Congress passing the Can Spam Act of 2003 is tantamount to ‘Christmas come early’ for
spammers, according to industry watchers.
The legislation, which President Bush has promised to sign, establishes the first national
standards for commercial email and charges the Federal Trade Commission (FTC) with enforcing
the Act.
But don’t expect less spam in your inboxes or clogging up your bandwidth.
The Act permits the sending of unsolicited commercial email as long as the email contains an
opt-out option, a working return email address, and a valid subject line.
”This is a pretty bad bill,” says Ray Everett-Church, chief privacy officer of the
ePrivacy Group. ”It fails to tell people not to spam. It actually legitimizes most forms of
spam provided that you don’t lie about the origins of the email and you don’t lie about
taking people off lists. Don’t lie and you can spam. That’s a pretty low threshold.”
Everett-Church says he not only doesn’t think people will see less spam because of this Act,
he actually thinks there will be more spam.
Legitimate companies sending out marketing material most likely don’t lie about who they are
and they already include an opt-out mechanism in their emails. Rogue spammers, many of whom
are outside U.S. borders, don’t much care about breaking a law about lying.
”This legitimizes spam,” says Everett-Church. ”This piece of legislation is telling
people that as long as they don’t lie, spam is all right… Today, the biggest problem is
indeed coming from folks who are operating on the fringes of legality. This bill gives them
legal cover. If they don’t lie, their email can be treated as legitimate and legal. And this
gives legitimate companies legal cover, enabling them to do what only the herbal viagra
dealers have been doing.”
Sen. Charles Schumer, D.-N.Y, a supporter of the legislation, points to reports that say 250
spammers are responsible for 90 percent of the email being sent. ”With this bill, Congress
is saying that if you are a spammer, you can wind up in the slammer,” says Schumer, as
reported in Internetnews. ”And we are saying to those 250, no matter where you are,
or how you try to hide your spam, we will find you. This bill gives the FTC and the Justice
Department the tools to go after you.”
However, Jesse Dougherty, director of development at Sophos, Inc., an anti-virus and
anti-spam company, says the Can Spam Act doesn’t have any teeth to use to snap at these
spammers.
”This doesn’t add any enforcement or recourse for the individual,” says Dougherty, who
works for Sophos Canada, the arm of the company that develops anti-spam and messaging
products. ”It may allow some large ISPs to make an example of a few by tripping them up on
the part about not lying… But it redefines spam so that a fairly large amount of what
bothers you in your in box won’t be illegal.”
Sara Radicati, president and CEO of industry analysts The Radicati Group, says legitimizing
spam will only make the matter worse.
”The worst spam is being sent from offshore,” says Radicati. ”It’s malicious and there’s
tons of it. The bill doesn’t even begin to deal with this larger, more disruptive aspect of
spam… This is going to have absolutely no effect on the most disruptive, the most
offensive, the most hard to deal with spam.”