SMS spam is a big problem.  Maybe not in Western regions, yet, but in countries like China, India and Vietnam, it’s such a large problem that governments are having to step in to control it.

To help out, IBM was tapped to create an anti-SMS-spam solution to help curb the massive problem in China, and was working in collaboration with China Mobile to implement the system on its network.  In doing so, IBM has opened itself up to criticism from those who feel the company is getting involved in censorship.

China Mobile, earlier this year, announced that it had started to scan every SMS sent over its network for content the government didn’t approve of.  If the government said so, a sender would be blocked from using China Mobile all together, pending a written letter promising not to ever do it again.

In its defense, IBM claims all its solution will do is identify and block large sources of SPAM SMS- not scan every single message to see if it’s in accordance with the Chinese Government’s guidelines.  It’s also relevant to note that China Mobile has some 750 million subscribers, sending an incredible amount of SMS messages at any given time.  With that much data traffic flowing through its network, controlling SPAM messages is important to controlling network bandwidth issues.

Controlling SMS spam is a growing problem that’s already making itself known worldwide, and solutions like IBM’s is only a start to help the cause.  In my mind, solutions like this aren’t censorship by any means, they’re only tools to help make the mobile ecosystem a better place for everyone.

There’s long been ambiguity surrounding the use of SMS by marketers and whether or not the sending of which is governed under the Telephone Consumer Protection Act (TCPA), which was originally enacted to watch over telephone-based solicitations.  Signed into law in 1991 before SMS was around, recent court cases have challenged whether text messaging is covered under the law.

One such recent case was in Chicago, where a class action lawsuit was filed against a web development, hosting and Internet marketing company for sending “unsolicited” SMS messages via an automatic telephone dialing system (ATDS), which the plaintiffs claim is a direct violation of TCPA laws.  The defendant in the case, Selling Source, has filed a motion to have the case dismissed pursuant to Rule 12(b)(6) of the Federal Rules of Civil Procedure, which state lawsuits with insufficient legal theories underlying their cause of action is grounds for dismissal in court.

Selling Source indicates numerous “holes” in the claims against them, citing several reasons why the sending of SMS messages is out of the scope of basic TCPA laws, and that the plaintiffs didn’t provide sufficient cause to sue in the first place.  While some deficiencies were present, the FCC had already ruled that SMS was in fact covered under TCPA laws and considered “calls” just like phone solicitations, and as such, are subject to the same regulations set forth by the TCPA.

In being covered under TCPA laws, a new court decision determined the guidelines apply even if the recipient was not charged for the “call,” which in the case of SMS messages is significant.  Since most text messages are subject to some charges, that part of the ruling will not change things for most marketers.  The bottom line, and the underlying message, is that explicit opt-ins are absolutely required for any type of SMS campaign to avoid being subject to TCPA violations in any way.  Though the ambiguity remains, it’s all but void if the right steps are taken at all times in terms of following industry best practices, guidelines and laws set forth by not only the TCPA, but the MMA and CTIA as well.

Continue Reading

Some interesting news out of Malaysia today, where government officials discussed the possibility of banning contests over SMS due to the fact they contain “elements of cheating.”

More specifically, the Malaysian government sees SMS contests as a form of gambling where “people end up as losers and the organizers rake in huge profits,” stated Deputy Minister T. Murugiah during a meeting today with so-called SMS contest victims.  ”I have received many complaints from many people who have fallen prey to these scams.”

Even winners have filed complaints with the Malaysian Public Complaint Bureau, headed up by Murugiah.  ”Winners of SMS contests are short changed,” he added.  ”They’re duped into paying more than the value of the prizes they won in the first place.”

Obviously there’s more to the story.  The article released was done so by the country’s own “Bernama,” which is the governments internally-ran “national news agency.”  If such scammy and obviously anti-regulatory contests were being permitted in the first place, it’s no wonder consumers are filing complaints.  Looks to me like a lack of regulation and oversight is to blame for allowing something like this to happen in the fist place.

There’s been numerous studies, surveys and analysis regarding consumer’s view of SMS marketing and how they respond to messages from advertisers, with most coming to the conclusion that SMS marketing is always welcomed by consumers as long as its worth their while.

A new study put out by the DMA (Direct Marketing Association) polled consumers regarding their view of SMS marketing and found that users request much more control, as well as a sense of trust from the brands that are reaching out to them.  These so-called unwritten rules of acceptable engagement via mobile was what the DMA was interested in analyzing.

Gaining a sense of control over what messages are being sent to them, and the overall integrity and trust shown by the brands are the underlying aspects consumers request, with over half of respondents feeling that companies didn’t make the opt-in process clear enough, for example.  In addition, two-thirds of respondents wanted to choose the time of day they received mobile marketing messages, while the majority of respondents didn’t even know who had contacted them.

What consumers worry about the most with regards to SMS marketing is the underlying threat of SMS spam and the mis-conceptions surrounding the practice.  While only one-third of respondents believe that they are increasingly receiving more spam, the report reveals that people are confused about the financial cost of spam. One-third of respondents believe that simply receiving a spam message will result in a charge to their mobile bill, while the same number believe that opening a spam message results in charges.

Continue Reading

Smartphone apps are getting more and more comprehensive everyday it seems, and with the advent of location-based services, mobile social networking and other genres, privacy is becoming increasingly important.

There’s been a recent surge of developers and consumers that have noticed what some apps are doing behind the scenes in terms of gathering user information- and it’s raising concerns for those who value their privacy.  A programmer recently discovered, for example, that Pre’s smartphone OS was sending users’ GPS information back to Palm, even though the company’s privacy policy revealed as much.

In addition, ReadWriteWeb is reporting that mobile analytics company Pinch Media allows developers to insert code into applications in order to create a user profile.  The information is designed to help developers, although some consider the technique invasive.  If the user profile is used with good intentions to help the app in what ever it’s supposed to accomplish, then so be it, but when that user information is used for other purposes without the user’s consent, it creates a big problem.

The regulations associated with this sort of thing are very ambiguous- app developers submitting to Apple’s App store, for example, aren’t required to reveal what types of data they’re tracking.  Also, when users consent to have their location revealed, app developers don’t necessarily have to disclose what additional data they’re tracking.

Until regulation is put in place, the only defense is to go over every single line of your TOS and privacy policy associated with any new app you think will collect sensitive user information- since almost nobody will do such a thing, we’re still at the mercy of the app developers.

At the Black Hat Security Conference that’s taking place today in Las Vegas, two security researchers are set to present on several SMS vulnerabilities that have been identified that could affect several major mobile operating systems- including Android, iPhone and Windows Mobile.

Using some sophisticated software and technical know-how, researchers are using what’s called the “Sully Fuzzing Framework” to point out any and all potential flaws and security loopholes present in various scenarios.  ”Fuzzing” is a form of automated software testing that involves entering random or unexpected data.  Crashes or unexpected behavior arising from such input can then be analyzed as a potential vulnerability.

More simply, the two researchers created a layer, called the “injector,” just above the bottom of the telephony stack that performs a “man-in-the-middle attack,” so to speak, by intercepting communication between a mobile device’s modem and multiplexer.  By doing so, the pair found several SMS flaws on both Android and iPhone platforms, with Windows Mobile still being analyzed.

In iPhone OS 2.2 and 2.2.1, they were able to crash the iPhone’s SpringBoard window management application and the iPhone’s CommCenter, which manages iPhone connectivity- the heart of network connection for the iPhone, meaning vulnerabilities could be a serious problem.

This news comes on the heels of a report that Symbian-powered smartphones are likely to be infected with malware and spyware and doesn’t speak well of the security surrounding the devices that almost everyone in the world is carrying around with them at all times.  It shows that, just like with computers, we should never keep our guard down from attacks of all kinds.  Hopefully, patches and fixes can be introduced now that the vulnerabilities have been recognized, but that only means new loopholes and attacks will be along shortly.

Earlier this week, Justin told us about the potential $90 million ruling against Simon & Schuster for sending unsolicited text messages promoting the Steven King novel Cell (which itself, ironically, is about the really, really dark side of SMS). The court decreed that the publisher violated the Telephone Consumer Protection Act (TCPA) because messages were sent through an automatic telephone dialing system. Now, legitimate mobile marketing service providers are stepping up to protect their industry–and to protect the integrity of a communication platform with which consumers really do want to be reached.

The company Ez Texting is spearheading lobbying efforts to the U.S. Federal Communications Commission, to protect mobile marketing technology companies from being sued due to the misuse of their services. It has begun an organization called the Mobile Advocacy Coalition, whose website, www.mobileac.org, includes information on how other mobile tech providers can become involved.

Ez Texting’s Shane Neman tells me: “Fax broadcasters and the [cellular] carriers have specific exemptions by the FCC as they are considered to be ‘mere conduits.’ However, SMS aggregators, providers, and software developers do not. We too are merely the technology providers, and yet still can be liable under the law because no specific exemption is exists for us.” Continue Reading