Arnold Kling  

Woodheads and Spam

Ken Rogoff and a Health Care ... Does It Matter If We're "Reali...

Steve Hsu writes,

Both the malware and spam problems are a kind of tax on the overall internet population caused by the least sophisticated users (I won't reference IQ here, but there is certainly a correlation). It's the least sophisticated users that tend to get their machines infected (providing cheap botnet spam distribution -- any pc with a broadband connection can send out millions of messages per day), and it's the least sophisticated among us who reply to spam messages, generating profits for the spammers. I suspect that removing the 20% least sophisticated users from the ecosystem would make life 10 times harder for the bad guys.

Thanks to Mark Thoma for the pointer. I once wrote,

Perhaps instead of trying to attack the problem by going after spammers, what we should be doing is going after the woodheads. It is almost impossible to enforce a law against sending spam. So we should try to pass a law against responding to spam.

What I propose is that any American who makes a purchase based on unsolicited email be fined $10,000 and jailed for 30 days. The law would be enforced by undertaking random audits of companies that are successful at attracting business by using spam. The law would be highly publicized by internet service providers and corporate CIO's, who have a strong interest in reducing the volume of spam. Thus, everyone with an Internet account would be on notice that purchasing from a spammer can get you in trouble.

If we can deter Americans from responding to spam, then spammers will stop routing spam to domains in the U.S. That's my solution.

Comments and Sharing

TRACKBACKS (1 to date)
TrackBack URL:
The author at HeresyBlog in a related article titled Straf købene af spam produkter writes:
    Det er strafbart at udsende spam, men der er mange penge at tjene på det fordi internet-tumper svarer på spam mails, og køber de produkter der reklameres for. Et middel til bekæmpelse af spam kunne være at gøre det ulovligt at købe produktern... [Tracked on August 7, 2007 6:58 AM]
COMMENTS (20 to date)
David Robinson writes:

You're not concerned about the rights violations? The woodheads aren't harming others, and you're suggesting an extremely high punishment (30 days in jail and $10,000, along all the legal fees they'd have to pay)?

Also consider the privacy violations- you don't have a problem with forcing companies to give up their list of customers? People are angry about the government demanding customer lists for the sake of fighting terrorism, so how would they feel about doing it for the sake of fighting spam?

Why not fight against mugging by penalizing victims? If mugging victims were sent to jail for six months, they would spend much less time in dangerous areas late at night. We could replace consumer safety regulation by instituting a fine on anyone who buys a shoddy product, giving consumers a reason to be much more selective and improve the incentives for businesses. You don't see that while some of these "punish the victim" laws might be effective, they're also just wrong?

Matthew c writes:

Obviously "a modest proposal".

Some of the spam emails are not responded to by "woodheads" at all -- in fast some of the first phishing emails a couple years back were very sophisticated and if I hadn't noticed that the pop-up tooltip I might have fallen for the ruse.

Falling for a new spam tactic or being a new computer user does not make you a "woodhead".

spencer writes:

off topic. be sure and read the first letter to the editors on doctors pay in the Sunday New York Times.

Arnold Kling writes:

The Woodheads absolutely are harming others! By keeping spammers in business, they are creating enormous external costs.

spencer writes:

Just read your comments.

Are you sure you are still a libertarian?

There must be some libertarian concept your proposal does not violate, but I can not think of it off the top of my head.

You are proposing imposing an extremely severe punishment on people doing nothing illegal because it imposes an externality cost on you. Since when is that libertarian philosophy?

dan writes:

Spencer, if they passed a law against it, it would be 'illegal'... Also there's nothing wrong with forcing people to compensate others for externalities. The problem is that some externalities, like pecuniary externalities, don't infringe on property rights. I would classify this as one of those.

Karl Smith writes:

This War on Spam reminds me of the War on Drugs.

David Robinson writes:

By your definition of harm, someone who walks through dangerous areas without concealed weapons is harming everyone else, since they're encouraging muggers. But what libertarian would say we should punish victims of muggings to discourage people from being in risky situations?

Like Dan said, isn't this a pecuniary externality? After all, the "harm" these people are doing is raising the potential benefit spammers get from sending out large amounts of spam.

Brad Hutchings writes:

Arnold, we knew you were making a point when you wrote that. And probably a different one at that: penalize the people who know better but still prop the demand curve up, not "penalize the stupid".

Steve Hsu is probably right about his bottom 20%. However, the solution is not, for example, to boot my grandparents off the Internet. A better solution would be to design client software that actively helps the naive avoid getting caught in these things. I'm not talking technical fixes like phishing and spam filters either... If a browser could detect that the user is entering a credit card number or bank account routing number or some such and pop up a window reminding them what to look for and make sure they are paying who they think for a good reason, etc... If an e-mail program could pop up a window when they go to send a message reminding them of appropriate sending behavior. This is right-brain design stuff, not left-brain cruft that weighs down all our software now. IE and Outlook have all the technical tools, but you have to be a top 5% skilled person with an interest in configuring them to get them to work!! And they still don't give naive users good advice to make them less naive!

robertdfeinman writes:

Why stop at responding to spam? Why not make it a punishable offense to respond to any unsolicited advertisement? This would include all TV and radio ads as well as those on web sites and in print.

Let's not blame the victims. A person performs a perfectly reasonable task (opening an email) and becomes the unwitting dupe of a spammer or someone taking over his computer. If the onus to fix things was put on the makers of such deficient software we wouldn't have these problems in the first place.

Microsoft is, of course, a monopoly and has no incentive to improve the security of their offerings. Add ons and third party patches are a poor attempt to remedy the situation. Whose fault would it be if you had to buy the safety equipment for your car instead of it being built in and you suffered or caused damage as a consequence?

If society now demands double sealing of drug bottles and other consumer items then it can demand better quality for computer software as well. It's not like the solutions don't exist. Any security expert will be able to rattle off a variety of relatively simple steps to eliminate spam and viruses, all of them well developed.

Matt writes:

Leave it like it is, I like spam.

Eric Crampton writes:

Feinman: you've got the problem precisely backward. There's little consumer demand for secure software BECAUSE there is no penalty or cost for letting your computer become a bot. If the onus were on the consumer, the consumer would start demanding security.

Brad Hutchings writes:

Eric, not to mention he thinks the problem can be solved by security experts. The reason regular people don't pay attention to security experts is because the so-called security experts are too happy to sacrifice usability for what they think is secure. That and they rarely bathe.

Robin Hanson writes:

Yup. There should also be penalties for letting your computer be infected to be used by spammers. Alas, the law enforcement cost here is probably prohibitive.

TGGP writes:

robertdfeinman, why did you include radio and TV ads? They are completely different; the broadcaster's business model depends on them and they give permission for the ads to appear. Our internet service providers do not depend on spam, they and the customer have a shared interest in eliminating them.

Microsoft is not a monopoly. You can use Apple or Linux.

shamus writes:

The externality exists because there is no charge for email. Charge a penny per email and the externality would disappear. This would be more effective than bringing court cases and jailing hapless consumers.

Zubon writes:

"I suspect that removing the 20% least sophisticated users from the ecosystem would make life 10 times harder for the bad guys."

I want to have deeper thoughts, but I keep getting stuck on "How did he come up with those numbers?" What exactly does ten times harder mean in this case? Ten times more expensive to get a sale? What is the equation for users vs. bad guys? I am having trouble updating my Bayesian priors.

Bruce G Charlton writes:

I can see what AK is getting it - it's analogous to the laws against paying blackmail money. However, I think it is unworkable and probably undesirable.

BTW I think 'woodentops' is a much neater term than 'woodheads' - and The Woodentops has nostalgic resonance for us middle-aged Englishfolk:

Lex Spoon writes:

Another approach is to require a small payment before reading an unsolicited email. Mail from friends would go through immediately, but mail from unknowns would require a payment of 25 cents or something.

Then the woodheads :) can read and respond to all the free spam they like. I will only see the ones where the sender thinks it is worth 25 cents for me to read it.

Google finds the following proposal. I have not read it in detail, so cannot vouch for it, but it has the flavor of what I mean.

8 writes:

Aren't you responsible for criminal activity that takes place on your property, especially if you do nothing to prevent said activity even if you have a reasonable idea that it takes place? Not protecting your PC is like leaving a building unlocked in a high crime neighborhood. Spam is a harder case to make.

Comments for this entry have been closed
Return to top