Spam or Sender-id : Reducing the Fog of Ethical Decision Making. Once More into the Breech!

AUTHOR
Don Gotterbarn

ABSTRACT

Spam is a consequence of the advances of information technology and as technology changes spam has changed in scope, purpose, and ethical impact. What originated as unsolicited bulk messages constrained by the capacity of individual machines now uses unsuspecting compromised personal computers to transmit millions of messages a day. Everyone receives spam. “Like almost everyone who uses e-mail, I receive a ton of spam every day. Much of it offers to help me get out of debt or get rich quick. It would be funny if it weren’t so irritating.” (Bill Gates- 2004 Wall Street Journal)

Originally, the primary purposes of sending spam was a childish prank or to sell products. As the technology has changed, new motives for spam have emerged. These banal motives have changed. We now receive advertising spam, porn spam, and scam spam. Even more distressing is the development of a gangster mentality engaged in taking over and compromising PCs, injecting viruses and flooding recipient networks in a denial of service attack. Spam has also changed. The unsolicited distribution of bulk messages has now extended beyond e-mail to Instant Messaging (SPIM) and to Internet Telephony (SPIT). (Cerf, V. “SPAM, SPIM, and SPIT” Communications of the ACM April 2005).

The rise and evolution of spam has generated a broad range of responses ranging from a deferential attitude ignoring its impact to the aggressive approach of those who will supply tar and feathers to anyone willing to apply it to spammers and to those who provide tools spammers can use. I argue that both of these views are mistaken. The former position rests on what James Moor calls “a virtual fallacy”; assuming that because something happens in the virtual world, that it does not have real impact.

The more aggressive position is marked by the development of spam filters and black lists distributed by organizations like Spamhaus in the UK. These filters, unfortunately, often give false positives preventing the delivery of appropriate messages. Lessig has argued against this aggressive unilateral approach saying, “Those making the policy are not accountable to anyone.” This approach to policy development denies a public forum, denies a voice to the stakeholders involved. (Lessig, L. Code and Other Laws of Cyberspace, New York Basic Books 1999)

The real problems created by spam are clear. “But spam is worse than irritating. It is a drain on business productivity, an increasingly costly waste of time and resources that clogs corporate networks and distracts workers. Among consumers, it spreads scams, pornography and even computer viruses. Worse, spammers prey on less sophisticated e-mail users, including children, threatening their safety and privacy. And as everyone struggles to sift spam from their inboxes, valid messages are sometimes overlooked or deleted, which makes e-mail less useful and reliable as a channel for communication and legitimate e-commerce. In short, spam threatens to undo much of the good that e-mail has achieved.” (Bill Gates 2004)

Many countries and several US jurisdictions have laws against spam. According to PC World (http://www.pcworld.com/news/article/0,aid,118493,00.asp), on 14 August 2004 in Virginia, Jeremy Jaynes will spend “nine years in prison for sending hundreds of thousands of unwanted e-mail messages. Virginia Attorney General Jerry Kilgore said Jaynes was found guilty under a Virginia state law that prohibits e-mails marketers from sending more than a certain amount of spams within a given time frame and prohibits the use of fake e-mail addresses?A Loudoun County jury decided that Jeremy Jaynes? flooded tens of thousands of AOL email accounts with unsolicited email.” Between 11 July and 9 August 2003, he sent over 10,000,000 emails a day. “And those 10 million pieces of spam a day yielded between 10,000 and 17,000 paying responses a month, and an obscene $400,000 to $750,000 a month. Jayne’s total expenses per month were estimated to be approximately $50,000, netting him a cool $350,000 to $700,000 a month in profit.” (http://www.aunty-spam.com/portrait-of-a-spammer/) The illegality of spam in the USA is not new. Even as early as 1998 in Hotmail Corporation v. Van$Money Pie, Inc. 1998 spam was legally viewed as a form of trespass.

As early as 1999 there have been ethical critiques of spam. Spam shifts the costs from the sender to others including the Internet, ISPs, receivers of the spam, network bandwidth, and disk storage. In ” Ethical Reflections on the Problem of Spam,” Ethics and Information Technology vol 1 no 3 185-191 (1999) Spinello argues against spam on utilitarian grounds for this abuse of resources and argues against it on deontological grounds for its lack of respect of persons and because spamming cannot be justified by a universalizable principle.

If the decisions are made-spam is illegal and spamming is unethical-why bother discussing it at an ethics conference? Identifying the problems with spam appears to be easy, but it is not an easy ethical task to determine how best to prevent spam, spim, and spit. Pointing the finger of blame and guilt after the fact is easy. The hard problem is for an ethical person to identify and pursue an ethical action that will prevent or reduce the occurrence of spam. Ethcal decision making helps here.

Ethical decision-making has several functions. The easiest function is to use some decision procedure to evaluate the ethicality of an act after it has occurred and after its impacts are clear. Another but much more difficult use of ethical decision models is to make a proactive choice that may, in an ethical way, reduce or prevent an unethical act. I address the latter function concerning the prevention of spam. Assume the debate about the legality and ethicality of spam and its variants is decided. Given the strong profit motives to spam, what is the best way to prevent spam? The answer to this requires careful application of an ethical decision procedure.

Over a decade ago Terry Winograd described three stereotypes of ethical decision making which he called “devil or angel”, “the morality computer”, and “troupe of jugglers”. In the devil or angel situation, you know what is right or wrong and it is simply a matter of choosing. In the morality computer, you have a clear set of moral rules and a clear set of facts and you deduce from the rules the correct moral choice. In the troupe of jugglers model, you are engaged in a complex social interaction with evolving practices and technologies. This Jugglers model describes many of ITC ethics decision points; the identification of the complexity of the situation however did not provide direction for decision-making. There are some clear ethical situations where ethical decisions are made every day. There are however some ethical decisions which are not as obvious and in a foggy area; these require the application of ethical decision-making procedures.

It is important to justify and document these decisions. Doing so may later help reduce the shadows in other ethical situations and provide a basis for future decision-making. It is not simply enough to express personal dislike for a particular aspect of technology. Bill Gates’ article from the Wall Street Journal cited above started out with “I hate Spam.” The world seems to have made a decision about spam- – at least that it is illegal in some jurisdictions. However, even when the law or some legislature makes the basic legal decision for us, we are still left with the question of how to address the problem.

The question “How do we address spam?” is ambiguous. It is really two questions.. What shall we do with those who are judged guilty of spamming? The courts provide an to this question in terms of sanctions and penalties. The other part has to do with the prevention of the crime to begin with. In criminal law, there are specific constraints on the range of behavior of law enforcement agents. Authorities are not allowed to use “excessive force”. In normal law enforcement, the enforcing agent has a wide range of approaches. Similarly, in attempting spam prevention there is a wide range of solutions. The choice of technical solution is an ethical decision requiring a juggling of a complex set of values including privacy, security, and property rights.

In what follows I will examine two approaches to ethical decision-making applied to the ethical choice of using sender id to facilitate SPAM reduction. The two decision-making methods are the Paramedic method, and Bynum’s heuristic method of ethical case analysis. There are two goals in doing this analysis. First using both methods will demonstrate the strengths and weaknesses of each and point us toward a hybrid approach to ethical decision-making. Second, the analysis will bring us once again into the battle (on Crispin day) of adjudicating the ethical trade-offs involved in making decisions related to privacy and respect for human beings in a complex society with rapidly changing technology. The use of sender id and other sender authentication techniques to prevent the negative impacts of spam raises issues that were left unresolved in discussions of earlier technologies of radio frequency identification (RFID) chips and smart cards; issues that have not yet been moved into a clearer area of ITC ethics. Seeing the relationship between the ethical issues raised by these technologies may reduce some of the fog.