It's not about tougher laws -- it's about enforceable laws! Only in cyberspace can the law be broken without knowing the jurisdiction in which the law was broken -- and only in cyberspace can a criminal completely hide his/her identity.
If I am (or a member of my family is) driving recklessly, there is a license plate on my car which identifies me as the owner. If a gun is used to commit a crime, it is registered to someone. And, if I rob a bank while wearing a ski mask, there is still physical evidence which connects (and witnesses who can connect) me to the crime. But if I choose to sign up for a free e-mail account under an assumed name, and if I use a public link to the Internet, it is almost impossible to determine who I am and what I am doing.
The price of guaranteed anonymity is having to put up with other anonymous people trying to steal from me. I have no protection from these thieves and the authorities have neither the tools nor the time to try to catch them. Ironically, it is the very anonymity that tempts would-be thieves to use the Internet to break the law. I always use my real identity when I register for a Web site because I have nothing to hide, but how many people use bogus names so they can say outrageous things to their fellow human beings or do outrageous things to steal from their neighbors. This level of anonymity has contributed to the decline in civility at all levels of society.
Thanks for the opportunity to comment.
How would global e-mail communication be if each e-mail message required some type of authentication? What if each e-mail received generated a 'confirmation' with in the protocol (SMTP?) that required the sending server to confirm that it really sent the message. That way, the header information would need to be legitimate if the message delivery is to be completed.
I think it would require millions of servers to change their SMPT settings...but think of the spam and viruses that would not be delivered!
I read your stuff all the time, please keep up the great work.
I really don't think new laws would help. Many of these spammers operate outside the justification of the U.S. -- new laws would be futile. We need better tools and education. People need to know that when they sign for things online, there is a very good chance someone they don't want will get their e-mail. I run an Exchange 2003 server with just under 100 mailboxes. I was using Sunbelt's Ninja for several years. It worked at first but as time went on the mail queue would often be overwhelmed with undeliverable mail and bounce backs from spammers using our domain for masquerading their spam to others. I now use an off-site solution through a local IT provider. All our mail goes through it first and there is hardly ever spam that gets through. No more need to restart the mail queue either. It only costs us $150/month, thanks in part to a non-profit discount.