Frozen. Canada’s Anti-Spam Reporting Centre: 5 Reasons Why The Fed’s Latest Flight of Fancy is Dead on Arrival
Have a quick read of available coverage and you might be tempted to think “The Freezer”, the Canadian government’s plan for a national Anti-Spam Reporting Centre is a great initiative whose time has come. Headlines already abound with such emphatic language as “crack-down” and “getting tough on spammers” with ‘how-to’ guides for businesses and individuals to avoid being ‘frozen’. On the surface, it has three of the necessary ingredients to deal with a problem that has been tormenting Internet users for the better part of two decades:
What’s the problem you ask? It’s all wrong.
At the time of this writing, Bill C-28 or CASL (Canada’s Anti-Spam Law) or FISA (Fighting Internet and Wireless Spam Act) had passed into law and an RFP for Anti-Spam Centre solutions has concluded. Fortunately, implementation has been delayed until at least mid-year to deal with miscellaneous issues.
The Anti-Spam Centre aims to piggyback onto the new law to be a funnel for all organizations’ and individuals’ reports of spam and misleading communications across any medium, including mobile text messaging, social media sites and instant messaging. Reports submitted by individuals and organizations will be channeled to the agency responsible for the medium and method used by the offending messages. Once inside the Freezer, they will be stored, analyzed and ostensibly, acted upon swiftly and categorically.
Here’s why this is – at best – entirely unrealistic (but wait, don’t be offended just yet).
Today most of the millions of spam messages floating around the Internet are due to botnets, and these are being shut down on a regular basis. What’s left is very effectively filtered by webmail anti-spam and ISPs (over 98%). Then they’re further eradicated by company spam-filters at work and email clients themselves. The insignificant numbers of unsolicited messages that come through are dwarfed by other daily undesirables, such as those from friends and family whose urgent requests to just check out the latest hoax, forward an old chain letter, review a slideshow or scroll through to read the punchline to a stale joke.
Finally for the pièce de résistance: Given the law’s stated goal to “deter the most damaging and deceptive forms of spam, such as identity theft, phishing and spyware, from occurring in Canada and to help drive spammers out of Canada.”, having users actually open messages to see if they’re misleading, unauthorized or malicious, exposing themselves to phishing, social engineering, identity theft and malware attacks seems counterintuitive (read: ignorant). As if rallying people around an increasingly irrelevant annoyance wasn’t enough, the pompous language cements its resolve with an intention to “establish a regulatory framework to protect electronic commerce in Canada.” Clearly.
To be entirely unfair in the interest of comic relief (as if the above wasn’t sufficient) one of the ‘experts’ often-quoted on the matter and a vocal proponent of the scheme supplied the following dubious justification: “There are spam gangs in Canada. There are absolutely spammers here.”
How should we report spam? Are there alternatives to this misguided approach?
You bet there are! Here is a comprehensive list that would satisfy even the most jaded email abuse victim. Spam is a part of all Internet traffic and so anti-spam efforts have evolved over the past two decades to include a workable system of layered protection that starts with Internet service providers (ISP) and webmail providers such as Gmail, Yahoo and Hotmail. These organizations hate spam even more than Internet users do because it amounts to a waste of computing, storage and access resources. So they all have invested heavily in very effective ways to combat it and have implemented mechanisms for reporting it.
This means that what we see is only a small fraction of the spam that floats around the Internet. Our own computers do a lot of the work too, from anti-virus suites to email readers, chances are, the software on your computer is already doing a good job of eliminating some spam from annoying you. On top of that, additional functionality is available through filtering functions (within Outlook and all other major clients) that allows users to create and infinitely customize filters. Good third-party add-on software is only a Google search away and if you really must report it, different countries have established measures for receiving submissions by email. Two of the most mature and effective systems available for dealing with spam are KnujOn and SpamCop. They will receive complaints and report them to the right authorities, adding them to blocklists that are available to ISPs worldwide. If the messages contain malicious payloads that include phishing attempts, send them to the US-CERT group for tracking. In short, the Internet is replete with overlapping efforts to effectively deal with spam, and they work. The last thing we need is to add to the confusion with an expensive new system that is clearly going to be ineffective from the start. Can we use an email address where malicious unsolicited email from local sources can be received for use in future prosecution? Sure. Is the whole ‘Freezer’ circus necessary? Absolutely not.
All it takes to avoid the “threat of unsolicited messaging” is to hold down CTRL (or Command on your Mac), select the obviously unsolicited messages and deleting them all with a single click. This takes little more than 5-10 seconds per day for a grand total of 20 minutes per year! Unless you’re spending an inordinate amount of time looking for legitimate emails misfiled as spam – which can and does happen – your productivity should be relatively intact. Relative to what? Contrast that with the time taken to report the issue once you’ve exposed your computer to the potential of infection. Or take a look at the big picture. How long do you spend looking through the unsolicited coupons in your mailbox? What about the hours of TV commercials that bombard your senses each year? Time spent in traffic? Do the math. This is an ill-conceived idea with no rational or professional insight, introduced by parties whose agenda has little to do with solving the problem for consumers. Instead of entertaining this expensive exercise, the allotted $700k would most certainly be better spent on infinitely more important global issues.
Despite the initial fanfare, the Freezer faces even bigger ‘image’ issues as the original domain name now belongs to – you guessed it – a refrigerator company and every flavour of the word has been taken, even by anti-spam products. Without a spunky brand and any valid claims, the Freezer is all but doomed given that it pre-eroded its own chance at gaining the public’s trust. If this albatross is to ever get off the ground, it will have to be significantly different from what we have seen to date.
Either way, don’t give spam a second thought. Enjoy your day and go back to dealing with unsolicited messages the way you did before: by simply ignoring or erasing them. Avoiding the Freezer will not only preserve your productivity but it may save you from infecting your own computer.