U.S. Senators Orrin G. Hatch (R.-Utah) and Patrick Leahy (D.-Ver.) have introduced legislation that would criminalize the sending of predatory and abusive spam. The bill targets spammers who hijack computer systems or use other fraudulent means to send unsolicited commercial e-mail.
The Criminal Spam Act of 2003 (S. 1293) calls for jail sentences of up to five and fines of up to $25,000 per day for spammers convicted of repeat offenses.
The bill makes it a crime to hack into a computer, or to use a computer system that the owner has made available for other purposes, as a conduit for bulk commercial e-mail. It also prohibits sending bulk commercial e-mail that either conceals the true source, destination, routing or authentication information of the e-mail, or is generated from multiple e-mail accounts or domain names that falsify the identity of the actual registrant.
The legislation also directs sentencing commissions to consider tougher penalties for offenders who obtain e-mail addresses through methods such as harvesting.
In addition, the bill authorizes the Department of Justice and Internet service providers to bring suit for violations of the Act.
“The abusive practices of fraudulent spammers threaten to choke the lifeblood of the electronic age,” Hatch, chairman of the Senate Judiciary Committee, said in a prepared statement. “This problem warrants swift but deliberative legislative action. Current federal law does not adequately address the tactics sophisticated spammers use to conceal their identities, evade Internet service provider filters, and exploit the Internet by promoting pornographic web sites, illegally pirated software, questionable health products, pyramid schemes and other ‘get rich quick’ scams.”
The legislation comes less than a week after the Senate Commerce Committee approved a bill, the Can Spam Act (S. 877), that could cost spammers who use false headers or misleading subject lines up to a year in jail and a maximum fine of $1 million.
The sponsors of the bill, Conrad Burns (R.-Mont.) and Ron Wyden (D.-Ore.) promised last Thursday that the penalties would get even tougher before the full Senate votes on the legislation.
“Without a doubt, spam is a serious problem today that is threatening to undermine the vast potential of the Internet to foster the free exchange of information and commerce,” said Leahy. “Our bill targets the four principal techniques that spammers use to evade filtering software and hide their trails. Ridding America’s inboxes of deceptively delivered spam will significantly advance our fight to clear electronic channels for legitimate communications.”
The Burns-Wyden legislation requires that commercial e-mailers use clear and conspicuous identification that the message is an advertisement or solicitation and that the e-mail contains an opt-out provision. Under the bill, unsolicited commercial e-mail must contain the valid physical address of the sender.
The bill also beefs up penalties for address harvesting and dictionary attacks, using scripts or other automated means to establish multiple electronic mail accounts to avoid detection and to knowingly relay or re-transmit an unsolicited commercial electronic message.
In a nod to Sen. Charles Schumer’s (D.-N.Y.) proposal to create a national Do-Not-Email list similar to the Federal Trade Commission’s (FTC) Do-Not-Call registry, the bill calls for the FTC to submit to Congress recommendations for a workable plan and timetable for creating a national list of consumers who want to opt out of all unsolicited commercial e-mails.
The legislation would pre-empt state anti-spam laws, but give states the right to establish tougher penalties for spammers under anti-fraud laws.