The growth of spam and vigilantism on the Internet

Imagine this: Someone tries to break into your home over five thousand times a week. Or attempts to defraud you over and over again. You'd call the police, right? The law would (rightly) get involved. So why didn't I call the police last week when multiple parties tried to use this blog in an unauthorized manner over five thousand times? Why are the rules different on the Internet? I am, of course, talking about spam.

I would argue that the most valuable, and scarcest, commodity that each one of us have today is time on earth. Given that, and given that my website and my email account account are my property, shouldn't any attempt to steal my time and use my property without authorization be a criminal act that is policed at the highest levels? Forget the war on terror, we are bleeding to death here in the spam wars. Without legistlation and without a sustained official response to this criminal act, we are also seeing the rise of the only other alternative: Internet citizens are taking the battle into their own hands and being forced to become vigilantes in order to protect themselves, their sites and their most precious commodity, time.

Blue Frog is one recent example of Internet vigilantism. It was a community-based system that sent automated complaints to hit back at spammers. It must have made an impact because it was eventually attacked by a group of spammers with a DDoS attack that crippled the service and forced Blue Security to shut it down. This bit of gang warfare took place right outside out own windows and there wasn't a single Bobby in sight.

I use two different tools myself to combat spam on this blog (notice the words we use to talk about the spam wars). Bad Behavior is a script that stops automated spam attempts and AKismet is another community-based tool that (mostly) catches everything else. Together they stop thousands of spam attempts weekly on my blog alone. And the number of attempts is increasing. The spam statistics page on Akismet shows an alarming rise in the number of spam versus ham (legitimate) comments their system is seeing. There is a huge surge in the graph over the last three months. I've also noticed a similar trend in my email spam and some individual managed, for the first time in my experience, to spam a couple of mailing lists that I'm on, including the Arp mailing list.

If something is not done to curb the rise of spam, I'm afraid that we are going to be spending more and more of our time in trying to combat this pest. It is already having a huge effect in curbing the multi-way communicative nature of the Internet. It's a common story today to hear of a Wiki that is destroyed by automated comment spam or of someone who will not allow comments on their blog because of their (rightful) fear of spam. And more often than not, on the Internet (if not in the computer world in general), it is the victim that is made to feel responsible. "What? You don't have an anti-spam plugin? Oh you were asking for it!" "You mean you don't have anti-spyware software? You deserved it!" It's akin to telling a someone that they deserve to be raped if they're not wearing a chastity belt. What we need is to change the climate so that we can strut our stuff on the Internet without fear as we do in most civilized places in the real world.

Unless legistlators understand the severity of the situation and draft necessary legistlation and unless adequate resources are allocated for law enforcement to actually apply this legistlation, however, citizens of the Internet will continue to be forced to live in an environment where the victim is at fault and where vigilantism is the only form of self-defense.