Internet and e-mail policy and practice
including Notes on Internet E-mail


Click the comments link on any story to see comments or add your own.

Subscribe to this blog

RSS feed


30 Nov 2009

US court levies $15 million fine against spammer Email

Earlier this year, the New Zealand Department of Internal Affairs, the US Federal Trade Commission, and the Australian CMA broke up a large fake drug spam ring known as Herbal Kings, run by New Zealander Lance Atkinson. The NZ government fined him NZ$108,000 (about US$80,000) which, while a substantial fine, seemed pretty small compared to the amount of money he must have made. But today, at the FTC's request a US judge fined Atkinson US$15.5 million, and got his US accomplice Jody Smith to turn over $800,000, including over $500,000 in an Israeli bank. This is the largest spam fine I'm aware of, and the $500,000 is one of the largest international recoveries. Atkinson hasn't paid the $15M, but since he is in jail, it seems reasonably likely that the various governments will be able to track down his assets by the time he gets out.

Spammers are in it for the money, and to the extent they can keep what they get, they'll keep spamming. Fines that wipe out the profits, and in particular fines that can actually be collected are essential if we're going to make any progress against spam.

Fortunately for the FTC, Herbal King's spam was sloppy, with faked headers and broken opt-out links, which are among the few things that the weak CAN SPAM law forbids. If the spammers had been more careful, the fake drugs would still be illegal, but it would have been harder to prosecute them in the US since CAN SPAM wouldn't have applied.

You can read the NZ release on the CAUCE web site and the FTC release on the FTC's web site. I assisted the NZ government as a technical expert, providing advice to the court explaining how Atkinson's actions matched what the law forbids.

  posted at: 12:43 :: permanent link to this entry :: 0 comments
Stable link is

Fun with credit card checks Money
I have a Capital One Visa card that I haven't used in a long time. Every few months they send me cash advance checks, and I can see their increasing desperation as the terms of the checks keep getting better. The usual deal is a 2% or 3% transaction fee when you write the check, then they charge interest starting the day you write the check at a rate which on my account would be 24.9%. These are such an awful deal that rather than dropping them in the recycling bin at the post office, I bring them home and shred them. A few months ago they started sending checks offering no transaction fees, which improved them them to merely undesirable, but a few weeks ago they sent me a set with no fees and small print on the back of the letter saying they "Are treated as purchases according to the terms and amendments of your Customer Agreement." Hmmn.

See more ...

  posted at: 01:06 :: permanent link to this entry :: 1 comments
Stable link is

19 Nov 2009

A thought about not-quite-ASCII Top Level Domains ICANN

ICANN has opened their new fast track process for "countries and territories that use languages based on scripts other than Latin" to get domain names that identify the country or territory in its own language. It's not clear to me what the policy is supposed to be for countries whose languages use extended Latin with accents and other marks that aren't in the ASCII set.

Any country that uses an extended Latin character set can use extended characters in 2LDs right now, and I can't offhand think of any whose current unaccented two-letter ccTLD isn't an adequate mnemonic for their name. But let's say that Serbia feels that .RS is kind of lame, so they apply for and get .Србија which is perfectly reasonable, since that's the Cyrillic character set.

Then Romania decides that .RO is too generic, so they ask for .România with the circumflex over the â, as it is properly spelled in Romanian. That's an IDN, so how can they say no?

Hey, say the Hungarians, they got their country names, we want .Magyar. Oh, no, that's ASCII, that will be $185,000 and a highly uncertain multi-year process. Really?

  posted at: 01:17 :: permanent link to this entry :: 2 comments
Stable link is

09 Nov 2009

The Tempest in the TLD Teapot ICANN

At its recent meeting in Seoul ICANN announced with great fanfare that it's getting ever closer to adding lots of new Top Level Domains (TLDs). Despite all the hype, as I have argued before, new TLDs will make little difference.

There are two mostly separate kinds of new TLDs. One is TLDs for countries in non-ASCII character sets, known as IDNs. They're much less controversial, and ICANN will soon issue at least a few politically expedient ones like .中国 with the name in Chinese which would be equivalent to .CN. This is the only real TLD problem, it was waiting for technical specs and implementation (not from ICANN), but that is now largely done.

The controversial issue is domains with random new names, gTLDs. I agree with my old friend Lauren Weinstein that this is a tempest in a very expensive teapot, because all of the purported reasons that people want new TLDs have been proven false, and the one actual reason that a new TLD would be valuable has no public benefit.

See more ...

  posted at: 00:37 :: permanent link to this entry :: 4 comments
Stable link is

08 Nov 2009

How do you do secure bank transactions on the Internet? Money
Banks love it when their customers do their transactions on line, since it is so much cheaper than when they use a bank-provided ATM, a phone call center, or, perish forbid, a live human teller. Customers like it too, since bank web sites are usually open 24/7, there's no line and no need to find a parking place. Unfortunately, crooks like on line banking too, since it offers the possibility of stealing lots of money. How can banks make their on line transactions more secure?

See more ...

  posted at: 22:34 :: permanent link to this entry :: 8 comments
Stable link is


My other sites

Who is this guy?

Airline ticket info

Taughannock Networks

Other blogs

It turns out you don’t need a license to hunt for spam.
112 days ago

A keen grasp of the obvious
Italian Apple Cake
670 days ago

Related sites

Coalition Against Unsolicited Commercial E-mail

Network Abuse Clearinghouse

My Mastodon feed

© 2005-2024 John R. Levine.
CAN SPAM address harvesting notice: the operator of this website will not give, sell, or otherwise transfer addresses maintained by this website to any other party for the purposes of initiating, or enabling others to initiate, electronic mail messages.