How to Combat Spam?
Tilburg Institute for Law, Technology and Society
University of Tilburg, The Netherlands (1)
Creative Commons License Attribution – Noncommercial - No
Derivative Works 2.0 France
First published in the Web Journal of Current Legal Issues
Citation: Trillet G, ‘How to Combat Spam?' (2013) 19(4) Web JCLI
This paper takes a multidisciplinary approach to assess the issue of unsolicited commercial e-mails, most commonly known as spams.
The problematic of unsolicited bulk email, commonly referred to as "spam", is an ever-increasing worrying and probably one of the largest issues on the Internet. Nowadays, does the email spam still concern a lot of people considering that newest generations communicate with instant messaging system, through Facebook or Tweeter, via their smartphone? According to the CAUCE (Coalition Against Unsolicited Commercial Email), the answer is yes(2) and the conclusions of a recent study(3) confirm that email is still the top online activity, all generations considered. Furthermore, a recent study(4) by the company Nielsen (global leader in measurement and information) shows that the first activity on mobile devices is emailing and not social networking.(5) One step further, in a Radicati Group report, the number of email users is forecasted to attain 1.9 billion by 2013.(6) Because email has still significance, the spammers still value this communication tool. It is therefore crucial to find ways which permit to battle this security and privacy(7) threat. In March 2011, spams represented 79.6 % of the emails traffic in the USA, against 79.1% for the UK and 80.2% in the Netherlands.(8) Clearly, spam exceeded the stage of simple online annoyance. In spite of technological advancements, it is expected by 2014 that 19 % of email transferred to users' mailboxes will nevertheless be spam.(9)
Although the definition of spam can be broad(10) and that spam can encompass numerous sorts of messages,(11) the present work will mainly focus on "unsolicited commercial email". Spam must be battle on all fronts.(12) This is why, from a manifold perspective, the present work will argue what are the optimal ways to defeat spam.
2. From a legal perspective(13)
Worldwide, lots of anti-spam legislations have been designed. Even worst, the CAN-SPAM Act (CPA)(16) has the criticised(17) opposite effect of making spam legal instead of prohibiting it.(18) Nonetheless, one interesting clause, highly supported by Lessig,(19) considers the establishment of a report mechanism. Individuals who help chasing breaches of the Act become entitled to perceive a reward.(20) However, Tompkins and Handley argue that such a system would cause people breaching laws and could be an encouragement for hackers to violate people's privacy.(21)
The USA's legislation is very weak,(22) too superficial according to Mozena.(23) It is totally antagonist to the EU one,(24) as well as to the legislation in Australia(25) and China, where spamming is not legal.(26) Besides laws, it is thought that self-regulation system is not the adequate solution to circumvent spam,(27) where it seems now clear that it cannot play an important role anymore(28) and should be substituted by binding laws(29) in order to prevent marketeers' abusive practices.(30)
The main shortcomings of the regulations may be mainly explained as follow. Firstly, there is no global definition(31) of what constitutes a spam. According to Starr,(32) the central elements to define spam, i.e. unsolicited, bulk and commercial, are not adaptable to fit in a global spam explanation. Furthermore, Van Alstyne stresses that "recipients themselves do not agree on what constitutes spam".(33)
Secondly, the law is restricted to a single jurisdiction. Indeed, EU laws are only applicable within the Union and the vast majority of spams emanates from outside, which inevitably leads to a chaotic enforcement of anti-spam regulations. Indeed, about 90% of EU spam troubles come from the USA where spamming is legal.(34) Meanwhile, cybercriminals do not have boundaries and may even remote spamming, through a network of "zombie computers".
Noteworthy, even if sender and recipient of email spam are both living in the same country or state, it does not automatically implies that the domestic law will apply, as it is very plausible that the email was dispatched via a server situated elsewhere.(35)
Nevertheless, it is reasonable to argue that the Canadian Anti-Spam legislation (Bill C-28)(36) will constitute an effective law, taking the best from the EU 2009 Directive(37) and the USA Act.(38) Embodying an opt-in regime, the bill provides for drastic penalties(39) applicable to spammers. However, online, the identity of spammers is not easily detectable and fake identities can be used. Interestingly, the bulk character of the email spam would be irrelevant as the law would apply as soon as a single email is forwarded.(40)
In conclusion, Starr is right when saying that "at best, anti-spam laws are ineffective; at worst, they cause more problems than spam itself".(41) Only when a regulation of global significance will be designed or when worldwide laws will be consistent, the law will stop constituting a utopic instrument to eradicate spam.(42) Additionally, such law(s) would need to call for transborder enforcement, key feature the international scene is currently lacking of. Besides, cross-border prosecution can be arduous where 88.2 % of all spam is sent from botnets of "zombie computers",(43) where identity of the real sender is hidden. So, the spam issue encompasses more than just some loopholes in the global legislative framework.(44) The will to find a global consensus will always face two issues: either adopting a consumer-oriented law generally characterised by an opt-in system, such as the EU and Canadian laws, or a business-focused law generally characterised by an opt-out regime, such as the CPA. Basically, balancing interests are at stake. Undertakings need to be allowed to freely send advertisement emails but consumer's privacy and consent should be preserved. Ultimately, it is wise to mention that "criminalization requires a clear definition of the crime and an ability to catch the criminal. Neither is possible with spam."(45)
To solve the spam problem, why not just stop using emails, mobile phones, the Internet? Let's face it; nobody wants to go back in time. Yet, according to a 2003 study,(46) more and more people are tempted to partly or completely give up the use of email because of spam.
The elementary step to curb spam is the use of a content-base or Bayesian filter by the Internet Service Providers (ISPs) and the end-users. This allows solving the issue respectively uphill and downhill.(47) However, spam filters are not foolproof and legitimate emails may seem for the filters to be unsolicited and sometimes may still be returned to the expedient without the receiver having knowledge of them.(48) The main drawback of filters is highlighted by Loder et al.: the "language plasticity(49)permits an escalating arms race in which one side seeks better ways to block unwanted access and the other seeks better ways to gain it."(50) Yet, the Guardian stated in 2004 that dispatching unsolicited email was more difficult nowadays, where spammer must "play dirty" in order to fool filters.(51)
Just to mention it, the black and white lists registries system is usually not effective as spammer can buy inexpensive new identities or forge others' identities (spoofing).(52) Interestingly, a September 2011 study empirically reveals that a Support Vector Machine, developed to distinguish end-user and legitimate mail servers machines,(53) greatly surpasses current largely employed black lists, where filtering accuracy is drastically improved.(54)
One valuable manner to eliminate spam is to utilise a free of charge discardable email address instead of one's real email address. This is the method employed by Spamgourmet. It is thought this website (http://spamgourmet.com/) provides for an effective solution to avoid spams. This was even advocated at the American Bar Association's TechShow.(55) It offers disposable and time limited email addresses through a very simple functioning. A temporary address is created to receive a number of messages predefined by the user, and once the quota is exceeded, messages sent to that address will be automatically deleted.(56) In practice, the user needs to register on spamgourmet.com. It will be asked to provide a username and a valid email address (which is protected) where an activation link will be sent. Then, Spamgourmet will transmit the messages dispatched to the user's disposable addresses to the protected address.(57) After registration, the user disposes of the discardable addresses which will self-destroy after a period of time. Those addresses will always have the same format: firstname.lastname@example.org "Oneword" stands for a simple word allowing the user to remember where a given address was used. "X" reveals the number of times (maximum 20) Spamgourmet may receive emails using this address before it destroys them. "Username" is self-explaining.(58) The advantage of Spamgourmet is that the user does not have to come back on the website to create a disposable address before being able to actually using it, as opposed to other websites supplying the same service.(59)
One current trend of spammer is to use social networks(63) such as Facebook and Twitter or fora.(64) Indeed, every user of these networks is an easy spam target as spam robots continually scan these platforms to gather emails. Therefore, an effective way to receive less spam could be to use the "Scr.im" website solution (http://scr.im/). It protects an email address against spam, making it accessible through a safe and short personalised URL address.(65) Concretely, instead of giving an address under its traditional format such as "email@example.com", the user provides a personalised web link obtained thanks to "Scrim" into the following format: "http://scr.im/2fc1". Subsequently, everyone wishing to send an email to a "Scrim" address's user has to enter the proposed URL which will unmask, after a basic test spam devices are not able to cross (the so-called "humanity check"), the user actual address. Eventually, this free device retains the address imperceptible and blocks spams.
To conclude, contrary to the law, technology has no boundaries. According to Grimes, the "the final solution that seems to have the best chance according to most experts is a technological solution."(66)
According to Van Alstyne,(67) "the two most common" perspectives referred above did and will have only a limited success. A step further, McCullaghn affirms that "spam is not primarily a technological or legal problem: it's an economic one."(68) Indeed, as long as there will remain a mutual interest both for spammers and anti-spammers for the spams to survive, no concrete answer to spam can be framed. On the one hand, spammers' aim is attracting people with their advertisements. On the other hand, a proportion of their opponents seem to be relatively happy with that. In fact, it is thought that undertakings vendors of anti-spam equipment have a genuine economic interest that spam keeps spreading on the Internet. For instance, according to a Radicati Group study, the foreseen email security market share, where anti-spam products represent an important segment, will grow to attain in 2014 more than 7 billion US dollars,(69) which is far superior than what the spammers will earn.(70)
Spam is a parasite advertisement in the sense that it switches the costs of the operation on the targets' shoulders, costing ISPs and the Internet users' resources and time.(71) Indeed, sending a single or bulk email is cheap and therefore the low costs engaged can easily be recovered even if only a portion of emails provides economic results. Until the end of this scheme, spammers will evermore have a pecuniary interest into spamming, as only a few purchases is necessary for spam to be a lucrative activity.(72)
Therefore, why a sort of payment system is not in place? In an experimental survey, where an example of a market mechanism is used to deploy human attention,(73) it was held that by imposing postage fees for emails, senders will be more selective and smaller quantities of message will be sent.(74) Although the authors acknowledge that this solution has potential they also point out that it still needs to be fully attained. Indeed, its first challenge is the difficult task to change people's minds on the way to charge for something which has been free for decades. The second is devising the adequate manner of the pricing mechanism. But the major counter-argument to impose such a payment system, which will arguably prevail for a long time, is that it would represent a huge "technological step backward" as well as express a "tacit admission of defeat" to the spam threat, regardless of the smallness of the payment.(75) Nonetheless, it is thought that Kraut et al. are right when arguing about the pricing mechanism that "given sufficient societal benefits, the shift is possible" as it was the case when people shifted from "free broadcast TV to fee-based cable and pay per view TV."(76)
Another instrument to allocate human attention is the "selling interrupt rights" mechanism devised by Fahlman(77) and explored in a more superficial way in Ayres and Nalebuff's book.(78) Based on the same pricing email idea, this mechanism provides for that when a sender wishes to interact with someone via emails, he must pay a fee for disturbing this potential customer. Whether the recipient is willing to contract or not, he will either drop the fee or solicit it. Similarly as the above pricing system, sender's emails would therefore be very targeted. Fahlman's scheme is thought to be at least as captivating as the aforementioned one, probably even more.(79)
Eventually, it should be clearly kept in mind that sending bulk unsolicited emails is an ill-advised practice not to be used by undertakings,(80) where a "wealth of information" may bring on a "poorness of attention",(81) what should contravene the "freedom of commercial speech" advocated by Weintzen.(82)
"Two years from now, spam will be solved".(83) This is a famous quote from Bill Gates in 2004, where he underestimated the spam issue, without taking into account that "the" anti-spam solution will not be found soon and solely in the technology. In spite of the numerous interesting suggested solutions, it is careful to realise that a conclusive way to eradicate spam cannot yet be foreseen.
Implementation of anti-spam laws within diverse jurisdiction and anti-spam alliances shaped by leading IT undertakings (such a Microsoft, America Online and Yahoo!) have not contributed to a curtailment regarding spam(84). At most, a multidisciplinary approach should be able to lessen the spam problematic. Indeed, according to Cowper, "a global problem needs a global solution".(85) Through this work, it has been demonstrated that "there's not one single way to eliminate the problem […] only a combination of initiatives".(86) Therefore any manner to stem spam will encompass a key concept: the international multidisciplinary cooperation.
The present work was limited to three perspectives: legal, technological and economic. Further researches should focus on the social, educational, ethical and environmental perspectives of spam.
Asscher L F, and Hoogcarspel S A, Regulating spam: a European perspective after the adoption of the E-Privacy Directive (The Hague: TMC Asser Press 2006).
Cranor L F and LaMacchia B A, ‘"Spam!" (1998) Communications of the ACM 14(8)' <http://lorrie.cranor.org/pubs/spam/spam.html>.
Keizer G, ‘Spam Summit Calls For Global Coalition To Fight Junk E-Mail' (2003) <http://www.informationweek.com/news/10817878>.
Schwartz A, and Garfinkel S, Stopping Spam: Stamping Out Unwanted Email and News Postings (O'Reilly Media Inc, USA 1998).
Sorkin D E, ‘Technical and Legal Approaches to Unsolicited Electronic Mail', (2001) <http://www.sorkin.org/articles/usf.pdf>.
The Spamhaus Project, ‘United States Heads Towards Legalization of Spam' (2003) <http://www.middletownusa.com/view_news.asp?a=745>
The Spamhaus, "The World's Worst Spam Producing Countries" (2011) <http://www.spamhaus.org/statistics/countries.lasso>
(1) Garry Trillet (LL.M.) graduated from the CEIPI (Centre d'Études Internationales de la Propriété Intellectuelle), University of Strasbourg, France, in 2013 and obtained his LL.M. in European and international Intellectual Property Law. In 2012, he graduated from the TILT (Tilburg Institute for Law, Technology and Society), University of Tilburg, The Netherlands, and obtained his LL.M. in Law and Technology. His main areas of interest are intellectual property law and legal issues brought by new technologies.
(2) CAUCE, "Do People Still Care About Email Spam Anymore?" (2011) < http://www.cauce.org/2010/12/do-people-still-care-about-email-spam-anymore.html> and CAUCE, "Yes, People Still Care About Email Spam" (2011) < http://www.cauce.org/2011/02/yes-people-still-care-about-email-spam.html>.
(3) Pew Research Center's Internet & American Life Project, "Search and email still top the list of most popular online activities" (2011) < http://pewinternet.org/~/media/Files/Reports/2011/PIP_Search-and-Email.pdf>.
(4) Anon., "Email Dominates Mobile Web Time" (2010) <http://www.emarketer.com/Article.aspx?R=1007868> and Nielsen Group, "How Americans Spend Mobile Internet Time: A New Look" (2010) < http://blog.nielsen.com/nielsenwire/online_mobile/how-americans-spend-mobile-internet-time-a-new-look/>.
(5) Respectively 25:00 and 6:18 minutes out of every hour.
(7) Principally illegitimate interference with the users' email boxes.
(8) Anon., "Symantec annonce la publication de l'édition de mars 2011 de son rapport" (2011) < http://www.informaticien.be/util.ks?page=articles_print&id=9502>.
(10) Including either commercial or non-commercial unsolicited bulk e-mail. See the EU legislative framework which extends spam to include SMS, MMS and other kinds of similar applications (infra, Directive 2009/136/EC). See also the Washington State Supreme Court decision in State v. Heckel, 143 Wash. 2d 824, 24 P.3d 404 (2001).
(11) Such as commercial messages, messages containing viruses or pornographic contents.
(12) E. Liikanen, "Combating Spam on All Fronts" (2003) < http://europa.eu/rapid/pressReleasesAction.do?reference=SPEECH/03/365&format=HTML&aged=0&language=EN&guiLanguage=en>.
(13) Everybody implicated in the spam issue, i.e. legislators, market players, ISPs and recipients give the impression that the law in itself will not make spam disappear.
(14) D. E. Sorkin, "Spam Legislation in the United States" (2003) <http://papers.ssrn.com/sol3/papers.cfm?abstract_id=1061301>.
(15) S. Starr, "Can the law can spam?" (2004) <http://www.spiked-online.com/articles/0000000CA4BF.htm>.
(16) Controlling the Assault of Non-Solicited Pornography and Marketing Act of 2003. Commonly known as "You CAN Spam" Act.
(17) For more info, see supra note 13.
(18) The Can-Spam Act does only apply to commercial email messages in the USA, as the US legislator considers the superiority of the freedom of expression. As it is a federal law, it supersedes all state laws (generally much more stricter) rendering them not valid (because of the USA pre-emption of State Law) and the Act even for instance anticipated a California's law which would have devised an opt-in regime against spam. Indeed, the CPA came into force at the same time that California law was intended to come into force (January 1, 2004).
For instance, if someone reports a spam which is not correctly
labelled (the "ADV:" label is missing), he will get a
bounty, a portion of what the spammer would have to pay.
For further information, see: Federal Trade Commission, "FTC Assesses Reward System for Catching Spammers" (2004) <http://www.ftc.gov/opa/2004/09/bounty.shtm>.
(21) T. Tompkins and D. Handley, "Giving E-mail back to the users: Using digital signatures to solve the spam problem" (2003) < http://firstmonday.org/htbin/cgiwrap/bin/ojs/index.php/fm/article/view/1074/994>.
(22) P. Brownfeld, "Consumer Groups Seek to Put a Can on Spam" (2003) <http://www.foxnews.com/story/0,2933,103540,00.html>. See also L. Rainie and D. Fallows, "The CAN-SPAM Act Has Not Helped Most Email Users So Far." (2004) < http://www.pewinternet.org/~/media//Files/Reports/2004/PIP_Data_Memo_on_Spam.pdf.pdf>.
(23) J. Mozena, co-founder and vice president of the CAUCE, In: P. Brownfeld, "Consumer Groups Seek to Put a Can on Spam" (2003), op. cit., supra note 21.
(24) Principally the "e-Privacy Directive" (Council Directive 2002/58/EC concerning the processing of personal data and the protection of privacy in the electronic communications sector  OJ L201/37) which brought the opt-in regime.
(25) Defined as "one of the world's best examples of an anti-spam legislative regime" according to the "Spam Act 2003: A practical guide for business" < http://www.acma.gov.au/webwr/consumer_info/frequently_asked_questions/spam_business_practical_guide.pdf>.
(26) The USA adopted an opt-out system (except in California and Delaware) and the EU a so-called soft opt-in one, where the recipient has to give his express consent to receive materials from the "spammer".
(27) Anon., "EU to fight spam" (2001) 2 Computer Fraud & Security 3.
(28) Where even on clicking on a "remove me" button in an email spam results in no change or more spams. See Federal Trade Commission, "False claims in spam" (2003) <http://www.ftc.gov/reports/spam/030429spamreport.pdf> and "Remove Me" Survey Results, FTC, (2002) <http://www.ftc.gov/bcp/edu/microsites/spam/pubs/removeme.pdf>.
(29) Even in the Netherlands, the "bel me niet" self-regulation about marketing phone calls turned eventually in 2009 into binding law (encompassed into the Dutch Telecommunications Act 2009).
(30) Recently, Qatar, South Africa, the United Arab Emirates, India and Pakistan have reached this logical conclusion. See CAUCE, "Five Countries are Considering Anti-spam Laws" (2011) < http://www.cauce.org/2011/08/five-countries-are-considering-anti-spam-laws.html>.
(32) S. Starr, "Can the law can spam?" (2004) op. cit., supra note 14.
(33) M. W. Van Alstyne, "Curing Spam: Rights, Signals & Screens" (2007) 4 The Economists' Voice 2.
(34) The Spamhaus Project, "United States set to Legalize Spamming on January 1, 2004" (2003) <http://www.spamhaus.org/news.lasso?article=150>. See also: Communication from the Commission to the European Parliament, the Council, the European Economic and Social Committee and the Committee of the Regions on Fighting Spam, Spyware, and Malicious Software. (2006) < http://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=CELEX:52006DC0688:EN:NOT>.
(35) D. E. Sorkin, "Spam Legislation in the United States" (2003) op. cit., supra note 13.
(36) Turned into law in December 15, 2010 but actually its implementation is foreseen to take place only around mid-2012. For further information, see: Anon., "Bill C-28/Canada's Anti-Spam Legislation" <http://www.inboxmarketer.com/Bill-C28.asp>.
(37) Council Directive 2009/136/EC amending Directive 2002/22/EC on universal service and users' rights relating to electronic communications networks and services, Directive 2002/58/EC concerning the processing of personal data and the protection of privacy in the electronic communications sector and Regulation (EC) No 2006/2004 on cooperation between national authorities responsible for the enforcement of consumer protection laws  OJ L337/11.
(38) The Canadian Bill, contrarily to the EU "e-Privacy Directive", does not encompass only the email but also e.g. SMS and instant messaging.
(39) Up to 1 million and up to 10 million Canadian dollars, respectively for an individual and an undertaking.
(40) It is however contrary to the Spamhaus definition, where "bulk" and "unsolicited" play a decisive role. See: The Spamhaus Project, "The Definition of Spam" <http://www.spamhaus.org/definition.html>.
(41) S. Starr, "Can technology can spam?" (2004) <http://www.spiked-online.com/Articles/0000000CA50F.htm>.
(42) C. Everett, "Stronger laws needed to stem spam" (2004) 1 Computer Fraud & Security 1.
(43) Symantec, "MessageLabs Intelligence: 2010 Annual Security Report " (2010) < http://www.clearnorthtech.com/images/MessageLabsIntelligence_2010_Annual_Report.pdf>.
(44) Idea shared with the Australian 2003 report on spam. Final report of the NOIE review of the spam problem and how it can be countered, < http://www.apcomms.org.uk/apig/archive/activities-2003/spam-public-enquiry/written-evidence-submitted-to-the-enquiry/australian_noie_appendix_spamreport.pdf>.
(45) M. W. Van Alstyne, "Curing Spam: Rights, Signals & Screens" (2007), op. cit., supra note 32.
(46) D. Fallows, "Spam: how it is hurting email and degrading life on the internet" (2003) < http://www.pewinternet.org/~/media//Files/Reports/2003/PIP_Spam_Report.pdf.pdf>.
(47) P. Roberts, "MIT Spam Conference looks beyond filters" (2004) < http://www.computerworld.com.au/article/92794/mit_spam_conference_looks_beyond_filters/#closeme> and S. Starr, "Can technology can spam?" (2004), op. cit., supra note 40.
(48) This is referred as to the false positives/negatives system.
(49) Emphasis added.
(50) T. Loder et al., "An Economic Response to Unsolicited Communication" (2006) <http://www.bepress.com/bejeap/advances/vol6/iss1/art2/>.
(51) D. O'Brien, "Incredible bulk" (2004) < http://www.guardian.co.uk/technology/2004/apr/08/spam.internet/print>.
(52) T. Loder et al., "An Economic Response to Unsolicited Communication" (2006), op. cit., supra note 49.
(53) The study defends the effective approach that emails sent from distant end-user appliances should be filtered straightaway by recipient mail servers as spam robots to a large extent are end-user appliances.
(54) F. Sanchez et al., "Blocking Spam By Separating End-User Machines from Legitimate Mail Server Machines" (2011) <http://www.cs.fsu.edu/~duan/publications/2011_ceas.pdf>.
(55) B. Michaelis, "The Best of ABA TECHSHOW 2011" (2011) < http://oregonlawpracticemanagement.com/2011/04/18/the-best-of-aba-techshow-2011/>.
(56) HEC Lausanne Infocentre, "Spamgourmet: un outil pour prévenir le spam" (2004) < http://www.hec.unil.ch/infocentre/index.php?option=com_content&task=view&id=50&Itemid=2>.
(57) In such a way, the sender will not be aware that it is not the user's actual address.
(58) For example, if a user is required to give away an email address to the XYZ undertaking and has as username "beautifulmind", the following can be communicated: fromXYZ.firstname.lastname@example.org.This address is created as soon as the company XYZ makes use of it. The user then does not have to create it himself and maximum 5 emails will be transferred to his protected address.
(59) Anon., "Spamgourmet: le roi des adresses jetables" (2011) < http://www.grumf.net/blog/2011/02/05/spamgourmet-le-roi-des-adresses-jetables/>.
(61) Its main drawback is that it engenders a legibility issue for people suffering from visual impairment.
(63) J. Tomasello, In: Anon., "Spam levels drop drastically … then rise" (2011) 1 Computer Fraud & Security 1.
(64) J. Tomasello: "these platforms allow spammers to reach a much more responsive recipient compared with traditional email messages", In: R. Bach, "Who Moved My SPAM?" <http://rbach.net/blog/index.php/who-moved-my-spam/>.
(65) Anon., "Utile et pratique: protéger son adresse mail contre les spams" (2010) < http://www.wizzcom.fr/utile-et-pratique-proteger-son-adresse-mail-contre-les-spams/>.
(66) G. A. Grimes, "Issues with spam" (2004) 5 Computer Fraud & Security 12.
(67) M. W. Van Alstyne, "Curing Spam: Rights, Signals & Screens" (2007), op. cit., supra note 32.
(68) D. McCullaghn, "Perspective: A modest proposal to end spam" (2003), op. cit., supra note 18.
(69) T. Yamasaki, "The Radicati Group, Inc. Releases "E-mail Security Market, 2010-2014" Study" (2010), op. cit., supra note 8.
(70) See for instance A. Asaravala, "Antispam Companies Raking It In" (2003) <http://www.wired.com/techbiz/media/news/2003/09/60327>.
(72) S. Starr, "Can technology can spam?" (2004), op. cit., supra note 40.
(73) Called in the study "market for attention".
(74) R. Kraut et al., "Markets for Attention: Will Postage for Email Help?" (2006) <http://papers.ssrn.com/sol3/papers.cfm?abstract_id=325961>.
(75) S. Starr, "Can technology can spam?" (2004), op. cit., supra note 40.
(76) R. Kraut et al., "Markets for Attention: Will Postage for Email Help?" (2006), op. cit., supra note 73, p. 12.
(77) S. E. Fahlman, "Selling Interrupt Rights: A Way to Control Unwanted E-Mail and Telephone Calls." (2002) IBM systems journal, 41 (4), pp. 759-766.
(78) I. Ayres and B. Nalebuff, Why Not? How to Use Everyday Ingenuity to Solve Problems Big and Small (1st edn, Harvard Business School Press: Boston, Massachusetts 2003).
(79) T. Loder et al., "An Economic Response to Unsolicited Communication" (2006), op. cit., supra note 49.
(80) M. Lovell, "E-Commerce: An Introduction" (2001) <http://cyber.law.harvard.edu/olds/ecommerce/setuptext.html>.
(81) H. A. Simon, Designing organizations for an information-rich world: Models of Bounded Rationality. (Cambridge, MA: MIT Press 1982).
(82) R. Weintzen, member of the pro-spam Direct Marketing Association, In: The Spamhaus Project, "The spam definition and legalization game" (2003), op. cit., supra note 30.
(83) J. Leyden, "We'll kill spam in two years - Gates Charging ahead" (2004) < http://www.theregister.co.uk/2004/01/26/well_kill_spam_in_two/print.html>.
(84) Sunbelt Software, Inc., "The Economics of Spam" (2007) < http://www.sunbeltsoftware.com/documents/VIPRE-Email-Security-for-Exchange-Economics-of-Spam-US-EN.pdf>.
(85) J. Cowper, In: C. Everett, "Stronger laws needed to stem spam" (2004) 1 Computer Fraud & Security 1.
(86) F. Lavaste, Brightmail's vice president of marketing (until 2004), President and CEO of NETASQ, a leading provider of network security solutions and the European leader in unified threat management, In: Anon., "Spam Summit Calls For Global Coalition To Fight Junk E-Mail" <http://www.informationweek.com/news/10817878>.