October 22, 2003

Spam: How it is hurting email and degrading life on the Internet

Part 1. Introduction

Is Spam Killing the Killer App?

Email was the original “killer app” of the Internet, and it remains the most popular online activity. Some 93% of adult American Internet users, about 117 million people, use email. On any given day online, nearly twice as many Internet users will log on to email as will engage in any other online activity, including using search engines, searching for news, and generally browsing to pass the time. People can hardly imagine life without email. It is an indispensable tool for workplace communications; it is glue among friends and families; it preempts face-to-face exchanges; it shrinks the world with its disregard for time and distance.

The figures for email volume are difficult to pin down. A best guess based on available studies is that probably well over 30 billion email messages bounce around the Internet every day. And probably almost half of those messages are junk. The scourge of junk email, or spam, has become so notorious that Federal Trade Commission commissioner Orson Swindle suggested in Congressional hearings in June 2003, that “Spam is about to kill the ‘killer app’ of the Internet.”

In this research, we wanted to look beyond the familiar measures of spam to explore the relationship between Americans and their spam. What do American Internet users know about spam? What kind of a burden does spam impose on them? How do they interact with spam, both preventively and once it arrives in their inboxes? And finally, how do Americans feel about spam?

For this report, we collected original data from two sources. The first was a national telephone survey of 2,200 adults, including 1,380 Internet users that we conducted during June 2003. The second was a compilation of more than 4,000 first-person narratives about spam that were solicited since September 2002 by the Telecommunications Research & Action Center (TRAC), a national consumer group. As part of a campaign to fight unsolicited commercial email, TRAC invited Internet users to submit stories about their personal experiences with spam. Each of the stories appearing in this report speaks not only for itself, but for many, many others who voiced similar sentiments or experiences.

We hope our questions and findings will help explain more about how the culture of spam affects people. We especially hope that this new information will provide a sense of realism for the policies, laws, and technology now being crafted to reach the endgame of spam.

Spam is growing rapidly, and the costs — financial and other — have become very burdensome to individuals and businesses.

The dimensions of spam are mind-boggling. According to one market research firm, the Radicati Group, there are now nearly 15 billion spam messages sent out daily. In June 2003, software filtering company Brightmail measured over 7½ million separate spam attacks launched by spammers, each ranging from 100 to millions of individual emails sent in each attack. Even as Internet users currently feel besieged and beleaguered by their spam, in fact, they only see the tip of the iceberg. It is generally agreed that most spam messages are diverted and never reach the inboxes of users for a variety of reasons. Two of the biggest Internet Service Providers (ISPs), AOL and MSN, both report they block a daily deluge of 2.4 billion spam from reaching the inboxes of their customers. AOL reports that this equals about 67 spam emails per inbox per day, or up to 80% of its incoming email traffic.

Estimates of the financial costs of spam vary wildly. Research firms peg the price per worker at anywhere from $50 per worker to $1,400 per year. Others estimate the annual cost to American business to be between $10 billion and $87 billion.

Email users feel besieged by spam, but in fact they only see the tip of the iceberg.

The effects of spam spill over well beyond dollar costs. Legitimate Internet-based concerns that rely on email for marketing or communication feel threatened at being caught up and even ruined by various spam-blocking technologies or proposed anti-spam legislation. Individuals and workers wonder how much to trust their email, fearful that messages from associates, friends, and family might get deleted or filtered out as spam and lost. Futurists worry that creative energy and attention that could be applied to pushing the Internet to its full potential is being drained to fight spam.

The fight to control spam is just beginning, and the task will be enormous.

As spam reaches a critical level of nuisance, anxiety among officials is growing. Legislators, litigators, technologists, and independent groups are working on ways to transform the act of spamming from an easy, unrestricted, lucrative endeavor to one that is more complex, risky, and expensive to execute. Legislators scrambled in the summer of 2003, introducing at least half a dozen anti-spam bills; even as Federal Trade Commission chairman Timothy Muris quickly countered, saying the bills were too soft and would do “little or nothing” to squelch spam.

Litigators acting on behalf of the FTC, a few states, the ISPs, and even individuals have begun to file suits against some of the most notorious spammers. Their task is gargantuan; government and industry legal staffs are swamped by the number of complaints they receive and confounded by the maze of forged identities, misguided trails, and hijacked servers they must navigate. Furthermore, prosecuting spammers is its own special nightmare as state laws (and eventually, national laws) are relatively easy to render toothless when spammers can slither across state lines or hop offshore in the blink of an eye.

In technology, anti-spam software development is flourishing and is one of the few currently hot items for venture capital funding. All the major Internet Service Providers fund huge outlays for spam control. Even a basic overhaul of the email system is under consideration as a solution against spam.

The spam wars have initiated new alliances and driven rifts in old ones. In the spring of 2003, crack technologists from across the nation convened at MIT in an unprecedented meeting to start pooling intellectual resources against spam. In April 2003, AOL, Microsoft, and Yahoo partnered to share intelligence for fighting spam. In July 2003, representatives from two usually-sparring players, the direct marketers and the spam-filtering makers, initiated a summit to hammer out common standards for addressing some everyday spam-related problems. Liberal New York Senator Charles Schumer (D) proposed an anti-spam bill with full endorsement of the Christian Coalition. On the other hand, in the summer of 2003, factions within the Direct Marketing Association squabbled over the hotbutton issue of what consumer permissions should be necessary in order for marketers to be allowed to contact potential customers, and even about the basic issue of how to define spam.

We are already paying economic costs to fight spam, and broader social costs will likely follow. The Internet was begun on a foundation of open access, one that spammers are taking mighty advantage of as they launch their free-for-all attacks on Internet users. We should assume that stifling spammers and killing spam will involve some fundamental change to the core of email operations, one that will make email more regulated, more monitored, more closed-door an operation for the rest of us than it is now.