Roland Turner

about | contact

Rao and Reiley’s “The Economics of Spam” grossly understates the economic costs of spam.

Spam costs society at least twice the $20 billion/year that the authors estimate, and probably a great more than that. Their paper is well argued and mostly well researched, however they do make one peculiar and wholly unsupported assertion

False positives … are … so rare that we ignore them in this estimate

which falls down on at least two fronts:

  • false-positive errors (legitimate messages not reaching inboxes) occur at a rate of the same order as that at which false-negative errors (spam reaching inboxes) do, and
  • false-positive errors inflict more variable, and typically far higher, costs than false-negative errors do.

As part of my work with TrustSphere I’ve been involved in the analysis of email security systems from most vendors and the review of those systems’ assessments of around half a billion messages received by a variety of customer types located in multiple regions and have observed that false-positive errors occur at similar rates in all cases. The consequences of a single false-positive error range from “no impact” through time wasted searching spam folders/quarantines all the way to compliance failures, lost sales, missed deadlines/appointments, loss of trust in an organisation and its infrastructure, angry customers, supply chain disruptions, etc.

Inconveniently, TrustSphere has not yet published its findings in a peer-reviewed journal. Things to look forward to…

(thanks and thanks)

Further thoughts:

(Cross-posted in Lost in Reception)