MAPS under fire as Harris sues MS, AOL over spam block

But it's not entirely clear who the good guys are

  • alert
  • submit to reddit

3 Big data security analytics techniques

Analysis At first glance, pollster Harris International's legal action against AOL, Microsoft's Hotmail and others seems heavy-handed. Harris had been blacklisted in the Mail Abuse Prevention System (MAPS) Realtime Blackhole List for spamming, but a dig behind the scenes shows there's much more to this one than the bare facts suggest.

Harris is seeking injunctive relief against AOL, Microsoft's Hotmail and other ISPs who participate in the MAPS spamming blacklist, as well as "significant monetary damages". MAPS is also named as a defendant. Harris says it is currently blocked from emailing to 2.7 million of its 6.6 million panellists. But that's not all: Harris says that MAPS based its blacklisting decision on a complaint by a rival company, AOL's wholly-owned Digital Marketing Services. Harris has consequently filed an antitrust action against AOL, claiming it limits competition by excluding Harris and favouring DMS.

Harris, describing itself as the global leader in online market research, claims that it does not spam, and does not approve of spam. It accuses both AOL and Netscape of using passive methods to recruit members, while to get on Harris' email lists, panellists must actively opt-in, and are then given the opportunity to opt out after receiving a welcoming email. Harris used to use the passive or de-select option for list building, whereby users who registered had to de-select a box to stop being added to the list. Last year, this was changed to an opt-in system.

MAPS under fire

MAPS is a rather laid-back non-profit organisation based in California; it gets its income from ISPs in return for identifying spammers, so that the ISPs can block access to them. Harris says that MAPS applies its rules unevenly, taking a more lenient attitude to spam from its financial supporters. MAPS view is that spamming is a theft of service, and it bluntly suggests that spammers use "lying conmen" for their public relations. MAPS wants a double opt-in procedure whereby participants first have to sign up actively and then confirm their participation in subsequent email, so that all communications are "mutually consensual".

Users not liking the anti-spamming policy of their ISP should of course be able to switch easily to another, if they feel strongly enough about it. But if most significant ISPs use an anti-spamming information service like MAPS, the problem arises that users may be denied choice. Harris says MAPS consists of "a few self-appointed zealots [who] cannot be dictators of standards that affect hundreds of millions of people and billions of dollars of commerce", that it is unregulated, and that it uses different standards for spamming by the ISPs who fund it.

There's no doubt that the MAPS blacklist is an effective way of preventing spammers, and in most cases it works to the advantage of nearly everybody but the spammers. Professional spammers often use relay spammers to forward spam, although if MAPS blacklists the relay operator, its access is usually restored in 10 to 20 days if it deals with the matter that caused the complaint to the satisfaction of MAPS.

The fact that there have been no serious legal challenges until the Harris case (other than last week, when Yesmail.com obtained an injunction to remove it from the blacklist, while a settlement was negotiated) suggests that its work is generally appreciated. MAPS has been somewhat cocky about the legal threats it gets (and even has a web page entitled "How to sue MAPS"), perhaps because it is bankrolled by ISPs. The legal advice it has received is that the result of any action would very much depend on the judge assigned to the case. ISPs are often legally active against spammers: AOL says it has received substantial damages and injunctions against future spamming in more than 40 cases it has brought.

Spam's shapes and sizes

The primary spam, MAPS says, consists of advertisements for spamming services, followed by sex chat lines which MAPS says might include "schoolgirls doing things which are usually illegal for schoolgirls to do" (so you can see why some users might prefer an ISP that doesn't act as a spamming censor). Then there's pyramid selling schemes, and a host of self-improvement, "health", and other offerings that MAPS describes as "a darkly humorous silent commentary on the sad state of human relations".

Of the Harris suit, MAPS said that it was "insane" and that Harris was "trying to take away Microsoft's and AOL's rights to do business with whomever they want, and trying to force all of us to let them send unsolicited traffic across our networks". MAPS claims that Harris was sending email to people who didn't want it, and refused to change its procedures to stop this. AOL would only say that Harris' case had no merit.

Dallas-based Digital Marketing Services is now wholly owned by AOL and has the exclusive right to recruit respondents from AOL's membership. Visitors to AOL's Opinion Place are asked some demographic questions and then randomly selected for a survey, after which they are blocked for three months to participating in other surveys. Participants in DMS surveys get credits towards the AOL online fees, which has led to concern as to whether respondents were just after the incentive.

The situation became murkier when AOL started insisting that all its merchants had to agree to a post-purchase survey scheme provided by BizRate.com whereby purchasers could express their views about their satisfaction with the merchant, with the results being posted publicly. BizRate likes to think of itself as a trusted intermediary, but it derives its revenue from selling the rich data it obtains from its respondents to the merchants, perhaps without consumers fully realising this.

This saga does not appear to be simply one of the anti-spammer David versus the spammer Goliath, but is more likely a scrap between rival pollsters. A related problem is that in some cases (not this one apparently), it is too easy for market researchers to sell the buying intentions of respondents to merchants for online selling - or even for the pollster to sell directly, perhaps under another name. It may also be that AOL itself never considered the possible adverse effect on Harris of blacklisting it, and the consequent advantage to its DMS subsidiary.

A problem that does need to be addressed is the accountability of MAPS, which is unregulated. Nearly everyone would like spam to be suppressed, but there needs to be clear worldwide rules and enforcement. A first step was at last taken when the US House of Representatives passed the first anti-spam Bill last month by 427-1 (the Unsolicited Electronic Mail Act), which will require spammers to include a return email address and allow opt-out from future emailing, or face the wrath of the FTC). US law alone could not prevent the more despised US spammers going offshore and continuing their work, so regulation needs to be considered carefully. Meanwhile, any possibility of MAPS being faced with a conflict of interest if its own paymasters spam should be stopped as a matter of urgency. ®

Related Stories

Anti-spammers turn guns on each other
The ORBS/MAPS anti-spam battle revisited

High performance access to file storage

More from The Register

next story
Dropbox defends fantastically badly timed Condoleezza Rice appointment
'Nothing is going to change with Dr. Rice's appointment,' file sharer promises
Audio fans, prepare yourself for the Second Coming ... of Blu-ray
High Fidelity Pure Audio – is this what your ears have been waiting for?
Did a date calculation bug just cost hard-up Co-op Bank £110m?
And just when Brit banking org needs £400m to stay afloat
MtGox chief Karpelès refuses to come to US for g-men's grilling
Bitcoin baron says he needs another lawyer for FinCEN chat
Zucker punched: Google gobbles Facebook-wooed Titan Aerospace
Up, up and away in my beautiful balloon flying broadband-bot
Apple DOMINATES the Valley, rakes in more profit than Google, HP, Intel, Cisco COMBINED
Cook & Co. also pay more taxes than those four worthies PLUS eBay and Oracle
It may be ILLEGAL to run Heartbleed health checks – IT lawyer
Do the right thing, earn up to 10 years in clink
prev story


Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
SANS - Survey on application security programs
In this whitepaper learn about the state of application security programs and practices of 488 surveyed respondents, and discover how mature and effective these programs are.