Secret CIO: It's Time To Slam Spam Once And For All
Some time ago, I commented on the increasing amount of junk E-mail most of us are receiving ("Swimming In A Sea Of Spam," May 21, 2001, p. 122). It's gotten to the point I'm afraid I'm going to wind up with carpal tunnel syndrome from the repetitive motion of hitting the delete key. Besides my normal plague of meaningless business E-mails, I get a lot of stuff sent to lovelace@home. Interspaced with the letters from readers, which I thoroughly enjoy (please don't stop), are some really strange unsolicited messages--get-rich schemes, potions to enhance various body parts (several of which are gender-specific), and some really vile pornography.
Like a naïve neophyte, I first tried to stop the garbage by responding with a request to remove me from the distribution list. After a while, I realized that all I was doing was letting the spammer know my E-mail address was valid. Undaunted, I moved onto my next defense. With righteous indignation, I began to forward every message to "Abuse" at the indicated Internet service provider site, thus letting them know how their mail servers were being polluted. My fervor was somewhat diminished when I consistently got back automated messages telling me (pick your choice) that 1) the account was no longer active, 2) the ISP was spoofed so it didn't come from them, or 3) the foul deed was being investigated.
I became really annoyed and decided to take action. After all, as I told Cindy, I didn't become a CIO by sitting back and letting others decide my fate. It was time for the big guns.
My next step was to enlist the full support and righteous indignation of our national government. I forwarded the stuff to the Federal Trade Commission at firstname.lastname@example.org, an address I had dutifully copied down at a seminar where one of their officials talked about the need to get rid of the trash coming through our E-mail. She had told us, with a knowing smile, that the FTC was well aware of what was going on and had every intention of prosecuting people who violated the fraud or pornography laws. Naturally, I've never gotten a response from the FTC and the same junk continues to appear in my computer mailbox.
Feeling frustrated, I finally accepted my lack of control over the situation. So, like most executive types faced with an insurmountable problem, I changed my focus from trying to solve it to intellectualizing about how I became involved in the first place. Why was my nom de plume on these lists?
I came up with a few possible answers. First, there are publicly available directories of selected names and contact information. Second, some merchants and sites sell their E-mail records. Opt-in to get something on the Web, or give out your E-mail at a store, and you wind up on a list. Eventually, these lists may get sold to peddlers more interested in revenue than in how the information they hawk is used. Third, one of the more obvious ways that spammers get E-mail addresses is to pick a common word or name and then append all the ISP names they can think of, such as email@example.com, firstname.lastname@example.org, etc.
I suspect you're as fed up with junk E-mail as I am. It's time to get serious about spam. The people in Washington have been fooling around with this problem for several years without coming up with legislation to protect us. Maybe we give less in campaign contributions than those companies that profit from sending us unsolicited E-mail, but we need to be heard.
I have four specific suggestions:
Legislate that no one is allowed to sell or barter a mailing list with our names on it without our informed consent.
Treat abuse of E-mail with the same attention that we treat fraud and pornography sent through the U.S. Postal Service.
Require that every message contain a legitimate return address where a response with REMOVE in the subject line deletes our names forever.
Vigorously enforce steps 1, 2 and 3.
Opponents will say these steps are too costly for companies, too expensive to enforce, and technically not feasible. "Frankly, my dear," to paraphrase Rhett in Gone With The Wind, I don't care about the costs to people who are stuffing my electronic mailbox with junk and worse. And let fines help defray the money spent on enforcement. Technical feasibility? Many computer wizards and network administrators can come up with good ways of blocking any site or mailbox that doesn't follow the rules.
Perhaps the results won't be foolproof, but let's get started. The Internet is too valuable and E-mail too useful to bury it under a mountain of junk--and slime.
Herbert W. Lovelace shares his experiences (changing most names, including his own, to protect the guilty) as CIO of a multibillion-dollar international company. Send him E-mail at email@example.com and read his online column at informationweek.com, where he'll provide real--and sometimes whimsical--answers to your questions.
5 Top Federal Initiatives For 2015As InformationWeek Government readers were busy firming up their fiscal year 2015 budgets, we asked them to rate more than 30 IT initiatives in terms of importance and current leadership focus. No surprise, among more than 30 options, security is No. 1. After that, things get less predictable.
Join us for a roundup of the top stories on InformationWeek.com for the week of December 14, 2014. Be here for the show and for the incredible Friday Afternoon Conversation that runs beside the program.