The CAN-SPAM Act's not perfect, but it's a step in the right direction.
It looks like the CAN-SPAM Act will officially pass through Congress this week, and the President has indicated he'll sign it. Over the past couple weeks, we've seen both elated marketers and skeptical advocates speak their minds about this bill and its potential effects.
In April, I wrote about the reasons this bill should become law. I wish my statements had been prophetic, but my assertions weren't the impetus for federal legislation. After 36 state laws passed, few in the industry would have guessed number 37 would send us all knocking on our federal representatives' doors.
Anti-spam discussion lists are filled with passion and fervent distaste for spam. Some participants claim success in tracking and blocking known spammers from delivering campaigns. Advocates' desire to punish spammers should be satisfied with the CAN-SPAM Act's provisions that criminalize clearly wrongful email practices.
Some spammers use the Internet fraudulently and hide behind its anonymity. Congress has taken this into consideration by outlawing practices such as falsifying headers, hijacking email accounts or computers, utilizing open relays, and creating email or IP addresses specifically to send spam.
The criminal provisions are severe. First-time offenders may serve three years in prison, and repeat offenders could serve five. It doesn't take much to be convicted: Simply register more than 20 email accounts or 10 domain names, and send more than 2,500 messages per day. My guess is most spammers are sending in excess of 2,500 messages per minute!
The bill aims to allow consumers (a.k.a., constituents) to use email effectively and be confident with the validity of senders. That's why it details the appropriate uses of message headers, sender fields, and subject lines. Congress also directs the Federal Trade Commission (FTC) to determine how emailers can properly identify their messaging as commercial, without mandating the onerous (and perhaps unconstitutional) ADV subject-line label.
For legitimate emailers, suppression specifications are the most important part of the bill. In a number of previous columns, I discussed how to increase recipient confidence in the unsubscribe process. Though these tactics are still important, Congress has offered emailers a boost: all commercial email must have a valid return address or other online suppression mechanism.
Note it might become unlawful to collect suppressions solely offline. Furthermore, emailers are prohibited from selling suppressed data for further commercial messaging.
Hopefully users will begin to feel more confident in unsubscribing or changing their addresses with legitimate emailers, rather than simply deleting or reporting the email as spam.
A Definition of Permission
In a previous article, I explained how permission is not a black-and-white issue. Each emailer has a strategic permission objective, which varies depending on the nature of the communication relationship. Congress would apparently like to assist with industry efforts to create a common view of permission by defining the term "affirmative consent."
Affirmative consent may not be the national standard, except in the case of resubscribing to previously unsubscribed lists or with adult messaging. However, review the definition as reported in the final version of this bill. It contains the term "expressed consent," which means emailers are required to provide clear and conspicuous notice and choice before messaging to recipients. In the Senate Commerce Committee report, lawmakers even specify the differences between active and passive choice.
The Problem Is Not Yet Solved
Laws do not solve problems, they create frameworks for enforcement. Critics can say this law will not stop spam. I wholeheartedly agree that on January 1, 2004, we may receive just as much, if not more, spam than on the day prior. Most spam is international, and the Internet's architecture continues to enable anonymous messaging, making it difficult to track down spammers.
One criticism is there is no private right of action. When was the last time you stopped, or thought about stopping, a spammer? The reality is ISPs are the ones with the resources and incentives to stop spam. Nearly all email users know they can forward spam to the abuse address at their ISPs to assist in tracking and blocking known spammers. If this law does anything, it will further empower ISPs to request and collect spam in an effort to prosecute known violators.
It also gives ISPs the right to block (not just filter) any email that violates their terms and conditions. Hopefully, this will spur ISPs to create standard gateway protocols and perhaps to continue working with emailers and industry organizations to adopt new systems for email accountability, such as the Email Service Provider Coalition's (ESPC's) Project Lumos initiative.
The International Issue
Stopping spam across borders is similar to nuclear nonproliferation. There is always going to be someone in a basement trying to get around the rules. The best we can do is begin a framework for domestic regulation, apply that framework for international adoption, and work through the enforcement mechanisms around the globe to monitor, deter, and prosecute violators.
Spam's international nature may make domestic regulation less effective, but the Internet's international nature is helpful because it provides the framework for global enforcement. I am pleased to note the FTC has been charged with studying the international issues affecting email. It must report back to Congress within two years on mechanisms for cross-border cooperation.
The passage of this law is only the beginning. E-mailers, ISPs, and enforcement authorities must continue our collective efforts to stop spam. Within the two-year FTC reporting period, we'll see spam deterred and technologically reduced. Perhaps then we'll look back and discuss whether spam really has been CANned.
Do you think the pending anti-spam law will be effective? Send me your thoughts!
For more on the CAN-SPAM Act, read Hans-Peter Brøndmo's column here.
Want more email marketing information? ClickZ E-Mail Strategies is an archive of all our email columns, organized by topic.
Want to learn more?
Attend ClickZ Live New York March 30 - April 1. With over 15 years' experience delivering industry-leading events, ClickZ Live brings together over 60 expert speakers to offer an action-packed, educationally-focused agenda covering all aspects of digital marketing. Register today!
Ben Isaacson is the privacy and compliance leader for Experian, overseeing Internet and advanced technology privacy and compliance affairs across Experian Marketing Services products including CheetahMail, Digital Advertising Services, and Hitwise. Mr. Isaacson's previous roles include serving as the executive director of the Association for Interactive Marketing (AIM), a former DMA subsidiary. He regularly blogs at EmailResponsibly.com.
Singapore, 5-6 March
Bangkok, 17-18 March
Hong Kong, April 2015
A Buyer's Guide to Affiliate Management Software
Manage your performance marketing with the right solution. Choose a platform that will mutually empower advertisers and media partners!
Google My Business Listings Demystified
To help brands control how they appear online, Google has developed a new offering: Google My Business Locations. This whitepaper helps marketers understand how to use this powerful new tool.
March 24, 2015
12:00pm ET/9:00am PT