Home / Blogs

What the ITU WSIS Spam Meeting Accomplished

John Levine

The first week in July I went to an acronym-heavy World Symposium on the Internet Society Thematic Meeting on spam in Geneva.

A few people have reported this as a meeting by "the UN", which it wasn't. Although the International Telecommunications Union is now part of the UN, it dates back to an 1865 treaty to manage international telegraph communication. The ITU is now three pieces, the ITU-T which handles telephony and related things, the ITU-R which handles radio spectrum, and the ITU-D which coordinates telecom related development in less developed countries (LDCs.) The ITU-T coordinates telephone number country codes, standards for interconnection phone and data networks, and other things to glue the world's phone systems together, and was the main part of the ITU visible at the meeting. The ITU isn't the part of the UN that's supposed to have black helicopters; they would be across the street at the Palais de Nations.

Since most countries have permanent delegations in Geneva or nearby, there were representatives from lots of little countries present as well as most of the big ones. The big country reps tended to be political, so that for example the US delegation was from the State Department, appeared to have no experience or instructions relative to spam, and merely objected to language in the report that might have required that the US do something.

A fair amount of the conference was spent on describing the spam landscape (I discussed the limited standards efforts currently under way) and a bunch of snoozers in which various governments told us that they sure thought it'd be a good idea to do something about spam. We all agreed that from the point of view of the governments represented, the most urgent need is to coordinate laws and law enforcement so they can pursue the crooks who send the bulk of today's spam and frequently use computers in multiple countries to do so. Most countries have laws that the crooks are breaking, about computer fraud and abuse or plain old theft, so the immediate issue is to enforce them. The American Federal Trade Commission and the corresponding British and Australian agencies recently signed a Memorandum of Understanding to cooperate in anti-spam enforcement. There was some sentiment for a MOU that lots and lots of countries could join, which would be administered by the ITU, but I got the impression that the big countries would rather not have the baggage of little countries to deal with.

A topic that came up repeatedly was the disproportionate effect that spam has on LDCs. One problem is that their net connections tend to be slow and expensive, so merely downloading the spam to throw it away costs them a lot of time and money. This could presumably be solved at some cost to national pride by locating inbound mail servers or at least mail proxies in places with better connections so that most of the spam is filtered out before being sent down the expensive connection. A more subtle but more important problem is that the all of the spam and phishing and other misbehavior on the net makes LDCs reluctant to use the net at all. People in LDCs are no less smart than people elsewhere, but they rarely have the technical training or experience that their counterparts in developed countries do. The buzzphrase here is human capacity building, something the ITU-D does. The outspoken delegate from Syria made these points quite forcefully.

The last session in the conference was the horse-trading leading to the conference report. (There's audio archives of the whole thing, so if you want, you can listen to the horses being traded.) I'm not sure exactly what this conference accomplished, but was clear that there's finally a global consensus that spam is a problem that needs to be fixed, and no country (well, except maybe the resurgently exceptionalist US) can do it alone.

By John Levine, Author, Consultant & Speaker
Follow CircleID on
Related topics: Cybersecurity, Spam
SHARE THIS POST

If you are pressed for time ...

... this is for you. More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

I make a point of reading CircleID. There is no getting around the utility of knowing what thoughtful people are thinking and saying about our industry.

Vinton Cerf, Co-designer of the TCP/IP Protocols & the Architecture of the Internet

Share your comments

Re: What the ITU WSIS Spam Meeting Accomplished Suresh Ramasubramanian  –  Aug 11, 2004 8:18 AM PDT

The syrian delegate too was, in the final analysis, concerned with getting his words into the final agenda, which is about the only thing he focused on doing. :)

I sure wish a stronger plug for open source antispam filters could have been made, especially in the context of LDCs who are plagued with spam and wary of implementing e-governance because of phishing and id theft.

What *was* productive in that event is that a whole lot of figures on how much spam costs everybody were being popped up on one powerpoint after another.

And the right views (yours, the spamhaus.org people's etc views) got listened to by at least a few people - the people who did count in the conference and who were capable of doing something about the problem.

For example, the Chinese seem to be making some very interesting statements - from an initial set of public statements not more than a year back about how they were more sinned against than sinned, and how english spam was hitting millions of chinese mailboxes every day, they have started to acknowledge the huge infestation of foreign spammers that is hosted in just about every chinese ISP. [ref the presentation of Dr.Fu, from their Ministry of Information Industry].

The situation is not as bleak as presented by most people.

Sure it was a high powered schmooze (and snooze) session.

Sure, several delegates were interested in doing as little as possible while other delegates were interested in just getting their names into the final agenda ...

.. but some good is being done, and an organization (well, two organizations - the ITU and the OECD), that have a great deal of clout where it counts, are now taking an active interest in antispam issues and regulations.

To post comments, please login or create an account.

Related

Topics

IP Addressing

Sponsored byAvenue4 LLC

Whois

Sponsored byWhoisXML API

Cybersecurity

Sponsored byVerisign

Cybercrime

Sponsored byThreat Intelligence Platform

DNS Security

Sponsored byAfilias

Domain Names

Sponsored byVerisign

New TLDs

Sponsored byAfilias