The “affiliate” business model, because it so quickly creates an army of independent agents, must have seemed like a marketer’s wet dream when it was developed in the mid-nineties. Unfortunately it also provides a perfect motive and opportunity for spammers. Consider: There are an estimated 4.2 billion Web pages in Google’s database. It’s not clear how many of those pages have, say, foot-fetish images on them, but the odds must seem pretty bad amid all that competition. How can any one affiliate hope to attract any serious traffic, and make any real money? The temptation to send URLs by the million directly via email thus becomes hard to resist for less scrupulous agents.
This “affiliate spam” makes up a huge part of the growing problem of unsolicited commercial email. Most spam that includes links to Web sites offering porn, Viagra, or even lower mortgage rates is affiliate spam. But that doesn’t mean that businesses that use affiliates are necessarily at fault. Legitimate businesses are themselves victims of affiliate spam. Any business that uses affiliates must deal with the possibility that rogues will send out spam on their behalf, with or without their approval. They must then deal with an avalanche of complaints or take extraordinary measures to prevent spammers from taking advantage.
Even America Online, Amazon, and Yahoo have had to deal with it, and some have gone so far as to take legal action against spammers linking to their sites. At the opposite extreme, other businesses, many of them porn sites, don’t even have real affiliates: They set up fake affiliate Web pages, advertising their own pay sites, and generating spam solicitations. When they receive complaints, they deflect blame to affiliates who don’t actually exist. They may change the Web addresses, and carry on spamming. Between the two extremes is a large gray area—companies that have real affiliates but who may not screen them to weed out spammers, or who may be slow to shut down affiliate pages once complaints are posted. Some may allow spammers to operate until a critical mass of complaints is generated.
GeekTech seems to lie somewhere in this gray area. Two of the largest spam-blocking services, Spam Prevention Early Warning System (SPEWS) and Spamhaus, have amassed large, detailed files on the company, and the Usenet newsgroups devoted to identifying spammers and fighting spam contain thousands of complaints about GeekTech and its practices. Still, the company certainly has many legitimate affiliates, many of them longstanding members who don’t spam. And GeekTech is in business mainly to purvey porn, not spam.
Interpreting complaints made by antispam activists can be difficult because they tend to treat anyone accused of spamming or of supporting spam with equal amounts of seething hatred. GeekTech has sometimes been associated with the worst spammers on the Net, often based on nothing more than scurrilous rumor. Even if GeekTech is responsible for spamming, it certainly is not even close to being the worst perpetrator. But antispammers don’t care if they spread the tar and feathers a little beyond the margins of the most prolific spammers to besmirch a pornographer here or there.
Spamhaus is run by a single man named Steve Linford from his houseboat on the Thames in England. Along with his volunteer associates worldwide, Linford tracks spammers and provides network operators with a list of Internet Protocol numbers (the numeric addresses of computer servers) that can have their traffic blocked. Spamhaus estimates that just two hundred businesses are responsible for ninety percent of all spam. These are the worst of the worst—people whose sole business is spamming, who clog the Internet with billions of unwanted messages.
“We push three million emails a day,” says Bill MacLeslie, general manager of Minneapolis Internet service provider Visi.com. “About forty percent of it is spam.” Visi may be lucky: By some estimates, spam now accounts for eighty percent of all email. Like its junk-mail predecessor, spam has always been an annoyance. But over the past twenty-four months, it has reached critical mass, and the cost to legitimate business has reached the point where system administrators are demanding action. Antispammers have had some success getting strict laws passed in a few states, such as California and Washington. But borders being irrelevant on the Internet, enforcement is difficult at best, so the activists have spent several years lobbying Congress to pass a federal law that would at least make it easier to prosecute spammers operating within the United States.