Research or Spam?
Statement of Sam Jerrold:
|I am the system administrator responsible for several of Midwestern's web servers, including the common web server. On Friday afternoon, we received via the commweb's email address two complaints about receiving multiple copies of unsolicited email from a Midwestern student. (I later received an additional complaint, and found that another administrator had received several more).
After investigating, we determined that the student had indeed sent out a bulk mailing with almost 400 email addresses listed in the "To:" field. Some of these addresses were invalid, for example mistyping a % instead of @, or putting a period between two addresses instead of a comma. Other of the addresses were nonresponsive--for example, because out of date. Technically, this caused a difficulty because some mail servers, including ours, cannot handle that many addresses at one time. We believe our mail server went into a sort of "loop," sending out many duplicates of the same message to some people when the messages to erroneous email addresses were bounced back. (All this could have been avoided only by prior arangement with the sysadmins, or sending many individual messages. Our mail servers aren't "tuned" for mass-mailings.)
With the weekend coming, we believed this situation had to be resolved immediately. We took action to break the "loop" by removing all as yet unsent copies of the email from the queue. We further made a determination that the mass emailing constituted "spam," and thus violated University policy:
Network users are responsible for: using the network in ways that do not interfere with or disrupt the normal operation of the system;University policy further provides for the commweb server:
You may not use other forms of Internet communication in ways which are invasive and waste other people's resources. This distinction is fundamental to the ethics of "netiquette": it's not what you have to say, so much as how and where you say it.
If you list your commweb web page address in messages associated with some form of net abuse, illegal activity, or violation of University policies, it will be treated as a violation of commweb policies.Pursuant to this policy, we blocked access to the student's webpage. We immediately sent an email message to the student informing him that he had violated NU policies and that his web access was denied.
The commweb logs showed that about 93 people accessed the webpage before it was shut down, and 41 people were denied access after the pages had been deactivated.
The commweb policy I quoted above was written with the intention for providing some consequences for other forms of net abuse, to discourage people from trying to exploit spamming in an indirect way. I get spams every week which use Internet provider X, to promote a web page on Internet provider Y. We wanted to make clear that the consequences of net abuse go beyond a particular communications media or ISP, and that commweb would not serve as a contact point for people engaged in unsolicted mass-mailing or other net abuse. The idea of people doing this sort of "survey" wasn't considered in writing the policy; but when the complaints came in, it seemed to apply. This isn't about what one is saying, but how one says it. Calling something "research" doesn't make me apply a totally different yardstick than for other kinds of net usage. In my opinion, therefore, the student should be subject to a three month suspension of all MU network privileges, including email account and commweb access.
Copyright © 2002 Jean Goodwin|
Last updated 4 September 2002