When Nannies Rule the Net (kinda long, sorry)
Gary Lawrence Murphy
18 Feb 2002 17:48:47 -0500
Here's a question for the privacy-tuned FoRK'ers out there:
When does an ISP's self-appointed email nanny filter cross the line
from public service feature to becoming an invasion of privacy?
I'll tell you why I ask: I recently learned that Canada.com may be
scanning my email. According to the SMTP messages it gives out, their
mail system (or actually cp.net who handles many webmail and email
redir services) claims to be "protecting" me from spam.
don't even have their word that it is not more than this. All I know
is that (a) at _least_ the headers of my incoming email messages are
being scanned, and (b) some of my messages are being rejected for
unspecified reasons other than being suspected of being "spam" (with
no definition "spam")
Am I being over-reactionary? Canada.com is a national service of the
National Post, part of CanWest Global's fleet of information services.
Censorship and invasion of privacy does not seem consistent with their
aims -- either they (and the privacy commission) don't understand my
concern (like the day in '97 when I called the RCMP about my domain
being used to threaten the US House of Congress) or they don't care,
or ... maybe something really sinister _is_ going on here, and what
better place to gather data than through Canada's largest free email
Do any of you have such "spam" filters imposed on you? Yes, I could
use another mail service, but after 7 years, I'm pretty entrenched at
this address and will be sad to leave it. Such a move will also be
expensive. Must I live with this or is there any precident for taking
action to have the ISP remove their watchdogs (or offer the option);
they can't tap my phone lines without reason (even if they don't tell
me the reasons) so why is it legal to tap my emails?
I don't begrudge nanny filters. Just so long as you can opt out. My
dialup ISP also had nanny-filters on our email, but when I requested
he turn it off, Mark said "No problem" and it was gone within the
hour. I hate spam, I truly do, but I also know another local ISP
considers any email with the word "free" in the subject line to be
'spam' -- I hate spam, but I do not trust any robot (or any teen
sysadmin armed with procmail) to decide what I can and cannot read.
I wrote to Canada's federal privacy commission. I've received no
reply; the following is what I sent to both the Privacy Commissioner
and to the domain owners of Canada.com. For those who don't know,
"Sussex Drive" is the Canadian equivalent to Pennsylvania Avenue or
Britain's #10 Downing Street ...
>To: email@example.com, firstname.lastname@example.org
>Cc: email@example.com, firstname.lastname@example.org
>Subject: Privacy and censorship at Canada.com
>From: Gary Lawrence Murphy <email@example.com>
>Date: 09 Feb 2002 17:11:57 -0500
It has come to my attention that canada.com is silently scanning and
censoring my email; the attached error message I received from
sunsite.dk shows email rejected by canada.com. The canada.com server
calls this action a "UCE/spam filter" but a rose by any other name ...
The email in question was indeed spam, but this is irrelevent; it
could have easily been important email from the JDE developer's group.
The fact is, without knowing the censorship policy or even the true
reasons for this message being rejected (RFC 822 Headers? The Subject
line? The sender email? The keywords in the body of the message?)
it's impossible to say how much of my email is being read, judged
and rejected by your system administrators, robotic or otherwise.
Is it an Internet service provider's place to silently decide what
should and should not be read? No, at least, not without my awareness
and, hopefully, not without my permission. Sunsite.dk caught this
particular infraction, but other sources may not; I now wonder what
other email your self-appointed net nannies have silently siphoned
from my mailqueue.
The sky is the limit when invasion of privacy and censorship takes root.
Checking the canada.com policies, email options and help pages, I can
find no statement that our email is being monitored and arbitrarily
censored. There is certainly no user option to disable censorship.
I have a great deal of experience with UCE; I have been using the
Internet since 1987. I am a big boy and can determine on my own what I
should and should not read. Others may welcome your filtering of
their personal mail, and that is fine and welcome, but I expect an
email service, not a mother (I have one, thanks); apart from the
secret filtering of my mail, Canada.com is a very good and very
reliable email service, one I recommend in all directions.
I also have a great deal of experience with the processing of natural
language. Fact: Robots do not reason. Robots follow rules, and as a
result, robots _always_ fail the Turing Test; Murphy's Law implies
they will fail on the most important email.
Case in point: This last year, I discovered my own very carefully
crafted suite of UCE filters were silently deleting _all_ email
from my good friend Udo Kasemets (Canada's leading modern composer,
now 80 yrs old) --- due to his long 'silence', I believed he might
be dead until I was finally able to reach him by telephone.
I no longer silently delete my UCE, I _spool_ it and scan the list
periodically for filtering mistakes. I learned my lesson through a
frightful scare: Had Udo passed away in that interim, I would have
never forgiven myself.
What comes next? Will canada.com quietly reject incoming email
containing explicit sexual material (such as "SusSEX DRIVE" ;) or
which criticizes US foreign policy ... or CanWest? Perhaps you will
quietly BCC all "suspicious" patterns (like Arabic names) to CSIS?
That canada.com is scanning my email at all makes me queasy. Isn't it
a violation of my basic right of privacy? Do you also search the
pockets and purses of all employees and public visitors? Such
policies, where they must exist, should be made explicit.
Blind robotic censorship is precisely why canada.com is itself banned
by some networks (such as the LA Freenet who ban us all because they
believe canada.com to be a source of spam, based on triggers from
similar well-meaning but mis-guided robots).
Let us not propagate this madness. Let us allow reason to prevail.
Invasion of privacy and silent censorship is not the hallmark of a
free society and it goes against everything Can-West stands for. It's
What if you discovered BCE was silently monitoring all our telephone
office calls and disconnected (or blocking) vendors _they_ deemed
'inappropriate'? Would the National Post class this as an ethical
If you wish to be helpful, you might use your UCE filters to tag email
as suspect by inserting appropriate X- headers; you can then tell
members to filter their own email by "rejecting the X-UCE header" and
easily implement this as a switch on the server, perhaps with an
option to "filter to a folder" or to "filter to trash". In the
meantime, please (if at all possible) disable this wonton trashing of
Gary Lawrence Murphy
ps -- if your censorship policy is posted on canada.com, please let me
know; I did honestly try to find it.
FYI: from the RISKS-Digest ...
According to today's Globe, AOL's spam filters rejected e-mail sent
by Harvard's admissions department to anxious applicants. The
interesting thing is that "AOL officials could not explain" why
their servers identified these e-mail messages as spam. No
explanation, no responsibility, apparently no indication of
anything that Harvard could do to avoid the problem in the future.
Just one of those things, like the weather.
[The AOL Harvard problem was noted by quite a few RISKS readers.]
Gary Lawrence Murphy <firstname.lastname@example.org> TeleDynamics Communications Inc
Business Innovations Through Open Source Systems: http://www.teledyn.com
"Computers are useless. They can only give you answers."(Pablo Picasso)