Jay Fink is a spam investigator, recently featured in the news for an interesting (and frustrating) reason: The state of California, specifically the California Bureau of Security and Investigative Services, alleged that Jay wasn't qualified to be a spam investigator, because he wasn't a licensed private investigator. A license that would have taken 6,000 hours of potential apprenticeship to obtain.
Thankfully, with the help of libertarian public interest law firm Institute for Justice, Jay was able to get the state of California to reconsider its position and Jay is now free to proceed in his chosen vocation as spam investigator, no longer facing allegations of non-compliance with the state's licensing requirements.
Does this whole issue sound crazy to you? It does to me. Why should it take a PI license to be able to professionally review and interpret email headers?
I got my start in this crazy world of email deliverability via something akin to spam investigation myself; reviewing headers, tracing IP addresses, looking up domain ownership and DNS info, and even putting together lists of IPs and domains engaged in bad practices, enabling other email administrators to reject unwanted mail similar to what I had received. There was no licensing agency involved.
But that was a long time ago; before the rise of spam filtering engines, IP and domain reputation tracking, spamtrap networks, CAN-SPAM, feedback loops, and all the other bits and bobs that go into spam filtering nowadays; the automation, laws and mechanisms that replaced the hobbyist efforts some of us were utilizing back in 1998.
So it's true, perhaps, that I know what would have constituted a spam investigator back in 1998, but I have very little idea about what that actually means today, in 2024.
Thankfully, Jay has agreed to sit down and chat with me, and share with you, what it's like to be a spam investigator.
Jay, thanks so much for taking the time to answer my questions! I usually kick these things off by asking people how they got started in email, anti-spam, spam fighting or in this case, spam investigating. What in your career path led you to becoming a spam investigator? Did you have a background in email, deliverability, spam fighting, or some other facet of IT that led to you becoming annoyed by the junk sneaking through spam filters?
Thanks for inviting me. In 2005 I helped to invent an email system that prevented spam from coming to you, in 3 years of using our product, I never received 1 spam. We were blocking hundreds of thousands of spams at the server level. We had to keep adding more servers, which became costly, so eventually we ran out of money, and had to close. After that experience I went back to using my Yahoo account, it quickly grew to over 20,000 spams, so I decided to go after spammers.
What does it actually mean for you to be a spam investigator? What kind of client would typically hire you and what would they be looking for you to do for them?
My business was built on satisfied customers, who in turn referred me to their friends and family. When a potential client contacted me, I would review their account and see if they had actionable spam. The clients had purposes in mind, to help get rid of spam, and also to receive compensation for the spam that they were receiving.
Do you have a website or other contact information that you'd like to share with folks looking to chat about hiring you for help with a spam investigation?
Unfortunately I have to start my business almost from scratch, because of what the State of California did to me. I lost all my clients and some of the people who helped me with the business. I can be reached at jaystheone44@gmail.com.
Do you want to add anything about the California PI court win, or how you're moving on from that, and what it's like to get back to work now that this is behind you?
I just thank God for the Institute for Justice, especially my lawyers Andrew Ward and Dylan Moore. The whole team at Institute for Justice, were so supportive and professional. Without their help, I was looking at well over $100.000, in legal bills. I'm still back to work, I'm trying to find lawyers that I can refer clients to.
Should email marketers be afraid of you and what you're helping people do? It seems to me that folks following legal requirements and permission best practices probably aren't likely to run afoul of legal issues for sending email. But that's certainly an assumption on my part. What do you think?
Email marketers only need to follow the laws. Unfortunately I have had clients receive 1000's of spams from the same spammer. I believe in proper marketing, when you break the laws, it's unfair competition to your competitors.
Are your investigation efforts focusing specifically on violations of California law, or are the scenarios where other state laws (or CAN-SPAM, the US federal law) might come into play?
I only have clients from California. To go after CAN-SPAM violations, you have to be either an attorney general, or an internet service provider (ISP).
It seems as though dealing with spam takes a village. There are industry groups like M3AAWG working to set best practices and trying to nudge the industry away from bad practices, there are mailbox providers like Yahoo and Google setting specific barriers to entry for email marketers to help keep their users happy (and as spam free as possible), and there are potential opportunities to take action against spam senders under various laws, perhaps most notably CAN-SPAM. But enforcement actions and CAN-SPAM lawsuits are so few and far between. And so I wonder if you see yourself as part of filling the gap when it comes to legal action over unsolicited or legally noncompliant email marketing. Do you think there's a gap there in that the FTC and/or internet service providers should be taking more legal action against bad senders?
I believe I'm filling a gap. I believe the email providers need to do a better job of stopping spam from reaching their users. Plus they should seek legal action against the bad actors.
And finally, if there's one (or more) pieces of advice, guidance or warning you'd like to give to email marketers, what would that be?
Follow the laws, and send relevant information, and don't use scare tactics, like for example, "your computer has 723 viruses."
Jay, thanks so much for taking the time to share your thoughts and expertise with us today! I appreciate what you're doing and I think that you perform a valuable and necessary service alongside so many other folks trying to address the problem of spam.
Want to read more about Jay's legal saga? Here's John Levine's initial report on the topic from January 2024 for CircleID, and here's the initial announcement of Institute for Justice's filing on Jay's behalf, and their announcement of success in their saga to get the state to let Jay continue to investigate spam.
1
Comments
My entire career, Al... Everything since 1995... based on a lie! Entirely illegal in the state of California this whole time.
ReplyDeleteI'm glad this worked out for Jay, but wow.