December 9, 2021

Archives for December 2003

Do We Want a Do-Not-Email List?

The CAN-SPAM Act, signed into law yesterday by President Bush, will take effect on January 1. The Act asks the Federal Trade Commission to study whether a national do-not-spam list, akin to the much-loved do-not-call list, should be implemented. It’s an interesting question.

The crux of the problem is the danger that the do-not-spam list would become, in the hands of unscrupulous spammers, a who-to-spam list. We know that spammers pay money for lists of known-to-be-active email addresses. Surely, they would be more than happy to get such a list – and an unusually large and accurate one – from the government for free.

There are countermeasures, though. If we put some newly minted, fictitious addresses on the list, any mail sent to those addresses later must have involved misuse of the list. If we give out separate copies of the list to different spammers, we might put different fictitious addresses into each copy, so we can tell later whose copy was misused. Of course, spammers may collude and compare their copies to find the bogus addresses, so we want some of the bogus addresses to appear in multiple copies so that we have an idea of who to blame even if lists are combined. Figuring out how best to use duplicate bogus addresses for this purpose is a nice little exercise in theoretical computer science.

Some have suggested another approach, in which bulk emailers are given access to an “oracle” that will answer queries about whether a particular address is on the do-not-spam list. This could be done by providing an on-line service that answers queries, or by giving giving out cryptographic information (i.e., the cryptographic hashes of the addresses on the list) that allows address-by-address querying. In either case, the worry is that spammers will use the oracle to “purify” their address lists, by discarding addresses that aren’t on the do-not-spam list.

Another approach, perhaps ironically, is to provide a mailing service that will forward email to any recipient, except those on the do-not-spam list. Bulk emailers who used such a forwarding service would be able to send mail, via the service, to anybody who isn’t on the list, but they would have no easy way to test for membership of an arbitrary address on the list.

What’s the right answer? I don’t know. But I’m glad that we’re not rushing ahead with a list before we figure out how to do it or whether it’s a good idea in the first place.

Painters Buy White Canvases for a Reason

Wendy Seltzer (pointing to Ross Mayfield) quotes Verisign CEO Stratton Sclavos as saying, “We have to move the complexity back into the center of the network and remove it from the edge.” As even mid-level netheads know, this is the antithesis of the Internet’s design – the Internet approach is to put intelligence at the edge of the network. Here’s Wendy:

Painters buy white canvases for a reason. The Internet has succeeded as a platform for innovation because its architecture does not preempt its uses; instead, the stupid network offers a neutral background for line drawing, oil painting, and collage. Sure a grid on the blank canvas would help those making mechanical drawings at the right scale, but it’s just noise to the rest, who now need to paint an extra layer to cover it up. Complexity built into the network (such as a search engine that responds to every nonexistent domain name query [i.e., Verisign’s abortive stunt]) may enable a few uses, but it slows or breaks many more, and impedes the development of alternatives.

I’m not sure why Verisign thinks that its contract to perform certain administrative functions gives it a license to redesign the Net; but somehow it does. Just another reminder that the Net does need to be governed, if only to keep outfits like Verisign from fouling it up. Even ICANN looks pretty good at times like this.

Techno-Lockdown Not Likely

Steven Levy, in Newsweek, offers a dystopian vision for the future of the Internet:

Picture, if you will, an information infrastructure that encourages censorship, surveillance and suppression of the creative impulse. Where anonymity is outlawed and every penny spent is accounted for. Where the powers that be can smother subversive (or economically competitive) ideas in the cradle, and no one can publish even a laundry list without the imprimatur of Big Brother. Some prognosticators are saying that such a construct is nearly inevitable. And this infrastructure is none other than the former paradise of rebels and free-speechers: the Internet.

Pretty scary! Fortunately, it’s not gonna happen.

To understand why, let’s rewind, as Levy does, to the early days of Internet mania, when many saw the Net as an anarchist utopia that didn’t have laws, and didn’t need them. A few contrarians like Larry Lessig argued that the Net wasn’t inherently immune from control and regulation, and that society would bring its norms, and government its laws, to the Net. And indeed that is what happened.

This should have been obvious, considering the pervasive connections between our on-line and off-line lives. I write and publish this posting in cyberspace; but at the same time I’m sitting in a chair in Princeton, New Jersey, watching the sun rise out my back window. I have one foot in cyberspace and one foot in meatspace. And how can one foot be bound by laws and the other be immune? The rules of cyberspace and the rules of meatspace will necessarily be similar – any big disparity between them will be resolved by changing the rules on one side or the other.

For the same reason, a locked-down Net can’t really happen, at least not here in the free world. For how can one foot be enslaved while the other is free? To lock down the Internet is to disconnect it from everyday life, from the life where I can send an invitation, or a business memo, or a home movie to anyone at any time, where I can read whatever I like without asking a censor’s permission.
We might go some short distance down the road of control, but ultimately the rules of cyberspace are firmly tethered to the rules of meatspace. And in the rules of meatspace – at least where I’m lucky enough to live – lockdown isn’t allowed.

This isn’t to say that we should ignore the forces of control, or that we should acquiesce in whatever small victories they may be able to win. We need to be vigilant and fight for the right to build and use new technologies. It’s that struggle that keeps the Net connected to the freedoms we enjoy in the real world. It’s that struggle that keeps techno-lockdown in the realm of speculation and not reality.