A Battle Won in the War on Spam?
Proponents hail it as a major step in the war against spam. Critics say it has no real teeth and will do nothing to reduce the amount of unsolicited email, which for some Internet users has climbed to hundreds of pieces per day. The U.S. Congress has passed the CAN-SPAM Act, and presuming the differences between the House and Senate legislation are hammered out in time and a promised presidential signature delivered, new federal antispam provisions go into effect on January 1, 2004.
The laws focus primarily on the most heinous practices of shady spammers like deceptive subject lines, lack of opt-out provisions, disguising the source of the email, and delivering pornographic materials with no warning. However, the CAN-SPAM act does little to stand in the way of legitimate business, or even a dedicated huckster willing to play by the new rules. The bill establishes its battle lines in the mission statement, "Spam has become the method of choice for those who distribute pornography, perpetrate fraudulent schemes, and introduce viruses, worms, and Trojan horses into personal and business computer systems." So long as vendors agree to provide contact information and a functional opt-out, they may continue to send dozens of advertisements per day for energy drinks, mortgages, and cell phone-booster antennas. While it will be illegal to "harvest" email addresses from third-party Web sites, buying email lists the old fashioned way is allowed.
Industry trade groups like the Direct Marketing Association have broadly celebrated the legislation, which has raised suspicions among activists that it lacks substance for those end-consumers it alleges to protect. "The law preempts stronger state laws. As a result, we'll water down protections for many Americans," says Chris Hoofnagle, associate director of the Electronic Privacy Information Center (EPIC). Unlike most state laws, including the strong opt-in measure recently passed in California. CAN-SPAM does not allow individuals to sue spammers. That right resides with ISPs, federal agencies, and state attorneys general. EPIC advocates a continuance of the varying state laws governing spam as a "laboratory" to determine the best long-term solution for the nation.
But Helen Roberts, COO of email marketing provider Responsys, says that legitimate emailers will have a much easier time dealing with a single, national standard. "I think preemptive federal legislation is something that really does make it more effective for our customers to be able to ensure compliance," she says. Although technology allows companies like Responsys to prepare different messages for different states or nations, determining the state of origin for a U.S. email address can be a challenge if companies opt not to collect address information.
The bill also establishes a mandate to develop a do-not-spam list, which could go into effect in late 2004. The DMA is already criticizing the concept, saying it would punish small businesses.