Is New Spam Policy for Consumers or Marketers?
By David Lazarus, The San Francisco Chronicle
The Direct Marketing Association, an industry group for companies that send people pitches they didn't ask for, announced the other day that its members will now stand at the front lines in the war on spam.
The association said its 4,800 members -- including most leading retailers, banks and publishers (the Hearst Corp., owner of The Chronicle, among them) -- will be required to adopt e-mail authentication systems over the next few months.
Will this be a plus for consumers? It depends on who you ask -- and how you define spam.
Authentication systems essentially tell Internet service providers that e-mail from a particular corporate Internet address is legit and shouldn't be sidelined by the ISP's spam filters.
Similarly, bogus e-mail masquerading as a legitimate commercial message -- so-called phishing by scammers and identity thieves -- can be more easily isolated by ISPs if it doesn't correspond with a company's authentication system.
"Consumers can have more confidence they are getting a legitimate, valid offer from a trusted source," said John Greco, president of the Direct Marketing Association. "Marketers get fewer false positives, increased deliverability and better protection for their brands against illegal use.
"It's a win-win for everybody," he said.
Well, perhaps not.
"This isn't about making consumers happy," said Chris Hoofnagle, who runs the West Coast office of the Electronic Privacy Information Center. "It's about making sure that marketers' e-mail hits the target."
He said authentication systems might indeed reduce some phishing and certain types of spam. But they don't eliminate unsolicited marketing pitches that fill the typical Internet user's inbox.
"Authentication can actually increase spam," Hoofnagle said. "It makes sure some spammers' messages are delivered."
The catch here is that, legally speaking, not all spam is alike.
According to the federal Can-Spam Act of 2003, spam doesn't include "transactional or relationship messages" from companies with which a consumer has had past dealings.
"What that means," Hoofnagle said, "is that if you bought a book from some vendor at some point in your life, that vendor could send you e-mail every week. Most people would consider that spam."
Not so, responded Stephanie Hendricks, a spokeswoman for the Direct Marketing Association.
"Spam is only something that comes from somebody who doesn't identify the sender or misidentifies the sender," she said. "Or if you opt out and still get e-mails. That's spam."
A marketing pitch from your bank, say, or from a clothing store where you once bought a sweater wouldn't be considered spam by the association. Therefore, the e-mail would be ushered into your inbox by an authentication system.
A little context: Tech experts say that as much as 80 percent of all e-mail now traversing the electronic ether at any particular moment is spam (if spam is defined as any unsolicited marketing offer).
Within the next few years, U.S. businesses will be spending almost $2 billion annually trying to keep spam from their doorsteps, according to the consulting firm IDC.
As for the overall economy, spam costs the United States almost $22 billion annually in lost productivity, according to researchers at the University of Maryland. Put another way, the nation's roughly 170 million adult Internet users spend about 23 million hours a week viewing and deleting spam.
Ray Everett-Church, a privacy consultant and leading anti-spam advocate, said authentication systems do relatively little to reduce the flow of spam into consumers' inboxes.
A sophisticated spammer will merely register his own authentication system with an ISP or will skirt spam filters in other ways, he said.
"All the Direct Marketing Association is doing is guaranteeing that DMA members are sending e-mail from where they should," Everett-Church observed. "This doesn't address in any way whether an e-mail was solicited by a consumer."
Hari Balakrishnan, an associate professor of computer science at the Massachusetts Institute of Technology, agreed that authentication systems are limited in the impact they have on spam volume.
"Ultimately, economics has to play a role," he said. "As long as there's no cost to send spam, there will be no way to stop it."
Balakrishnan noted that spammers have to send out huge amounts of e-mail to lure a relative handful of recipients into forking over cash for "herbal Viagra" or some other marketing scheme.
His solution is for ISPs to charge subscribers a modest monthly fee to send e-mail, and to limit outgoing messages to, say, 100 a day, with fees increasing for higher quotas.
"I'm not sure we can ever win the battle against spam," Balakrishnan said. "But perhaps we can reduce the total amount to just 10 percent of all e-mail sent."
At the Direct Marketing Association, Lou Mastria, the organization's vice president of interactive and emerging media, insisted that authentication systems will cut down on the amount of spam people receive.
But he acknowledged that, at best, it will weed out only the most obvious spam and phishing messages.
"We want to say there's a silver bullet out there that will kill spam," Mastria said. "But there isn't."
David Lazarus' column appears Wednesdays, Fridays and Sundays. Send tips or feedback to [email protected].
Marriott International, Inc. (NASDAQ: MAR) is a global leading lodging company based in Bethesda,Maryland, USA, with more than 4,200 properties in 80 countries and territories. Marriott International reported revenues of nearly $14 billion in fiscal year 2014. The company operates and franchises hotels and licenses vacation ownership resorts under 19 brands, including: The Ritz-Carlton®, BVlgari®, EDITION®, JW Marriott®, Autograph Collection® Hotels, Renaissance® Hotels, Marriott Hotels®, Delta Hotels and Resorts®, Marriott Executive Apartments®, Marriott Vacation Club®, Gaylord Hotels®, AC Hotels by Marriott®, Courtyard®, Residence Inn®, SpringHill Suites®, Fairfield Inn & Suites®, TownePlace Suites®, Protea Hotels® and MoxyHotels®. Marriott has been consistently recognized as a top employer and for its superior business ethics. The company also manages the award-winning guest loyalty program, Marriott Rewards® and The Ritz-Carlton Rewards® program, which together surpass 50 million members. For more information or reservations, please visit our website at 
