Spam Law Imitates 'Yes, Prime Minister'

[Guest guest]

http://www.darkreading.com/document.asp?doc_id=95902 & print=true

 

Spam Law Imitates 'Yes, Prime Minister'

 

 

MAY 30, 2006 | 12:00 PM -- It’s not often you see an

organization like the International Telecommunication

Union (ITU) incite people to commit a crime. Depending

on how pedantic you feel, that seems to be what

happened a few months ago.

 

Like so many cunningly crafted criminal capers, it was

a breathtakingly simple scheme: call upon the world’s

ISPs to take action against spam. It would be such a

popular crime, so Robin Hoodesque. Nobody likes a

spammer.

 

But hold on a minute. Surely it’s not illegal for ISPs

to take a harder line against spam? Aha, you’re

thinking logically, but we're talking about telecoms

regulation here: in this case, the convoluted

interaction of European and national laws on legal

interception.

 

If an ISP wants to do things like spam detection to

protect its customers and its own network

infrastructure, it may be breaking the law (if you

adopt a strict interpretation). In the U.K., the law

in question is the Regulation of Investigatory Powers

Act (2000). There are equivalent laws in each European

nation. In the United States, of course, there’s the

Communications Assistance for Law Enforcement Act

(CALEA).

 

RIPA, CALEA and their counterparts limit the

government’s ability to intercept data to protect the

individual’s right to privacy against “unreasonable

government intrusionâ€. Spam and malware detection is

covered for private networks, so companies who operate

an enterprise anti-spam solution are in the clear, as

are managed security service providers (MSSPs) who

offer outsourced e-mail cleaning for enterprises. But

no such exemptions apply to " public " networks, and

that’s where ISPs need a bit of interpretive help from

government. For example, it’s perfectly reasonable to

say that a single ISP’s network is a private network

that happens to be connected to the Internet. But this

particular defense hasn’t yet been tested by law.

 

Last week, a group of U.K. ISPs that are keen to take

action on issues like spam paid a visit to the U.K.’s

Department of Trade and Industry (the DTI--the

equivalent to the U.S. Commerce Department). In

classic " Yes, Prime Minister " fashion, the DTI civil

servants will take a four-stage approach. And given

the ISP pressure for something to be done, it looks

like we’re already at Stage 2:

 

Stage 1: There’s no need to do anything, it’ll be

fine.

 

Stage 2: Perhaps something should be done, but it’s

not really up to us (the DTI is currently blaming the

European Commission, which is quite a fashionable

approach in the U.K. today).

 

Stage 3: OK, maybe it is up to us, but there’s nothing

we can do.

 

Stage 4: Maybe there was something we could have done,

but it’s too late now.

 

My four stages don't do justice to Sir Nigel

Hawthorn's delivery on the old British TV show, but

the legislative environment around spam is nearly as

comical. And while you're waiting for the various

legal bodies to work things out, I strongly recommend

finding a rerun of the " Yes, Prime Minister " series.

It’s just the thing to cheer you up after a

particularly frustrating few hours of clearing your

spam folders out!

 

— Geoff Bennett, formerly Chief Technologist at Heavy

Reading, is director of product marketing at

StreamShield Networks Ltd.

 

 

 

Copyright © 2000-2006 Light Reading Inc.

 

 

Yes Minister and Yes Prime Minister is a British comedy series about the

wheeling and dealing of political life. Although the series is set

within the British political scene, it deals with political games and

clashes between politicians and the civil service that could be found

almost everywhere in the world

http://www.yes-minister.com/introduc.htm