Friday, June 30, 2006

.

Congressional antispam measures

A couple of weeks ago, reports came out about antispam measures that some US legislators were taking (Washington Post, NewStandard). For years now, most (maybe all) members of Congress have refused to accept plan old email, and have only allowed "email" to be sent through their web sites. They are, it seems, still getting too much junk, and so some have started using CAPTCHAs to prevent automated submissions.

CAPTCHAs (Completely Automated Public Turing Test to Tell Computers and Humans Apart (OK, so all the T's are conflated into one; I didn't make up the term)) are those "type in the hard-to-read distorted string of random letters you see there" things that are supposed to assure them that you're human, because computers can't figure them out. Well, except there's this paper that Microsoft Research presented at last year's Conference on Email and Antispam. Anyway, the tests, described as "puzzles", that the congressional web sites are using are not "type in the letters" sorts, but require simple verbal understanding and arithmetic. "What is two plus one?", and that sort of thing.

There are two things wrong with this approach. The first is that it creates what amounts to a competency test that must be passed before you can exercise your first-amendment right to petition the government. If you don't understand English, if you're dyslexic or autistic, you might find it difficult to deal with these "puzzles".

The other is that there are legitimate reasons for automated use of these web sites. Organizations such as MoveOn and ActForChange organize campaigns and assist their subscribers in submitting their comments to the legislators. You go to their web sites, put in your name and address, and they figure out who your Senators and Congressional representative are and submit a canned or personalized message to all three on your behalf. This is a significant enabler to the exercise of first-amendment rights for many people, and it's not a good thing to shut it down.

But the legislators are complaining that there's a great deal of abuse of this facility, resulting in more illegitimate messages than legitimate ones. They say that their staffs can't keep up with the mail, and something has to be done. Their answer is to throw the baby out with the bathwater.

I have a better idea. Why not let organizations register for the use of that automated submission? MoveOn, say, would register and would get an access code, which could be entered into the web page to bypass the CAPTCHA. The access code would be recorded at the legislator's web site, and if MoveOn were to abuse it by submitting an inordinate number of inappropriate messages, its access code could be revoked.

They won't want to do that, though, because they do want to stop the legitimate use of automation. They would like to get less email from their constituents.


While we're talking about antispam and the government, I'll note this brief item from NPR's Morning Edition yesterday: "What could bring peace to Iraq? Email, maybe? In a televised speech, Iraq's Prime Minister asked insurgents to email him at a special address. He assured confidentiality. But so far, a report says, the government has gotten just two messages. There might be more if they repeated the address — but they don't want to do that. They're worried about a flood of spam."

No comments: