Congress gave final approval Dec. 8 to the so-called “Can-Spam” bill, an anti-spam measure that was slated to take effect Jan. 1, 2004. The new federal law overrides tougher state laws in California and elsewhere, and its critics say it doesn’t go far enough in protecting eMail users.

Thirty-six states have passed anti-spam laws. The new federal legislation now supersedes all of them, including a tough new California measure that was scheduled to become law on New Year’s Day.

California’s law would have let internet service providers, the state’s attorney general, and spam recipients themselves sue advertisers who use misleading information in an eMail subject line, invalid reply addresses, or disguised paths of transmission. The limit for civil judgments against spammers would have been $1,000 per message or $1 million per incident. None of those provisions will take effect following enactment of the federal law.

The national “Can Spam” legislation requires unsolicited eMail to include an opt-out mechanism allowing recipients to indicate they do not want future mailings. Computer users, critics point out, are being asked to ignore years of anti-spam training, which urged users never to respond to unsolicited eMail.

“It will require a change in behavior,” acknowledged Rep. Heather Wilson, R-N.M., one of the bill’s sponsors.

The federal legislation also prohibits senders of unsolicited commercial eMail from disguising their identities by using false return addresses or misleading subject lines, and it prohibits senders from harvesting eMail addresses off web sites.

Clogged eMail inboxes have become a leading irritation among internet users, an increasing expense for schools and colleges, and a popular target for Washington interest before an election year.

For schools that provide students with eMail accounts, the problem is particularly serious, because much of spam is offensive or pornographic in nature.

More than 80 percent of school-age children receive lewd, inappropriate, or potentially dangerous spam on a daily basis, according to a survey by internet security firm Symantec Corp. The survey underscored the need for parents, educators, and policy makers to find new ways to combat spam.

The law is among the farthest-reaching internet measures approved during the Bush administration, which has largely continued the Clinton administration’s hands-off approach toward regulating America’s technology industry. The last such major legislation was a 1998 law banning web sites from collecting personal information from children under 13.

The anti-spam law encourages the Federal Trade Commission (FTC) to create a do-not-spam list of eMail addresses and includes penalties for spammers of up to five years in prison in rare circumstances.

“This is one of the more sweeping internet regulatory schemes we’ve seen,” said Alan Davidson of the Washington-based Center for Democracy and Technology. Although he criticized parts of the law, he said consumer frustration was driving lawmakers.

Some critics say the law doesn’t go far enough to discourage unwanted eMails. The Coalition Against Unsolicited Commercial eMail called the congressional effort “really disappointing.” The group prefers a law requiring marketers to obtain people’s permission before sending them any eMail mesages. The coalition said the alternative method of consumers asking marketers not to send them any more messages hasn’t worked.

“This [law] fails the most basic tests for anti-spam legislation; it doesn’t tell anybody not to spam,” said the group’s spokesman, John Mozena.

Here, from a congressional summary of the measure, are the key provisions contained in the Controlling the Assault of Non-Solicited Pornography and Marketing Act of 2003:

  1. a prohibition against false or misleading transmission information;
  2. a prohibition against deceptive subject headings;
  3. mandatory inclusion of a return address or a comparable mechanism in commercial electronic mail;
  4. a prohibition against transmission of spam after objection;
  5. mandatory inclusion in spam of information identifying the message as an advertisement or solicitation, the opportunity to decline to receive further unsolicted messages from the sender, and the sender’s physical address;
  6. a prohibition against transmission of spam to a protected computer, or assisting in the origination of such messages through the provision of eMail addresses, if the person knows or should have known that the recipient’s address was obtained from an internet web site or proprietary online service that included a notice that the operator will not provide addresses for initiating unsolicited messages; (
  7. a prohibition against using automated means to register for multiple eMail accounts for the transmission of spam; and
  8. a prohibition against relaying or retransmitting an unsolicited message that is unlawful.

The new legislation also requires a person, when initiating commercial electronic mail containing sexually oriented material, to provide labels warning of such content, and the measure provides criminal penalties for violations.

Enforcement of these and the law’s other provisions would be the responsibility of the FTC.

See these related links:

Federal Trade Commission
http://www.ftc.gov

Coalition Against Unsolicited Commercial eMail
http://www.cauce.org