email-in-trash

With the aggressive pace of technological change and the onslaught of news regarding data breaches, cyber-attacks, and technological threats to privacy and security, it is easy to assume these are fundamentally new threats. The pace of technological change is slower than it feels, and many seemingly new categories of threats have actually been with us longer than we remember. Nervous System is a monthly blog that approaches issues of data privacy and cybersecurity from the context of history—to look to the past for clues about how to interpret the present and prepare for the future.

 

Spam—unsolicited commercial email—makes up a staggering 53.5 percent of email traffic. This is down from an even more staggering peak of 90 percent in 2009. Spam is not just the greasy junk clogging the arteries of the Internet, but a legacy left over from the birth of the Internet. The first spam message was sent decades before most Americans had even heard of “email.” It happened on May 3, 1978, when Gary Thuerk earned a rather ignominious place in history.

Thuerk's company, Digital Equipment Corp., made computers. The company was based in Boston and had a customer base largely concentrated on the East Coast. Eager to find a way to reach West Coast prospects, Thuerk realized he had an easy, instantaneous connection in place to contact a nationwide network of computer enthusiasts. It was just a question of how to leverage it.

The US Department of Defense had established the Advanced Research Projects Agency Network (ARPANet) project in the late 1960s to connect geographically diverse researchers. The ARPANet was a precursor to the Internet in several ways, including its use of packet-switching technology and TCP/IP connection protocols.

Although the idea of a printed directory of all Internet users would be laughable today, the ARPANet was a government-funded initiative intended to foster communication between researchers, and as such there was in fact a printed directory of its users and their email addresses. Perhaps naively, Thuerk thought his fellow ARPANeters would think it was “cool” that his business had integrated ARPANet support into their systems. He tasked his project manager with manually transcribing approximately four hundred email addresses, selected on the basis of representing West Coast-based targets.

Meanwhile, Thuerk wrote the text of his message. The email advertised upcoming product demonstrations for the DECSYSTEM-2020, -2020T, -2060, and -2060T computers to be held in San Mateo, California, and at Los Angeles International Airport. Prefiguring the distinctive, annoying style of the spam it would breed, the message was a rambling, poorly worded splatter of all-capital letters.

By all commercial measures, the ad worked. The two product demonstrations led to over $12 million in sales. The email had been sent to 397 ARPANet recipients, many of whom forwarded the message to contacts of their own choosing. Thuerk estimated that about 40 people came to the demonstrations, making for an approximate 10 percent response rate.

By all social measures, however, the ad was a vexation. The US Defense Communications Agency called to complain. Major Raymond Czahor, chief of the ARPAnet Management Branch, scolded, “This was a flagrant violation of the use of Arpanet as the network is to be used for official US Government business only!” The organizations involved in the ARPANet took steps to ban such activity. Thuerk was made to promise he would never do it again.

The main barrier to the widespread commercial exploitation of spam emails and messages had been cultural norms, informally enforced by the users of online services. A little over a decade after Thuerk's tentative violation of those cultural norms, a pair of immigration lawyers in Arizona enthusiastically and shamelessly embraced spamming.

On April 12, 1994, attorneys Laurence Canter and Martha Siegel posted an advertisement to the online bulletin board network Usenet. The “Green Card Lottery—Final One?” ad offered their services to handle the paperwork for aspiring immigrants seeking to enter the so-called “Green Card Lottery.” (The “paperwork” consisted of simply mailing a postcard to a specific government address.) In an aggressive disregard of Usenet conventions, they posted this message separately to over 5,500 newsgroups, in such a way that Usenet readers would be forced to encounter the same message over and over again.

The Usenet community had begun using the term “spam” to refer to unwanted data clogging up its newsgroups. The previous year, a Usenet administrator had accidentally posted two hundred duplicates of the same email to a single newsgroup as a technical error and referred to his mistake as “spam.” The term was an in-joke for fans of Monty Python, referencing a sketch in which a restaurant's menu was overrun with Hormel's canned meat product, and the waitress' endless repetition of the word “spam” quickly drowned out all other attempts at conversation.

Canter and Siegel discovered, as Thuerk had before them, that despite the hate it inspired, their notorious “Green Card Spam” was especially effective. In a December 1994 interview, they claimed to have netted a thousand new clients. Where Thuerk accepted his reprimand with contrition, Canter and Siegel defiantly established themselves as “spammers for hire” and wrote a book on Internet marketing, How to Make a Fortune on the Information Superhighway.

Canter and Siegel's internet service provider was overwhelmed by consumer complaints about the “Green Card Spam.” After days of downtime thanks to the overtaxed servers, the exasperated provider sent Canter and Siegel a cease-and-desist letter. Meanwhile, Usenet users started developing software to find and delete the offending ad from the various message boards. The Tennessee Supreme Court disbarred Canter in response to his “egregious” email marketing.

As satisfying as these sanctions might have been to Canter and Siegel's critics, the future of spam was no longer simply a question of how these two people chose to promote themselves. Email and online communications would be engulfed by commercials from that moment onward.

David Kalat is Director, Global Investigations + Strategic Intelligence at Berkeley Research Group. David is a computer forensic investigator and e-discovery project manager. Disclaimer for commentary: The views and opinions expressed in this article are those of the author and do not necessarily reflect the opinions, position, or policy of Berkeley Research Group, LLC or its other employees and affiliates.