Web3 and Crypto as the Anti-Spam, or Phishing with Nigerian Princes
How spam and phishing destroy the openness of the WWW, and the rise of blockchain as an unlikely hero.
Hello, and welcome to this first post in The Human Ingenuity Feed.
Pull up a chair; warm your hands by the fire. Here’s a glass of red wine.
I have a question for you.
Yes, you.
How many Nigerian princes, devastated widows, and Ukrainian refugees have you had in your inbox in the last few years?
Months?
Days?
Close your eyes and try to remember: how many fake Instagram accounts added you to strange groups of users, peddling a product or a certain type of account? What riches have been promised to you by any number of "VITALIK.ETH" Twitter impersonators?
Let me guess. Hundreds?
Spam is one of the niftiest, most prevalent abuses of the Internet’s openness. Especially since it has mostly evolved into phishing - attempts at stealing your personal information or financial credentials.
The World Wide Web wasn't supposed to be like this.
The Internet was - is intended - to be a place about freedom of expression and learning, cultural exchange and light-speed communication between human beings. Yet some would have it be a weaponized medium instead - a free-for-all where even the shortest moment of inattention can result in your privacy being breached and your identity stolen.
And that's when there isn't a daring scheme to take your hard-earned money: that medium of exchange for which you've lost time, sweat, and tears for in your search of a better life for yourself and those you care about.
Digital spam may have begun with emails, but it's since extended its tendrils throughout fake social media profiles, websites, and likely through every digital domain.
And there's a real cost to spam. The tech ecosystem spends millions of dollars every year to update their spam detection technology; it impacts businesses' operational profits to the tune of 20 billion dollars per year (worldwide); and there's also an energy and carbon footprint cost to every spam email that's sent.
It's estimated that a typical spam email produces around 0.3 grams of C02. Out of the average 194 billion emails sent on a daily basis (as reported by Statista), 164 billion of them (84%!) are spam. This leads to a figure of 492,000 tonnes of CO2 emissions daily for spam emails alone - and a staggering 179,580,000 tonnes of emitted CO2 yearly (around 0,5% of humanity’s yearly CO2 emissions).
Another way to look at this is to consider that the average European's yearly carbon footprint stands at around 8,2 tonnes; we're basically dealing with the environmental costs of an additional ~22 million Europeans - every year.
That's twice the population of Portugal.
We should also not forget how we lose invaluable seconds of our time (sometimes minutes a day, hours a year) trying to separate wheat from chaff.
Wouldn't you rather be doing something else other than filtering your spam folder?
A large part of this spam/phishing issue stems from cost - or the lack of it, to be precise. There's no impactful, added cost in creating fake email accounts, or sending a billion fake emails throughout the wires and waves that keep the Internet together.
Today, any kid with a laptop can easily buy a script that will automate all of this. And any user that falls for it means profit in one way or another: whether by stealing credit card details; convincing users to pay a commission to liberate a nebulous, withheld fortune that's floating in the amorphous space of bureaucracy; or just by reselling any data you provide.
Their weapon of choice, simply put, is scale: the chances of someone falling for a scam increase slowly just as the number of users exposed to scam emails does.
So cost is a big part of the issue. Does it mean we should pay for every email we write?
Well, yes; but stay with me here. I promise I don't actually want you to pay for every email you send: an open, free, democratic Internet is a necessity. I'm in the field of those who believe it should be a fundamental human right.
But what if we had a way to add cost to these bad actors' operations? Some kind of mechanism that forces them to have skin in the game? That could turn their scaling advantage into a disadvantage?
Enter Web3 and cryptocurrencies.
Imagine a system where your email account (and that of spammers) is linked to a cryptocurrency wallet. Bitcoin, Ethereum, Algorand… You get to choose which ecosystem this functionality is built on top of (some are currently better than others for that, though).
Now, consider that every time you send an email, you're not just sending an email: you're actually triggering a smart contract that removes a fraction of a cent (let's say, 0,0001€) worth of crypto from your account.
This happens every time you send an email.
Here's the beauty of Web3: your fraction of a cent doesn't have to be lost forever.
When you send it, you're locking it into a smart contract that has a specific functionality: it's able to check on the email's status.
When your email is read, it releases your 0,0001€ worth of crypto back to your wallet.
When your email is deleted, it releases your 0,0001€ too.
If your email isn't interacted with, a clock starts ticking, and after a grace period (let's say, one week), your 0,0001€ is released.
When your email is declared as spam, however, your 0,0001€ goes to (insert charitable entity of choice here).
The funds must go to a disinterested third party, so that they have no stake on what the final result of the email is. Otherwise, you might get those that would just declare an email as spam or as a phishing attempt for the fun of it - and to collect those sweet, fractional cents per click. We've seen it happen (I won’t share any links to that here, but just search for “ways to make money clicking ads” and you’ll see what I mean.)
Trust me: it's a history that would repeat itself.
Spam and phishing both work because they're relatively frictionless, have zero cost (save some fraction of time), and are easily scalable.
Multiply the €0,0001 for the 164 billion spam emails sent every day, however… And we're talking about €16,4 million daily going to the World Food Programme - directly taken from spammers.
Except we wouldn't, because once we introduce permanent loss (and friction) into a free (and frictionless) equation, the economies of scale work against the spammers, instead of in their favour.
Cool, right?
One could argue that some people might still declare certain emails as spam just for the fun of it.
Ok.
So if you know that this person didn't play by the rules, you have just lost the egregious value of 0,0001€, and can decide on whether you should keep trying to reach her, or whether you should give up on that particular contact.
There are ways to solve the privacy issues that might arise, and there's no need for the email's content to be stored on-chain. There’s no need for the smart contract’s operations to be open - they could be cryptographically secured from prying eyes. No-one - not even email providers - need to know where your emails are going to.
There are ways to add whitelists to verified institutions and businesses so they can still use email marketing campaigns without having to pay for the privilege. For example, the contract could look for a threshold for "number of emails classed as spam/phishing" originating from a given wallet, and start treating it as spam after a certain number of them.
A caveat: no current blockchain tech can handle the number of transactions per second (TPS) this system would require. At 194 billion emails per day, we’re talking about ~2,245,370 TPS. More, if you consider that the system is both handling new transactions (emails) and settling old ones (returning funds or sending them to a charity).
The reduction in spam emails due to the emerging cost would reduce the number of transactions, but this would take time to materialize.
Even Algorand, today’s fastest blockchain (that I feel has mainstream adoption and tech that has proven its reliability), is only gearing up to handle around 6,000 TPS (at layer one level). That’s a far cry from the millions required. But I believe it’s only a matter of time before scaling mechanisms can be found that solve this issue.
Algorand also has the benefit of being carbon-negative, so the issue of environmental cost could be fixed as well.
It might be argued that I’m trying to shoehorn blockchain into something that has no need for it. But the fact of the matter is that there’s currently no financial operator that would allow for transactions in the order of fractions of a cent to be done in any meaningful way: they’d drown these under added-value fees and service usage costs.
Just check the amount of fees you pay in credit card operations, let alone in overseas transfers.
Perhaps this could be deployed by email providers such as Google and Microsoft. But there’s a reason the heaviest businesses and institutions take so long in adopting new technologies. And even then, we’d simply be handing added value to Big Tech corporations that already have cornered so many markets.
Do we really want to add to their profits?
Blockchain and the crypto space, on the other hand, has the potential to be much nimbler, and companies operating in this space tend to have a progressive, democratic ethos. There’s a reason crypto investors contribute more to charity than others - despite, or perhaps because, of their younger age.
Your imagination is the only limit, and Web3 has shattered many of those. A blockchain-powered email system is just one of them.
What do you say? Shall we rid the world of imaginary princes?
Keep being curious, keep thinking - and most of all, keep being human.
Best,
Francisco
Thank you for taking the time to read. As this is the first post, I’ll keep comments open to all subscribers. If you enjoyed this and would like to receive more content like it, please consider subscribing. It’s as easy (and as simple) as this:
If you can think of someone that might enjoy reading this as well, feel free to share:
This was a fantastic first release and had me reflecting on the disparate use cases for blockchain technology, particularly a system for micropayments.
The question of resolving spam in digital communications has been at the forefront of driving much of the technology in the space since the early days of the cypherpunk movement. Adam Back of Blockstream is credited with having developed the proof-of-work protocol for just this reason, to solve the issue of spam emails on the cypherpunks mailing list. Adam Back was then cited by Satoshi Nakamoto in the Bitcoin whitepaper as his proof-of-work mechanism was implemented in the Bitcoin code. It's easy to forget how nascent a technology space this is.
I do sometimes think that in attempting to solve one problem we engender another. Cryptocurrencies are often, as misguided as it is, criticized for their facilitation of laundering money. I could see that by utilizing shell companies and exploiting the selection criteria of disinterested third parties to be donated to, this system could be leveraged for just this purpose. It would permit the obfuscation of crypto payments in miniscule denominations to launder money across jurisdictional boundaries. That being said, this is a complication shared by all systems of money and not unique to blockchain or crypto, specifically. It's just an attack vector for policy makers if the second and third order effects of these technologies are not considered by their developers.
I like the idea of micropayments being utilized in value-for-value systems as we've seen arise in the podcast and newsletter writing worlds. The ability for individuals to stream or make small payments directly to producers enabling the reciprocal relationship between value producer and value seeker in a free and open market. I see this as an adaptation very similar to the model you've proposed here but with slightly different incentives.
This was an interesting and thought provoking read and I'll look forward to what's yet to come from the Human Ingenuity Feed, thank you.