For consumers, spam is not the big issue it once was. Improved email filtering technologies and preventative CAPTCHA tests deal with much of the unwanted inbox traffic.
Even if the “You have won $100,000 in the Lottery, please send us your details to collect your prize” somehow gets through, it is easily tackled.
The realisation that you didn’t enter a lottery and a quick glance at the dodgy syntax and sender ID should normally flag your suspicions. However, what if the email is from a well-known brand you trust? Would you be more likely to disclose your details?
Yahoo faced this issue when their branding was used in a three year fraudulent lottery spam campaign by Nigerian, Thai and Taiwanese perpetrators. Yahoo lodged a case against them in 2008 and today a New York Court delivered their default judgment.
The spammers breached the US CAN SPAM Act and now have to pay Yahoo $50 for each email in reparation. This accumulates to the jackpot sum (including a $27million trademark suit) of $610m (£387m).
While this makes a great headline figure for the fight against fraud and spam, it begs the question, will Yahoo! ever actually see this money?
Perhaps Yahoo invested all this time and money to make a symbolic example of the perpetrators? I would argue that rather than striking a blow to the spam industry, this case reiterates fundamental problems for domestic legal instruments operating in a transnational domain.
The judgement is in the US, and the guilty parties are not. Applying the judgement extra-territorially is a significant hurdle for retribution on a practical level.
Despite this, laws remain incredibly important online because they represent democratic process and establish certainty and norms. Unfortunately, this judgement highlights their huge shortcoming: enforcement.
The internet is not borderless. Establishing geographical borders, through technical measures, assists the application of domestic territorial laws. The norm of establishing borders online is largely due to geo-identification technologies used by Yahoo to comply with a judgment from 2000, which banned sale of Nazi memorabilia in France.
From a legal perspective, regulation of intermediaries within sovereign territories (like ISPs) is the main way to control trans-national content.
However, without the geographic proximity of an intermediary, governments struggle to enforce laws, as the US and Yahoo! will find out here.
Instead, it is clear that innovative regulation is required, often using technical solutions. Technology is not bound by geographic borders and has the flexibility to address many of the issues laws cannot.
Article source: http://feedproxy.google.com/~r/nakedsecurity/~3/iw9k20MK40A/
View full post on National Cyber Security