is truly the scourge of the Information Age. This problem has become so
widespread that it has begun to burden our information infrastructure. Entire
new networks have to be constructed to deal with it, when resources would be far
better spent on educational or commercial needs." - United States Senator Conrad Burns
Unsolicited Electronic Mail also called "spam" is a growing concern among
corporations and individuals. Spamming, once viewed as a mere nuisance, is now
posing some alarming problems. In the year 2002 alone, losses to US Corporations
due to spamming were a staggering $8.9 billion. In 2003, spam costs to all
Non-corporation Internet users were an estimated $255 million . With the
increasing number of Internet users in India, the absence of any legislation
prohibiting spamming and the dearth of other spam-control measures, it is time
the Government took note of this menace.
What exactly is Spam?
Spam may be defined as Unsolicited Bulk E-Mail (UBE) or Unsolicited Commercial
E-Mail (UCE). In either case, it is important to note that Spam is "Unsolicited"
which means that there is no prior relationship between the parties concerned
and the recipient has not explicitly consented to receive the communication.
Why is Spam harmful?
Many of the objections to spam relate to its content. Objections to commercial
messages, which promote dubious ventures and messages that contain sexually
explicit material, are commonplace. However, the single most important objection
is as far as messages containing contain harmful embedded code and hostile file
2. Consumption of Internet Resources
Spam represents a significant proportion of all e-mail traffic, consuming
massive amounts of network bandwidth, memory, storage space, and other
resources. Internet users and system administrators spend a great deal of time
reading, deleting, filtering, and blocking spam, as a result of which they pay
more for Internet access.
3. Threat to Internet Security
Spammers frequently tap into Simple Mail Transfer Protocol (SMTP) Servers and
direct them to send copies of a message to a long list of recipients.
Third-party relaying usually represents theft of service because it is an
unauthorized appropriation of computing resources. A company’s reputation may be
damaged if it is associated with spam because of third party relaying.
What are the methods of dealing with Spam?
I. Technical Methods
The first line of defense against spam normally consists of self-help and other
technical mechanisms. These mechanisms can be implemented by individual Internet
users, ISPs and other destination operators, as well as by various third
parties, some of which specialize in battling spam.
A. Filtering and Blocking
i. End User Filtering and Collaborative Filtering
End User filtering entails the recipient simply ignoring unwanted messages while
collaborative filtering consists of filtering done by Internet Service Providers
(ISP) and proxy filtering services like Brightmail.
Blocking involves enabling destination operators to refuse delivery of spam.
Many databases sometimes referred to as blacklists or "blackhole lists," list
Internet hosts frequented by spammers. Destination operators can use these
databases to identify and refuse delivery of selected incoming messages.
B. Hiding from Spammers
This process involves concealing e-mail addresses by the recipients thus making
harder for the spammers.
C. Opting Out
This procedure involves requesting the spammer to remove the recipient from the
mailing list. Of all the measures stated above this is the most ineffective as
spammers almost never remove a mail address from their mailing lists.
Problems with Technical Approach:
The Technical Approach has several fallacies especially in India:
* Technical approaches are unlikely ever to eradicate spam, partly because of
the time and resources that spammers devote to their activities (and the
economies of scale from which they benefit) and partly because of the inherent
openness of the Internet and e-mail protocols.
* Technical approaches have deleterious effects that they can have on legitimate
communications. Blocking e-mail traffic from a spam-friendly site often means
blocking a great deal of legitimate email, for example.
* Mordern Anti-spam technology is expensive and it further burdens the netizen
* There is lack of transparency and accountability consequently spammers
continue to act with impunity
II. Legal Methods
In the absence of adequate technological protection, stringent legislation is
essential to deal with the problem of spam. Several spam-related Bills have been
introduced in the United States Congress , of which only CAN-SPAM
Act of 2003
has come into force.
The European Union and other countries have also enacted anti-spam legislation.
Australia which contributes to about 16% of the total spam in the world has the
most stringent spam laws under which spammers may be fined up to $1.1 million a
day. Although anti-spam legislations are found all over the world, the methods
of combating spam are virtually similar as is evident from the following:
The state of Delaware in the United States has stringent anti-spam legislation ,
which imposes a virtual ban on Unsolicited Bulk Commercial E-mail messages The
European Union does not prohibit unsolicited commercial email, but permits
individual member states to do so. Finland , Germany , and Italy all have laws
prohibiting UCE, while Austria prohibits both UCE and UBE.
2) Enforcement of Anti-Spam policies:
ISPs and other destination operators generally have policies that govern the use
of their facilities for various purposes, and nearly all of them prohibit
spamming in particular. Consequently in some legislations emphasis is laid on
following these policies.
3) Opt-out clause
Several Legislations including the US CAN -SPAM Act provide for an Opt-out
procedure wherein senders may communicate with anyone except those who have
explicitly opted out.
4) Other Statutory Provisions
Data protection laws in some States regulate the collection, use, and transfer
of personal information that may include e-mail addresses, and legislation has
been proposed in the United States Congress to restrict the ability of spammers
to harvest e-mail addresses from domain name registration records.
5) Enforcement Mechanisms
Several jurisdictions provide for criminal penalties or other governmental
enforcement mechanisms in addition to or in place of private actions.
The large number of Anti-spam legislations passed and the severe punishments
meted out to spammers are indicative of the fact that the International
Community has recognized the spam menace and is taking steps to combat it
effectively. It is time that India too joined the bandwagon.
India And The Spam
Spam legislation is non-existent in India. The much-touted Information
Technology Act of 2000 does not discuss the issue of spamming at all. It only
refers to punishment meted out to a person, who after having secured access to
any electronic material without the consent of the person concerned, discloses
such electronic material to any other person.
It does not have any bearing on violation of individual's privacy in Cyberspace.
The illegality of spamming is not considered
Other cogent reasons for introducing comprehensive legislation to curb, control
and penalize spammers are:
• The Delhi High Court acknowledged the absence of appropriate legislation
concerning spam in a recent case wherein Tata Sons Ltd and its subsidiary
Panatone Finwest Ltd filed a suit against McCoy Infosystems Pvt Ltd for
transmission of spam. It was held that in the absence of statutory protection to
check spam mails on Internet, the traditional tort law principles of trespass to
goods as well as law of nuisance would have to be used.
• With the growing number of Internet users every day and the increasing
proportion of junk e-mail, it is essential that measures be taken to curb spam
before it assumes gargantuan proportions like in the United States.
With the establishment of the Indian arm of the Coalition Against Unsolicited
Commercial E-Mails (an International Organization against spam) some efforts are
being made to combat the spam menace. However, in the absence of stringent laws
and technical advancements, the proliferation of spam seems inevitable.