JiscMail Logo
Email discussion lists for the UK Education and Research communities

Help for CYBER-SOCIETY-LIVE Archives

CYBER-SOCIETY-LIVE Archives

CYBER-SOCIETY-LIVE Archives


CYBER-SOCIETY-LIVE@JISCMAIL.AC.UK


View:

Message:

[

First

|

Previous

|

Next

|

Last

]

By Topic:

[

First

|

Previous

|

Next

|

Last

]

By Author:

[

First

|

Previous

|

Next

|

Last

]

Font:

Proportional Font
LISTSERV Archives

LISTSERV Archives
CYBER-SOCIETY-LIVE Home

CYBER-SOCIETY-LIVE Home
CYBER-SOCIETY-LIVE 2006

CYBER-SOCIETY-LIVE 2006

Options

Subscribe or Unsubscribe

Subscribe or Unsubscribe

 Log In

Log In

 Get Password

Get Password

Subject:

[CSL]: Policy Post 12.05: Certified E-mail Plan Stirs Controversy

From:

J Armitage <[log in to unmask]>

Reply-To:

Interdisciplinary academic study of Cyber Society <[log in to unmask]>

Date:

Wed, 15 Mar 2006 09:01:36 -0000

Content-Type:

text/plain

Parts/Attachments:
Parts/Attachments

text/plain (289 lines) 

From: [log in to unmask]
[mailto:[log in to unmask]] On Behalf Of CDT
Info
Sent: 14 March 2006 16:54
To: [log in to unmask]
Cc: CDT Policy Posts
Subject: Policy Post 12.05: Certified E-mail Plan Stirs Controversy

A Briefing On Public Policy Issues Affecting Civil Liberties Online 
from The Center For Democracy and Technology

(1) Certified E-mail Plan Stirs Controversy
(2) AOL's Certified Mail Service Does Not Appear To Impede the Flow 
of "Free" E-mail
(3) Certified E-mail Responds To Real Need; Continued Vigilance Necessary

----------------------------------------
(1) Certified E-mail Plan Stirs Controversy

In recent weeks, many in the nonprofit community have voiced alarm 
over a plan by America Online (AOL), the nation's largest e-mail 
provider, to offer paid, "certified" e-mail service to selected bulk 
senders. Unions, consumer groups and public interest advocates formed 
a coalition to oppose the forthcoming service, warning that certified 
e-mail represents a first step toward a "tax" on e-mail 
communication. That opposition has centered on the fear that by 
creating a new class of e-mail senders who pay to have their messages 
delivered, e-mail providers have started down a slippery slope toward 
a two-tiered e-mail architecture. Opponents fear that under such a 
structure, nonprofit speakers -- many of whose messages constitute 
Constitutionally protected political speech -- will face a 
deterioration in their ability to deliver messages if they can't or 
won't pay for certified mail services.

CDT has long fought to preserve the free and open Internet, opposing 
efforts to restrict content, to place undue financial, legal or 
bureaucratic burdens on political speech, or to artificially limit 
the ability of speakers to reach the sweeping audience the Internet 
allows. CDT opposes any changes to e-mail architecture that would 
impair the effectiveness of e-mail as an accessible communications 
tool, particularly for senders in the political and nonprofit 
communities. As such, CDT shares the underlying goal of the groups 
opposing the certified mail services to forestall the emergence of a 
"pay-to-play" e-mail environment.

However, CDT has a very different reading of the facts surrounding 
this controversy. CDT does not believe the service will harm the 
ability of non-paying senders to deliver messages to AOL customers. 
CDT was troubled by initial media reports that AOL intended to 
dismantle or scale back its existing "white lists," but the company 
has publicly committed to maintaining those lists, which help to keep 
messages sent by legitimate bulk e-mailers (including non-profit 
senders) from being inadvertently trapped by AOL's spam filters. So 
long as the white lists remain robust and intact, legitimate bulk 
mailers that opt not to participate in the certified mail program 
should see no degradation in e-mail deliverability.

Some critics of certified mail have gone a step further, conflating 
it with the debate over "network neutrality." CDT believes that 
certified mail and network neutrality are distinct and separate 
issues, distinguished by significant differences relating to 
competition, capacity and architecture. CDT is engaged in a series of 
consultations regarding net neutrality, and intends to address the 
issue separately.

Critics also have observed that certified mail will not help combat 
spam. However, the program has been developed primarily as a way to 
increase the security and trust level of e-mail, not as a 
spam-fighting tool. Declining consumer trust in online safety and 
security has emerged as perhaps the key factor preventing the 
Internet -- e-mail in particular -- from reaching its full potential. 
Internet users have been forced to treat e-mail messages 
suspiciously; even those that purport to come from known and trusted 
entities. This has hurt the ability of both commercial and nonprofit 
e-mail senders to reach their audiences. Certified e-mail could be a 
valuable tool in the fight against "phishing" schemes and other, 
increasingly sophisticated forms of Internet fraud. The target market 
for certified mail services appears to be legitimate and 
well-established senders seeking to assure customers that the 
messages they receive are genuine. That kind of authentication could 
offer real benefits for both senders and recipients of transactional 
e-mail and help to restore trust online.

Nor is the AOL/Goodmail service the only or first effort to enable 
senders of e-mail to obtain some type of special certification or 
treatment for their messages. Established examples include the Habeas 
and Bonded Sender programs. Such programs may vary in their structure 
and business models, but they share the characteristic of providing, 
for a fee, participating bulk e-mailers with special treatment for 
their messages. In addition, Yahoo! has said it is working with 
Goodmail on a certified mail program of its own.

Paid certification services could cease to be benign should they 
replace, rather than complement, white lists and other low- to 
no-cost e-mail deliverability tools. The public interest and Internet 
communities must remain vigilant against initiatives that erect new 
price barriers that limit the ability of small and non-commercial 
speakers to use the medium. For now though, e-mail providers should 
not be discouraged from offering potentially useful anti-fraud tools, 
so long as they remain committed to maintaining a high level of 
service to non-participating senders.

----------------------------------------
(2) AOL's Certified Mail Service Does Not Appear To Impede the Flow 
of "Free" E-mail

AOL's certified e-mail program will not be available to every sender 
willing to pay the fee. Eligibility, much like eligibility for AOL's 
white list programs, will be limited to bulk senders that have 
demonstrated over time very scrupulous mailing and list-management 
practices. In addition, in administering the program, Goodmail will 
require that organizations submit to an extensive screening process 
in order to participate. Thus spammers and unscrupulous marketers 
will not be able to pay their way around AOL's spam filters.

Once cleared to participate, senders will obtain cryptographic tokens 
from Goodmail that identify outgoing messages as "certified." Once 
verified by AOL, mail marked with a token will bypass AOL's spam 
defenses and be delivered directly to recipients' mailboxes, marked 
with a special "Certified Email" icon. This icon will confirm to the 
recipient that the message was sent by the identified sender. 
Companies will pay less than a cent per message to use the service.

The target market for certified mail services will be large senders 
of transactional messages. In recent years, banks, credit card 
companies, e-commerce vendors and other organizations that rely on 
e-mail for transactions, including some nonprofits, have been subject 
to an increasingly sophisticated breed of online scams targeted at 
their customers. In a typical phishing attack, an online criminal 
sends massive amounts of spam e-mail forged to mimic legitimate 
transactional messages. The messages direct recipients to cleverly 
forged Web sites where they are prompted to divulge sensitive account 
details.

The cryptographically verified certified mail messages should make it 
possible for consumers to identify and trust the legitimate 
transactional messages they receive from companies with which they do 
business.

What's important from the standpoint of the larger Internet community 
is that certified mail service will not replace AOL's two no-cost 
deliverability tools: the white list and the "enhanced" white list. 
The white list is a regularly updated list of bulk senders who meet 
baseline standards for responsible mailing practices. Once cleared 
through an application process, and so long as their messages do not 
generate excessive complaint or bounce rates, organizations on the 
white list are able send messages that bypass some of AOL's bulk mail 
filters. White list senders receive feedback on the complaint and 
bounce rates their e-mails generate, so they can determine when their 
mailing lists or practices need improvement. Senders on the white 
list that demonstrate exemplary mailing practices (as shown by very 
low complaint and bounce rates) can qualify for inclusion on the 
company's "enhanced" white list. Enhanced white list messages bypass 
the same filters that certified mail messages will bypass, including 
filters that disable links and images in the body of a message.

Critics have suggested that over time AOL will have little incentive 
to invest in maintaining the white lists' effectiveness, so that 
senders looking for reliable delivery gradually will be driven to use 
the paid service. But incentives to maintain the white lists are 
strong. The e-mail provider market is highly competitive, and to meet 
the requirements of its subscribers, a provider must ensure that they 
reliably receive all the messages they want. Thus, there is a 
significant marketplace incentive for AOL to continue to maintain and 
improve its white lists and other no-cost services that maximize the 
delivery of wanted mail.

Certified mail probably won't make sense for all or even the majority 
of bulk senders. Still, AOL and Goodmail have announced that the 
service will be available to qualifying non-for-profit senders at a 
deep discount (95 percent off commercial rates, according to 
Goodmail). As long as this discount pricing structure is maintained, 
it may help qualifying charities and nonprofits to build more trusted 
e-mail relationships with donors and other constituencies. In 
addition, AOL recently announced the launch of a new free service 
that will permit non-profits that have their e-mailing practices 
approved by a third party accreditation agency to obtain treatment 
equivalent to enhanced white list senders.

----------------------------------------
(3) Certified E-mail Responds To Real Need; Continued Vigilance Necessary

It is important to acknowledge the risks associated with widespread 
migration toward paid, certified e-mail. Low-cost, unfettered e-mail 
distribution must be preserved, especially for those in the nonprofit 
and public interest communities. But it is equally important that the 
nonprofit community understand the very real threat that AOL and 
other companies are seeking to address with the introduction of 
certified e-mail products.

The rise of phishing and other dangerous Internet scams is measurably 
eroding the trust that users have in e-mail and Internet 
communication. In a 2005 study by AOL and the National Cyber Security 
Alliance, 61 percent of respondents reported having been targeted by 
a phishing attempt. Of those that were targeted, 70 percent thought 
the phishing e-mail looked legitimate. In a 2005 survey by the Pew 
Internet & American Life Project, 53 percent of people reported that 
spam had made them less trusting of e-mail. This steady erosion in 
trust affects every bulk e-mail sender in the world including 
nonprofits, and won't be easily reversed. Left unchecked the decline 
in user confidence will deal a far worse blow to Internet 
communication than will any degradation of e-mail delivery. When 
people don't trust their e-mail, the medium becomes useless as a tool 
for discourse, as well as commerce.

CDT believes the AOL service does not pose a near-term threat to 
non-paying bulk senders, but the concerns that certified mail may 
represent the first step down a slippery slope toward a more closed, 
cost-limited e-mail architecture call for ongoing scrutiny. Internet 
advocates and the nonprofit community must actively work to ensure 
that changes in market factors and business models don't lead to 
major changes in the pricing structure of e-mail, which has 
flourished as a low-cost way to reach millions of people.

The bad outcomes suggested by certified mail opponents are by no 
means inevitable, even if certified mail and comparable pay services 
succeed far beyond the expectations of e-mail service providers. 
Market competition and an attentive Internet community are keys to 
ensuring that providers maintain their no-cost deliverability 
programs. In particular, CDT will watch closely to make certain that:

- Certified mail does not replace white lists and other tools that 
help ensure that all conscientious bulk senders are able to reach 
their audiences, without being subject to additional fees;

- Wherever possible, certified mail services are offered at a 
discount or without cost to nonprofit senders to ensure that they too 
can take advantage of more secure transactional e-mailing;

- Certified mail services are offered only to senders that have 
demonstrated highly scrupulous sending practices, and not to those 
seeking to buy their way past spam filters; and that

- Marketing materials do not characterize all non-certified e-mail 
messages as "unsafe." E-mail users must be wary of potential scams, 
but that need not mean deleting or ignoring all message that arrive 
via the ordinary, non-paying e-mail architecture.

Global e-mail communication owes a great deal to the continued 
innovation of the e-mail providers and ISPs who comprise the global 
network. Within the context of preserving the essential openness and 
low barriers to entry at the heart of the Internet, providers should 
be given considerable leeway to develop new services with the 
potential to improve the user experience. The certified mail service 
proposed by AOL and Goodmail raises some issues that bear monitoring, 
but it also offers significant potential benefits to organizations 
seeking to build trust in a medium facing mounting risks.

----------------------------------------
Detailed information about online civil liberties issues may be found 
at http://www.cdt.org/.

This document may be redistributed freely in full or linked to 
http://www.cdt.org/publications/policyposts/2006/5.

Excerpts may be re-posted with prior permission of [log in to unmask]

Policy Post 12.05 Copyright 2006 Center for Democracy and Technology
_______________________________________________
http://www.cdt.org/mailman/listinfo/policy-posts

-- 
This message has been scanned for viruses and dangerous
content by the NorMAN MailScanner Service and is believed
to be clean.

The NorMAN MailScanner Service is operated by Information
Systems and Services, University of Newcastle upon Tyne.


====
This e-mail is intended solely for the addressee. It may contain private and
confidential information. If you are not the intended addressee, please take
no action based on it nor show a copy to anyone. Please reply to this e-mail
to highlight the error. You should also be aware that all electronic mail
from, to, or within Northumbria University may be the subject of a request
under the Freedom of Information Act 2000 and related legislation, and
therefore may be required to be disclosed to third parties.
This e-mail and attachments have been scanned for viruses prior to leaving
Northumbria University. Northumbria University will not be liable for any
losses as a result of any viruses being passed on.

************************************************************************************
Distributed through Cyber-Society-Live [CSL]: CSL is a moderated discussion
list made up of people who are interested in the interdisciplinary academic
study of Cyber Society in all its manifestations.To join the list please visit:
http://www.jiscmail.ac.uk/lists/cyber-society-live.html
*************************************************************************************

Top of Message | Previous Page | Permalink

JiscMail Tools


RSS Feeds and Sharing


Advanced Options


Archives

April 2024
March 2024
February 2024
January 2024
December 2023
November 2023
October 2023
September 2023
August 2023
July 2023
June 2023
May 2023
April 2023
March 2023
February 2023
January 2023
December 2022
November 2022
October 2022
September 2022
August 2022
June 2022
May 2022
March 2022
February 2022
October 2021
July 2021
June 2021
April 2021
March 2021
February 2021
January 2021
December 2020
November 2020
October 2020
September 2020
July 2020
June 2020
May 2020
April 2020
February 2020
January 2020
December 2019
November 2019
October 2019
September 2019
August 2019
July 2019
June 2019
May 2019
March 2019
February 2019
January 2019
December 2018
November 2018
October 2018
September 2018
August 2018
July 2018
June 2018
May 2018
April 2018
March 2018
February 2018
January 2018
December 2017
November 2017
October 2017
September 2017
August 2017
July 2017
June 2017
May 2017
April 2017
March 2017
January 2017
December 2016
November 2016
October 2016
September 2016
August 2016
June 2016
May 2016
April 2016
March 2016
February 2016
January 2016
December 2015
November 2015
October 2015
September 2015
August 2015
July 2015
June 2015
May 2015
April 2015
March 2015
February 2015
January 2015
December 2014
November 2014
October 2014
September 2014
August 2014
June 2014
May 2014
April 2014
March 2014
February 2014
January 2014
December 2013
November 2013
October 2013
September 2013
August 2013
July 2013
June 2013
May 2013
April 2013
March 2013
February 2013
January 2013
December 2012
November 2012
October 2012
September 2012
August 2012
July 2012
June 2012
May 2012
April 2012
March 2012
February 2012
January 2012
December 2011
November 2011
October 2011
September 2011
July 2011
June 2011
May 2011
April 2011
March 2011
February 2011
January 2011
December 2010
November 2010
October 2010
September 2010
August 2010
July 2010
June 2010
May 2010
April 2010
March 2010
February 2010
January 2010
December 2009
November 2009
October 2009
September 2009
July 2009
June 2009
May 2009
April 2009
March 2009
February 2009
January 2009
December 2008
November 2008
October 2008
September 2008
June 2008
May 2008
April 2008
March 2008
February 2008
January 2008
December 2007
November 2007
October 2007
September 2007
June 2007
May 2007
April 2007
March 2007
February 2007
January 2007
2006
2005
2004
2003
2002
2001
2000


JiscMail is a Jisc service.

View our service policies at https://www.jiscmail.ac.uk/policyandsecurity/ and Jisc's privacy policy at https://www.jisc.ac.uk/website/privacy-notice

For help and support help@jisc.ac.uk

Secured by F-Secure Anti-Virus CataList Email List Search Powered by the LISTSERV Email List Manager