View
576
Download
1
Category
Tags:
Preview:
Citation preview
Company
LOGO
Internet Technologies
Spam – October 11, 2005
100
200
300
400
500
100
200
300
400
500
100
200
300
400
500
100
200
300
400
500
100
200
300
400
500
Arcane Minutia
Easy Questions
How to Get An A in This Class
USC Football
Internet Technologies
It is loved by Margaret Thatcher, Vikings and Herbal Viagra Users.
A-A1 Game Board
What is Spam?
Is this Spam?
Questions
What is spam?
Is spam intrinsically Good Bad or Neutral?
What Makes Spam Bad?
Intrinsic
Transfers Costs to Recipient
Server Load Cost of Filters
Clogs Inbox at Expense of Legitimate Email
Scares Consumers
Contextual
False From Lines or Routing Information
Pornography Phishing 419 Schemes Viruses
What Constitutes Consent?
DoubleOpt-In
Confirmed Opt-In
Opt-In
Confirmed Opt-Out
Opt-Out
Implied Consent
Online Advertising
Advertising Revenue 2005 ($BB)
$11.60
$130.40
Online Advertising
Offline Advertising
Email Marketing
Email Mkt Revenues ($BB)
$0.16
$2.10
$6.10
$0.00
$1.00
$2.00
$3.00
$4.00
$5.00
$6.00
$7.00
1999 2003 2008
Email Marketing 101
Advertiser Product or Service
MarketerMailing List &
Transmission Capability
Marketing NetworkAccess to Network of Marketers
Consumer Consumer
Email Registration
Registration Page
“Selected Advertisers and Affiliates”
Legitimate Email Marketing Response Rates
Spamenomics: Supply
Spamenomics: Demand
Top spammers send 15 million per day
Estimated Response Rate: 0.1 to 1.0 %
20 percent of U.S. residents report buying products from spammers
30 percent have responded to spam
Spamenomics: Return
Example 1
Spammer Marketing for Client
Delivery Rate: 5 MM/day
Payment: $1.75 CPA
Annual Revenue 0.1% Response: $3,062,500 1.0% Response: $30,625,000
Example 2Spammer Selling Product
Product: Eavesdropping Software @ $40
Delivery Rate: 10 Million per day
Response Rate: 0.000005 % or 50 per day
Annual Revenue: $700,000
Fighting Spam:Private Sector Responses
Blacklists
White Lists
Spam Filters
Challenge/Response Mechanisms
Sender ID
Email Statistics
ISP's block an estimated 90% of spam
14.5BSPAM/Day
60% of all E-mail = spam (not % of what’s in inboxes)
24BEmails/Day
It’s estimated that there are ~ 24B E-mail messages per day
1.5B
Spam Filters
Billion Dollar Market – will increase 75% over next 4 years
False Positives – cost businesses $3.5BB in 2003 (Ferris Research)
McAfee Spam Killer 5.0 22.3% false positives (Source PC World)
Triggers Image Links ALL CAPS text Key Words (Viagra) From” Address Does Not
Match Header Opt-Out Mechanism Volume Blacklists
Legislative Response
1995-2003USA: Approx 40 states pass Spam laws.EU: Adopts Data Protection Directive, implemented in UK as Data Protection Act of 1998. Where email addresses collected from a person, must be informed of the purposes at the time of collection. Unsolicited Commercial Email must be “identifiable clearly and unambiguously”.
2002EU: Adopts Directive 2002/58/EC on Privacy and Electronic Communications
September 2003USA: California passes SB 186 banning email unless express consent to receive email from advertiser.
EU: UK Regulations Implementing EU Directive effective 11 December 2003
December 2003CAN-SPAM Act of 2003 signed by President Bush (preempts State Spam laws) – effective 1 January 2004
CAN-SPAM Act
Controlling the Assault of Non-Solicited Pornography and Marketing Act of 2003
Does not “CAN Spam” – except for wireless spam No “Do Not Email Registry” No “ADV” Requirement
Anti-Fraud & Disclosure Statute
Applies to an email where the “primary purpose” is commercial advertisement or promotion of a product/service
No volume requirement Is sending a resume subject to CAN-SPAM?
CAN-SPAM Principal Requirements
From line must identify sender
Subject line must not be deceptive.
Adult Messages must provide notice.
Requires Working Opt-OutMechanism for Advertiser
Postal Address for Advertiser
Penalties
Federal:
Up to $10,000 per violation Criminal penalties for fraud and email abuse (address harvesting and
dictionary attacks)
State:
$250 per email/ $2 million cap
Treble damages if willful violation
ISP Enforcement
$25 per email/ $1 million cap
Treble damages if willful violation
Is CAN-SPAM a Failure?
YES
Overall Compliance Rate January 2004 – 0.54% December 2004 – 7% Source: MX Logic
Major Online Companies 33% Fully Compliant 98.2% Compliance on
honoring opt-outs Source: Ariel Software
NO
No, CAN-SPAM is not a ‘miserable failure," as was widely misreported – Rebecca Lieb (ClickZ News 1/14/05)
CAN-SPAM is a tool that is being used
Multiple actions by FTC, State AGs and ISPs
AOL – 75% drop in Spam complaints in November
CAN-SPAM At Work
State Spam Laws
CAN-SPAM Does Not Preempt
State laws that “are not specific to electric mail, including State trespass, contract or tort laws”; OR other State laws “to the extent that those laws relate to acts of fraud or computer crime”
California Chapter 571 (effective January 1, 2005)
Prohibits e-mail using third-party domain without permission; falsified or forged headers or deceptive subject lines.
Private right of action - damages of $1,000 per email up to $1MM “per incident”
Michigan & Utah Child Registry Laws
Foreign Spam Laws
No Spam Legislation Industry Canada Anti-Spam Task-
Force Report in Spring 2005
Prohibits Spam, address harvesting, deceptive emails
Prohibits Spam – except May send UCE to existing
customer Does not apply to B-B marketing
(i.e., corporate email address)
Prohibits Spam Requires Legislation By Member
Countries – Not All Have Complied
Thank You
Recommended