Duncan Wilcock

T: +1 (604) 379 0224

Tuesday, June 20, 2006

[CR] Spam Tax

Doing my dishes this morning, I think I came up with a policy to combat SPAM that actually could work - both from a technical & implementable policy perspective. Ready for it?

Spam Tax - actually, probably more like a fine or a ticket, but "Spam Tax" has such good sound-bite potential don't you think?

I should qualify this - actually this is the 2nd policy that i have come up with, but the first one is not nearly as palatable & is less likely to be implementable for that reason. The first (unpalatable) one: each email costs money to send. Maybe only a penny, or a fraction of penny, but if it costs some money, it will get cost-prohibitive to send 10 000 or (10 million for that matter) emails.

I don't like this option because it introduces a cost to legit users, which isn't as fair as it could be, not to mention that technically it would be quite a challenge, now that the internet has been largely deployed without these kinds of cost controls.

Spam Tax: So here's the option I came up with this morning:

For each Spam recieved, charge the Internet Service Provider a fee - again a small amount - perhaps a a fraction of a penny. What this would do is a) eliminate charges for legitimate emails b) localize a global problem so that accountablity becomes a realistically solveable problem. (in my opinion, localization & community are the natural & most effective enforcers of accountability, and losing accountability is one of the down-sides of globalization - but that's for another post...)

So how would this work? Well - Say Person A) is getting spam for Enlargement of this or that. Through a central spam reporting agency, they submit the email as abuse. Contained in that email is a trail of information (in the header) that tracks where the email came from. The central agency looks up the owner of that IP address & charges them. Owners of IP addresses tend to be large-ish organizations, that have to pay rental/property tax on their IP addresses eventually, so sooner or later you would get the money out of them. That organization then has a fiscal incentive to stop that SPAM originating from them. There may be enough information in the SPAMed email so that they could track the offender down, and with enough incentive they no doubt would.

The fee is small - a fraction of a penny, so that it doesn't add up to much for occasional mistakes in filing, or small infractions. But if there are 10000 or so complaints, the amounts get significant. Again - this is the needed incentive, and the policing is on a realistic scale. The ISP is in also in a position to be able to grant or deny access to it's network if necessary.

Ok - so what about people falsley reporting SPAM? Well - the accused would have to be able to appeal the accusation - to a central body, the one that organizes reporting machinery. The fines for falsely reporting spam would have to be substantial - substantial enough to grant incentive to avoid false reports, but not so substantial that organizations are discouraged from reporting SPAM.

I think that would work, both technically & politically. It wouldn't be easy of course, but i've read some high estimates of how much traffic SPAM uses up - there really isn't much of a theoretical limit to it - other than (Shannon's Channel Capacity theorem :) ) If the problem is big enough, a realistic solution will be implemented. I think this is a realistic solution. What do you think? (I'm about to email this to my Bro the computer scientist for some qualified opinion. - I'll let you know what he thinks... )

Over & Out.