RealTime IT News

States Tackle Unsavory E-Mails

Moving ahead with a program the feds didn't want to touch, Michigan and Utah are will have e-mail registries to protect children from unsavory content.

The "Child Protection Registry" is a database containing the e-mail addresses that children use or have access to that will soon be off limits to e-mail senders pitching deals on everything from pornography to gambling to firearms.

That means that in addition to fly-by-night spamming campaigns, legitimate e-mail senders like Wal-Mart , the National Rifle Association (NRA) or even Playboy are going to have to make sure their newsletters don't get into inboxes accessible by minors.

The service is available to both parents and school administrators in Michigan and Utah, the first states in the union to move forward with the registries. Michigan opened its registry to the public July 1 and Utah's went live Friday.

E-mail senders have until next month to ensure their operations take Utah and Michigan into account. Sender compliance in Michigan is effective Aug. 1, while Utah starts enforcing its protected e-mail addresses Aug. 15.

Anne Mitchell, president and CEO of the Institute for Spam and Internet Public Policy (ISIPP), said it doesn't matter what e-mail senders think of the laws in the two states that now make the registries a reality.

It's critical to understand, she said, that this law is not a measure to protect people from spam but an effort by state legislators to keep unwanted material out of the hands of children.

"Their intent was to force online merchants to sort of clean up their act and tow the line in the same way that bricks-and-mortar merchants have had to in terms of their advertising models and whether they target minors," Mitchell said.

Under Utah law, an e-mail sent to an address that's been in the registry 30 days is subject to fines between $1,000 and $5,000 for each offense; what's more, the law opens the sender to civil suits from the attorney general's office, ISPs and parents.

It's similar to Michigan's law, where the price for failing to keep registered names off e-mail campaigns is criminal fines up to $30,000 and up to three years in jail; a civil suit could cost e-mail senders up to $250,000 a day.

Michigan and Utah are treading in waters the federal government has been loathe to enter.

The Federal Trade Commission (FTC) last year concluded that a national "Do Not E-Mail" registry would actually make it easier for spammers to target confirmed e-mail accounts and result in even more spam.

The FTC conducted the report as part of the legislation enacted in the CAN-SPAM Act, the United States attempt to curb spam.

But where the FTC said there were no means to protect end users from having their e-mail addresses protected in a registry, software is providing limited protections.

Both states will have tools in August for e-mail senders to "scrub" their distribution lists of e-mail addresses found in their respective registries without displaying the addresses they removed.

E-mail service providers and approved senders will have direct access to the registry with an API that the two states will also make available in August.

While it doesn't prevent an e-mail sender from comparing the scrubbed list against a copy of the un-scrubbed list and finding out the e-mail addresses in the registry, legislators are hoping the economics of doing so will prove to be too expensive.

Michigan will charge .007 cents for every e-mail address checked each time it's run through the registry, while Utah will charge .005 cents. That might not seem like much taken individually but many spam e-mail distribution lists normally run in the millions, so a list with 5 million names on it would run the spammer $35,000 in Michigan and $25,000 in Utah.

For more information, the Michigan registry can be found here, while the Utah site can be reached here.