How ISPs and Organizations Can Fight Spam

Protecting privacy is an essential service

Spam is bad for business

ISPs and other companies and organizations suffer badly because of spam. If all the work hours lost by people processing junk email were added up, the bill would be substantial. However, large organizations are in an excellent position to put an end to it, because they have the resources for concerted action against it. This page describes some ways that this might be done. We are not offering legal advice in any capacity: each organization must decide for itself what to do

Options for organizations to consider

The word ``affiliates'' is used below to cover employees, volunteers, and customers with email accounts on your company's computers.

Set up procedures for affiliates who receive spam to report it, and publicize them. Typical steps include setting up an email address called ``abuse'' where reports and comments are sent. It may be helpful to have a separate address called ``spambin'' where affiliates can forward copies of spam without comment. Tell affiliates that the standard procedure when they receive spam is to forward it to the ``spambin'' and then archive or delete it without responding to it.
It might also be worth repeating the organization's policy stating that affiliates must not send spam or encourage it to be sent to any of the organization's computers. You may want to establish a web page or other place where affiliates can read about the action being taken to stop spam.
Appoint a person to be responsible for monitoring the reported spam and tracking down its major sources. Other duties might include liaison with legal staff. If you have been appointed to this role and would like to keep in touch with us on this topic, please tell us using our Feedback form, choosing ``Nominate a SPOC (Single Point of Contact)'' from the ``Purpose'' menu.
Adapt our Notification and Offer used by individuals, after appropriate consultation with stakeholders. A sample adaptation is given below. Provided that you include the copyright and license notices, you are free to modify and use it as permitted by the GNU GPL. We urge organizations to take care to address Spam Offers only to real spammers, and not disrupt legitimate commercial activity.

A sample ``Notification and Offer'' adapted for organizational use

The person issuing such an offer should be of sufficient rank to make it clear to both spammers and affiliates that the issuer has the authority to speak on behalf of the whole organization. The CEO or managing director might be appropriate. It might be worth signing all such messages using a cryptographic tool such as PGP, to discourage spammers from claiming they received a different message.

Take notice that our organization is unwilling to receive or process bulk solicitations freely by email, and that if you send such email you may incur certain legal and financial burdens.
I write as a fully authorized representative of [Insert Organization Name], to which I refer with the words ``our organization'', ``us,'' ``we'' and ``our'' in this document. We do not want to receive bulk uninvited solicitations by email (``Junk Email'') to any addresses ending in the domain [ourorganization.com]. By ``bulk'' I mean the practice of sending more than three identical or similar messages to addressees of who one or more have email accounts affiliated with our organization. This practice costs us money due to telecommunications charges and the time spent by our affiliates processing this email. If you send us any Junk Email other than on the terms of the offer set out in the following seven points, we will take this to mean that you plan to use what was offered you without paying for it. If you ever try to do this we reserve our right to take any action available to us without further reference to you. Actions available to us include taking proceedings against you for negligence or breach of contract, which may result in substantial damages being awarded against you by a court. The unauthorized use of our computing facilities may even be a crime. If you send us any Junk Email without express prior written consent from me or an officer of our organization this will be taken as your acceptance of this offer. Each individual affiliate may give you permission in writing to send email to him or her.

We offer to receive all further email from you on the terms set out below. If you send us any Junk Email without our express prior written consent this will be taken as your acceptance of this offer.
For the purposes of points 3 and 4, you will be taken to have sent any email sent by any entity associated with you for the purpose of sending email solicitations.
You must pay us ten US dollars for each copy of each such item of email that you send us.
You must mail payment to [our organization's address] by certified check payable to our organization within five working days of the transmission of the email.
Each email item must be uniquely identified, and each payment must clearly identify the relevant item or items.
You must disclose your name and full business and residential addresses in each email message.
We may vary the terms of or terminate this offer at any time (even after you have accepted it). Any new terms will apply to all email you send after you have been notified of a variation.

The copyright of some or all of the above text is held by Junkbusters Corporation and is used here in accordance with the GNU General Public License, copies of which are available at www.junkbusters.com or from the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA

What about the right of the individual to receive spam?

Although it may sound strange at first, organizations should consider that some of their affiliates may object to anyone telling others not to send them email. America Online has stated that some AOL members have told them they want to receive spam, so they made blocking an user-controlled option on their mail handler. Their recent litigation against a spam factory has shown that the legal issues may not be clear cut. We can't solve these issues, but we offer a few observations to consider. Employers are in a somewhat different position from ISPs.

Employers have been trashing junk for years

Many companies discard physical junk mail before it gets from their mail rooms to their employees, so they will probably do the same for spam. Some employees might have objections to this, probably based more on principle than law or any real desire to receive spam.

ISPs must consider how to best serve their customers

An ISP is in a different position: its customers are not its employees, and some might have a stronger argument about being ``unwillingly deprived of the opportunity to receive materials,'' as the Supreme Court said of the U.S. Post Office. ISPs aren't common carriers, so they could make it is a condition of service that they have the right to block spam, leaving anyone who doesn't like it to switch to another ISP. An extreme solution would be to offer customers the option of an email address in a separate subdomain where spam is not discouraged. Our guess is that few people would choose it.

An ISP or online company with a reputation as a popular target for spammers has a disadvantage in the marketplace, but one that can show its vigilance in protecting its customers from spam has an advantage.

Our goal: make the Internet a junk-free zone

Fighting spam is an expensive, time-consuming chore. We don't think that suing spammers will ever be a profitable activity. But organizations should consider that if they are more effective in deterring spam, they will improve the quality of life of the people who use their computer systems. We hope that every company will demonstrate by its actions that spam is not an acceptable use of the Internet.

Home · Next · Site Map · Legal · Privacy · Cookies · Banner Ads · Telemarketing · Mail · Spam · Opt Out