E-mail Tax As Way Of Preventing Spam

scubacuda writes "This FT article criticizes current attempts to regulate spam. Re: Lessig's bounty-on-spammer proposal: 'This is a terrible idea that will make millionaires of two classes of people: reprobates who illegally maraud through others' hard drives; and those who have built their expertise about spam by peddling it, 'He considers the recent FTC spam conference "barking up the wrong tree," and thinks that the simplest way to regulate spam is through a tax: 'This requires smashing some myths....But, very soon, the Internet should turn into a penny post, with a levy of 1 cent per letter. This would cost the average e-mailer about $10 a year. Small companies would pay bills in the hundreds of dollars; very large ones in the thousands. And spammers would be driven to honest employment. The tax could be made progressive by exempting, say, those who sent fewer than 5,000 letters a year. The proceeds could go to maintain and expand bandwidth.'"

Enforceable?

[Surak]

First off, how the fsck do they intend to even enforce something like that? I can setup an e-mail server on a *nix box in 5 minutes. (Literally, I know I've done it). How do you account for how many e-mails a user sent?

Secondly, what about businesses? We probably send at least a few hundred (non-spam) e-mails a day out to the public Internet where I work, we'd get hit pretty hard.

And lastly, this is just an other tax, another form of revenue generation. We don't NEED more taxes. I'm sick to death of the government sticking out its greedy little hand. Go AWAY! I already pay tax on everything I buy, every drop of gas I put in my car, every cigarette I smoke, every drop of alcohol I consume, and every dollar I make. I pay property taxes, and I pay a form of tax when I go to the state parks to camp. I pay a tax to license the car I drive, and to just have the privelege of being able to drive.

No, I'm sick of it. Put your greedy little hand back in your pocket and go away!

Re:Not with false headers

[jjo]

The point is that e-mail recipients are the real beneficiaries of the tax, and they are therefore motivated to ensure its payment. One simple approach would be to have the taxing authority issue 'e-stamps'. The receiving e-mail program would check the e-stamp for validity and non-reuse (the stamp would be keyed to the particular sender, recipient, and timestamp of the message).

If the e-stamp was invalid, the recipient's program could either just throw the message away, or forward it to the tax authorities for enforcement action. Either way, the tax achieves its purpose.

Proof-of-work

[squarooticus]

Why not use HashCash [cypherspace.org] or some other proof-of-work-based system? At least then I wouldn't be forking more of my money over to Uncle Sam for some transaction he has absolutely nothing to do with.

Altenate suggestion

[Max Romantschuk]

I doubt something like this could be incorporated into global legislation even if we had 10 years to do it. It's simply far to hard to maintain.

I think that a scheme where there would be a law on marking every email advertisement with something like [Advertisement] in the subject would be much more efficient. That is easier to track, and draws a clear line between obeying the law and not.

Using a system like this most people would filter out the spam, and the spammers would find their activities unprofitable. There would still be offenders, but surely it is cheaper to go after them compared to a global email taxation system?

Another way to tax spammers

[xigxag]

In the body of the spam there is usually contact information: a website or a toll-free phone number. Imagine that a large organized group of volunteers were to set up spam traps and identify the most egregious culprits. Then, if they would en masse simultaneously and repeatedly go to the spammer's web page or call the toll-free number, the spammer would be hit by a huge bill from his ISP or telco, and would also suffer a DoS preventing "legitimate" customers from signing up.

Author doesn't know what he's talking about

[arvindn]

What he proposes is the best way to kill e-mail. I can think of several problems right away:

• The spam problem currently exists mainly because we can't track down spammers. Until you solve that, implementing an e-mail tax will never get off the ground.
• What about open relays? Of course its stupid and irresponsible to have one, but now you could now find yourself being taxed thousands of dollars for doing so?
• What about an worm/trojan sending out bulk e-mail? Punishing the victim is a great idea.
• How do you deal with mail across national boundaries? I wonder if he has thought about the world about the USA.
• What about mailing lists? How do you propose to tax them? They take up more bandwidth than a single e-mail but less than n individual emails. Defining all these would lead to such a messy overregulated internet that it will lose all trace of what it was like formerly.

This guy has no idea of the technicalities of the internet.

Look at this statement:

The simplest way to regulate spam is through a tax. This requires smashing some myths. A decade ago, Americans were gulled by politicians of both parties into believing that taxing the internet exceeded the government's capability. When that proved to be manifestly untrue, they were told that a tax would be an affront to some mythic libertarian "spirit of the internet".

Mythic, eh? Has this troll heard of usenet? This is just an anti-libertarian rant/flame from some disgruntled control freak. Ignore it and move on.

Okay-- so what is "email", then?

[adjuster]

My largest fear from this type of proposal comes from the potentially vague definition of "email" that might be created. What is email, exactly? Are we talking about only SMTP? If so, what about "Instant Messenger" spam? Maybe we should classify instant message protocols as email, too. What about USENET? Should we classify NNTP as email, as well? What about SMS spam? What about the "next big thing", whatever it turns out to be? Perhaps we should have taxes based on IP packets sen1! That would be about as sane... yeesh!

Think I'm making this up? I had one customer who was ranting to me about their LAN-based "email" not working (a year ago, mind you). Upon closer inspection, I found their "email system" to be "WinPopUp" running on each PC that they'd use to send pop-up messages to each other. That was their "email". Think of your own relationships-- you know at least one person who calls instant messenger systems "email" (much like those novices who confuse RAM and hard disk space and call them both "memory").

The Internet works because we all agree to abide by the same standards, and agree that ICANN is the authority for naming / numbering. This spirit of cooperation works because we all benefit-- not because some government legislated it so. If some idiotic "email tax" does get legislated in the U.S., we run the risk of making ourselves into "second class" Internet citizens, and creating the "United States Internet" and the "rest of the world's Internet".

Spam is a social problem being "enabled" by technology. It cannot be legislated away, because it breeds on human nature: the desire to have large returns from little work. Real answers are things like ubiquitous public-key infrastructure, signed email, reputation "credits" (or "karma", if you like), and accountability. The decentralized "web of trust" model of PGP combined with the "reputation credit" model of eBay is what I'm talking about. Imagine an email client program that categorizes incoming mail based on the "cred" accumulated by the sender in a decentralized, non-government controlled "reputation tracking" system.

Taxes and laws aren't going to solve the problem. They're going to stifle the real power the Internet has-- bringing people together and enhancing communication. Worse-- they risk making an "island" of any country who would enact such idiotic legislation.

How retarded

[A non moose cow]

Every problem that we have that revolves around a man-made technology is fixable with a man made technology. We don't need taxes, we need to fix the core of the email system.

"The simplest way to regulate spam is through a tax."

Perhaps this is true, but the simplest way is almost NEVER the best way. How are you going to define the differences between email and every other electronic message passing? Will the tax suddenly apply to IM's? then web pages? then internet phone calls? What happens 20 years from now when the technology is different? Will the tax stop? Hell no! Most likeley there will be a new tax code buried in every little packet so that the government can get even more money for nothing.

Why should the burden of the "fix" for this problem be shouldered mostly by the people that it is trying to "protect"? I don't want to pay my government for the privelage of doing something that was previously free. That does not solve anything! I want the people sending spam to pay ME!

This tax might sound innocent on its surface, but it only takes one little thing like this to make it seem acceptable to throw a tax on every digital transaction.

To all you dopes that think this is a good idea, think about the big picture. This point in time is not static. Technology is changing constantly. Spam will die when the time is right. For now we can just deal with it with the methods available to us. Do not let the government see the Internet as the latest frontier where they can profit by "saving us from ourselves".

Pay-per-e-mail and whitelisting are the only ways

[analog_line]

Until there is a cost to sending e-mails, or there is widespread refusal to accept untrusted e-mail, the spam problem will never go away. If you blacklist almost everything, what you actually have is a whitelist. Just depends on which color you focus on. If you refuse to whitelist, the only way to stop spam is to create a completely unavoidable cost to sending e-mails. You can't make anything "progressive" because then spammers will create thousands of free garbage accounts on hotmail, etc, and automate them. Whether it's a tax or a universal fee charged by ISPs, it has to be on a per e-mail basis, and it has to be as universal as gravity. Otherwise, the spammers will find every loophole they can and abuse the hell out of them, and nothing will stop them.

Re:Enforceable?

[macrom]

We probably send at least a few hundred (non-spam) e-mails a day out to the public Internet where I work, we'd get hit pretty hard.

Not really. If you RTFA, then you'd know that the tax is only $.01/per e-mail sent. So that few hundred a day would cost your company a little over $1000 a year. If your business can't afford that, I'd say you're in some other hot water.

Not that I agree with all of this, I'm just trying to refute the statement that your company would be hit hard by the tax.

LOTS of problems then...

[NickFortune]

We've covered forged headers, the death of mailing lists, problems with internation jurisdiction and spiralling tax levels once govts get a taste of the revenue.

Anyone think the tax levels will stay set to exempt the provate individual at the expense of the corporations? Given that corps have more money than individuals, I'd guess the converse would be the case.

And then there's another international aspect. Govt's charging tariffs on email - anyone say "trade war?"

Really the only thing this has going for it is a plausible excuse for the government to find another way of extorting money from us. Spammers will continue to spam and the public will continue to pay and the governemt will sound ever more rightous on the subject.

Anyone else thinking "transparent government shill" by this stage?

Good Idea in theory.

[jellomizer]

But in real life it is not going to work.

1. Whos job will it be to monitor all the e-mail traffic. The sender or the reciever.

2. Spammers use Open Relays or fine vulnerabilities in the persons system (thus able to send 1 message to a hundred users) or sending data threw a non smtp protocol. Thus avoiding the tax or minimizing it $.01 for a million messages. and the poor victim besides getting blacklisted has to pay $10,000 in taxes.

3. When being sent threw a foreign site. How do you collect taxes from them?

4. How do you enforce this?

It seems like a good idea in the perfect world but it is not. All this will end up doing is putting extra expense on the honest business man and individual. But most spammers are far from honest and would end up doing what they have been doing.

Re:Enforceable?

[Anonymous Coward]

If you're operating at a loss for the first few years of business, even $100 on ANYTHING a year is a BIG expense!

Just imagine that $1000 a year directly eating into your salary...

Snail-Mail Direct-Marketing Is SPAM

[ausoleil]

And the price of printing and postage has not deterred firms and organizations from sending me several pieces of unsolicited pieces of snail-mail every day. How would "stamped" e-mail be any different? My take is that it wouldn't.

In fact, it might make it worse, as e-stamps would legitimize sending un-solicited commercial e-mail. You can hear the spammers now: "Hey, I paid my one cent, I can send anything I want!"

And, at the same, time *I* have to pay to send my non-commercial e-mail, paying into a government which really does nothing to provide internet connectivty. So, essentially, you are asking me to pay a price to supposedly prevent something to an entity which would provide me nothing in return. After all, would the ISP's not charge for an account if there were an e-mail tax? Heck no. If anything they would raise their prices because of the additional burden of accounting, accounting software, tax analysts and the like. That has me paying a DOUBLE premium for something I am not doing? Forget that!

Re:Tax collection would be near impossible

[drnlm]

Please submit your email logs along with your tax return.

And of course we expect that the people we claim to be most interested in stopping by this will be completely honest here. Otherwise somebody's going to have to try and reconcile all the logs and see if people recieved more email from joespam@spam.com than he has claimed sending. Imagine doing that for every hotmail address.

Not to mention all the logical inconsicencies such a system will introduce - If I send email to another person on the same network, I have used company provided hardware and cabling - no external resources, so why should I pay tax on that. In many cases, that email is just copying a message from one place on the server to another. Yet we will be expected to pay the government 1c for services rendered.

And then the fun that starts when everybody else starts taxing email. Messages to the UK bounce because their tax system is different from the US's, and so on and so forth.

Re:Manifestly untrue.

[rjh]

Great. Now you're advocating changing an IETF RFC away from its original intended purpose (protecting data in transit) and towards a specific purpose (making it a CPU tax) by the introduction of new MUSTs which serve absolutely no useful purpose towards its original task?

Think about it for five minutes. You'll come up with half-a-dozen methods which don't involve subverting an IETF standard.
.
.
.
.
.
.
.
.
.
.
Free hint: require a mailer field, X-SHA1-Hash, which is a 20-byte hash of (a) the message, (b) the timestamp, (c) the sender, (d) the original mailserver, and (e) the receiver. Anything which doesn't have an accurate X-SHA1-Hash gets discarded at the destination MTA. Presto. You achieve your CPU tax, but you don't subvert an IETF standard in order to do it.

I leave finding all the flaws in the above idea as an exercise for the reader.

Think outside the box.

[uberdave]

I'm going to guess that you're an american. Americans tend to have this blind spot that extends from their borders and works outward. Most of them tend to ignore (and be ignorant of)the rest of the world. For example, in the movie Outbreak a plague is sweeping across the States. There is a scene where they extrapolate the spread of the disease. Curiously, it never crosses the borders.

The idea of taxing email, or having a government sender verification site, contains the assumtion that the internet is somehow contained in a single country. When a Pakistani is sending an email to a Turk, who's government website is the Turk supposed to check? What is the tax to be paid in? What happens with a country that decides that it will not comply, how do you check the key?

Spam is an international problem. It cannot be fixed by a national solution. Legislation will not work, because there will always be countries which do not comply. If there is going to be a solution to spam, it is going to be a technical solution, not a legal one.

Re:Is taxation best?

[mdinowitz]

I run a number of mailing lists and on a good day can send out a million messages. This is all for community support with no profit at all on my side. A law like this would kill me and every other community supporter who supplies such a service.

Goofy thought process

[Geekbot]

I always thought this was one of the goofiest ideas ever for a whole bunch of reasons.
1. Freedom - You are giving up anonymous email communications. Fine, you say you will use another system if you want to be anonymous, such as an instant messenger, but if everyone uses that, then the problem will just shift to IM instead of email.
2.How do you track it? We all have to indentify ourselves with an email? If tax-exempt under a certain limit, why not register 5000 different email addresses.
3.Forged info. Headers are already forged, do you want to be pay as someone else uses your email address through forging or maybe a trojan on your system?
4.Overseas. This is coming from overseas markets already that are shifty, why on earth would they pay us a tax.

Overall, I think this solution ignores the obvious problems, SPAM is fraud 99% of the time, it is a fraudulent identity, fraudulent marketing, fraudulent at every level. It is already illegal most of the time and you aren't going to get people to behave more honestly when you tell them to start paying tax on top of showing ethics they already don't have. If a new email system replacing smtp and pop3 was put into place to enable tracking of emails for taxing purposes, then you've already eliminated 99% of spam by making the spammers identifiable. In which case, why do we need a tax if we had a new system that could reliably identify senders for tax purposes, as we would then know who was actually sending the spam and could attack them personally through lawsuits and criminal cases. Sounds like a really messed up way to solve a problem by charging the victims if this would even work at all, which is unlikely.

wrong answer

[josepha48]

This is the wrong answer.

Much of the spam that I get is from overseas asian countries. How do you collect tax from them?

Also what happens to people and companies that do telecommuting where many of their employess communicate using email? I have had conversations with some of the people that I work with through email and have exchanged 100+ email in a day on the same subject. While I would prefer them to come into the office, I know they like being able to work at home.

Taxing email is NOT the solution. People will end up paying tax on email they did not send.

The solution is to change the email protocol to include something like PGP signatures. Something that cannot be faked (real tought). Then I go to my ISP and let them know what sigs to allow when I set up my account. Then they ONLY allow email into their system that matches the signatures.

Well I admit spam is pretty bad and I have given up my inbox to the spamers. My new approach of using email filters is to move mail from people I know to another folder has worked much better. Now I just need mozilla to recognize case insensitive email addresses. 'Sender' 'is in my address book ' move to 'new folder' works really well. Then a quick glance at my inbox to see if there is anything from anyone I know. Then select all / delete....

Why not just limit it at the server?

[evil_pb]

Open relay problems aside, why not just limit the amount of mail a server will allow to be sent in a set period of time by a user?

Imagine what would happen if the most popular mail server applications (i.e. Sendmail, Postfix, Exchange, Groupwise, etc) simply all agreed to implement a throttle control into their code. Allow it to be configurable, where something like an email list can send as much as it needs (trusted accounts), but untrusted accounts are limited to maybe 100 or 200 emails an hour. Spammers work by sending emails in the thousands or millions, as fast as they can. Ignore the from: header since it can be forged ... track them by IP address. It would be very hard for someone to come up with a new IP address every couple hundred emails and re-establish the connection to the server from a time perspective.

I think eventually the spammers would have nowhere else to go; if a version of sendmail came out with this feature, I would install it in a second, even though I'm not an open relay. Legitimate users cause these problems too.

I would even go so far as to say the ISP's need to take some action here, if it's really such a problem for their precious bandwidth. Monitor the SMTP volume coming through their network - set limits. Test their client systems periodically for open relays, block or severely limit the ones who do not comply after giving them time to work it out. A lot of admins, sadly, simply do not know better, or are very lazy until prodded. Tell them their server won't pass traffic until the relay is closed and watch them comply real quick. If it's a signed user agreement, they can't do much about it.

I require this of my Co-Lo customers; if they have a server, I *require* them to keep it patched, email relays closed, etc. I do check from time to time, and it's in their agreement with me that I reserve the right to disable any access to their server I deem necessary to preserve the integrity of the rest of the network. Not a single one has complained about that, and in fact all were pleasantly surprised to see a provider take such a pro-active approach to service integrity. Is it more overhead for me? I have found that it may seem like it initially, however by enforcing this it is actually less work than dealing with constant cleanup. Think about it. It's a shift in the paradigm of "customer can do no wrong", to "customer sometimes just needs to be shown the way".

Just adding a throttle control to email servers... That's all it would take. Just getting providers to tell their customers to stop causing the problems, is all it would take. Doesn't this seem like a hell of a lot less work than taxing email or any of the other mess of solutions presented?

Tax impossible without major ISP changes

[Random BedHead Ed]

The current state of e-mail makes a tax impossible. It gives anyone the freedom to set up a mail server anywhere they want. You could easily set up two mail servers at home and send mail back and forth between them and no IRS official would know either exists.

If the federal government wanted to collect a tax on e-mail there is only one way I can conceive to do it - a way that would not make U.S. e-mail incompatible with that of the rest of the world. It could force individuals and businesses use ISP-supplied SMTP servers as relays, and then change ISP behavior by requiring them to tally outgoing mail from their customers, while also blocking SMTP traffic that doesn't use the relay. This requires no changes in the SMTP protocol, but is a major change to the information infrastructure in the U.S., and probably not worth the tax revenue it would generate. It would also be an incredible pain.

I'm not against taxes, I just don't think you can tax e-mail without ruining it. I like Larry Lessig's idea [stanford.edu] better.

Re:Is taxation best?

[Glonoinha]

>I don't think the government would "finally cash in".

Dude the government could lose money selling drugs. There is no way this $.01 per email is going to be a cash cow, probably cost us (ie. USA tax payers) $.10 per email to collect that $.01 tax.

Also introduces billing issues

[plierhead]

We would have a related problem at our company too, even though its not-not-for-profit.

We provide an e-recruitment system which emails a company's jobs out to matching job seekers each night.

The number of emails that gets sent out depends on how many new jobs there are and how many job seekers match them. So this sort of tax would be a variable cost that we would have no way to predict.

Of course we could (and would) pass it on to our customers. No problem there. Except that many customers are utterly opposed to having varying bills - they want the surety of a fixed monthly charge. To do that, we'd have to wear the commercial risk of guessing how many emails would go out.

This might not seem a big deal to anyone who has not worked with the HR or billing departments of a large corporate but definitely such a tax would wreak havoc on ASP situations like ours.