Demonstrating yet again that he has nothing even remotely resembling a clue, President Bush today signed the CAN-SPAM Act of 2003. Ostensibly designed to regulate unsolicited bulk email, this legislation will do little to stem the spam tide. The legislation Bush signed is an opt-out law that supersedes opt-in laws several states have initiated, most recently and notably California.
C|net cites a report from email security provider MessageLabs finding that spam increased a whopping 77% in 2003 over the previous year, now accounting for more than 66% of all email traffic
In a civilized opt-in universe, like, oh I don’t know, the European Union, a marketeer would have to receive your explicit permission before he or she could inundate your inbox with pitches for penis enlargements, cheap refinancing, and prescription drugs. That, of course, would make too much sense and would intolerably violate the prime directive of American jurisprudence: “all law is based on maintaining or enhancing corporate profit” (with apologies to Sidney Jourard).
So, instead, we get stuck with the crappy opt-out version whereby anyone can send you unlimited amounts of spam (hence the unusually accurate bill name, [YOU] CAN-SPAM Act) until you tell them to quit. Take a look right now at your inbox. In order for all of that crap to go away, you’ll have to request each sender to please stop already, you’ve had enough. And just how much time do you have for such extracurricular activities? And while they’ll have to honor your request to stop, they don’t have to make it easy for you to figure out how to make the request.
If you had any doubt that this law will offer little protection for consumers, consider that it was endorsed by the Direct Marketing Association (DMA) because they know it preempts state laws with actual teeth and opens to door extra wide for “legitimate” spam. Opens the door? Hell, it blows it off its hinges. And these stringent state laws really had outfits like the DMA sweating bullets: California and Delaware had mandated opt-in statutes and Washington allowed individuals to sue spammers. But that was then; this is now.
Oh, and just to make sure that the CAN-SPAM Act really doesn’t get in the way of commerce, your duly elected Congress critters made sure the law would have no teeth by providing absolutely no funding for enforcement. Not a dime. This is especially relevant in light of Senator Ron Wyden‘s (D-Oregon), co-sponsor of the original legislation, comments in today’s Washington Post article:
“I am going to, every few weeks, be checking on whether prosecutors and law enforcement officials are coming down hard on violators of this law.”
Sure Senator Ron, whatever you say pal. Up here on the far edge, in the big city across the river, you can’t even get the police to investigate a hit-and-run anymore because of budget cuts. I’m not so sure tracking down spammers is putting the cops to their highest and best use, but then what do I know.
Effective 1 January 2004, here’s what the CAN-SPAM Act does for us:
- Prohibits fraudulent or deceptive subject lines, headers, and return addresses. This is actually a pretty good thing; most of the really obnoxious crap has forged headers. Presumably this will also eliminate all of the spam that passes through hijacked email servers and zombie personal computers with broadband connections. Except there’s no money made available for enforcement or prosecution. And what about the spam that originates outside of the U.S.? Feh.
- Prohibits email to addresses that have been harvested from websites. Just how it will be determined whether or not an email address has been harvested from a website was not disclosed; maybe the Bushies will hook all this up with the FBI’s Carnivore software. Or something.
- Prohibits pornographic spam that isn’t clearly labeled as such. It’s still okay to send email to millions of potential partners (and their children!), asking the timeless (and time-tested), guttural come-ons but it has to be clearly labeled as sexually oriented.
- Institutes a mandatory unsubscribe system. First you get to hunt for the unsubscribe system, then you get to figure out how it works, then you get to actually use it, then you have to wait for your address to be removed, and then…. Oh, nevermind. And you get the pleasure of having to do this For Every Piece Of Spam You Receive. Sigh.
- Directs the Federal Trade Commission (FTC) to investigate a “do-not-email” list similar to the national do-not-call registry. Oh yeah, that’ll work except for all those foreign spammers; sign me right up and I’ll hold my breath until someone hacks into the list and harvests it. Except it’s not mandated and oh, by the way, there’s no funding provided for creating such a list even if the FTC decides it might be a good thing.
- Prohibits individuals from suing spammers. Remember, this is a law to enhance commerce, not protect consumers. Representative Zoe Lofgren (D-California) tried to get this consumer protection provision added, but was unsuccessful.
The penalties for violations are unusually severe: up to five years in the federal can, fines up to US$6 million, plus confiscation of property purchased with the proceeds of the spamming activity. Except there are so many loopholes there will likely be pitifully few prosecutions under the CAN-SPAM Act.
A C|net report quotes FTC chair Tim Murris who opposed the legislation:
“The FTC would have to prove that the seller (who hires a spammer to advertise a product or service) knew, or consciously avoided knowing, that the third-party mailer intended to violate the law. This standard requires proof of both the seller’s and spammer’s level of knowledge…. These requirements to prove intent pose a serious hurdle that we do not have to meet to obtain an injunction under our current jurisdiction.”
Not even the National Association of Attorneys General likes the CAN-SPAM Act:
“The bill creates so many loopholes, exceptions, and high standards of proof, that it provides minimal consumer protections and creates too many burdens for effective enforcement…. We respectfully request that you not move forward….”
Right out of the gate, Ray Everett Church, chief privacy officer for the ePrivacy Group, had the best early assessment, correctly identifying the CAN-SPAM Act as “little more than an instructional guide for how to keep pumping out millions of emails per hour while avoiding legal liability.”
Ah, ain’t America great: where we get the best laws corporate money can buy.
For who(me) and in particularly why is spam still effective and lucrative? If you can answer that question you have a cause to fight! Why is there still no worldwide known website that tells me how to prevent spam in all it’s variations likewise done with virusses and worms yet far from perfect. Because spam isn’t seen yet as a turbo-worm?! “Providers, you still lack the intelligence and creativity of spam-fundamentalists. Buy them or fry them, but in whose interest, I wonder!” Domain-providers are a other crucial key to the solution, but they have no moral consciousness nor anti-spam-vision at all, exceptions granted. Yours, Tulpman. A Dutchman, who once will be remembered as the ‘last-spam-grammaton-cleric’. Hoi.