- About CEI
- Support CEI
'Spammers' Ignoring Anti-Spam Legislation
'Spammers' Ignoring Anti-Spam Legislation
Metchis Letter to the Editor in the Glendale (NY) Register
July 10, 2003
If you look closely at the spam filling your inbox, you might notice one or two with a strange claim: “This e-mail is sent in compliance with the S.1618 bill Title III passed by the 105th U.S. Congress This message cannot be considered Spam as long as it includes a way to be removed, Paragraph (a)(c).” Reading this, the average computer user will grumble, but delete the message without reporting it as spam. However, the statement is totally false, and it shows how far spammers will go to avoid being caught. The bill in question was proposed in 1998, but died in committee and did not become law.
This year, Congress is so determined to regulate spam that legislators have proposed eight different bills on the subject. At least one of them will probably pass before the August recess. The provisions of the various bills are highly overlapping, but can be divided into three categories: Labeling, Do-Not-Spam Registries, and Anti-Fraud. None of these is likely to cut down on spam.
Labeling bills require unsolicited commercial e-mail to have a subject line beginning with ADV and, in some proposals, ADV: ADLT for message with adult content. This would make it easier to filter out and delete unwanted e-mail. Spammers, of course, realize that messages beginning with ADV will immediately be deleted, possibly even before they are seen by a real person (and so might that note to your child “Advice for your first day of college”). It is easy to remain anonymous on the Internet, so the temptation for spammers to ignore the law and hide behind technology is huge.
A bad labeling law could even make enforcement more difficult than it now is. The S.P.A.M. Act, sponsored by Sen. Charles Schumer (D-NY), exempts companies that join a self-regulatory organization and adhere to best-practices. Of course, the most unscrupulous spammers will cheat, skipping the label and claiming to be legal as they have in the past. This would create three categories of spam: labeled, legally unlabeled, and illegally unlabeled.
The excitement over the new National Do Not Call Registry has led to calls for a Do Not E-Mail Registry on the same model. But while most telemarketers operate legally or in gray areas of the law, many spammers operate fraudulent and illegal businesses. A list of people who do not want to receive unsolicited e-mail is also a list of real e-mail addresses read by real people, and could be abused by malicious spammers. It would need to be heavily encrypted to avoid becoming a Please Spam Me registry. And some spammers will just ignore the list, again trusting their ability to remain anonymous.
Anti-fraud provisions are the most straightforward anti-spam measures. Such laws would require unsolicited commercial emails to include accurate header information so the message can be traced to its true sender. Other common anti-fraud provisions are a mandatory opt-out procedure, notification of a physical postal address for the company, and bans on misleading subject lines and e-mail address harvesting from websites. The CAN-SPAM Act, one of the bills already out of committee in the Senate, includes all of these provisions.
Commercial e-mail should certainly not use fraudulent practices. However, an anti-fraud law cannot be expected to reduce or clean up spam very much. Many of the fraudulent tactics used by spammers are already illegal under advertising laws, but the few prosecutions against spammers have been little deterrent.
Try as it might, the government does not have the ability to stop spam. Fortunately, other solutions are available. Anti-spam filtering programs, sender validation systems, and other blocking methods can significantly reduced the amount of spam that lands in the end-user’s inbox. Some of these technologies now perform with near perfect accuracy. With these programs, users can set their own criteria for emails they do and don’t want to receive. ISPs and software companies have always been on the forefront of the spam fight. They should continue to educate their customers about spam and provide a variety of measures aimed at controlling spam problems. These methods are far better than any one-size-fits-all proposal that Congress could enact.