Congress passing the Can Spam Act of 2003 is tantamount to ‘Christmas come early’ for spammers, according to industry watchers.
The legislation, which President Bush has promised to sign, establishes the first national standards for commercial email and charges the Federal Trade Commission (FTC) with enforcing the Act.
But don’t expect less spam in your inboxes or clogging up your bandwidth.
The Act permits the sending of unsolicited commercial email as long as the email contains an opt-out option, a working return email address, and a valid subject line.
”This is a pretty bad bill,” says Ray Everett-Church, chief privacy officer of the ePrivacy Group. ”It fails to tell people not to spam. It actually legitimizes most forms of spam provided that you don’t lie about the origins of the email and you don’t lie about taking people off lists. Don’t lie and you can spam. That’s a pretty low threshold.”
Everett-Church says he not only doesn’t think people will see less spam because of this Act, he actually thinks there will be more spam.
Legitimate companies sending out marketing material most likely don’t lie about who they are and they already include an opt-out mechanism in their emails. Rogue spammers, many of whom are outside U.S. borders, don’t much care about breaking a law about lying.
”This legitimizes spam,” says Everett-Church. ”This piece of legislation is telling people that as long as they don’t lie, spam is all right… Today, the biggest problem is indeed coming from folks who are operating on the fringes of legality. This bill gives them legal cover. If they don’t lie, their email can be treated as legitimate and legal. And this gives legitimate companies legal cover, enabling them to do what only the herbal viagra dealers have been doing.”
Sen. Charles Schumer, D.-N.Y, a supporter of the legislation, points to reports that say 250 spammers are responsible for 90 percent of the email being sent. ”With this bill, Congress is saying that if you are a spammer, you can wind up in the slammer,” says Schumer, as reported in Internetnews. ”And we are saying to those 250, no matter where you are, or how you try to hide your spam, we will find you. This bill gives the FTC and the Justice Department the tools to go after you.”
However, Jesse Dougherty, director of development at Sophos, Inc., an anti-virus and anti-spam company, says the Can Spam Act doesn’t have any teeth to use to snap at these spammers.
”This doesn’t add any enforcement or recourse for the individual,” says Dougherty, who works for Sophos Canada, the arm of the company that develops anti-spam and messaging products. ”It may allow some large ISPs to make an example of a few by tripping them up on the part about not lying… But it redefines spam so that a fairly large amount of what bothers you in your in box won’t be illegal.”
Sara Radicati, president and CEO of industry analysts The Radicati Group, says legitimizing spam will only make the matter worse.
”The worst spam is being sent from offshore,” says Radicati. ”It’s malicious and there’s tons of it. The bill doesn’t even begin to deal with this larger, more disruptive aspect of spam… This is going to have absolutely no effect on the most disruptive, the most offensive, the most hard to deal with spam.”