Spam conjures up for most of us images of an oddly shaped Hormel can with a novel type opener containing a spicy ham product. However, in this technological age, spam has taken on a new and sinister meaning. In cyberspace, spam is the term given to unsolicited email that businesses send to computer users’ electronic mailboxes. Some have suggested that businesses should not be permitted to use spam. In this paper, I will argue that while historically the majority of spam is of questionable value, not all spam is worthless and businesses should be allowed to employ spamming techniques. However, it is my contention that any spammer should be subjected to the same parameters that guide ethical advertising. This paper will initially introduce the reader to what spam is and then show how businesses have successfully used automated tools to flood the internet with spam. It will consider what motivates a business to practice “spamming” as opposed to the more conventional types of advertising. Then, the paper will identify the economic costs involved in this new marketing technique. The discussion will be framed by the legislative bills and grassroots efforts that comprise the legal environment. And, finally, it will consider the ethical issues that surface with this hotly debated business practice.

Unbeknownst to most computer users, there are actually two different types of spam: Cancellable Usenet Email and. Unsolicited Commercial Email (UCE). The former involves massive off-topic cross-posting on Usenet newsgroups or LISTSERV email lists. Using these newsgroups and list, spammers will send email to forum on an unrelated topic. Spammers’ purpose here is not only to solicit known users, but also to procure the email addresses of “lurkers,” those who enjoy the lively interchange on a particular newsgroup or LISTSERV but do not contribute publicly to the discussion. Some forums will allow subscribers to easily obtain a list of email addresses enrolled by submitting a series of command strings in an email to the LISTSERV’s majordomo. However, because of possible abuse and an effort to protect privacy, access to many subscriber email lists has been restricted. Having explained this form of spam, UCE will now be studied more extensively and serve as the focus of this paper.

UCE is the spam most users are familiar with and the one that arouses the daily frustration computer users face when sorting through their email. Christopher Knight (1999) defines UCE very succinctly. His strict definition of spam or spamming, the process of sending spam, would be understood as “anytime you send emails to folks who have not requested information from you. There is no gray area. This is absolute.” This definition, however, is rather restrictive. Understood without discrimination or qualifiers, spam would then denote any email a business might send to make an inquiry, seek further information, or make a comment about something. A computer user would be prohibited from transmitting any sort of “feeler” email to search out for potential information, customers or relationships. Some examples would be businesses which may be looking for feedback on products a consumer recently purchased or individuals engaged in a genealogy or “lost classmate” searches. Under Knight’s definition, these rather innocent and honest emails would even be considered spam. Knight’s definition is not sufficiently refined to allow for distinctions. Some spam, the spam that most consumers, businesses, and Internet Service Providers (ISPs) have been complaining vociferously about in recent years, is worthless, but not all.

In a search for a better analogue, one that reflects the seriousness of the contentions that has been raised, the spam that is controversial might be best appreciated in a qualified perspective. While its definition as unsolicited email might be retained, it might be better understood as misleading and manipulative email sent by businesses or individuals for the purpose of solicitation through electronic advertising. It is the practice of inundating the internet with many copies of the same message in a cunning and deceptive attempt to force the message on people who would not otherwise choose to receive it.

Returning to the proposed analogy of the meat byproduct Spam, Time (1998) contended that “no World War II G.I. ever hated the canned meat.” However, most computer users detest its modern derivative that has disrupted the harmony and slowed the momentum when people interact with the computer. No one seems to be hungry for this type of spam and its nocuous effects. Spam reminds computer users of those annoying interruptions in public broadcastings asking for monetary assistance, the distracting inserts in printed matter, cumbersome third class mail, disrupting computerized or live telemarketing calls at inconvenient times of the day, or the plethora of flyers in one’s office mailbox.

These unsolicited commercial bulk emailings advertise for many reasons. AT&T Researcher Lorrie Faith and Microsoft Corporation’s Brian A. LaMacchia (1998) analyzed 400 pieces of email classified as spam sent to an AT&T domain during the months of March, April, and May 1997. They then grouped them and produced the following diagram which charts the types of products and services advertised in their samples:

The most popular and the two that seem to be raising peoples’ ire regarding this issue are the “get rich schemes” and “pornographic sites.” The remainder of spam messages market services or products which result in fraudulent solicitation and dead-end invitations.

There tends to be general agreement regarding the compositional elements of a typical spam message. It is an email message from an individual or business with whom one had no prior relationship. Most often, the company is not well known. There is no clear identification of the sender; the sender’s email address is either fictitious, created solely for the purpose of spam, or has been stolen. The email advertises an illegitimate or at best a shady or misleading service. A user’s efforts to be removed by contacting a webmaster are generally ignored or could result in further emails.

Now, admittedly, computer users have been willing to contend with the regular stream of spam that they have found in their emailboxes each day. If a sender’s address is foreign to a user or the subject of the message is commercial in nature and unappealing, the delete button could easily be hit and the message discarded. Simply deleting emails from unknown senders has created a number of problems though. A known sender might have moved to using a different email address, or perhaps using one from work. Or in other cases, the delete button might be hit indiscriminately and accidentally delete important email.

Even as users have learned ways not to let spam get overly annoying or distracting, spammers have crafted emails to further dupe people into reading their email. Some clever dubious subject lines might read: “It’s been a long time,” “Re: your order confirmed,” “found what you asked about,” “did we go to the same high school?” “thanks for your mail,” “here’s your info,” and the like. Some of these emails when opened only become nastier variants misleading people to websites. Once at the website, users attempt to exit the website, often peddling commercial wares or soliciting sexual material or other sleazy stuff. Users’ efforts have become more and more futile as spammers now trap users in the web redirecting them to other websites. The presence of spam and its unceasing proliferation has become one of the more controversial topics; it eclipses users’ appetites for email usage, and leaves a bad taste in most peoples’ mouths.

There is little denial that the internet has become a major industry for commerce. Spam has helped promote its growth. According to “The Official Site of Spammers Anonymous,” C-Net reports a half billion spams are sent daily accounting for 30 percent of internet traffic. That translates into 8 spams per person. Business transacted on the internet has escalated exponentially.

One of the reasons for this is that it is relatively inexpensive to do so. Companies that have regularly advertised through printed materials can turn to the internet with ease. Startup and maintenance amount to considerably lower costs compared with the exorbitant costs of printed advertising.

Legitimate business owners have created brilliant websites for presenting their offerings and conducting business. Shady or illegitimate business owners have also designed incredibly attractive and alluring websites to conduct business. The latter have also used spam to direct consumers to their site in a rather questionable way. In doing so, they care little if they upset most of the people the email is directed to because there will always be some percentage of consumers that will make their efforts worthwhile.

Another motivating factor for businesses using spam is the easy and quick availability of mailing lists. Businesses do not have to spend exorbitant amounts of money for mailing lists. And, unlike printed mailing lists, these can be used as frequently as a business desires. An example of this would be America Online (AOL) which seems to be the “greatest and most lucrative conquest” of all spammers. It is relatively easy for a spammer to harvest addresses from AOL. Accessing the AOL’s Member Directory and People Connection can yield numerous addresses. What is also significant is that these addresses can be targeted for a particular audience by entering the particulars one wishes to search for. Despite AOL’s efforts to purge spam mail from its system offering users this option through Preferred Mail , it just seems not to work.

Other ISPs report similar vain attempts to block spam from entering their networks. Fox (1998) concedes that the popular online service provider Compuserve is powerless to stop spamming of its network’s customers. He anticipates his company’s release of Compuserve 2000 will prevent spammers from infiltrating the online service provider.

If a business does not have the resources to generate bulk email lists, there are plenty of resources available on the internet. These are called “spammers for hire” similar to conventional mailing houses that will stuff, lick and stamp snail mail, a name given to the traditional way of posting letters. Spammers for hire can be acquired through a search on the net. Some companies include the “AAAAA #1 Emailer” <http://www.doodlesclub -funhomebiz.com/Emailer.html> and the “Bulk Email Barn”, <http://bulkbarn.com>. These and other bulk mailing companies will offer businesses cutting edge mailing lists, fresh each week. If that is not enough, there is a course on the computer on how spammers might increase their skills at direct marketing through the internet <http://www.pslweb.com/cgi-bin/psl_ord.exe?item30812>!

Schwartz and Garfinkel (1998, 5), remarked in their text that “a typical computer user connected to the Internet over a 28.8 kbps dial up modem can send more than 100 email messages a minute, which translates to 864,000 mail messages a day or 26 million in a typical month.” The costs involved for the sender amounts to little in terms of time and money. In turn, it can yield an incredible return on the investment which might only amount to pennies.

It is the computer user who bears the majority of the costs involved with spam. Payment occurs when a user is “taken” by the spammer and pays for services or products never to be realized. This happens more frequently than one might expect. Schwartz and Garfinkel (8) spoke about this in their text: “Spam makes it easy for scam artists and hucksters to prey on some of the most vulnerable members of society.”

There are also the hidden costs masked as “yearly access fee increases” to help the ISP provide better service to the users. This refers to dealing with regular disruptions to the integrity of the systems like spam. An ISP simply passes their costs down to their subscribers and stakeholders. The incredible volume of spam taxes the bandwidth of the internet slowing it down; this is not helpful in an age when subscribers are clamoring for faster connections. It also increases the dial-up costs by extending the time a person spends reviewing email. When spammers use a false email address and users attempt to respond to that address, the email bounces around in cyberspace loops creating huge administrative loads for ISPs. One website, “The Great American Pinkout,” has calculated that ten percent of a user’s monthly bill for internet access goes to support spammers sending their unsolicited bulk email. This covers an ISP’s upgrades in hardware, additional staff, and increase of bandwidth to handle the augmented workload.

Other hidden costs involve the claims made on two precious human resources: time and energy. Computer users can spend hours attempting to identify the original sender of an email. Researching and acquiring the latest filtering programs designed to kill spam might initially be of assistance. These programs scrutinize an email message and its header, body and any attachments against regularly updated lists of known junk mailers and certain rules defined by the user. However, setting up and regularly updating the parameters take time, and the software can be costly.

Creating two screen names, one for serious email and the other for browsing the web and participating in mailing lists and LISTSERVs, might seem like a suitable solution. Yet, no one wants to be bogged down juggling different accounts. For some, the proliferation of spam has led some to engage in non-virtuous countermeasures. People will download email bombs and send threatening emails to a spam’s webmaster; that is, if they can be accurately identified! Such extreme behavior can lead users to even to consider illegal tactics like “demon faxing” and ignite what is popularly known as a “flame” war.

It is understandable then that consumers have been persistently vocal in their reactions. They contend that spammers get a free ride promoting garbage on the internet. This sheer volume of refuse is masked very cleverly so that it has become harder and harder for users to ignore business’ tricks and hoaxes. Their concern also lies in a possible theft of resources: a person’s screen name, anonymous remailer identity, or mailing lists.

Despite consumer reaction and anti-spam campaigns, spammers continue to be inured. Popular anti-spam campaigns have been formed, such as the Computer Professionals for Social Responsibility (CPSR) and the Coalition Against Unsolicited Commercial Email (CAUCE) and international ones like the Fighting European Spam (EuroCAUCE) and Australia’s Coalition Against Unsolicited Bulk Email (CAUBE.AU). These groups have published informative articles on their homepages in order to alert users to the negative email environment spam has created and to ways to “fight the good fight.”

Conveying accurate and updated information to the public is important for these groups. In July 1998, the Federal Trade Commission posted the twelve most common scams by spammers on their website. AOL, in an historical public display of its dismay with spammers, published on its website in 1998 a list of the top ten most wanted spammers. Additionally, individual ISPs have outlined in their terms of service agreements that spam will not be tolerated. Part of AOL’s policy reads as follows (what they outline as their full stance towards spam has been omitted for the conservation of space):

Unsolicited bulk e-mail is strictly prohibited... AOL also reserves the right to take any and all legal and technical remedies to prevent unsolicited bulk e-mail from entering, utilizing or remaining within the AOL Network.

Hotmail’s policy underscores the same seriousness with which they will not tolerate spam:

9. NO SPAM; DAMAGES: Hotmail will immediately terminate any account which it believes, in its sole discretion, is transmitting or is otherwise connected with any spam or other unsolicited bulk email. In addition, because damages are often difficult to quantify, you agree to pay Hotmail liquidated damages of $5 for each piece of spam or unsolicited bulk email transmitted from or otherwise connected with your Hotmail account, or Hotmail's actual damages, whichever is greater.

A lesser known ISP, Freeside Communications, Inc., even incorporated a rule against spamming in its terms of service, although I would be slow to agree with this ISP that spamming is a violation of US law. That would seem to apply only if there is a theft of services or persons involved. Their policy reads as follows:

In email, spamming is the sending of unsolicited email (usually to large numbers of people), which is a violation of US law. On Usenet, spamming is the posting of a message to several inappropriate newsgroups. If we learn that you are using your Freeside account to spam (and someone will report you to us!), we will terminate your account. Period.

While these and other ISPs alert users to their policies concerning spam, they seem to have little control over businesses who use their networks to spam their subscribers. Spammers have turned to illegal tactics and stolen screennames and passwords from individuals on particular ISPs making it incredibly difficult to trace the origin of an email.

Legislation has been introduced to the halls of congress to address this volatile side of email. The Netizens Protection Act of 1997 (H.R. 1748), the “Smith Amendment” after Rep. Chris Smith (R-New Jersey) the bill’s sponsor, would extend the junk or unsolicited fax ban in the Telephone Consumer Protection Act of 1991 to include email. The Unsolicited Commercial Electronic Mail Choice Act of 1997 (S. 771) brought to the floor by Sen. Frank H. Murkowski (R-Alaska), legalizes spam and requires unsolicited emails to include “advertisement” as the first word of the subject line. Spammers would have to clearly identify themselves within the body of the email. This Act would also give the Federal Trade Commission regulatory control over spam.

The Electronic Mailbox Protection Act of 1997 (S. 875) introduced by Sen. Robert Torricelli (D-New Jersey) would make it illegal to send unsolicited mail with a fake or untraceable address or from a masked source. And, finally, the Data Privacy Act of 1997 (H.R. 2368) introduced by Rep. Billy Tauzin (D-Louisiana) would place control of spam on bulk emailers who would be responsible for the establishment of voluntary guidelines. Industry representatives would monitor spam and require businesses to honor requests for removal from lists as well as prohibit harvesting from online services. Some have suggested that this would be absurd, similar to giving inmates the responsibility of running a correctional facility! While these four bills continue to be debated, other legislation at state level seems to be moving more quickly. One such example of this is the Virginia legislature.

In February 1999, the state of Virginia became the first in the Union to adopt legislation that deems spam a criminal act. People sending spam would risk criminal prosecution. Zdnet (1999) reported on its possible impact: “The measure would have far-reaching implications because about half of the nation's Internet infrastructure is routed through the state.” Coincidentally, Virginia is home to AOL’s headquarters that boasts 16 of the 50 million U.S. internet users. Groups, such as the Direct Marketing Association, upholding the value of free speech, were expected to challenge this bill. The press release from Zdnet also conveyed the sentiment of the ACLU when they learned of the introduction of this bill: "expression is protected in the commercial context as well as the noncommercial context, and no one has yet to come up with a valid or compelling state interest in limiting the way e-mail is sent." However, if passed, spammers in Virginia could face felony charges as well as being responsible for punitive economic remuneration. Other states could follow.

Essentially, spam seems to have replaced conventional bulk emailing permanently. Culling and harvesting email addresses from database listings offers a vastly cheaper way for businesses to cultivate customers and grow in profit. Despite “zero tolerance” stances and the enforcement of clauses, it seems that it will continue unabated. What is clear is that something has to be done; ISPs have finite capacity and cannot afford to be disrupted by spam. As legislation is bantered about, ethical issues are beginning to surface, some old and some new.

Spam has raised the perennial issue that has been raised with all computer activity: privacy. Privacy is a prized value. People who are spammed often feel violated and their security compromised. They want to know how a spammer got their email address and quite possibly other information. In attempting to remove themselves from any lists generated by a given sender, emails are often returned with the notice “no such address.” In fact, sometimes, efforts to be taken off mailing lists may result in being put on other mailing lists and receiving further unsolicited emails.

For people whose privacy has been threatened by the inundation of spam, internet communication no longer is a lively and energizing activity, but one which has been taken over by the process of having to weed out a lot of junk mail. Control of their autonomy seems to be at stake, as they can no longer exercise the flow of information into the emailboxes. The CPSR stated that spam is a “nuisance, as it can have a negative impact on the effectiveness of this very inclusive communications medium called the internet.”

A further issue is the means a business used to get an individual’s email address. The spammer might have stolen resources to acquire email addresses, forged email headers, or used servers to relay their spam in way for which they were not authorized. That was the case recently as Troy Wolverton of CNET news and Jeff Wilson described how spammers’ quick and fraudulent use of information generated by certain websites has diminished the excitement and promise of e-commerce. They recognized the success of e-commerce has led many businesses to take advantage of creating a website; often they do it quickly and don’t concern themselves overly with security. For those businesses without technical expertise, flaws in software make grabbing names, addresses, and even credit card numbers rather easy.

Another plausible ethical consideration that needs to be unearthed is tied up with advertising ethics. This shifts the focus from whether or not the spammer has a right to spam to the content of the email message. If a reasonable consumer is deceived or misled by information that is factually untrue or potentially misleading, then the spam is unethical in itself. In turn, the business and processes surrounding the email would be ethically questionable. However, difficulty lies in judging the whole process of spamming as unethical from forms of spam that are deceptive. At the very least, the process of spamming should be susceptible to ethical guidelines similar to those guarding the integrity of printed advertisements.

Any business seeking to use a spamming technique for marketing its services and products should accurately represent themselves. Somewhere in the email’s content a business should clearly identify themselves and ways that they can be contacted. Further, the consumer should be given correct information as to how s/he might purchase goods or services or opt-out, that is be removed from a business’ database. It is my conviction if honesty prevails on the internet and not misrepresentation or abuse, the value of email can be restored to a new and more dynamic level.

Some have suggested that government regulate spam. In a recent CNN interactive poll 64% (7201) of those questioned agreed while 36% (4078) said no. It would be rather difficult for the FTC to enforce legislation of the world wide web. Businesses themselves need to take responsibility for sound ethical practices on the internet. If they want to use the internet as a viable source of solicitation and marketing, businesses need to work towards ethically responsible behavior which includes a greater respect for privacy and increased concern for truthful advertising.

The commercial nature of internet is inevitable; business has and continues to be conducted on the internet. Wilson (1999) noted that consumers spent $9 billion online last year. Spam, in its misleading and dubious ways, has polluted the internet and damaged legitimate commerce. The CAUCE site reflects this in the prominent place they give to a quote by MCI’s Senior Vice President and acknowledged “Father of the Internet:”

Spamming is the scourge of electronic-mail and newsgroups on the Internet. It can seriously interfere with the operation of public services, to say nothing of the effect it may have on any individual's e-mail mail system. ... Spammers are, in effect, taking resources away from users and service suppliers without compensation and without authorization.

In essence, misleading and manipulative spam has gotten out of hand and threatened the integrity of email. People are tired of the time consuming hoaxes and financially taxing scams some businesses use. Businesses need to work towards creating an internet environment where email is used in responsible, honest, and ethical ways. In addition to presenting an truthful identity, using authorized relay mechanisms, and offering users a way to “opt-out,” is the establishing of guidelines by businesses that would guide advertising on the internet.

As mentioned from the onset, I am not an advocate for doing away with bulk emailing, but setting parameters by which businesses may use email for commerce and possibly even flourish. The introduction of “ADV:” before any unsolicited email might resolve the escalating concern around spam. This would level the playing field allowing an ISP to regulate amounts of email from specific websites or email addresses. This would be similar to the way the U.S.P.S. deals with third class bulk mailings. They do not reject it but deliver it when resources are available. A practice like this would continue to offer businesses the ability to use a reasonably inexpensive method to peddle their wares or services on the internet. Perhaps, most importantly, it would give the individual computer the freedom to choose whether or not to open up an email. Thus, the usefulness and expediency that email has historically provided would be protected and enhanced.

“AOL: A Spammer’s Paradise,” http://www.aolsucks.org/spam/.

“Blacklist of Internet Advertisers,” http://math-www.uni-paderborn.de/~axel/BL/blacklist.html.

< /DIV>

[fnA]Patrick Flanagan
Loyola University Chicago
2233 North Kenmore
Chicago, IL 60614-3504
773.880.8705 (vox)
773.880.8750 (fax)
pslfcm@aol.com

© 1999 Patrick Flanagan. Published with permission of the copyright holder.

---