Net Neutrality Index

This post serves as an index to the net neutrality posts on The Lippard Blog. I'll update this post with any future posts on the subject.

"Net Neutrality" (February 12, 2006) Critique of Bill Thompson's argument for net neutrality.

"Geddes on net neutrality" (February 14, 2006) Comment on and link to good Martin Geddes blog post on net neutrality.

"Commoncause.org: Spamming for 'net neutrality'" (March 9, 2006) How Common Cause deluged Mark Cuban with spam after depicting him with devil horns for not backing net neutrality.

"Talking Points Memo gets it completely wrong on COPE Act" (April 22, 2006) Critique of Josh Marshall and Art Brodsky's bogus claim that the bill transfers control of the Internet to the telcos (who have a much smaller percentage of consumer Internet customers in the U.S. than the cable companies).

"Misinformation in defense of net neutrality" (May 7, 2006) Critique of Adam Green and Matt Stoller who repeat the common misconception that common carriage requirements have applied to the Internet, which is the basis of their calling Mike McCurry a liar.

"Net Neutrality and Last-Mile Connectivity: An Analogy" (May 8, 2006) An analogy about net neutrality and last-mile connectivity in terms of taxicabs, in an attempt to elucidate some of the major points and misconceptions.

"Net Neutrality and the Pace of Innovation" (May 17, 2006) A look at the pace of innovation in the Bell System under monopoly in light of calls for nationalization of "the Internet backbone" (as though there is one such thing) by net neutrality advocates.

"Misinformation from 'Save the Internet'" (May 19, 2006) A critique of "Save the Internet"'s critique of the "Hands Off the Internet" flash animation cartoon, which seems to repeat the common confusion that common carriage requirements have applied to the Internet.

"Bad unintended consequences of HR 5417" (May 19, 2006) A criticism of the Sensenbrenner net neutrality bill.

"Yglesias on McCurry" (May 19, 2006) Critique of Matthew Yglesias on net neutrality guest blogging at Talking Points Memo.

"Net Neutrality and Fair Use" (May 22, 2006) Disagreement with Larry Lessig about an analogy between net neutrality and fair use. (I tend to agree with Lessig on intellectual property issues, at least about the dangers of ever-extending copyright terms, lack of registration requirements, and DRM.)

"Hillary Clinton and Net Neutrality" (May 23, 2006) The hypocrisy of Hillary Clinton's support of net neutrality on the grounds of protecting free speech (as pointed out by Adam Thierer).

"Consumer broadband last-mile competition in the Phoenix metropolitan area" (May 24, 2006) A summary of actual broadband options in the Phoenix area, listing eight separate providers.

"Net Neutrality expands to absurdity" (May 24, 2006) Critique of net neutrality advocate Jim Durbin, who thinks corporate web filters are a violation (which presumably he thinks should be made illegal). Also comment on Glenn Harlan Reynolds on pirate WiFi in the enterprise.

"Newmark vs. McCurry on net neutrality" (May 24, 2006) Comment on Craig Newmark's debate with Mike McCurry in the Wall Street Journal, in which Newmark is mightily confused about the technical facts.

"Dave Siegel on QoS and net neutrality" (May 26, 2006) Link to Dave Siegel blog post that summarizes how QoS is used in Global Crossing's network, and to a presentation by Xiao Xipeng on the same topic.

"Save the Internet: Fighting astroturf with astroturf" (May 26, 2006) How "Save the Internet" has generated astroturfed letters-to-the-editor while condemning astroturf from the telcos. I condemn both.

"More on last-mile options in Phoenix" (May 27, 2006) A response to criticisms of my list Phoenix-area broadband options from Douglas Ross.

"The Abstract Factory on net neutrality" (May 31, 2006) A link to a good commentary on net neutrality and astroturfing telco shills.

"Kevin Drum gets it wrong on net neutrality and common carriage" (June 1, 2006) Kevin Drum repeats the common misconception that common carriage requirements have applied to the Internet.

"Worst net neutrality analogy ever?" (June 1, 2006) A critique of Susan Crawford's horrible sidewalk analogy.

"George Ou explains QoS to Russell Shaw" (June 10, 2006) In a ZDnet debate, George Ou gives a good simple explanation of QoS to someone who wants to regulate something he doesn't understand.

"Martin Geddes on net neutrality, federalism, and U.S. vs. EU" (June 12, 2006) Link to a nice piece on Geddes' Telepocalypse blog where he provides links to his past positions on network neutrality and compares the U.S. to EU, and their respective regulatory regimes to networks.

"Verizon's Thomas Tauke on net neutrality" (June 12, 2006) Quote from and link to a Declan McCullagh interview with Thomas Tauke of Verizon about net neutrality.

"Bennett on Free Press net neutrality 'facts'" (June 12, 2006) Richard Bennett shows that the Free Press's network neutrality facts are mostly fiction, argues against the anti-QoS provision of Snowe-Dorgan and Markey in a note to Sen. Boxer, comments on tomorrow's Senate hearing, and on Matt Stoller's acting as a spokesman for admitted ignorance.

"'Hands Off the Internet' writes about me, then thinks better of it" (June 15, 2006) A post from the HOTI blog about me, recovered from Google cache. (Most of the content is actually excerpted from my own blog, with a bit of HOTI commentary.)

"The New Republic supports net neutrality, based on error" (June 15, 2006) The editors of The New Republic join the crowds of net neutrality supporters who incorrectly think that common carriage requirements have applied to ISPs and the Internet.

"Douglas Ross's Network Neutrality Index" (June 16, 2006) A link to an index of blog posts by an advocate of net neutrality regulation.

"Demonization of adversaries is wrong, Matt Stoller" (June 16, 2006) A criticism of part of Matt Stoller's presentation at YearlyKos.

"Andrew Kantor changes his mind on net neutrality" (June 16, 2006) The USA Today technology columnist no longer supports net neutrality regulations.

"Matt Stoller lies about site blocking" (June 18, 2006) Matt Stoller falsely attributes a problem between Craigslist.org and Cox's PC firewall software to the kind of discriminatory site blocking he thinks net neutrality regulations are needed to prevent--after already being informed of the real cause.

"Update on Cox blocking of Craigslist" (June 20, 2006) Update on who's said what, and a bit more detail on the underlying problem in which I disagree with placing blame on Craigslist.

"Content providers and ISPs: who really has the stronger hand?" (June 21, 2006) A look at a case of "reverse network neutrality" involving ESPN360 blocking access to ISPs.

"The future of connectivity options" (June 22, 2006) Telco 2.0 looks at a variety of business models for different types of connectivity and projections for how they will change in significance over the next decade. It would be a bad idea to impose regulations which stifle innovation by prohibiting some business models.

"Matt Stoller refuses to come clean" (June 22, 2006) Matt Stoller, caught in falsehood, tries to avoid responsibility for his statements and instead accuses others of being "lying liars."

"A version of network neutrality I can endorse" (June 22, 2006) I attempt to put forth a minimal, non-FCC-regulated version of "Lippard Network Neutrality" that I think is reasonable, and explain how it differs from what many network neutrality advocates are supporting.

"Craigslist no longer uses TCP window size of 0" (July 14, 2006) Update on the Craigslist/Cox issue.

"VoIP quality degradation shows need for prioritization" (July 27, 2006) Brix Networks study shows quality of VoIP calls has declined over the last 18 months due to competition for network resources.

"ACLU incompetence and misinformation on net neutrality" (November 3, 2006) The ACLU comes out in support of network neutrality, making many of the same erroneous arguments which have been debunked here before, such as confusing common carriage with IP-layer nondiscrimination.

"Netroots and telecom" (July 19, 2008) Discussion about the description of the Netroots Nation "Big Telecom" panel and an Art Brodsky column about it.

"New Markey/Eshoo net neutrality bill" (August 3, 2009) Brief comments on the Internet Freedom Preservation Act of 2009.

Worst net neutrality analogy ever?

From Susan Crawford:

Think of the pipes and wires that you use to go online as a sidewalk. The question is whether the sidewalk should get a cut of the value of the conversations that you have as you walk along. The traditional telephone model has been that the telephone company doesn't get paid more if you have a particularly meaningful call -- they're just providing a neutral pipe.

If you're going to use a sidewalk as an analogy for a communications pipeline, then the users of the sidewalk need to stand for the communications traffic. Then the question becomes, should users of different types have to pay different rates for the use of the sidewalk to those who build and maintain it (not to the sidewalk itself!). Further, the sidewalk has to keep being made bigger to support all the traffic being carried, and some of the users are in a bigger hurry and are likely to collide with those who aren't, and some of the latter are holding big gatherings between their residences, like a block party in the neighborhoods. Should those guys get to do that for free, or at the same cost as their neighbors who aren't interested in a block party?

UPDATE: I had issued a trackback ping to Susan Crawford's blog post which was accepted, but apparently she decided to delete it. That's rather ironic--she supports net neutrality, but blocks critical trackbacks to her blog. I guess her support of net neutrality isn't based on any principle of fairness or free speech.

UPDATE (June 8, 2006): Susan Crawford responded to a query about this, and attributed the deletion to automatic anti-spam defenses, and invited me to re-issue a trackback, which I will shortly do. I retract the last two sentences of the above update, and apologize to her for my erroneous inference.

UPDATE (March 13, 2008): Actually, I never regained the ability to issue trackbacks or even to reference this blog's URL in comments posted on Susan Crawford's Blogware blog, so all of my comments there refer to my discord.org website instead. She moved her blog in late 2007, but I've not commented or issued any trackbacks to the new one.

Newmark vs. McCurry on net neutrality

Craig Newmark of Craigslist and Mike McCurry of "Hands Off the Internet" debate "Should the Net Be Neutral?" at the Wall Street Journal. I'm struck by a number of things that Newmark says:

Do you believe Yahoo should be allowed to outbid Google to slow down Google on people's computers? That's the kind of thing that the big guys are proposing.

In fact, nobody has proposed slowing down anything--the consumer broadband telcos have proposed adding new, higher-bandwidth physical circuits (fiber to the home) which contain virtual circuits dedicated to content with requirements for higher bandwidth and low latency and jitter, for which the primary application they have in mind is IP television. And they want to charge content providers to use those virtual circuits. Now, one can argue that dedicating bandwidth to new applications that content providers have to pay for will have a future consequence that Internet bandwidth will be consumed and not upgraded, leading to degradation for best-effort Internet services, but that requires argument to support the likelihood of that outcome in the face of competition from cable companies and wireless providers.

With all that empty fiber, bandwidth is not an issue. A bigger issue is that we're running out of [Internet protocol] addresses. The new net protocols, IPv6, address that, but the big telecoms are already very late implementing that. (Hey, I'm an engineer, and their engineers talk to me.)

Newmark is confusing Internet backbone bandwidth with last-mile consumer broadband bandwidth. I've addressed this confusion at length. BTW, IPv6 is rife with difficulties and not quite ready (or useful) for the average consumer, but my employer, Global Crossing, has been one of the first to make it widely available to its customers. (I run IPv6 on my home network via a tunnel to Global Crossing.)

No one's talking about "government lawyers and regulators engineer[ing] the future of the Internet," except, well, you, Mike. We're trying to prevent that, and trying to get Congress to maintain the level playing field we have right now, that the FCC just tried to ruin. We're just asking everyone to play fair.
...
I'm being completely straight: no one's interested in regulation in the sense you're thinking, we just want the existing level playing field to continue… Beyond that, we're not interested in mandating performance criteria, none of that stuff.
...
What we're looking for is just fairness, a level playing field, no regulation or stuff like that. In America we believe that if you play fair and work hard, you get ahead. We don't want the government to give special privileges to the big guys, particularly not at the expense of small business and consumers. We don't want more regulation and we don't need lawyers involved where the free market functions well. I guess we're for capitalism.

Here, Newmark is simply failing to recognize what's in the actual network neutrality bills in Congress, which have unintended consequences about how networks are engineered, what can be in acceptable use policies, what kinds of contracts network providers are permitted to enter into with their customers, and how they can charge for access to different services--rules that to date have not existed for Internet services.

Today, many Internet providers have acceptable use policies that prohibit spam, going beyond the requirements of the relatively weak federal CAN-SPAM law. Under all of the net neutrality bills I've seen, providers must permit customers to send or receive any "lawful content," which forces them to reduce their AUPs to the lowest common denominator of whatever is prohibited by law in the jurisdictions where they provide service. These bills prohibit providers in the United States from setting the conditions of contract with their customers regarding activities they consider abusive which are not codified in law. The "pink contract" would thus become a government mandate.

UPDATE: FCC Commissioner Michael Copps and U.S. Supreme Court Justice Clarence Thomas back up McCurry's statement in this debate that the FCC already has authority under Title I to prevent anti-competitive discrimination without the need for new statutory powers from Congress.

McCurry at the WSJ:

And doesn't the FCC have authority already (under Title I) to step in and act if necessary?

Copps:

The Federal Communications Commission has authority under current law to ensure that broadband-access providers -- currently mainly cable and phone companies -- do not discriminate against Web-based providers of content, search services and applications, FCC commissioner Michael Copps said Tuesday.

Thomas:

“The [FCC] remains free to impose special regulatory duties on facilities-based [Internet-service providers] under its Title I ancillary jurisdiction,” Justice Clarence Thomas wrote in National Cable & Telecommunications Association vs. Brand X Internet Services.

This means net neutrality advocates who support the bills in Congress don't think this is enough, and owe an explanation of specifically what powers they want to add to the FCC, what rules they want the FCC to make, and how those rules will be enforced.

Bad unintended consequences of HR 5417

(I should preface this by saying that I am not a lawyer, only a relatively well-informed layman who has demonstrated the ability to win lawsuits against telemarketers without using an attorney.)

Some network neutrality advocates are promoting James Sensenbrenner and John Conyers' HR 5417 as a step in the right direction for putting network neutrality into law. But HR 5417 is a badly written bill with some serious negative implications. (There are a bunch of other network neutrality bills in the works, which I haven't yet examined.)

First, it turns all NSPs and ISPs into "broadband network providers" even if they don't provide any residential consumer services. All that matters is whether you provide two-way Internet at speeds of 200 kbps or greater.

Second, it prohibits preventing anyone from sending or receiving traffic that is legal. This means ISPs cannot have acceptable use policies against spammers that go beyond what is required by the federal CAN-SPAM law except in states which have stricter laws, and they have to sell service to known spammers who comply with CAN-SPAM, and you can't kick adware companies off your network until and unless the specific abusive actions they are taking are made illegal.

Third, it says that if you provide a custom service like IP Video or VOIP interconnection at a higher class of service, you must allow your customers to connect to that "type" of service to any other provider of IP Video or VOIP, regardless of location, whether those providers are customers of yours or not. But if you don't provide those services over the Internet, who is supposed to bear the costs of interconnection to providers who aren't customers?

Fourth, it prohibits all restrictions on what devices users can connect to the network except on grounds of physical harm or degrading the service of others. But what if you offer a specialized service that only supports some vendors' equipment, and has to have a particular configuration to function properly? This seems to say that you have to let customers configure unsupported or incorrectly configured equipment to the network.

This bill is a nice example of bad unintended consequences.

(Also see Richard Bennett's Original Blog.)

Net Neutrality and Last-Mile Connectivity: An Analogy

Suppose we live in a world with no private automobiles. There are still airports, bus stations, and sea ports, and these are places with diverse carriers and services, giving you many options for traveling long distances to other locations. But to get from your home to these travel hubs, your options are limited to between one and three cab companies; most people have access to two, RBOC Cab and Cable Cab. Both cab companies own all of their own cabs, but RBOC Cab has been legally required to allow independent operators to rent their cabs. Those independent operators have been permitted to repaint the cabs, furnish the interiors differently, and offer additional services to customers within the content of the cabs, but the cabs are owned by RBOC Cab and are of the same size, and the radios are standard equipment owned and maintained by RBOC Cab. Cable Cab, by contrast, has never been required to allow independent operators to use its cabs, and has never done so. (UPDATE 11 May 2006: This is because Cable Cab pays 5% of revenue to local governments as part of their franchise agreement, while RBOC Cab, by contrast, has had government monopoly protection until 1996, has free access to rights of way, and receives government funding via "universal service" fees in order to provide service to rural areas. While Cable Cab funded its own purchasing of cabs and infrastructure, RBOC Cab built its infrastructure without risk as a result of the government support.) They initially didn't come with radios at all, but have recently furnished their cabs with radios.

The rules have recently been changed so that RBOC Cab will no longer be required to allow independent operators to rent their cabs. They've stopped allowing new independent operators to rent cabs, or existing independent operators to take on new customers, and have announced that they will be ending all of the independent operator contracts.

RBOC Cab has also announced that they intend to build larger cabs, in which some of the additional space will be used to provide new services, such as a fully stocked bar, refrigerator, and high-definition television. They will supply all of the contents of the bar and refrigerator, as well as what is shown on the TV, by entering into arrangements with suppliers, whom they intend to charge a fee for the privilege of using the facilities to reach their passengers. Passengers will not be permitted to use the refrigerators to store items that they've supplied, though they will still be allowed to bring along their own cooler, snacks, or video equipment, provided that it fits in the remaining space in the cab (which will be more space than in previous cabs).

Both cab companies reserve the right to deny transportation for certain kinds of items that they consider harmful or dangerous, or which impact their ability to function--items that stink up the cab, that could catch fire or explode, etc.

Cab Neutrality advocates argue that the Department of Transportation needs to create additional regulations which require the cab companies to allow passengers to carry whatever items they want, to use the radios to listen to whatever stations they want (whether the driver likes it or not), to put their own items in the refrigerator, and to allow all snack, beverage, and video providers to make use of the new equipment that RBOC Cabs plans to put into their cabs. They also want to require that the cab companies send cabs at the same speed to every travel hub, regardless of the hub's size or amount of demand for its services (or what the passengers want), and that all costs should be borne by the cab company, not the hub. RBOC Cabs responds by saying that in order to fund the building of the new cabs, they need to be able to charge the snack, beverage, and video providers to use the new equipment (in addition to the fee charged to the passengers, which is not enough to cover the actual cost), but that passengers are still free to bring their own snacks. Cab Neutrality advocates worry that unless they are allowed to bring whatever items they want, they might be prohibited from bringing their own snacks, beverages, and videos. RBOC Cabs have also claimed that they need to be able to build these larger cabs in order to travel longer distances, and suggested that their ability to carry snacks, beverages, and videos over long distances is part of the costs they need to recoup (when, in fact, the long distance transportation of even their snacks, beverages, and videos is provided in the highly competitive environment of the multiple transportation hubs, where there are no issues of capacity and costs per mile are significantly lower).

This is not a precise analogy, but I think it captures the highlights. To make it more precise, I'd need to actually talk about the roads, perhaps making the last mile owned by HOAs that are analogous to RBOCs and cable companies, with the HOAs placing restrictions on the size and type of vehicles that can move on those roads and creating new lanes for their own vehicles, which they want to rent out to third parties or make available for higher priority services that might need them for emergencies.

What's right about "Cab Neutrality" is that passengers want to be able to get to every travel hub and they want to be able to choose what food, beverages, and entertainment they get on the way. But the specific proposals they make are too specific, go beyond these basics, and create limitations in what new services and business arrangements can be developed.

As I see it, the biggest problem here is limited competition among cab companies--a situation which was alleviated to a large extent by the requirement that RBOC Cab lease out cabs to independent operators--a requirement that should have applied to Cable Cab as well. (If we had a way to purchase or rent our own vehicles from competitive sources, all of the worries about what the cab companies might do would be eliminated.)

A requirement on the cab companies that requires passengers to be able to carry whatever they want would have the unintended consequence that some malicious or unthinking passengers would carry items that the cab companies want to prohibit for good reason--harmful and dangerous materials, materials which disrupt service for other passengers. (E.g., spam, malware, denial of service attacks.)

A requirement that all cabs must travel at the same speed means that if I have an emergency where I want to be able to pay more to get to my travel hub faster, I can't do it. Passengers carrying organs for transplant surgery don't get to travel any faster than passengers going on vacation.

A requirement that all costs must be borne by the cab companies (both for transportation to the hubs and for the new cabs and equipment within them) limits the possibilities of new business arrangements between third parties and the cab companies. There might be a possible business model where a travel hub pays a fee to get more frequent cab services, with a lower cost to the cab passengers, subsidized by the long-haul transportation services. Or where video providers can supply services at different costs, with lower-cost services subsidized by advertising revenue.

Talking Points Memo gets it completely wrong on COPE Act

Josh Marshall writes:

The grand ole daddy of special interest giveaways -- Congress to give away the Internet. This is serious. Find out more here.

Sounds like he's saying that Congress is transferring the authority the Department of Commerce currently has over ICANN somewhere, doesn't it? But he links to Art Brodsky on TPM's "Special Guests Blog," who writes:

Congress is going to hand the operation of the Internet over to AT&T, Verizon and Comcast. Democrats are helping. It's a shame.

Don’t look now, but the House Commerce Committee next Wednesday is likely to vote to turn control of the Internet over to AT&T, Verizon, Comcast, Time Warner and what’s left of the telecommunications industry. It will be one of those stories the MSM writes about as “little noticed” because they haven’t covered it.

What's he talking about? He's talking about the COPE Act, the Communications Opportunity, Promotion, and Enhancement Act of 2006, which just passed the House Subcommittee on Telecommunications and the Internet, and its failure to include provisions mandating "net neutrality."

This doesn't "give away the Internet"--we have no laws mandating "net neutrality" today. This bill doesn't change the ownership or regulation of the Internet. It does make changes to how cable companies operate (permitting national franchising in addition to local franchising), it mandates that VOIP providers must supply E911 service, and it guarantees the right of municipalities to offer wireless broadband access.

Brodsky and Marshall have grossly misrepresented the effect of this bill in claiming that it "gives away the Internet." What it does do with respect to the FCC's policy statement (PDF) on "net neutrality" is give the FCC the ability to enforce that policy statement with fines of up to $500,000, while denying the FCC the authority to "adopt or implement rules or regulations regarding enforcement of the broadband policy statement and the principles incorporated therein, with the sole exception of the authority to adopt procedures for the adjudication of complaints."

Common Cause, an advocate of codifying specific "net neutrality" rules, opposes the bill (see their reasons and analysis here). But the problem with Common Cause's position is that there are no well-defined notions for how "net neutrality" should operate that would ensure that the result isn't just to freeze the Internet in its current state and stifle new innovations and developments. (Common Cause apparently doesn't understand the Internet well enough to know that spam is bad.)

Common Cause overestimates the ability of the telcos to use their existing networks to control how the Internet will work, and is, I believe, mistaken in its fears of classes of service. The existing broadband policy statement is sufficient to prevent telcos from blocking Google, or (more realistically) blocking access to competing VOIP providers without getting FCC fines. Further, it doesn't make the slightest bit of business sense for a DSL or cable modem provider to block access to services like the most popular search engine in the world.

For more on the subject of net neutrality, the single best analysis to date is the Stifel/Nicolaus report, "Value Chain Tug of War" (PDF). Also see my previous posts on this blog here (for my thoughts), and here (for a good analysis by Martin Geddes of the Telepocalypse blog), along with Geddes' speech at Freedom to Connect here, and Paul Kouroupas of Global Crossing's posts here, here, and here. (Disclosure: Global Crossing is my employer; I manage its network security. Global Crossing would be at risk if the RBOCs and cable companies were able to use their control of last-mile networks within the U.S. in an anti-competitive manner, so my position on this issue isn't based on any loyalty or bias towards those companies--I'd like to see more competition in broadband, but I don't think giving the FCC greater regulatory power over the Internet would have any beneficial effects in that regard.)

Spammed by the Arizona Republican Party

I don't know how they got my email address--I've never been (and never will be) a registered Republican.

From: "Chairman Matt Salmon"
To: [my email address]
Subject: Arizona Republican Party Roundup - March 15, 2006
Date: Wed, 15 Mar 2006 10:53:37 -0600

Attention Republican Clubs and Organizations - Submit your events to
events@azgop.org

In This Issue:
Chairman Salmon on the Death of State Senator Marilyn Jarrett
Capitol Update
Kyl Immigration Provisions Moving Forward

...

Paid for by the Arizona Republican Party

(602) 957-7770

Not authorized by any candidate or candidate committee.


----------------------------------------

This email was sent by:
Republican Party of Arizona
3501 N 24th Street
Phoenix, AZ, 85016, USA

The actual email came from ExactTarget.com, whose anti-spam policy says:

Anti-SPAM at ExactTarget

ExactTarget believes, practices, and requires its clients to practice only permission-based e-mail marketing. Our clients certify that they will use our software only to send e-mails to customers and prospects that have directly consented (opted-in) to receive their e-mail. They are forbidden to transmit unsolicited commercial e-mail (spam) via our system.

Members Agreement

Our clients agree not to use our system to send unsolicited e-mail. For any opt-in list of e-mail addresses used in ExactTarget's system, clients agree to provide us with the source of the e-mail addresses, the method used to capture the data, and verification of the consent to receive e-mails from such client. We also encourage our members to respect their customers' time and attention by controlling the frequency of mailings to individual e-mail addresses.

Our clients certify that they will not use rented or purchased lists, e-mail append lists, or any other list that contains e-mail addresses captured in any other method than opt-in. The use of opt-out lists is prohibited in our system. ExactTarget retains the right to review client lists and e-mails to verify that clients are abiding by the privacy and permission policies set forth herein. However, our clients are ultimately responsible for compliance with our policies.

I don't think there's any way my email address would have ended up on their list except by email appending.

I've complained to them and to ExactTarget's abuse address, asking both for an explanation and what they're going to do to rectify the situation. My guess is that they will continue to spam for the Republicans--in which case they deserve to be added to anti-spam blocking lists.

BTW, for anti-spammers, the originating MTA was mta.emailgop.com (207.67.38.104), on Time Warner Telecom's network. The IP block is SWIP'd to TW Telecom, and TW Telecom's rwhois shows it assigned to Exact Target. The company has had a few previous incidents with spamming, but the blog of Chip House, their VP of Privacy and Deliverability, endorses decent principles.

UPDATE: "Nate Romance" of Exact Target responded to my complaint, stating that:

At ExactTarget we take these complaints very seriously and we work hard to ensure that our clients send mail only to people who have asked to receive mail. Clients who do not adhere to our policies face an escalating series of penalties, including but not limited to: chargeback fees, mailing restrictions, and termination. Our Privacy Policy located here:

http://website.exacttarget.com/exacttarget_company_privacypolicy.asp

and our Anti-SPAM policy located here:

http://website.exacttarget.com/exacttarget_company_antispam.asp

will provide you with additional information and should answer any questions you might have.

Additionally, we will investigate this issue with our client, and determine what we can do to ensure that it does not persist. In the meantime, I have added your email address ([address deleted]) to our "Master Unsubscribe List" which will ensure that you do not receive email from the Arizona Republican Party or any other client of ExactTarget.

Thanks for bringing this matter to our attention and we apologize for any inconvenience this may have caused.

Please let me know if there are additional items I can assist you with.

Commoncause.org: Spamming for "net neutrality"

Mark Cuban reports that he's been deluged with form letter spam from Commoncause.org, which has mistakenly identified him as a telco (depicting him with devil horns), just because he wrote a blog post saying that he thought there could be value to tiered levels of service.

If this is now the nature of the debate, it doesn't appear that "net neutrality" advocates have reason on their side. (My previous remarks on "net neutrality" are here and here.)

The Spam Kings blog points out deficiencies in the email subscription process used by Kintera, the provider for Commoncause.org.

Blogger's spam-prevention robots are defective

WARNING

This blog has been locked by Blogger's spam-prevention robots. You will not be able to publish your posts, but you will be able to save them as drafts.

Save your post as a draft or click here for more about what's going on and how to get your blog unlocked.

Clicking there yielded:

Your blog is locked

Blogger's spam-prevention robots have detected that your blog has characteristics of a spam blog. (What's a spam blog?) Since you're an actual person reading this, your blog is probably not a spam blog. Automated spam detection is inherently fuzzy, and we sincerely apologize for this false positive.

You won't be able to publish posts to your blog until one of our humans reviews it and verifies that it is not a spam blog. Please fill out the form below to get a review. We'll take a look at your blog and unlock it in less than a business day.

If we don't hear from you, though, we will remove your blog from Blog*Spot within 10 days.

Find out more about how Blogger is fighting spam blogs.

That's what I saw Wednesday morning... afternoon Thursday, it's still locked.

Hello,

Your blog has been reviewed, verified, and whitelisted so that it will no longer appear as potential spam. If you sign out of Blogger and sign back in again, you should be able to post as normal. Thanks for your patience, and we apologize for any inconvenience this has caused.

Sincerely,
Blogger Support

And it's back, apparently since shortly after I last checked and found it locked, based on the timestamp on this email.

Controversial hacker publishes cover story in Skeptical Inquirer

The latest issue of the Skeptical Inquirer (March/April 2006) features an article titled "Hoaxers, Hackers, and Policymakers: How Junk Science Persuaded the FBI to Divert Terrorism Funding to Fight Hackers" by Carolyn Meinel. The descriptive text on the first page (between the article title, subtitle, and author's name) says "Hoaxers warned of an imminent and deadly electronic Pearl Harbor. Consequently, the FBI diverted resources and attention away from terrorism and toward fighting hackers. This may have contributed to the September 11, 2001, attacks. Use of critical inquiry and the scientific method could have avoided this misdirection."

While most of the article appears to me to be accurate and its conclusion about treating claims from self-proclaimed computer security experts with scrutiny is sound, the article itself contains unsubstantiated arguments (in particular the arguments of the title and subheading) and comes from a self-proclaimed hacking expert of questionable credibility.

Meinel's article is in three sections--an introductory section about the title, a section about specific claims made by two hackers, and a section on "critical analysis of e-terrorism." I find little to criticize in the latter two sections, except for its implication that Peter Neumann's testimony before Congress was unfounded (Neumann is a highly respected expert on computer risks, the editor of the RISKS Digest, and author of the book Computer-Related Risks, 1995, The ACM Press).

Meinel begins by describing Fred J. Villella bringing hackers "Dr. Mudge" (Pieter Zatko, though Meinel never mentions his name) and "Se7en" ("Christian Valor", who was indeed exposed as a chronic fabricator as Meinel claims in the second part of her article) to meetings of federal policymakers where they warned of "a looming electronic Pearl Harbor." The most notable such meeting was testimony before the Senate Governmental Affairs Committee on May 19, 1998, where the above-mentioned Neumann testimony took place, and where Mudge testified that he could make the Internet unusable with less than thirty minutes of effort.

Meinel argues that this testimony "may have contributed to an entrapment scheme" by the FBI against hacker "Chameleon" (Marc Maiffret, now "Chief Hacking Officer" of eEye Digital Security) as a way to show that "hackers were actually collaborating with enemies of the U.S." But she provides no evidence of a connection between the testimony and the action.

She falsely states that "books (Penenberg 2000; Mitnick 2005) hyped the raid [on Maiffret] to say that hackers were in league with al Qaeda." Neither of these two books says that. Adam Penenberg, in his book Spooked: Espionage in Corporate America (with Marc Barry, 2001, Perseus Books), writes that "Hackers are always on red alert for the FBI. In fact, when Maiffret was contacted over the Internet by the alleged terrorist Khalid Ibrahim, a member of Harkat-ul-Ansar, a militant Indian separatist group on the State Department's list of the thirty most dangerous terrorist organizations in the world, he assumed Ibrahim worked for the feds." Kevin Mitnick, in his book The Art of Intrusion (2005, Wiley, pp. 32-34), raises the possibility that Khalid Ibrahim was part of an FBI operation, but questions it on the ground that only Maiffret received any money from him. On the other hand, he points out that Maiffret told Wired News "he had not provided any government network maps" and wonders why, despite his confession to accepting money from an terrorist-connected individual (Mitnick writes "foreign terrorist"), no charges were ever filed. Then, he writes "Perhaps the check wasn't from Khalid after all, but from the FBI." (As an aside, Mitnick's book states that few know the true identity of "Chameleon," but Penenberg's book had already published his identity in 2000.) Perhaps Maiffret avoided prosecution by agreeing to work with the FBI, as other hackers have done (such as Justin Tanner Petersen, "Agent Steal," whose story is partly told in Jonathan Littman's The Watchman: The Twisted Life and Crimes of Serial Hacker Kevin Poulsen, 1997, Little, Brown).

The specific argument of the title and subheading--that the testimony of these hackers led to a diversion of funding that may have contributed to the success of the 9/11 terrorist attacks--is stated in a single paragraph in the second column of the first page of the article (p. 32). In that paragraph, Meinel states that cyberspace czar Richard Clarke's formation of the National Infrastructure Protection Center (NIPC) diverted funding increases "earmarked against terrorism to hire FBI agents for the hacker beat." This diversion of funds led to only $4.9 million spent by NIPC on counterterrorism, and it therefore lacked the resources to follow up on Phoenix FBI agent Ken Williams' warning about al Qaeda members training at U.S. flight schools.

This argument assumes that NIPC, rather than the FBI's counterterrorism unit, is the organization which should have followed up on Williams' memo. It also overlooks the role of the FBI's incredibly antiquated computer systems, which technophobe FBI Director Louis Freeh had refused to take steps to upgrade (with Congress withholding $60 million in funding for FBI's IT infrastructure between 1998 and 2000 because of its failure to produce a credible upgrade plan). Not until July 2000, when Freeh appointed Bob Dies to begin work on an overhaul, did Freeh address the issue. The result was that the FBI had 42 separate database systems that could not be searched simultaneously and many agents had computers that did not work or could not display images or connect to the Internet. Many agents used home computers in order to receive email photo images of suspects from local police departments. (See the "Missing Documents" chapter of Ronald Kessler's The Bureau: The Secret History of the FBI, 2002, St. Martin's Press. Similar observations are made in the "9/11" chapter of James Bovard's The Bush Betrayal, 2004, Palgrave Macmillan. Bovard cites (p. 27) a Los Angeles Times story that reports the FBI diverting $60 million in funds earmarked for IT upgrades in the year 2000 to be used for staffing and international offices. The fact that the dollar figure is the same in Bovard and Kessler may indicate that Bovard is misdescribing the same $60 million Kessler mentions.) By contrast, NIPC's entire budget (PDF) was under $20 million per year through 2000, and Bush requested a budget of $20.4 million for NIPC in 2001. (This is not to say that NIPC was effectively using what funds it had--it wasn't. But Meinel's complaint that only $4.9 million of NIPC's budget was spent on counterterrorism should be put in context--that was a quarter or more of its annual budget.)

These IT failings and the other failures reported in the 9/11 Commission Report and elsewhere strike me as more plausible reasons for the U.S. government's failure to avert the 9/11 attacks than trying to pin it on the hackers who testified before Congress in 1998 about the dangers of cyber attacks. Ironically, in October 2001 an article arguing that the Code Red worm demonstrates that there really are significant risks of Internet-based attacks on U.S. infrastructure ("They would be far worse than not being able to make bids on eBay--potentially affecting product manufacturing and deliveries, bank transactions, telephony and more. Should it occur five years from now, the results could be a lot more severe.") appeared in Scientific American. The author of this article, "Code Red for the Web," was Carolyn Meinel.

It's more surprising to me that Skeptical Inquirer published an article by Carolyn Meinel at all. Meinel's author description printed in SI states:

Carolyn Meinel is a consultant and science writer. She has assisted the Defense Advanced Research Projects Agency (DARPA) with its Intrusion Detection Evaluation Program and its Cyberadversary Workshop, and consults for Systems Advisory Group Enterprises, Inc. (www.sage-inc.com), the Institute for Advanced Technology (www.iat.utexas.edu/), and the Santa Fe Institute (www.santafe.edu/). She may be reached at [email address omitted to prevent spam].

Not mentioned are Meinel's books, web pages, and hacker conference appearances to teach hacking skills or her two articles in Scientific American ("How Hackers Break In... and How They Are Caught" in October 1998 and "Code Red for the Web" in October 2001). The existence of the latter two publications no doubt lends her credibility (and may have helped persuade SI to publish this latest article), but the content of some of her hacker training works and parts of the October 1998 Scientific American article serve to diminish it. The October 2001 article seems pretty accurate to me, and was selected for publication in Matt Ridley's Best American Science Writing 2002 volume. That article, as already observed, does point out the possibility of an "electronic Pearl Harbor," so Meinel avoids self-criticism as being a contributor to 9/11 failures under her own argument only by the month-post-9/11 publication date.

Meinel has long been a controversial character in hacker circles, as can be seen by Googling her name on the web and Usenet (you can search the latter with Google Groups). She also has a degree of infamy from her former marriage to Scientology critic Keith Henson. Henson, who was successfully prosecuted for "interfering with a religion" (Scientology--in part due to an online joke he posted about using a "Cruise missile") and fled to Canada, started the L5 Society with Meinel in 1975. In their divorce proceedings, Meinel apparently made charges of child molestation against Henson which were published by Scientology front group "Religious Freedom Watch" as a way to "dead agent" Henson. Meinel, while supportive of Henson, didn't actually retract the charges, though I took her comments to suggest they were bogus. (UPDATE July 18, 2008: Henson's daughter Val has recently gone public and argues that the charges are true.)

Meinel had a long-running feud with hacker "jericho" (Brian Martin), who runs attrition.org. Martin, as it happens, was once the roommate of phony hacker "Christian Valor" ("Se7en"), but was also one of the people who exposed his fabrications. In addition to exposing other bogus security experts, his site contains a large collection of criticisms of Meinel, her behavior, and her work. Given the personal nature of many of the criticisms it is difficult to know what, if any, to take seriously, except for those which specifically address her accuracy and knowledge of hacking and network security, such as the critique of her 1998 Scientific American article, "How Hackers Break In...", by Fyodor (author of the widely used security port scanning tool, nmap). That article, which may be partly based on a hacker break-in at Meinel's ISP, Rt66 Internet (in which case "Dogberry" may be John Mocho of Rt66), contains a number of questionable statements. For example, the scenario describes the firewall of "refrigerus.com" responding to a port scan by launching an attack in response, as though this is a good form of security, and the description of the attack itself suggests that either the description is inaccurate or the attack itself is incredibly naive. The author description on "How Hackers Break In..." stated that Meinel has an "upcoming book, War in Cyberspace" that "examines Internet warfare." As of today, there appears to be no such book.

In 1998, a hacking group that called itself "Hacking for Girliez" or HFG defaced a number of websites, including that of the New York Times. Brian Martin believes he was on the list of suspects. A number of HFG defacements made reference to Meinel (which I interpret to mean that HFG had a grudge against her rather than that she was involved), and she was herself questioned by the FBI and asked to take a polygraph, which she wisely declined (given the lack of empirical support for the validity of the polygraph).

In 2001, Meinel's techbroker.com website was compromised and a piece of software placed on it. A message was sent to the Vuln-Dev mailing list under Meinel's name (apparently a forgery), claiming that the software was an exploit for a vulnerability in the wu-ftpd FTP server; but in actuality it was malware which would attempt to delete files.

Given the lack of support for the title claims in this article and the lack of Meinel's expertise in computer security, I don't think Skeptical Inquirer should have published it, at least in the form it appeared.

Meinel, it should be clear, is not an advocate of illegal hacking--she seems to be fairly emphatic about not breaking into machines unless you own them or have permission to do so. But at the same time, she seems to give a wink and a nod to those who are going to break into the machines of others and has been billed as a "walking script kiddie factory." She also seems to advocate offensive measures as a mode of defense (as described in her 1998 Scientific American article), which is not responsible computer security advocacy.

UPDATE (March 4, 2006): Today I obtained a copy of Gerald Posner's book Why America Slept (2004, Random House), which is cited by Meinel at the end of her paragraph claiming that NIPC budget diversion to cyber warfare was the cause of 9/11 failures. The concluding sentence of that paragraph reads: "Therefore, the FBI lacked the resources to follow up on an agent's warning of al Qaeda members at U.S. flight schools (Posner 2003)."

The relevant section of Posner's book is pp. 169-173. It in no way supports what Meinel has written--Posner makes no reference to NIPC in his entire book, and he enumerates several failures on the part of the FBI with respect to Ken Williams' memo--the lack of communication with the CIA, the failure of middle management of the FBI to recognize the significance of the memo, and lack of resources within the FBI: "The FBI considered the Phoenix idea [to check out the thousands of students at the flight schools] too costly and time consuming, and a few even expressed concerns that such a probe might be criticized in Congress as racial profiling."

The main thesis of Meinel's article is not supported by the facts, and she has misrepresented at least three of the sources she cites--Gerald Posner's book, Kevin Mitnick's book, and Adam Penenberg and Marc Barry's book. That's sloppy work that doesn't deserve publication.

UPDATE (February 19, 2007): I thought I had already added a link to the April 2006 discussion of Meinel's article by Jeff Nathan at the Arbor Networks blog, but I hadn't. This remedies that oversight. There's a good exchange between Nathan and Meinel in the comments.

Also, Skeptical Inquirer published my letter to the editor regarding Meinel in the July/August 2006 issue (p. 62) along with a response from Meinel.

UPDATE (August 8, 2010): James Bamford's most recent book, The Shadow Factory: The Ultra-Secret NSA from 9/11 to the Eavesdropping on America (2008) contains more detail about intelligence screwups that, had they been prevented, might have averted all or part of the attacks of 9/11--but NIPC's budget had nothing to do with it.

Arizona porn spamming proxy abusers busted

The Federal Trade Commission today unsealed and announced its action in the U.S. District Court in Arizona against William Dugger (a/k/a Billy Johnson, d/b/a Net Everyone) of Hawaii (with a business address in Phoenix), Angelina Johnson (d/b/a Net Everyone) of Hawaii and/or Phoenix, and John Vitale (d/b/a Net Everyone) of Phoenix for sending CAN-SPAM-violating porn spam using compromised systems of uninvolved third parties. The Temporary Restraining Order announced today freezes their assets and requires their ISPs to disconnect all of their equipment from the Internet and deny them any access to it.

New Internet consumer protection tool--SiteAdvisor.com

I've been using the Firefox plugin from SiteAdvisor.com for a few days, and I think it's a great idea. They've searched the web, downloaded content, and submitted unique email addresses on signup forms everywhere they find them, to see what happens. They then rate each site for malicious content and the extent to which it generates spam in response to a signup. This database is then used by their browser plugin to display icons next to Google and Yahoo search results indicating whether that site is green, yellow, or red regarding the type of content downloaded, the amount of email you can expect to receive from signing up at the site, and whether it links to other sites that are problematic.

Their privacy policy is good--they don't keep a record of who goes to what site. One feature I'd like to see them add is the ability to not make queries for certain domains (such as Intranet web pages--their current design allows them to map out internal corporate web structures which they should not be able to get).

Their advisory board includes Avi Rubin, a well-known security researcher at Johns Hopkins University (and formerly at AT&T) who has done significant work on e-voting security, and Ben Edelman, formerly of Harvard Law School's Berkman Center for Internet & Society, who is well-known for his research on Internet subjects such as domain name usage and China's web filtering, as well as his lawsuit against web filtering company N2H2 to defend his right to research its blocking list.

SiteAdvisor has a blog, too (though as of this moment it doesn't have a valid RSS feed, according to Thunderbird).

Arizona Sen. Jon Kyl is a spammer

As readers of this blog know, I'm no supporter of George W. Bush. I've never contributed funds or worked to support the campaign of a Republican. Yet I received this spam email from Jon Kyl, who is apparently concerned about competition from Arizona Democratic Party chairman Jim Pederson in the next election. It's also interesting that Kyl's jonkyl.com website is hosted in Canada, and his campaign webservers are hosted in New Jersey. Way to support your home state, Senator.

From: "Senator Jon Kyl"
Date: Thu, 19 Jan 2006 23:57:14 -0500
Subject: I invite you to join my team...

Today I am writing you for two reasons. One is to say thank you for your past support of President Bush and a second is to ask for your help. I am not asking for money. I am simply asking for your time and energy in helping my reelection campaign.

First, thank you for your help in the 2004 election. Because of your hard work, we had a huge victory in Arizona. One of the key elements of victory was the organized force of Bush Volunteers who registered voters, made phone calls, walked neighborhoods, placed signs and bumper stickers, and helped get out the vote. It was a record setting year, and you were part of that team.

Second, I want to ask for your help. As you may know, I am running for reelection to the U.S. Senate. My opponent is the former Chairman of the Arizona Democrat Party, Jim Pederson. He has personally bankrolled the Democrats' efforts, including against President Bush, to date he has spent over $5 million on Democrats and their causes. He is a supporter of Howard Dean and Ted Kennedy and was a leader in John Kerry's failed presidential campaign. Not surprisingly, John Kerry now is Pederson's biggest contributor.

That is why I need your help. Television and radio alone will not win this election. In order to be successful, we will need to replicate the Bush Volunteer program to run our grass roots campaign. We are currently recruiting volunteers from across Arizona to join our campaign as Kyl Captains. As a Kyl Captain you will be integral in our network of individuals who are willing to help on the campaign. Whether you prefer registering voters, working the phones, or just talking with your friends and neighbors, you will be a critical component of my campaign. Because Jim Pederson will spend what it takes on television, it is very important to have a strong and active Arizona Team on the ground, registering and getting voters to the polls. I am convinced it is the key to victory in November 2006.

Please take a moment and visit www.jonkyl.com and sign up as a Kyl Captain. Your personal commitment to this campaign will make all the difference. It has been the greatest honor of my life to represent the people of Arizona in the United States Senate. With your help I hope to continue that public service.

Again, thank you for your past work on behalf of the President and I look forward to working together in the future.

Sincerely,

Jon Kyl
U.S. Senator

P.S. If you have any questions, please feel free to call my office at (602) 840-0306 or visit: www.jonkyl.com

P.O. Box 10246 :: Phoenix, AZ 85064 :: info@jonkyl.com

Paid for by Jon Kyl for U.S. Senate

Books Read in 2005

I read (and completed) the following books in 2005. I've reviewed most of them at Amazon.com (where the links point):

• Richard Abanes, One Nation Under Gods: A History of the Mormon Church
  
• Pascal Boyer, Religion Explained: The Evolutionary Origins of Religious Thought
• Rachel DeWoskin, Foreign Babes in Beijing: Behind the Scenes of a New China
  
• Cory Doctorow, Eastern Standard Tribe
• Mark Haddon, the curious incident of the dog in the night-time
• Michael A. Hiltzik, Dealers of Lightning: Xerox PARC and the Dawn of the Computer Age
  
• Peter W. Huber and Mark P. Mills, The Bottomless Well: The Twilight of Fuel, the Virtue of Waste, and Why We Will Never Run Out of Energy
  
• Penn Jillette, Sock
  
• David Cay Johnston, Perfectly Legal: The Covert Campaign to Rig Our Tax System to Benefit the Super Rich--and Cheat Everybody Else
  
• Steven D. Levitt and Stephen J. Dubner, Freakonomics: A Rogue Economist Explores the Hidden Side of Everything
  
• Joel Levy, The Scam Handbook: The Secrets of the Con Artist
  
• Richard Marcus, American Roulette: How I Turned the Odds Upside-Down--My Wild Twenty-Five-Year Ride Ripping Off the World's Casinos
  
• John Markoff, What the Dormouse Said: How the 60s Counterculture Shaped the Personal Computer Industry
  
• Bethany McLean and Peter Elkind, The Smartest Guys in the Room: The Amazing Rise and Scandalous Fall of Enron
  
• Ben Mezrich, Ugly Americans: The True Story of the Ivy League Cowboys Who Raided the Asian Markets for Millions
  
• Kevin D. Mitnick and William L. Simon, The Art of Intrusion: The Real Stories Behind the Exploits of Hackers, Intruders & Deceivers
  
• Matthew Modine, Full Metal Jacket Diary
  
• John Allen Paulos, A Mathematician Plays the Stock Market
  
• V.S. Ramachandran, A Brief Tour of Human Consciousness
  
• Jon Ronson, The Men Who Stare At Goats
  
• Paul Scharbach and John H. Akers, Phoenix: Then and Now
  
• Thomas J. Stanley and William D. Danko, The Millionaire Next Door: The Surprising Secrets of America's Wealthy
  
• Jim Steinmeyer, Hiding the Elephant: How Magicians Invented the Impossible and Learned to Disappear
  
• Anthony Storr, Feet of Clay: Saints, Sinners, and Madmen: A Study of Gurus
  
• Teller, "When I'm Dead, All This Will Be Yours!"--Joe Teller, a portrait by his kid, Teller
  
• Vicki Lewis Thompson, Nerd Gone Wild
• Ira Winkler, Spies Among Us: How to Stop the Spies, Terrorists, Hackers, and Criminals You Don't Even Know You Encounter Every Day
  
• Richard Yancey, Confessions of a Tax Collector: One Man's Tour of Duty Inside the IRS
  

I began, but haven't yet finished:

• James Bovard, The Bush Betrayal
• Antonio Damasio, Looking for Spinoza: Joy, Sorrow, and the Feeling Brain
• Diego Gambetta, The Sicilian Mafia: The Business of Private Protection
  
• Jennifer Michael Hecht, Doubt: A History
  
• Olivia Judson, Dr. Tatiana's Sex Advice to All Creation
• V.S. Ramachandran and Sandra Blakeslee, Phantoms in the Brain: Probing the Mysteries of the Human Mind
  
• Spammer-X, Inside the Spam Cartel: Trade Secrets from the Dark Side
• Thomas J. Stanley, The Millionaire Mind
• Robert H. Tillman and Michael L. Indergaard, Pump & Dump: The Rancid Rules of the New Economy
• John Viega and Gary McGraw, Building Secure Software: How to Avoid Security Problems the Right Way
• Andrew Vladimirov, Konstantin V. Gavrilenko, Andrei A. Mikhailovsky, WI-FOO: The Secrets of Wireless Hacking

Religious spammer in Scottsdale files lawsuit

Charles E. "Chuck" Carlson (not to be confused with convicted Watergate conspirator turned evangelical prison ministry mogul Chuck Colson) runs something called "Strait Gate Ministries" and assorted websites (including one called "Al-Jazeerah") which seem to focus on arguing that the U.S. should not be supporting Israel. He has a history of advertising these websites by sending unsolicited bulk email, also known as "spam."

He has clashed with a number of anti-spammers, which has led to multiple terminations of online services that he's used--his DSL connection as well as web hosting. He has characterized this as mugging and assault as well as censorship. (Here is a list of some of Carlson's domains blocked by rhyolite.com for sending spam.)

In August, he filed a lawsuit (PDF) in Arizona Superior Court (CV2005-052008) against Robert Poortinga, his own providers who had terminated service, and Missouri Freenet Corporation. In his complaint, he argues that Poortinga and others have defamed him by calling him a "spammer" and accusing him of sending "spam," on the grounds that his emails do not meet the criteria in the CAN-SPAM Act.

"Missouri Freenet Corporation," named as a defendant in Carlson's suit, doesn't actually exist--the person he's intending to sue is Alif Terranson (on whose site the above lawsuit complaint PDF is hosted), who is a well-known anti-spammer and formerly ran the abuse team at Savvis. Terranson has supplied Carlson with information about how to properly name and serve him.

Carlson's complaint appears to me to be without merit. His argument based on CAN-SPAM fails because that act does not define the term "spam," which is a well-known term of art in the Internet world, not a legal term.

"Spam" originally meant bulk postings to Usenet newsgroups (an action associated with a couple of immigration attorneys also based in Scottsdale, Arizona), but quickly came to mean unsolicited bulk email (UBE)--email that is both (a) not explicitly requested by the recipients and (b) sent to multiple recipients. Although the most common form of UBE is unsolicited commercial email (which is what CAN-SPAM regulates), UBE and "spam" are broader than UCE and can include religious spam, insane spam, etc. Internet RFC 2505 endorses this broader notion of "spam," as does this definition from Spamhaus.

Although there are no legal penalties for spam that falls outside of what is regulated by federal and state laws (or laws in other countries), most online providers have stricter guidelines than what the law requires as part of their Acceptable Use Policies (AUPs). Customers of online providers are contractually bound by those AUPs, and can find their service terminated for violations even if they haven't violated the law. This has been the case since long before CAN-SPAM went into effect.

Another form of social penalty for spam is having one's email blocked by those who operate mail servers on the Internet--companies, organizations, and individuals have a variety of tools which can be used to block the vast quantities of unwanted email being spewed out daily by compromised machines as well as by those operating in a more aboveboard manner. Included in those tools are the ability to block by domain name or using IP-address-based blocking lists. What Carlson calls censorship is really just the owners of private mail servers setting rules by which their property may be used by others. (The issue is a bit more complicated in the case of an ISP, but so long as the ISP accurately informs its customers of what they've signed up for, they can apply filters consistent with their service. In general, ISPs want their customers to receive what the customers want to receive, as blocking wanted email leads to complaints.)

I'll keep tabs on this suit as it progresses (if it does).