The FTC Cans Spam
The war against spam is proceeding well, with new technologies and greater awareness reducing the amount of unsolicited commercial email. There are now successful civil prosecutions, according to a new report issued to Congress by the U.S. Federal Trade Commission. In a press conference today, Lydia Parnes, director of the FTC's Bureau of Consumer Protection, discussed results of the Controlling the Assault of Non-Solicited Pornography and Marketing Act of 2003 (CAN-SPAM), and presented details of the report, "Effectiveness and Enforcement of the CAN-SPAM Act."
Parnes praised the efforts of various U.S. government agencies, the Canadian Competition Bureau, and private companies, in fighting unlawful email solicitations. "We're using technology and teamwork in the battle against illegal spam," Parnes said. "Taken together, they are helping us combat the outlaw spammers who disregard laws designed to prevent fraud and protect consumers' rights." Less spam is being sent than when CAN-SPAM was enacted two years ago, with less of the total getting through to consumers' inboxes. In particular, successful free email services are blocking up to 95 percent of spam, Parnes said. "Other technologies block spam at the source. The volume of spam is leveling off, or even declining."
However, bad news accompanied the apparent successes of CAN-SPAM. Since its passage, an increasing volume of spam messages includes malicious content, such as viruses and keyloggers, instead of or in addition to unwelcome or objectionable advertising. "In addition to modifying the content of their messages, spammers have also sought to frustrate law enforcement by using increasingly complex multilayered business arrangements," the report states. "Moreover, spammers continue to hide their identities by providing false information to domain name registrars," which is exacerbated by those registrars' failure to sufficiently verify the information.
The conference also highlighted Operation: Button Pushers, a cross-border initiative against spammers. The program targets operators who send messages with false sender information or invalid opt-out procedures, as well as those who illegally commandeer consumers' computers to use them in relaying messages. The latter were caught through the use of proxy pots, law enforcement computers disguised as a home user's PC with open proxies. Nine cases out of the 21 prosecutions brought since CAN-SPAM was enacted resulted from this program.
Analysis of the report indicates there is a long way to go before email security is achieved. "My overall take is that this doesn't solve the spam problem, but then again there's no single thing that does," says Shar VanBoskirk, consulting analyst at Forrester Research. "There are three components to the effort: technology, which gives authentication and blocking; marketing, which encourages businesses to have better behavior and controls for their email communications; and legislative. Even together, these don't solve the problem. Spammers aren't afraid of the law, and for the most part aren't worried about technological advances against them."
Part of the problem, VanBoskirk notes, is that the definition of spam changes from person to person. "In most cases, the simplest definition of spam is email that you don't want, but this isn't limited to unsolicited messages," VanBoskirk says. "Just as often, it can be an advertisement from a company you have had dealings with, or even something you signed up for and forgot about." As much work must be done on good email as on bad. "CAN-SPAM is the base level of what it takes to be an email marketer--you can't even send a message without complying with CAN-SPAM," she says. "The rest is on a strategic level for marketers to look at. You must have an email campaign that is tuned into customer wants and needs."
Two things will catalyze the effectiveness of spam prevention, according to the analyst. First, increasing costs to ISPs will cause them to be increasingly harsh in filtering what emails they send through, Second, "marketers will realize the longterm revenue and loyalty impact of poor communications," she says. "Irking customers and jeopardizing a five-year relationship will cost you much more than you'd make by achieving a 5 percent click-through rate on a campaign."
CRM in an Age of Legislation
Email Authentication: A Report from 2005's Summit