Project 3: A policy framework and initiatives for dealing with SPAM

The aim of this project is to study the problem of SPAM and produce a policy framework for dealing with it. SPAM is defined as the unsolicited E-Mailing of any message, often with the intent to deceive the recipient as to the origin of the message. It is widely acknowledged that one of the biggest problems facing the World Wide Web (and it potential for socio-economic development) is the huge volumes of spam that are consuming network resources at the expense of legitimate traffic. One of the problems in controlling spam is that there is no internationally accepted policy and legal framework for dealing with spam. Attempts by countries in Europe and the USA to deal with spam have made developing countries targets for spammers. Many of these now operate out of these countries to avoid prosecution. The project will also develop a policy framework and guidelines for adoption by developing countries. The project will aim to build an international coalition of developing countries (initially in Africa ) against spam with the intent to harmonize international agreements and laws. One way to achieve this harmonization might be to reward developing countries for reduced spam traffic with investment in telecommunication infrastructure.

This project will consist of three components or sub-projects: a research project, a case study and an action project. We will describe these in more detail.
     
     
Project 3.1: Researching the problem of SPAM and the major challenges for socio-economic development in Africa

Much work has been done on SPAM especially in the advanced economies, and different countries including the UK and the USA have congressional acts and parliamentary directives specifically devoted to combating SPAM. In the USA , the Controlling the Assault of Non-Solicited Pornography and Marketing Act of 2003 (CAN-SPAM Act) came into effect on January 1, 2004 . The European parliament on 20 May 1997 issued Directive 97/7/EC that deals primarily with issues of unauthorized mails between its member countries and several EU countries have adopted a version of this directive. In developing countries, especially in Africa , such laws, which arise as a result of a prior investigation of the nature of the problem of SPAM and its implications for e-commerce, are not present. This phase of the project will, therefore, be devoted to gaining a thorough understanding of the nature of SPAM in Africa . More specifically this project will attempt to study:

  • who are the key actors (perpetrators and victims)
  • how to engage them (tracing and identifying the Spammer)
  • what resources are available
  • what structures and laws currently exist that can be adapted to tackle SPAM (nationally and within regional bodies like ECOWAS, SADC etc)
  • what institutions/structures are necessary to tackle SPAM (Laws and Acts of Parliament and the development of a SPAM database)
  • how to develop a legal framework for the enforcement of laws and Acts and the prosecution of spammers
  • Public awareness campaign to educate people on the menace of SPAM
  • A system of reward to encourage informants who can provide high value information to catch spammers

This project will provide answers to these questions. To instantiate this, a research project will be launched at the regional level within the identified regional sectors discussed above. This will culminate in a continent-wide stakeholder meeting on SPAM, its implications for socio-economic development and approaches to tackling the problem in Africa .

The project will consist of the following phases:

Phase 1: Collecting information

In this phase information will be collected starting with a number of known stakeholders such as:

  • Local and international Internet Service Providers (ISPs)
  • Local and international Email Service Providers (ESPs)
  • Local and international Spam fighting organizations
  • Local and international law enforcement agencies
  • Local and international legal practitioners with anti-spam litigation experience
  • National government agencies on SPAM in Africa
  • National government agencies on SPAM in Europe and the USA
  • AU parliamentary committees on e-commerce (or similar)
  • Academics and researchers on SPAM, computer network security etc
  • Private corporate entities such as Banks
  • General public

Information-gathering techniques will include contacting each of these organizations with the intention to:

  • Identify other relevant stakeholders
  • Collect information about existing projects or initiatives
  • Collect information about existing resources
  • Identify key issues that will enable/constrain the building of an international coalition against Spam

The process of collecting data will continue until no new information emerges

Phase 2: Analysis of information

In this phase the data collected will be organized and analyzed in order to develop a map of all the major actors involved in fighting spam in Africa as well as a map of all the relevant issues identified. The analysis will produce a draft document that will serve as an input to project 3.3.

Phase 3: The production and dissemination of output

Phase 3 of this project will involve the following:

  • A workshop where the draft document will be discussed and where the major actors can be mobilized for project 3.3
  • The creation of a website (with a online database) where relevant information on spam can be disseminated
  • The creation of a report that can become the basis for seeking funding for the project 3.3 below
 
 
Project 3.2: A Case Study: The Nigerian Cyber Crime Working Group

Nigerian Cyber crime can be defined as Computer-aided crime originating from Nigeria . It consists of 3 parts:

  • Computer-aided crimes committed by Nigerians internationally
  • Non-Nigerian computer-aided crime giving the semblance of a “Nigerian” origin
  • Crimes committed against Nigerian information and telecommunications assets

Nigerian Cyber crime can be explained in terms of the following statistics:

  • Annual global loss of $1.5 billion in 2002
  • 6% of global Internet spam in 2004
  • 15.5% of total reported FBI fraud in 2001
  • Highest median loss of all FBI Internet fraud of $5,575
  • Verisign, Inc., ranked Nigeria 3rd in total number of Internet
  • fraud transactions, accounting for 4.81% of global Internet fraud
  • American National Fraud Information Centre reported Nigerian money offers as the fastest growing online scam, up 900% in 2001
  • American National Fraud Information Centre also ranked Nigerian money offer as 3rd largest Internet fraud in 2002, at 4% Nigerian Cyber crime impact per capita is exceptionally high.

Nigerian Cyber crime has the potential to impact technology growth which is a key requirement for productivity improvement, and ultimately for socio-economic growth because:

  • International financial institutions now view paper-based Nigerian financial instruments with scepticism. Nigerian bank drafts and checks are not viable international financial instruments.
  • Nigerian ISPs and email providers are already being black-listed in e-mail blocking blacklist systems across the Internet.
  • Some companies are blocking entire Internet network segments and traffic that originate from Nigeria.
  • Newer and more sophisticated technologies are emerging that will make it easier to discriminate and isolate Nigerian e-mail traffic.
  • Key national infrastructure and information security assets are likely to be damaged by hostile and fraudulent unauthorized use.

To combat some of these problems, The Nigerian Cyber crime Project was launched with the aim of ensuring the security of Computer Systems and Networks and the protection of Critical ICT infrastructure in Nigeria

The Nigerian Cyber crime Project Background - A Presidential Committee on Cyber crime was instituted to examine the problem of Cyber crime in Nigeria and what can be done to tackle this problem. This committee came up with a report that recommended the creation of a legal and institutional framework for Cyber crime in Nigeria . Central to this report is the creation of a central agency to enforce Cyber crime laws. This led to the creation of the Nigerian Cyber crime Working Group (NCWG).

The NCWG is an Inter-Agency body made up of all key law enforcement, security, intelligence and ICT Agencies of government, plus major private organizations in the ICT sector. Some of these agencies include the Economic and Financial Crimes Commission (EFCC), Nigeria Police Force (NPF); the National Security Adviser (NSA), the Nigerian Communications Commission (NCC); Department of State Services (DSS); National Intelligence Agency (NIA); Nigeria Computer Society (NCS); Nigeria Internet Group (NIG); Internet Services Providers' Association of Nigeria (ISPAN); National Information Technology Development Agency (NITDA), and Individual citizen representing public interest. The working group has 2 Chairpersons and one Coordinator.

The duties of the Working Group includes: Engaging in public enlightenment programs, building institutional consensus amongst existing agencies, providing technical assistance to the National Assembly on Cyber crime and in the Drafting of the Cyber crime act; laying the groundwork for a Cyber crime Agency that will eventually emerge to take charge of fighting Cyber crime in Nigeria. In addition, the working group is tasked with the responsibility of working with global Cyber crime enforcement agencies in the USA , the UK and other countries who are at fore-front of fighting Cyber crime.
 
 
Project 3.3: Building a regional policy framework for controlling SPAM

The aim of this project is to build a regional coalition against spam with the intent to harmonize both regional and international agreements and laws. The outcome of the project would be a multi-layered policy framework for dealing with spam. The layers of this framework will include:

  • Political - a regional anti-Spam legislation or Law and methods of enforcement
  • Social – Conducting public education/awareness campaigns to publicize Spam and its effects; develop guidelines for, and educate, owners of cyber cafes and business centers used by spammers to create and send mails
  • Economic – developing a reward system to improve enforcement of the law or acts; identifying potential informants who could identify those who violate anti-spam laws; determining incentives that can likely influence potential informants decision to high-quality information
  • Technical – Preventive technical controls; Detective technical controls; Corrective technical controls (i.e. developing a Spam database where victims can forward Spam emails; developing a website for the collection of information on Spam)
  • Organizational – Establishing multi regional agencies or taskforces to tackle Spam; agencies will be charged with the responsibilities of collecting and processing information on Spam and storing them in the Spam database; agencies will be charged with the responsibility of analyzing these Spam emails to determine, amongst other things, the content, volume and type of these emails.

The project will attempt to learn from examples of dealing with spam in Europe and the USA and incorporate such knowledge into the current project.

 

Back to Top

About WITFOR 2005 - Themes/Commissions - Programme - Partners/Sponsors - Participants List - Registration - About Botswana - Accommodation - Press Room - FAQs - Contact Us - Links

© WITFOR 2005 - Website Design and Development by MindQ
Disclaimer


Read More...
 

Co-Chairs
Reports
Case Study
Projects
Project 1
Project 2
Project 3
Research
Papers
Commissions Thematic Meetings
Programme Slot Explained
Links