spam and e-security bruce matthews manager, anti-spam team international training program 11...
TRANSCRIPT
Spam and E-Security
Bruce MatthewsManager, Anti-Spam Team
International Training Program11 September 2006
Chronology – Spam & the Australian Government• 2002 – Australian Government commences review into
problems caused by spam, and potential solutions• April 2003 – Report delivered. Recommended five part
strategy, including enactment of legislation• December 2003 – Legislation enacted - Spam Act 2003 • April 2004 – Act becomes enforceable• June 2006 – Report into 2-year review of Act delivered.
– No changes to Act recommended.
Five-Part Strategy
1. Strong enforcement of the Spam Act 2003
2. Education and awareness activities
3. Industry measures
4. Developing technological solutions and spam-monitoring processes, and
5. Working internationally to combat spam
Anti-Spam Team
Bruce MatthewsManager
Investigations & Enforcement(2 officers)
Technological & Industry Initiatives
(3 officers)
Complaints & International(2 officers)
1. Legislation – Spam Act 2003
• Regulates ‘commercial’ electronic messages only– advertising, promotional, marketing messages
– ‘phishing’, Nigerian scams
– viruses or harassment messages (if no commercial component) are not regulated by the Act
• ‘Technology neutral’– Covers emails, SMS, MMS, instant messaging
– Voice calls and fax currently excluded
1. Legislation – Spam Act 2003
All commercial electronic messages require:
1. The consent of the recipient;
2. Accurate sender information; and
3. An unsubscribe facility.
PLUS:• Address harvesting software and lists prohibited.
1. Legislation – Spam Act 2003
• “Opt-in” regime – therefore need consent of recipient before sending– Differs from US and other jurisdictions, which are opt-out
• Spam Act recently reviewed – June 2006– Act effective against spammers in Australia
– Balances interests of consumers & businesses in legitimate e-marketing
– No changes to legislation therefore recommended
1. ACMA Enforcement of Legislation
Under the Spam Act 2003, ACMA is empowered to:• receive complaints about spam (over 2,000 each
year); • impose and enforce penalties;• search premises and seize equipment where the Act
is breached; and• prosecute offenders in the Federal Court.
1. ACMA Enforcement of Legislation Complaint Trends
0
100
200
300
400
500
600
700
800
900
1000
Jun-04 Sep-04 Dec-04 Mar-05 Jun-05 Sep-05 Dec-05 Mar-06 Jun-06
Formal SMS Complaints
Formal complaints
1. ACMA Enforcement of Legislation Complaint Trends - SMS• Formal complaints are increasingly about SMS spam• Act is ‘technology neutral’ but written for email• SMS messages have 160 character limit:
– No meaningful information about consent can be provided
– ‘Sender’ is often altered
– Unsubscribe facility often omitted
• Mobile premium services now account for over 60% of SMS complaints
1. ACMA Enforcement of Legislation Complaints Process
Complaint Received
No Action Possible – Eg. Outside of Act Scope
First / Minor Complaints about Sender
Multiple / Serious Complaints received about sender
Educational Contact with Company
Complaints team commences formal action
Refer to Investigations Team
1. ACMA Enforcement of LegislationEnforcement Actions
• Over 900 companies/individuals directed to comply with the Spam Act– including formal warnings to 11 companies/individuals
• Enforceable undertakings accepted from 6 companies/ individuals
• Fines issued to 5 companies/individuals• One successful prosecution in the Federal Court
2. Education and awareness
• ACMA aims to increase awareness of spam legislation among consumers & the business & internet industries, by:– providing consumers and businesses with information on
how to reduce the amount of spam they receive; – informing businesses that send commercial electronic
messages about the requirements the Act places on them, and providing information on how they can avoid sending spam; and
– informing internet service providers (ISPs) about their obligations under the Act.
3. Industry liaison
• A cooperative approach is vital to combating spam. ACMA is working in partnership with industry bodies in the following ways:– The e-marketing industry developed a Code of Practice that
ACMA registered in March 2005.
– The internet industry developed the Internet Industry Spam Code of Practice. It came into effect 16 July 2006.
• Both Codes are available on the ACMA website.
3. Industry liaisonE-Marketing Code of Practice
• Developed by marketing and advertising industry bodies• Provides:
– specific guidance to the e-marketing industry on compliance with the Act
– alternative complaint handling mechanisms– best practice guidelines for e-marketing
• Code is strongly supported by the e-marketing industry, currently with 49 signatories
3. Industry liaison Internet Industry Spam Code of Practice• Internet Industry Spam Code of Practice December
2005 (the Spam Code) • The Spam Code came into effect on the 16 July 2006 • Applies to all ISPs and Email Service Providers
(ESPs) including international ISPs and ESPs– international ESPs treat reports from Australian consumer
no less favourably than reports from end users in the country where the ESP is located
3. Industry liaison Internet Industry Spam Code of PracticeAmong other things, the Spam Code requires ISPs/ESPs to:
– Have a reasonably prominent link on their home page to a spam information page, which must contain information prescribed by the code
– Provide to ACMA 24 hour contacts for spam issues. Currently 33 ISPs have supplied details covering over 90% of Australian end users.
• There is an example of an ‘Acceptable User Policy’ statement contained in code
4. Technological solutions & monitoring
• Working in partnership with industry and other government bodies.
• ACMA is pursuing the development of effective technological solutions and security measures to reduce spam, as well as monitoring national and global patterns of spamming activity.
• The SpamMATTERS system is a key part of this activity.
4. Technological solutions & monitoring - SpamMATTERS• SpamMATTERS (SM) is a reporting and forensic analysis
system developed to help fight spam • The reporting element of SM can be downloaded from the
ACMA website as a ‘plug-in’ to either Microsoft Outlook or Microsoft Outlook Express
• The plug-ins are free and designed to enable email users to easily report spam to the ACMA
• SM can simultaneously delete spam & report it to ACMA• These reports enable ACMA to take enforcement action
against Australian spammers and advise overseas countries of spammers operating in their jurisdiction
4. Technological solutions & monitoring - SpamMATTERS• SpamMATTERS currently has over 100,000
submitters• ACMA has received around 8 million spam emails
from submitters since the launch on 30 May 2006• SpamMATTERS has sorted the spam received into
around 1200 discrete campaigns.• Spam is trending away from porn to phishing and
fraud type emails.• Phishing emails are becoming increasingly common
and sophisticated.
5. International cooperation
• The Australian government is at the forefront of establishing and strengthening spam-reduction arrangements with other countries.
• Major ACMA international cooperative arrangements include:– Seoul-Melbourne Spam MoU
– London Action Plan
– Significant engagement with APEC-TEL and ITU
5. International cooperationSeoul-Melbourne Spam MoU• Cooperation in anti-spam regulatory frameworks and
policies, technical and educational solutions, enforcement support, intelligence exchange, and industry collaboration.
• 12 member organisations from 10 economies, all of which are government and/or agencies with government-related functions.
• Members are from Asian and Australasian countries• ACMA chairs and provides secretariat support
5. International cooperationLondon Action Plan (LAP)• Focus is: effective enforcement, law enforcement
developments, effective investigative techniques and enforcement strategies, obstacles to effective enforcement, joint consumer and business education projects, joint training sessions, and private sector initiatives and collaboration.
• 61 members, including government, industry associations and suppliers. Members are in Europe, America, and Asia.
E-Security
• Spam emails are increasingly for malicious purposes, such as e-security compromises
• Compromised computers are also the source of a high proportion of spam
• ACMA accordingly takes an active role in spam-related e-security issues
• ACMA has also developed a software package to reduce the amount of compromised computers operating on Australian networks
E-SecurityAustralian Internet Security Initiative (AISI)
• The AISI is a database to collect information on compromised computers.
• Compares IP address of compromised computer to a list of IP addresses of Australian ISPs
• Advises relevant ISP with a compromised computer on their network of the IP address, for ISP to inform customer and liaise with customer to fix
• ISP can disconnect customer but to ACMA’s knowledge this has not happened to date.
E-SecurityAustralian Internet Security Initiative (AISI)
• AISI has been tested with 6 ISPs to date.• Trial has demonstrated how effective the AISI is,
with all trialling ISPs wishing to continue with the AISI
• Extension of trial of ISI is expected in October 2006, in conjunction with DCITA – around 35 ISPs to participate
• ACMA will be contacting ISPs before October to ask them to participate
Anti-Spam Team Current Issues• Major investigation of email spammer initiated
through information provided by overseas regulator• ‘Missed call’ marketing practices• SMS spam - particularly mobile premium services
and interaction with Spam Act• Incorporation of SpamMATTERS data into AST
processes