How long can ISPs ignore spam?

Fraud and spam are the two great evils of the internet, so it would be reassuring to know that network operators and service providers are trying hard to protect their customers from them. I say “would be” reassuring, because there is precious little evidence to suggest that the providers are bothering.

The reality is that most of their current effort is spent providing customers with ever cheaper broadband services in order to boost subscriber numbers, or else devising new applications and services that we might be tempted to buy at extra cost.

That may soon change, at least when it comes to certain types of fraud. However, it has taken strong-arm tactics from the Independent Committee for the Supervision of Standards of Telephone Information Services (Icstis) to encourage operators to take any responsibility for the way their internet services are used, or misused as the case may be.

Icstis is the regulatory body for all premium rate telephone services in the UK, and it is particularly concerned about the problems encountered by dial-up internet users who have been defrauded out of hundreds of pounds of their hard-earned money by “rogue dialler” scams.

Icstis’ code of practice, scheduled to come into force in September, is designed to bully operators into cleaning up their act and perform due diligence on their own contractors and the merchants who offer services via their networks. The goal is to ensure that none of them is a wrong ’un dedicated to ripping off the rest of us.

Icstis has also made noises about making sure that operators don’t charge extra for downloaded content in the future – particularly relevant given the coming shift to converged services that bundle entertainment with voice and data packages.

But what, if anything, can be done about the ISPs who are holding up their hands and bleating “Nothing to do with me, Guv,” when it comes to the avalanches of spam that traverse their networks to clog our inboxes every day? And this while simultaneously stripping every feature that even smacks of value-add out of their services and pushing the use of PC-based anti-spam solutions to do the job they could do much more effectively within their own networks.

The simple reason behind the consistent negligence is money, as ISPs are keen to maximise their profits by minimising their operating costs. Implementing anti-spam measures tends to be expensive, because of the complexities involved in identifying and separating email from other forms of traffic, before delving into its content to ascertain whether or not it contains anything untoward.

One way round this would be for service providers to build the necessary security into their infrastructure, then pass on some, or all, of the cost of doing so to end-users. Which means that we all might have to pay a couple of extra quid a month to rid ourselves of unwanted messages, without having to run a piece of cumbersome client software on our PCs 24 hours a day.

Bargain.