Sunday, 18 September 2011

Defeating SMS spam: Reply "stop" or just ignore it?

I've been having a bit of a debate with colleagues about what advice to offer the victims of these sneaky spam campaigns that are currently circulating. You know, the ones where the victim receives a text advising them that they have not yet claimed that money they were due for that recent accident. Or that someone was able to sort out their outstanding debts. Or that if a they took out a bank loan prior to 2007 then they were almost certainly entitled to £2900 in compensation. Well, that’s the figure they mentioned to me when they sent last Monday’s spam text.

You know the sort of people who are behind these sneaky campaigns. Blaggers and crooks. And when I use those descriptive terms I'm referring to both the people at the bottom end of the chain, those who actually send the texts, and the (probably better dressed) people at the other end of the chain, whose role it is to offer professional services to the victims who have so identified themselves by responding positively to the texts.

Some professional service. Indeed, some profession it is that condones such sharp practices.

Anyway, the big debate is all around whether potential victims should be advised to reply to this stuff with the usual stop command, or whether they should simply ignore the messages.

Every sinew in my body urges me to advise anyone so affected to reply stop. It's the universal command which responsible advertisers have been preaching for as long as I can remember.

But others in the business are suggesting something else. They feel that any response to such messages only serves to notify the sender that there is a real person at the end of this phone, and the only responsible thing to do is to ignore it. I don't have as much faith that the general public will understand such a complicated concept. How will they know how to distinguish between these sneaky messages and the standard sort of spam?

I know that, on a bad day, I'm likely to unable to tell the difference. And I also know that, even on a good day, there’s no way that someone like my mum would be able to distinguish between the good ones and the sneaky campaigns.

In my view, in instances like this we need to get the customers angry. Really angry. And I think the best way get them really angry is to encourage them to type the usual stop reply, and then they can get really miffed when the miscreants ignores them. Next, they can complain bitterly to whichever regulator wants to join in and give these bad guys a good kicking.

Depending on what professional service they are selling, it could be our chums from the Office of Fair Trading, the Ministry of Justice, the Solicitors Regulation Authority, the Direct Marketing Association, local Trading Standards officials, PhonepayPlus, Ofcom - the list could drag on for some time.

The point, I suppose, is that there are teams of good guys to go after these bad guys, once someone has worked out who they are and where they come from. So this is why I think we need some volunteers to help carry out a cunning plan. Let’s be almost as devious as them. We, the data protection professionals, should reply to these bad guys. Lets wind them up, if needs be. Let’s dream up some credible story about us being in need of their services, and then let’s lead them along, getting as much information as we can about them for the sole purpose of sneaking on them to the regulators, the next time we get spammed. Where revenge and retribution will surely follow.

I don't often condone sneaky stuff, but in cases like this, I think its worth it.