FTC:
Consumer Privacy Comments Concerning The
Voters Telecommunications Watch--P954807
Preliminary Comments to the
Federal Trade Commission on
Unsolicited Commercial Email
EFF-Austin
EF-Florida
Voters Telecommunications Watch
June 2, 1997
CENTER FOR
DEMOCRACY
and
TECHNOLOGY
1634 Eye Street, NW
Suite 1100
Washington, DC 20006
- Table of Contents
- I. Introduction
- II. Survey results
- III. Costs of unsolicited email
- IV. Responses to unsolicited email
- V. EFF-Austin spam analysis
- VI. Summary
- VII. About the authors
- Attached figures
- 1. Drawing: "Costs of Spam to Internet
Service Providers"
- 2. Drawing: "Costs of Spam to Internet
Users"
- 3. Drawing: "Spam filtering points"
- 4. Copy of VTW Internet User Survey
- 5. Copy of VTW Internet Service Provider Survey
- 6. EFF-Austin Spam Examination: Types of Spam
- 7. EFF-Austin Spam Examination: Spam per month
- 8. Mail filtering techniques spreadsheet
I.A. Introduction
Few issues have been as hotly debated on the Internet
recently as unsolicited commercial email. Just as the
cost of telephone or cable service, the issue of junk
email touches everyone with an email address and has
brought forth opinions on how to deal with it in a volume
unseen since the debate raged over the Communications
Decency Act.
This paper is a sampling of the costs and technical
methods of dealing with the junk email issue. It
describes the various ways in which junk email costs
Internet users and Internet Service Providers, and the
technical ways that they are dealing with it today. It
brings together some disparate data collection efforts
underway by EFF-Austin, EF-Florida, and the Voters
Telecommunications Watch.
I.B. Survey Overview
In preparation for the Federal Trade Commission's June
10-13 workshop on Consumer Online Privacy, we prepared
two surveys to form the basis of our filings. First and
foremost, we wanted to gather some basic factual data
about the state of the junk email issue. Anecdotal cost,
volume, and technology information seemed lacking in the
debate. In fact two of the FTC's questions seemed
interested in the costs and technological solutions to
the issue. It quickly became obvious that there was a
dearth of basic knowledge about how much junk email costs
individuals. In an issue where emotions and opinions run
high, a lack of knowledge can be fatal.
The survey was begun in mid-April, right before Tax
Day. At its height, the survey received over 300
responses per day. The survey was designed to take the
respondent's answers and send them to the survey
coordinator and the respondent in email form. The
presence of email filtering technology available in
Eudora 3.0 on the survey coordinator's laptop made this
survey somewhat self-referential, as the problem of junk
email is a subset of a larger problem of how to manage
large amounts of incoming mail.
Over 2,700 people answered the user survey, and 60
Internet Service Providers (ISPs) answered the
institutional survey. They are truly the heroes of this
issue, as every one of them enriched all of our knowledge
of the facts of this issue.
I.C. A note on statistical relevance
None of the staff at VTW, EF-Florida, or EFF-Austin has
the requisite background in statistics to allow us to
make any claims about the statistical relevance of this
survey. Furthermore, our survey population is not
representative of anything, except the cross-section of
people that visited our website. Because of this, we
followed a "minimal intrusion principle" and
did not attempt to collect any demographic information to
shape a representative sample of Internet users (whatever
that is). In particular, whenever we say "XX% of
people in the survey believe X", it should not be
assumed that "X% of the Internet community believes
X" or "X% of Americans believes X".
Readers should keep this in mind when reading the
results of the survey and consider the benefit is in it's
breadth of coverage, not it's ability to predict the
opinions of Internet users on the junk email issue.
I.D. A note on privacy of survey respondents
Our user survey asked for the email addresses of
respondents for the purposes of sending them a
confirmation message with their responses. Although a few
chose to enter fake addresses, presumably to avoid
receiving any unwanted future email, most of the
respondents seemed comfortable with divulging their email
address. In accordance with our organization's policy, we
placed a Privacy Policy on the front page of both
surveys.
To preserve their confidentiality, respondents'
identities were severed from their answers before any
survey responses were shared with EF-Florida or
EFF-Austin staff.
We look forward to the comments from the Center for
Democracy and Technology on consumer perceptions of
online privacy to tell us more about consumers' attitudes
towards taking part in surveys like this.
II.A. Survey Responses
Over 2,700 people answered our user survey. We didn't
require answers to every question in the survey. We
present the raw responses here for your perusal.
Question 2: How much email do you receive per week?
- 1-50 pieces: 851
- 50-150 pieces: 744
- 150-500 pieces: 614
- 500-1000 pieces: 219
- 1000+ pieces: 76
Question 2.2: How much of it is unsolicited email?
- It is a small amount of my email: 950
- It is a quarter of my email: 922
- It is half of my email: 298
- It is a majority of my email: 316
Question 3. 1: Is it a risk or a benefit?
- It is a risk: 171 1
- It is a benefit: 45
- It is both a risk and a benefit: 227
- It is neither a risk nor a benefit: 505
Question 3.2: Elaborate on the above
- Cited the fraudulent nature of much junk email:
643
- Cited the waste of Internet or user resources:
586
- Cited the risk of adult junk email ads sent to
children: 129
Question 4: How do you deal with unsolicited
commercial email?
- I read it like anything else: 367
- I read the subject line and delete it without
reading: 1545
- I have my mailer set to filter it out based on
the subject line: 315
- I have my mailer set to filter it out based on
the sender or other header information: 426
- I use a third party filtering service to filter
it out: 225
- I use an intelligent agent to filter my mail: 91
- I use some other method: 883 (most of these
consisted of people saying they tried to contact
the original sender or their ISP to have the
spammer's account removed)
Question 5: What does email cost you?
- It costs me nothing: 197
- It's a waste of my time: 407
- It costs me long distance or other telephone toll
charges: 2228
- My ISP charges me connect time while I am
downloading or reading my mail: 481
- My ISP charges me by the byte to download my
mail: 76
- Other costs: 726
Question 6. 1: What do you think of unsolicited
commercial email?
- It is an overall good: 47
- It is a problem: 2196
- It is overblown as an issue: 214
Question 7 Technological suggestions
These answers were anecdotal in nature, and it
will take some time to finish compiling them.
Question 8: Regulatory suggestions
These answers were anecdotal in nature, and it
will take some time to finish compiling them.
III. Costs of unsolicited email
FTC Question #2.18 What costs does
unsolicited commercial e-mail impose on consumers or
others? Are there available means of avoiding or
limiting such costs? If so, what are they?
The survey we have developed addresses the questions,
of cost in many different forms, both for Internet users
and Internet Service Providers. This gave us a broad view
of the problem, touching on many individuals and many
people within the industry. We look forward however to
the comments from Simona Nass of Panix (Public Access
Networks) to provide us a close look at the actual costs
as assessed by a particular ISP when dealing with
unsolicited commercial email.
III.A. Cost to consumers
The costs to consumers of unsolicited commercial email
fall into a number of broad categories that we have
enumerated in the survey, including but not limited to:
telephone toll charges, ISP connect time charges, and ISP
download charges. We separate the costs into the
following categories:
- hard costs: measurable in dollars of resources,
access fees, or staff time and
- soft costs: measurable by loss of productivity.
These can also be thought of as opportunity
costs, where the dedication of resources to
dealing with junk email remove the ability of the
user to pursue some other goal temporarily.
The comments in this section refer to the attached
figure, entitled, "Costs of Spam to Internet
Users".
III.A.I. Telephone toll charges - hard cost
For some Internet users, online access is not a free,
flat rate telephone call. For those users, the proverbial
"meter" is ticking when they are downloading,
reading, or even deleting without reading, unsolicited
commercial email.
III.A.2. ISP Connect Time Charges - hard cost
There has been much discussion in the market about
pricing of Internet access for both large (such as
America Online) as well as smaller Internet Service
Providers, such as Panix. The amount of time a user is
connected to the system with some services is metered at
a usually low rate, and the time it takes to read and
even delete unsolicited commercial email adds costs to
the user. The market for Internet access has become mixed
enough between flat-rate pricing and metered pricing that
we received varied answers for what connect time costs
them, with it being anywhere from US$0.50 to US$4 per
hour.
III.A.3. ISP Storage Charges - hard cost
Although it is not a major part of the pricing model
today, several respondents indicated that they are
charged on a per-megabyte basis for email stored at their
ISP's site before the user has read it. In all cases,
respondents indicated that they had a minimum of
un-tariffed storage available to them before charges
kicked in. However unsolicited email adds to this cost,
forcing the user to pay more for their Internet service.
The range of responses stated that this cost is
approximately US$I per megabyte.
III.A.4. Lost productivity - soft cost
By far the most popular soft cost cited by respondents
was loss of productivity. For many, this was a major
problem as their time is measurable in US$/hour and they
can easily do the math to see what each junk email costs
them. Depending on the effectiveness of filtering
techniques and the mail package employed by the user,
junk email could take anywhere from no time to several
minutes to deal with. Although not all respondents
mentioned it, one should consider the litany of factors
required in dealing with junk email that go beyond the
simple act of deleting junk email. If the user downloads
their email to a remote computer instead of reading it at
the ISP, then the additional time required to download
the junk email is time that could be better spent
working. Also, the time taken to respond and unsubscribe
from junk email lists, or to report such activity to the
one or more ISPs involved can be significant.
III.B. Costs to Internet Service Providers
Very few, if any, of an ISP's infrastructure costs can be
broken down as easily as those for Internet users.
Complicating the issue is the fact that the Internet
access market is divided into two major pricing models:
metered and flat rate pricing. For metered pricing, the
issue simply becomes a problem of user annoyance. However
in the more popular environment of flat rate pricing,
unsolicited email becomes a threat to the cost structure
of the ISP.
In a flat rate environment the presence of a
significant resource consumer (such as unsolicited mail)
that is unwanted becomes an expense that raises the cost
of the ISP to run the site, a cost which is likely to be
passed onto consumers. How much this added cost adds up
to is unclear, as reliable numbers on the volume of
unsolicited mail are not available. Exactly how much of
it is unsolicited vs. unwanted is also a factor.
Outlined below are the costs of unsolicited email to
ISPs, though we hope to learn more from the filings of
ISPs who have actually measured the hitrate on their
filters and compared it to their total mail volume. The
comments in this section refer to the attached figure,
entitled, "Costs of Spam to ISPs".
III.B.1. Network bandwidth cost (soft cost)
ISPs pay for their Internet connectivity, usually in a
"maximum capacity" fashion. Although a
particular message (or set of them) will not trigger a
cost to the ISP by their next tier provider, the growth
of their traffic load may mean they must upgrade their
connectivity to adequately handle their load. This cost
should not be considered as a factor until more accurate
numbers on the amount of spam versus other types of
traffic can be determined.
III.B.2. Cost to process mail (soft cost)
Many ISPs have reported that heavy loads of spam have
delayed or prevented other, nonspam mail from getting
through to their users. Providing several hosts to
process mail can certainly alleviate this issue, though
that may be expensive and needless if the users don't
want the email to begin with. In addition, because the
overall amount of mail sent through an ISP is very large
compared to the perceived volume of spam, it isn't clear
if a need to upgrade such infrastructure might not be
required anyway.
Instances of actual outages exist, though, and the
loss of reputation and service is a very real and painful
thing for any ISP to bear.
III.B.3. Cost of staff time for handling
complaints
As many ISPs will tell you, the most expensive element of
their operation is the cost of their highly trained
staff. Customers that receive unsolicited electronic mail
want to report it to someone. In addition the surges of
system activity, that accompanies large influxes of junk
email can cause disks to fill up, and mail to stop
working until it is attended to by a staff member.
III.B.4. Cost of storage
ISPs typically store email until customers pick it up. It
is typical customer behavior to avoid deleting anything
until the very last minute. For this reason, many ISPs
charge their users for disk space over a standard
allotted amount. For the same reason, several ISPs have
configured their systems to deliver customer email into
the system directly into user-billed storage, which means
that you potentially might be billed for electronic mail
that you have not yet read.
III.B.5. Cost of phone line availability
On systems where customers are encouraged to dialup
quickly, download their mail and then disconnect, large
amounts of junk email cause users to stay on the line for
longer, tying up dialup lines for longer. Although ISPs
currently do not pay per-minute costs on incoming calls
from subscribers, they do need to ensure they have enough
telephone lines to support their users.
IV. Responses to unsolicited email
FTC Question #2.19 Are there technological
developments that might serve the interests of
consumers who prefer not to receive unsolicited
commercial e-mail? If so, please describe.
IV.A. Methods of dealing with unsolicited
commercial email
At this time, the technological innovations for dealing
with unsolicited email are in their early stages. We can
see from experience that no single solution (litigation,
regulatory, or technical) can adequately resolve the
issue to the satisfaction of the Internet community.
However what isn't clear is whether or not an appropriate
combination of all of these solutions will be sufficient.
IV.A.1. Reading it or deleting it
Is it undeniable that a certain segment of the Internet
community actually reads or simply deletes their junk
email with a minimum of effort. What is currently being
overlooked in the debate over unsolicited email is
whether the objections to the practice are because of the
costs such mail brings, or because of the often
fraudulent nature of such mail.
IV.A.2. Filtering in theory
The unsolicited bulk email issue may partly be a subset
of the problem that most people receive far more
information than they can handle. The use of filtering to
get a handle on dealing with large amounts of mail
predates the problem of junk email. This is evidenced by
the fact that so many products contained filtering
technology long before unsolicited email became a front
page issue.
Filtering is done at any number of points in the
delivery stream, from the end user's mailreader all the
way up to the router that connects the ISP to their
upstream provider. However filtering at each point is a
tradeoff between granularity and cost savings. For
example, were an ISP to throw away all mail from
spammer.com at their upstream router, the entire customer
base would not have to deal with any unsolicited mail
from spammer.com. However because there is no granularity
at this point, individual customers could not "opt
in" to receive any mail (unsolicited or otherwise)
from spammer.com.
Were the filtering done farther downstream, for
example during the local delivery process, the user would
have the choice of opting in or out of it. If every user
were to choose to have spammer.com mail not sent to them,
the effect for the end users would be the same.
However the ISP wouldn't see the savings in terms of
bandwidth or CPU, since the mail would still need to be
delivered up until the last minute, when the users'
preferences would be taken into account. They would see
the savings in terms of disk space and connect usage, as
the mail would never hit the user's end mailbox.
The final place to filter is in the mailreader. Many
mailreaders (see "Mail filtering techniques"
table) have the ability to filter electronic mail in many
points of the delivery chain.
Regardless of where filtering is done, it tends to
happen in one of two ways: opt-in filtering or opt-out
filtering. We have found that most filtering mechanisms
allow users to implement both kinds of filtering without
difficulty, although varying degrees of technical
knowledge are required. The comments in this section
refer to the attached figure, entitled, "Spam
filtering points".
IV.A.2.1. Opt-in filtering
Opt-in filtering is probably not the most popular one
used, but it is the most effective at limiting the amount
of email one deals with. A user by default receives no
mail unless they "opt-in" by specifying that
particular email that matches a certain criteria is to be
delivered to the user. Email that does not match the
criteria is deleted or left in a "junk" folder
to be read later. This addresses one of the risks of junk
email that was widely cited in our survey: that junk
email will clog up one's mailbox, making it harder to
find truly important messages among the rest of the mail.
IV.A.2.2. Opt-out filtering
Opt-out filtering works by assuming that the user wants
to receive all mail, and then selectively deletes or
adjusts the priority of mail that matches particular
criteria. Although opt-out filtering is less likely to
hide or delete messages that you might really want to
see, it requires ongoing maintenance to keep the opt-out
criteria fresh.
IV.A.2.3. Filtering granularity vs cost
There is an interesting zero sum game played out when one
looks at where to do filtering. Referring to the
"Spam filtering points" diagram, one can see
that choosing where to filter will be a balance between
costs and granularity, even though in the end, the user
will not see the junk email in their mailbox. At the far
left end of the continuum, one can make filtering
decisions only for the entire network which will results
in the most savings to both users and the ISP. However
the decision to filter out a particular email source will
be for the entire customer base. If some small amount of
customers wish to receive email from the source, they are
out of luck.
On the other hand, if the filtering is pushed to the
far end of the delivery process, when the email hits the
end user's Inbox, then the maximum amount of resources
are spent during the delivery of the mail, but each user
has the maximum amount of choice regarding what mail they
do and do not receive. Decisions made by each user do not
affect what any other user is allowed to read.
This tension between the costs of the ISP and the
convenience of their customers is likely to get much
worse before it gets better, with large making blanket
filtering decisions for the entire user base at the
perimeter of their network. In some cases, these
decisions will surely be inappropriate and result in
criticism of the service by its customers. How these
decisions are handled will certainly enhance or diminish
the image of the provider in a marketplace as diverse as
the ISP marketplace.
IV.A.3. Filtering in practice
In practice, filtering is far messier than the theory
would suggest. Given the Internet as a static medium,
filtering would be easy, but nothing is true for any
length of time, neither the domains that send you junk
email, nor the responses people use when they want to
show their anger about it. Both the architecture and
effectiveness of filtering schemes change on a daily
basis, with the same scheme being highly effective one
day, far less effective the next, and then effective
again on a third day.
IV.A.3.1. Filtering at the network connection
This would typically be done through a router at the
perimeter of the ISP's network. Because there are more
addresses that send non-junk email than there are junk
email domains, this is typically done in an opt-out
fashion. When enabled, this configuration disallows all
network mail service connections from a particular set of
Internet addresses, regardless of who the intended
recipient is. Decisions made at this point cannot take
individual user preferences into account.
IV.A.3.2. Filtering at the mail receipt level
This consists of configuring one's mail software to
refuse mail from selected sources, regardless of who the
mail is for. Like network level filtering, it is also
done as an "opt out" system because of the
problem of knowing a priori the source of non-junk email
messages. Mail receipt filtering has the advantage of
allowing a large network to implement different
system-wide mail policies for each system within the
network. Individual user preferences are not taken into
account at this point.
IV.A.3.3. Filtering during delivery
This is one of the most popular points to do filtering,
as it allows the mail to be discarded during the delivery
to the individual user's mailbox. Using tools such as
"procmail", each user can set their preferences
or even delegate their decision-making power to the ISP
for individual choices. If the user knows the domains
from which he or she will be receiving mail a priori,
they can set their filters up in an opt-in fashion,
though this is certainly not the way most people have
done it. A user can even choose not to filter at all,
even if the rest of the customers choose to.
IV.A.3.4. Filtering right before or after end
user delivery
This is the traditional place where filtering is done
and is built into several different types of mailreaders,
including the highly popular Qualcomm Eudora and
Microsoft Exchange. As with delivery time filtering, it
can be done as either "opt-in" or
"opt-out". Opt-in filtering can work quite well
at this point, because it is technically feasible to
segregate messages from known-safe sources into a special
"Personal" folder, and everything else into a
lower priority folder to be read later, instead of
deleting it. This allows the user to truly make a large
amount of mail manageable.
Filters take effect as the mail is downloaded
(Exchange's Inbox Assistant) or right after (Eudora's
Mail Filters).
IV.A.4. Specific filtering technologies
IV.A.4.1. Filtering technologies at the network
level
Most network routers have the ability to reject traffic
from a specified list of Internet sites, though some do
it faster or more efficiently than others. The major
variances among these techniques involve the source of
the Internet addresses to filter out.
The most effective way of defeating this filtering
technique is for the spammer change their IP addresses
(or ISP) on a regular basis.
IV.A.4.2. Specific mail receipt filtering
technologies
Unix 'Sendmail' is one of the most popular perimeter mail
transfer agents in use today. It has pre-built commands
to allow an administrator to reject mail from specific
domains.
The most effective way to defeat this technique is to
either lie about the domain that the mail is coming from,
or to register a brand new one every time one needs to
send junk email.
IV.A.4.3. Specific mail delivery filtering
technologies
Filtering technologies at the delivery point are one of
the most effective and form a "sweet spot" of
minimizing cost and maximizing user preference. Not only
can users configure their own filters, but because all
users tend to share a common filespace, they can
"share filters" with each other or even the ISP
staff.
Through programs like "procmail" and AOL's
"Preferred Mail", a user can choose to have
filtering done, but isn't required to maintain the filter
list themselves. The ISP has an appropriate motivation to
maintain it, since it cuts down on user complaints and
all the costs that come later in the message delivery
stream after delivery.
The most effective way to defeat this technique is the
same as the receipt level: falsify the Internet source
domain or register new "throwaway domains"
every time one needs to send mail.
IV.A.4.4. Specific end-user delivery filtering
technologies
This is the most popular mail filtering
technique. Programs like Eudora and Exchange have
user-configurable filters that allow any user to setup
fairly complex rules that can segregate mail into
different mailboxes, set priorities on messages, and
automatically take actions on them (including deleting or
reforwarding the message to others). The only drawback of
performing filtering at this stage is the ongoing
obligation to maintain the filters.
IV.A.5. Response tactics
Several respondents reported that they take measures to
reach the senders of unsolicited electronic mail or their
Internet Service Providers. These tactics vary from the
effective to the dishonorable. They are not necessarily
technical in nature, but are presented here for
completeness.
IV.A.5.1. Contacting the ISP of the
unsolicited email sender
One of the most effective non-technical methods for
ending unsolicited commercial email involves reporting
the spammer to their Internet Service Provider. In our
ISP survey, almost all (51) of the ISP respondents said
they had a policy against the use of their services for
the sending of bulk unsolicited email, and over half (27)
said they had terminated a customer because of it since
the beginning of 1997. Many ISPs maintain a specific
alias (usually "abuse") for individuals on the
Internet to report problems. Several ISP respondents
cited as many as eight distinct incidents of junk email
that have had to be handled since January of 1997.
We collected some anecdotal data on the cost of
handling these incidents and found that cost of staff
time per incident is measured in hours, usually 4-7.
Respondents provided wide variations in the dollar cost
of each incident, though many stated an hourly cost of
staff time at about $120 / hour.
Because of the high cost of handling such incidents,
ISPs do not seem to hesitate to terminate their contracts
with users who send unsolicited bulk email through their
services. Several respondents reported that they took
great pleasure out of reporting a spammer to an ISP and
receiving a notice that the spammer's account had been
terminated.
The new practice of spammers starting their own ISPs
has particular policy implications, which are not
discussed in this paper.
IV.A.5.2. Electronically attacking the sender
or their ISP
It has become an unfortunately common practice to
electronically attack the sender or intervening ISPs to
"punish" them for unsolicited bulk email.
Without judging this particular tactic, it is
important to note that:
- because of forged domains, the wrong person
sometimes gets targeted for revenge,
- this is illegal, and
- if even 1% of the recipients of junk email
retaliate with 100 such letters of retaliation,
the retaliatory response becomes just as big a
problem from the ISPs point of view as the
original spam.
V. EFF-Austin Spam Analysis
For the last year, EFF-Austin staff member David Smith
has been keeping his unsolicited email, both commercial
and non-commercial. He has taken the time to index the
different emails he received to give us a sense of what
kind of email one person receives.
It should be understood that types of junk email a
person receives vary with their Internet usage habits,
which affect how their address is culled. However it is
valuable in that it allows a look at the volume a
moderate user of the Internet might receive. For more
information, see the attached two graphs labeled,
"EFF-Austin Spam Analysis".
VI. Summary
Although this paper takes no intentional positions on the
appropriate responses to spam, it does seem to lead to
some conclusions that must be taken into account. In
particular, this survey demonstrates that the costs of
junk email are borne by the receiver. This report shows
that they may be costly for some end users today, but
could become very costly in the future should the volume
of junk email rise as shown by EFF-Austin's analysis from
the past year. This cost structure is similar to that of
the telephone facsimile paradigm.
However, this paper also demonstrates that the
Internet as a medium is distinctly different from the
telephone facsimile medium, in that there is the
capability for individual users and system operators to
inexpensively express preferences and subsequently filter
content, alleviating some, if not all, of the costs
associated with junk email. However there are costs
associated with filtering itself, and the presence of the
ability to filter does not automatically mean that this
will always the best solution.
It is also important to note, without prejudice, that
the last time a telephone medium regulation was applied
to the Internet over widespread public concern was the
Communications Decency Act. We leave the merits of this
approach to another paper.
We applaud the Federal Trade Commission for examining
this issue in detail, for allowing us to provide a forum
for these comments, and for their continuing efforts in
the area of consumer online privacy.
VII. About the authors
This report is a project of the Voters Telecommunications
Watch (Shabbir J. Safdar), EFF-Austin (David Smith), and
Scott Brower (EF-Florida). Indispensable help was
provided by Victoria Fike (Abuse Coordinator at Public
Access Networks), Kieran Ringgenberg (VTW), Simona Nass
(Panix), Deirdre Mulligan (Center for Democracy and
Technology) and Bob Palacios (CDT).
Our perpetual thanks go to Martha Landesberg of the
Federal Trade Commission for her encouragement and the
staff at Panix Public Access Networks for continuing to
provide us the Internet facilities through which we did
this work. Finally, we owe a great debt of thanks to the
nearly 2,800 Internet users and Service Providers who
answered our survey. We could not have done it without
them.
Filtering techniques
Facility |
Network
Connection |
Mail
receipt |
Mail
delivery |
Inbox
delivery |
Post-delivery |
Router (generic) |
X |
|
|
|
|
Sendmail |
|
X |
|
|
|
Procmail |
|
|
X |
|
|
Elm Filter |
|
|
X |
|
|
Microsoft Exchange |
|
|
|
X |
|
Qualcomm Eudora
3.0 |
|
|
|
|
X |
Pegasus Mail |
|
|
|
|
X |
Type of Spam
|
|
August |
October |
January |
May |
Business Opportunity |
|
10 |
22 |
29 |
29 |
Products, Goods, or Services |
|
14 |
20 |
17 |
78 |
Duplicate |
|
2 |
11 |
12 |
44 |
Non-commercial |
|
5 |
1 |
.2 |
10 |
|
Total |
31 |
54 |
60 |
161 |
|
|
|
|
|
|
Business Opportunity |
|
32% |
41% |
48% |
18% |
Products, Goods, or Services |
|
45% |
37% |
28% |
48% |
Duplicate |
|
6% |
20% |
20% |
27% |
Non-commercial |
|
16% |
2% |
3% |
6% |
GRAPHIC
LINE GRAPH - "TYPE OF SPAM"
Spam per month
Month |
Number |
Avg per day |
August |
31 |
1.03 |
September |
49 |
1.63 |
October |
54 |
1.80 |
November |
61 |
2.03 |
December |
73 |
2.43 |
January |
61 |
2.03 |
February |
77 |
2.57 |
March |
86 |
2.87 |
April |
128 |
4.27 |
May |
161 |
5.37 |
|
|
|
Total |
781 |
|
GRAPHIC
LINE GRAPH - "Total Spams"
JUNK MAIL
1997 ISP POLICY SURVEY
April 14, 1997
Dear friend,
A number of significant challenges await us in 1997
and 1998 on Internet policy. An unusually high amount of
them focus on the relationship between Internet Service
Providers (ISPs) and their customers. VTW is very
interested in this relationship and the diversity of the
marketplace, as the diversity of the ISP market has a
direct impact on the ability of Internet users to
exercise their First Amendment rights. These rights can
come under attack from a number of external forces,
including trade associations and government entities.
To help us work through these issues, we've teamed up
with EFF-Austin and EF-Florida and are asking you to tell
us a few things about previous incidents you have dealt
with, and the policies you use to deal with them.
Sincerely,
/s/
Shabbir J. Safdar
President, Voters Telecommunications Watch
Privacy Policy
The information that you return to us in this survey
will be kept confidential within the Voters
Telecommunications Watch (VTW). Although we will collect
the responses and publish the aggregate results, we will
not publish your name, or the name of your business. In
addition, we will be very careful to avoid publishing
information that could clearly identify your business.
Furthermore, we will not take the list of respondents and
sell, rent, lease, or otherwise provide the list to any
other party. However VTW may contact you directly in the
future (to obtain clarification on this survey,
permission to publish an anecdote, or to ask you to
participate in next year's survey, for example).
Q: What is the name of your company that provides
ISP-like services?
Q: WHAT is your name?
Q: WHAT is your email address?
Q: What is your company's URL?
Q:Do you have a terms-of-service (TOS) agreement with
your customers?
Q:If your TOS is online, where might we find it?
(provide URL)
Q:VTW is interested in cases where Internet
entrepreneurs are hampered from entering the market by
unreasonable government licensing practices.
Have you ever been approached by a local, state, or
Federal agency with a request that you apply for a
license whose effect is to prevent you from opening or
entering a new business? Examples of this would be
special Internet Provider licenses, or special gaming or
amusement licenses on rented computers in an Internet
cafe.
Q:Have you received a request from law enforcement for
information (such as subscriber addresses and real names)
without a subpoena, court order, or other legally
recognized request?
Q:Please describe the circumstances above.
Q:Do you consider junk email to be a serious problem
for ISPs?
Q:Do you have a policy that prohibits the sending of
unsolicited bulk commercial email?
Q:Do you provide a junk email filtering mechanism to
your customers?
Q:Have you ever terminated a user account because of
junk emailing activity?
Q:Please describe the circumstances above.
Q:Please try and assess the cost of dealing with the
above incident. If you can, state how many different
staff members were involved, and how many days it took to
resolve, along with any losses (including loss of
reputation, service, or revenues.)
Q:Please estimate how many of these incidents you've
had so far this year.
Turn in my
confidential survey |
I messed
up, let me start over |
[Home] [Free Speech] [Copyright] [Kids
& Parents] [Voter] [Privacy]
vtw@vtw.org/Copyright © 1994-1997
JUNK MAIL
Internet User Survey On Unsolicited
Commercial Email
In early June, the Federal Trade Commission (FTC) will
be holding a three day workshop on online issues,
including unsolicited commercial email. VTW, EFF-Austin,
and EF-Florida will be filing comments in the form of
results of a survey we are conducting about Internet
users' attitudes towards unsolicited commercial email and
the technological solutions to the problem in use right
now. Please take a moment to answer the survey below in
preparation for the FTC workshop.
Several people have reported problems viewing this
survey with lynx. If you can suggest ways of making this
lynx-friendly, please drop us a note at vtw@vtw.org.
1. Contact information
Please enter your email address:
Read our Privacy Policy about how we'll handle this
information.
2. How much email do you receive?
How many pieces of email do you get per week on
average?
How much of your weekly email is unsolicited and
commercial?
3. What do you think of unsolicited commercial
email?
Do you feel that unsolicited commercial email poses a
danger to consumers, a benefit, or both?
Feel free to elaborate on your answer above:
4. How do you deal with unsolicited commercial
email?
How do you deal with unsolicited commercial email?
(check all that apply)
- I simply read it like anything else I receive.
- I read the subject lines and delete them without
reading.
- I use features in my mailreader to filter it out
based upon the subject lines.
- I use features in my mailreader to filter it out
based upon sender or other header information.
If you use the features of an email package, enter the
name of the email package below.
- I use a third party filtering service (such as
AOL's Preferred Mail or Panix's junk mail filter
service).
Please give us a URL where we can learn more about
this service.
- I use an intelligent agent to scan my mailand
filter out email that looks like junk mail.
- I use some other method (please describe below).
5. What does unsolicited commercial email cost
you?
In what ways does unsolicited commercial email cost
you? (check all that apply)
- It doesn't cost me anything.
- I have to waste time deleting it, when I could be
doing other things.
- I have to pay long distance or other telephone
toll charges during the time I'm connected while
downloading/reading it, so it consumes telephone
service I'm paying for.
- My ISP charges me for the time I'm connected
while downloading/reading it, so it consumes
service I'm paying for.
- My ISP charges me for the number of bytes of
email I download, so it consumes service I'm
paying for.
- Other (please describe).
Please tell us about how much this costs you? If you
are charged for toll charges when calling your ISP, what
are those toll charges? If you are charged per megabyte
to download, what are those charges?
6. What do you think of unsolicited commercial
email?
I think unsolicited commercial email is:
Please
select an opinion. |
7. What technological developments would you
suggest to help solve the problem of unsolicited
commercial email?
8. What actions, if any, do you think the
government should take in response to unsolicited
commercial email?
9. If you're done, submit your answers to the survey.
I messed up
the survey, I want to start over. |
[Home] [Free Speech] [Copyright] [Kids
& Parents] [Voter] [Privacy] vtw@vtw.org/Copyright ©
1994-1997
Cost to ISPs of Spam
GRAPHIC
Spam filtering points
GRAPHIC
Cost to Internet users of Spam
GRAPHIC
|