec. 6101 et seq.) (TCFAPA) is implemented as the FTC's Telemarketing Sales Rule (16 C.F.R. 310).
8. The Federal TCPA is ``odd'' commented Privacy Journal (98/5) ``in that it permits lawsuits against violators to be filed in state courts. This means that federal courts don't have jurisdiction over these lawsuits, even though they arise under a federal law.'' Nicholson v. Hooters of America Inc., 96-9149, (11th Cir. Mar 10). [NY Times on Hooters]
9. A list of references and links on Internet privacy is maintained by the Seattle University School of Law.
10. The Advertising Law Internet Site maintains a nice list of links.
11. Another: righttoprivacy.com
12. The Video Privacy Protection Act of 1988 was enacted in record time after an elected official was embarrassed by the publication of the titles of videos he had rented. But it included a specific exclusion permitting disclosure of the subject matter for the purpose of ``marketing goods and services directly to the consumer.'' So your local video store can't legally disclose to anyone the fact that you rented Debbie Does Direct Marketing, but they might sell your name and address on a list of people who rent videos in the category ``Instructional - Adult.'' CNET reported on AOL's deal with Blockbuster Video. New technologies such as DIVX record whenever you view their video disks, and sell this information unless you opt out. [Anti DIVX site]
13. The privacy of telephone records is protected by a federal law on Customer Proprietary Network Information (CPNI). The FCC's order on the CPNI rules is available in PDF format. Sections II and III discuss use of customer name and address.
14. Angela J. Campbell's journal article on Self-regulation and the media has a conclusion for privacy.

Copyright © 1996-2005 Guidescope Inc ®. Copying and distribution permitted under the GNU General Public License. 2005/10/17 http://www.junkbusters.com/links.html