Is Yahoo's $610 million anti-spam win meaningless?

Filed Under: Law & order, Spam

Yahoo! logo
For consumers, spam is not the big issue it once was. Improved email filtering technologies and preventative CAPTCHA tests deal with much of the unwanted inbox traffic.

Even if the "You have won $100,000 in the Lottery, please send us your details to collect your prize" somehow gets through, it is easily tackled.

The realisation that you didn't enter a lottery and a quick glance at the dodgy syntax and sender ID should normally flag your suspicions. However, what if the email is from a well-known brand you trust? Would you be more likely to disclose your details?

Yahoo faced this issue when their branding was used in a three year fraudulent lottery spam campaign by Nigerian, Thai and Taiwanese perpetrators. Yahoo lodged a case against them in 2008 and today a New York Court delivered their default judgment.

The spammers breached the US CAN SPAM Act and now have to pay Yahoo $50 for each email in reparation. This accumulates to the jackpot sum (including a $27million trademark suit) of $610m (£387m).

While this makes a great headline figure for the fight against fraud and spam, it begs the question, will Yahoo ever actually see this money?

Perhaps Yahoo invested all this time and money to make a symbolic example of the perpetrators? I would argue that rather than striking a blow to the spam industry, this case reiterates fundamental problems for domestic legal instruments operating in a transnational domain.

The judgement is in the US, and the guilty parties are not. Applying the judgement extra-territorially is a significant hurdle for retribution on a practical level.

Despite this, laws remain incredibly important online because they represent democratic process and establish certainty and norms. Unfortunately, this judgement highlights their huge shortcoming: enforcement.

The internet is not borderless. Establishing geographical borders, through technical measures, assists the application of domestic territorial laws. The norm of establishing borders online is largely due to geo-identification technologies used by Yahoo to comply with a judgment from 2000, which banned sale of Nazi memorabilia in France.

From a legal perspective, regulation of intermediaries within sovereign territories (like ISPs) is the main way to control trans-national content.

However, without the geographic proximity of an intermediary, governments struggle to enforce laws, as the US and Yahoo will find out here.

Instead, it is clear that innovative regulation is required, often using technical solutions. Technology is not bound by geographic borders and has the flexibility to address many of the issues laws cannot.

,

You might like

2 Responses to Is Yahoo's $610 million anti-spam win meaningless?

  1. Robert Gracie · 867 days ago

    It would be meaningless because the con artist wouldnt have $610 mil lying about in his house but I think its just a bit excessive for yahoo to get that out of a con artist they will never get that sum back they may get a few million out of it but not the $610 million they want

  2. Nigel · 866 days ago

    The article states:

    "Instead, it is clear that innovative regulation is required, often using technical solutions. Technology is not bound by geographic borders and has the flexibility to address many of the issues laws cannot."

    That's pretty close to the real solution. That part that's broken is inclusion of the phrase "innovative regulation". Replace it with "innovation" and you’re closer. Look at the second to last paragraph in the article:

    "However, without the geographic proximity of an intermediary, governments struggle to enforce laws, as the US and Yahoo will find out here."

    That's not going to change as long as "governments" means "political states". The entity with the highest interest in the well-being of the user base is the service provider—in this case, Yahoo. None of this would have been a problem if Yahoo had protected the interests of its users in the first place. Part of that protection is more innovative technologies, but the missing (and most fundamental) element is education of its user base. People act like morons because they don't know enough NOT to act like morons. Imposing new regulations isn't going to prevent them from acting like morons.

    The COMPLETE solution is innovation and education. None of it has anything to do with regulation, which (as demonstrated in this case) is not only powerless to stop the bad guys, but is incapable of getting them to restore the property they’ve stolen. You can create systems that do a much better job protecting users from their own stupidity, but in the end, if you don't do anything about the stupidity, you'll never address the biggest part of the problem. That’s not a regulation problem; it’s an education problem.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Lachlan Urquhart is a legal academic from Edinburgh, Scotland who has completed an LL.B at the University of Edinburgh and recently concluded a postgraduate LL.M in Information Technology and Telecommunications Law at the University of Strathclyde. For more articles from Lachlan, visit his blog.