Wednesday, April 21, 2004

Slashdot - Spammer Sentencing Guidelines Released

Barely had I wished it, when my wish was answered! Does this mean I'm wrong about the whole "God" thing, and there's some big guy up in the sky with a beard who's watching after me? But if so, why hasn't he acted on my long-outstanding request for BillG to send me millions of dollars on a whim, while in the throes of extreme feelings of generosity?

The United States Sentencing Commission has issued its guidelines for punishment under the CAN-SPAM act (PDF, beginning on page 155). You can get 5 years for a second offense or if you're spamming for fraud, child porn or other felony, or 1 to 3 years depending on how much spam you send. If Congress doesn't say otherwise, it goes into effect November 1.

On a serious note, the problem isn't that there's been a lack of sentencing guidelines for spammers, or even that the requisite legislation to act against spammers was lacking before the (extremely poorly written) CAN-SPAM act. The real problem has always been a lack of the will to enforce the pre-existing laws against fraud and misrepresentation: most spammers are criminals almost by definition, and between cracking down on the peddlers of "enl4rg3ment pills" and those who install zombies on the machines of unsuspecting users for use in mailing out their garbage, this problem could quickly be dealt with in an effective manner.

It isn't as if we don't know who the top spammers are and where they're located - a quick visit to the Spamhaus Project website is all it takes to discover the 200 or so operations responsible for fully 90 percent of all spam received in Europe and North America, and - what do you know? - it turns out that with less than 10 or so exceptions, every single one of them is either operating within the United States, or out of a country that has extradition agreements with the US for dealing with financial criminals.