When a spammer is caught and convicted, how should you calculate the punishment? Here are a few factors to take into consideration:

  • These people are doing it for personal gain.
  • They need to know more about IT than the average person. To earn money from it, they probably have to know a lot more.
  • They don't care who is at the other end: Joe Sixpack, Richard Stallman, Kofi Annan, or a slum charity with dial up and a 386.

These persons are as far as I can tell willfully imposing time and money costs on other people for personal gain, and there is no reason to judge them lightly.

The cost of spam deserves its own list:

  • At the very least, software must be developed continuously to keep up with the spammers' methods. This takes time and money.
  • False negatives have to be handled by the end user, by "cleaning" the inbox, and reporting the negatives (if possible). This takes time, which often implies money.
  • False positives also have to be handled by the end user, but can have very serious effects if it's not done often and correctly.
  • The parable of the broken window applies to spam, in that it doesn't create wealth, but drains it to keep email usable.

So how do we calculate punishment for spammers? Here are my two cents: All that they ever earned by spamming, multiplied by some factor to keep it scary enough financially. On top of that, add jail time according to this simple formula:
Average time (for developers and end users) to handle one spam email times number of emails = Time in jail.

Of course, since spammers send billions of emails, jail time would probably be measured in lifetimes. But consider that we're wasting the best (or at least most productive) years of our lives handling this garbage, and that the socio-economic impact is comparable to bombing a few towns every few weeks (I'd love to see a complete cost calculation for spam, but it's probably too international and dispersed to be estimated reliably).

This post was based on the following "axioms":

  • "Spam" refers to any unsolicited email, useful only to a small minority of recipients.
  • Handling spam, like any other email, takes time.
  • Because of the sheer volume of spam vs. solicited email, it is necessary to keep the filters' efficiency high, even as spammers are developing new ways to circumvent them.
  • Spamming is not freedom of speech. They wouldn't be sent if they had a cost comparable to snail mail.