APPENDIX A – Defining “spam”
APPENDIX B – Sample Acceptable Use Policies

APPENDIX A – Defining “spam”

In order to construct effective tools to combat spam it is necessary to define “spam” precisely.  This is because there are common differences in opinion over what is and is not to be considered spam.

Broadly, spam is email which is sent in bulk to a group of recipients who have not requested it.  It includes, but is not limited to, email that contains offensive or illegal content (such as pornography, or pyramid trading schemes respectively), misleading or deceptive advertising, jokes, or even bona fide commercial marketing material.

However, within this broad category (known as “unsolicited bulk email”) there are arguments over the specific details.  Some would consider it to be offensive unsolicited email, but not bona fide advertising.  Others may also include unsolicited commercial email.  Others may consider it any unsolicited “bulk” email, whether offensive, commercial, or simply trivial. 

This raises further debate, such as the definition of “unsolicited” – for example some would argue it should not include emails sent by known advertisers with whom the internet user has dealt previously. Or questions over how many emails constitutes “bulk” email.

Another issue relates to the definition of a spammer – or who is responsible for sending the spam – the individual or organisation that sends the spam, or perhaps the customer or client of that person or organisation, on whose behalf the spam is sent.

The importance of this discussion is obvious – any regime developed to combat spam must target the problem.  Legislation or codes of practice that impacted upon individuals sending unsolicited, bulk emails en masse to a wide group of friends (such as a party invitation) might not necessarily be acceptable.  Presumably also, some kinds of direct marketing via email must be allowable.

The main disagreement over the definition of “spam” appears to lie between individual internet users who define spam very broadly, and the more commercially minded, who take a narrower approach.

This paper examines the definitions used by CAUBE and NOIE, which exemplify these two approaches.

For example, the Coalition Against Unsolicited Bulk Email Australia (CAUBE), which claims to be a “grass-roots” organisation, defines spam very broadly, stating:

“In the case of electronic mail, spam is any electronic mail message that is:

1.      Transmitted to a large number of recipients; and

2.      Some or all of those recipients have not explicitly and knowingly requested those messages.”[24]

This is a commonly used definition, however, CAUBE then goes on to make clear that this broad definition is absolute.

“It does not matter what the content of the message is. It can be an advertisement for a commercial product, a solicitation for donations by a charity, or a religious pitch by somebody intent on saving your soul. If it meets the two criteria above, it is spam.”[25]

It then goes on to explain what it calls “acquaintance spam” – bulk, unsolicited email from previous acquaintances – but nonetheless still spam.

“Acquaintance spam is spam that is sent to you by somebody you have dealt with previously. For example, if you order a product from a web based merchant, you might supply your email address so that the merchant can confirm the order, or notify you of problems. If the merchant then starts sending you advertising material, that is acquaintance spam. Like the name says, it's still spam, and even though legislation is not likely to ever ban this form of spam, it can completely destroy a business' relationship with even its most loyal customers.”[26]

The National Office for the Information Economy (NOIE) is at odds with CAUBE on this point.  It adopts the CAUBE “two point” definition as its starting point:

“In the context of the Internet, spam refers to an electronic mail message that is:

1.      Transmitted to a large number of recipients; and,

2.      Most or all of the recipients have not requested those messages.

Spam is also called Unsolicited Bulk Email (UBE) or the more narrowly defined Unsolicited Commercial Email (UCE).”

However, it then narrows the definition significantly, by excluding direct marketing emails that CAUBE would define as “acquaintance spam”:

“In recognition of the legitimacy of many direct marketing practices, this office would not generally regard as spam direct marketing communications that:

·         do not promote illegal, offensive or deceptive content;

·         do not collect or use personal information in breach of the recent extensions of the Privacy Act to business; and,

are sent to recipients who have consented to receiving e-mail communications of the type being sent.”[27]

These two approaches differ on the understanding of what “unsolicited” means.  While unsolicited email occurs when recipients “have not requested those messages”, CAUBE believes that recipients must “knowingly and explicitly” request each email.  This explains why CAUBE would include “acquaintance spam”.  NOIE on the other hand claims that once a recipient has consented to “receiving e-mail communications of the type being sent”, that person has in effect requested future emails from that source.

It should be noted that the definition of “bulk emails” is a point in common.  Both use the phrase “transmitted to a large number of recipients”.  When it comes to working out how many recipients is “a large number”, CAUBE states:

“As a rough rule of thumb, if a human makes a conscious and informed decision, on a message by message and recipient by recipient basis, that the individual message should be sent to that individual recipient, it is probably not bulk. If you put somebody on a mailing list to be used multiple times, that will be bulk, and if you just decide your message should be sent to a bunch of addresses just because you can get your hands on them, that is bulk.

 

“Rules that try to pick a number typically mark a line between 20 and 50 substantially similar messages in a day. Using such rules, anything above the line is bulk, and anything below the line is not bulk.”[28]

Although it also points out that

“laws and industry codes typically deal with anything that is unsolicited and commercial. As a consequence, you can be in breach of such laws and codes by sending just one unsolicited advertisement via email.”[29]

In its recently released interim report, “The Spam Problem and How it can be Countered”, NOIE acknowledged that this debate should be resolved, stating:

“A clear and widely accepted working definition of ‘spam’ should be developed for consistent interpretation, and to better inform and enable anti-spam enforcement at the consumer, Internet Service Provider (ISP), business and government levels.”[30]

Unfortunately the interim report makes no suggestion about which process can resolve the question.

These different definitions emphasise the different approaches to dealing with spam.  The CAUBE definition has been created solely from the point of view that any unsolicited email is bad news and should be prevented.  CAUBE itself acknowledges that it sometimes takes an almost unrealistic position when it says “legislation is not likely to ever ban [acquaintance spam]”.

Conversely, NOIE has taken a more holistic view, no doubt appreciating that the Internet is a business medium, and has adopted a definition of spam which does not reject the commercial reality of advertising and direct marketing.

The conclusion to be drawn from this is that the definition used for spam depends on the outcome that is sought.  For example if the outcome to be achieved is to combat all types of bulk emails, including advertising (deceptive or otherwise), pornography then possibly a broader definition of spam should be adopted.  If the aim was to just prevent offensive and deceptive email, but to allow legitimate advertising, then a slightly narrower definition will be required.

return to SPAM Policy Discussion Paper

APPENDIX B – Sample Acceptable Use Policies

Below are two sample Acceptable Use Policies from prominent Australian internet service providers, Ozemail and Telstra Bigpond.  The formeraddresses spam in a roundabout fashion, while the latter is direct, concise and comprehensive.

Ozemail[31]

2.1 You have responsibilities

[…]

bulletrespect the conventions of the newsgroups, lists and networks that you use;

[…]

bulletrespect the privacy of others;
bulletuse the service in a manner which does not interfere with or disrupt other network users, services or equipment; and
bulletrefrain from acts that waste resources or prevent other users from receiving the full.

[…]

3.2 Specific kinds of use are not allowed

[…]

bullettransmit threatening, obscene or offensive materials;
bulletengage in electronic `stalking' or other forms of harassment such as using abusive or aggressive language;
bulletmisrepresent or defame others;
bulletcommit fraud;

[…]

bulletengage in misleading or deceptive on-line marketing practices;
bulletconduct any business or activity or solicit the performance of any activity that is prohibited by law;

[…] or

bulletattempt to do any of these things.

3.3 Disruption of the network is not allowed

bulletdistribute messages to inappropriate or unrelated forums, newsgroups or mailing lists (`spamming');
bulletsend unsolicited commercial messages;

[…]

bulletmake transmissions of any type or quantity which adversely affect our operation or jeopardise the use of our service, or its performance for other members;”

Telstra Bigpond[32]

2.1 You must not:

(a)   use telstra.com for any activities or post or transmit to or via telstra.com any information or materials which breach any laws or regulations, infringe a third party's rights, or are contrary to any relevant standards or codes;

(b)   use telstra.com in a way or post to or transmit to or via telstra.com any material which interferes with other users or defames, harasses, threatens, menaces, offends or restricts any person or which inhibits any other user from using or enjoying telstra.com;

(c)   use telstra.com to send unsolicited electronic mail messages to anyone;

(d)   to make any fraudulent or speculative enquiries, bookings, reservations or requests using telstra.com;

[…]

(f)     post, or transmit via telstra.com, any obscene, indecent, inflammatory or pornographic material or material that could give rise to civil or criminal proceedings;

[…]

(i)      attempt any of the above acts or permit another person to do any of the above acts.

return to SPAM Policy Discussion Paper