July 13, 2004

Phishing For Bandaids

Last year the U.S. Congress outlawed spam. Of course, the actual legislation was so weak, and covered only American firms, that it was doomed from the start and has done nothing to stop the torrent of unsolicited commercial email.

Now legislators want to make it a crime to engage in "phishing." This is the use of chameleon-like emails, typically made to look as if they originate from a bank, PayPal, eBay or some other financial-related institution, to entice folks to part with sensitive personally identifiable information, like passwords and account numbers. Senate Bill Targets "Phishers" [TechNews.com].

The new bill is a charade. Pfishing is fraud, which is already a civil tort and a crime under both federal and state law. Adding a specific statute ciminalizing this behavior will do nothing to stop it and will not protect consumers who are too stupid to protect themselves. It's grandstanding of the worst sort, because it won't stop the abuses one iota. And don't even get me started on the United Nations' recent declaration of a two-year "war against spam." Worse than empty words.

 Posted by glenn

Comments