The chairman of a US Senate committee called for more federal enforcement of a new anti-spam law amid reports that the amount of spam sent may be rising, not dropping, since the US law went into effect in January.
Senator John McCain asked why the FTC hasn't focused on companies using spammers to advertise their products. The authorities brought spam and other charges against two alleged spamming companies in late-April, but McCain urged the FTC and FBI to step up their enforcement, during a hearing on the effectiveness of CAN-SPAM.
"If the FTC can't find the spammers, it should do the next best thing: go after the businesses that knowingly hire spammers to promote their goods and services," said McCain. "At a minimum, the FTC could put thousands of businesses - many of them online pornography retailers - on notice that using anonymous spam is an illegal means of driving consumer traffic to their websites."
But bulk e-mailers trying to comply with the law - by using their own IP addresses instead of forging headers, and by including their company names and postal addresses in the text of the e-mail - are being punished by ISPs like AOL, said Ronald Scelson, president of MicroEvolutions.com, a bulk e-mail company. Scelson's company has stopped using common spamming techniques in order to comply with CAN-SPAM, but ISPs are still blocking his company's e-mail, Scelson said.
Scelson told the committee he could go back to using forged headers and defeat most spam filters. "Does the government want us to mail legal or not?" Scelson asked. "As long as we're doing it the right way and we're going to get blocked, interfered with and shut down, people are going to go around it."
While senators called for more enforcement of CAN-SPAM, representatives of the FTC and FBI said their agencies are working hard to combat spam. The FTC has more than 50 staffers working on CAN-SPAM enforcement, said FTC chairman Timothy Muris. The FTC is still working on some rules related to CAN-SPAM, and Muris promised that the agency will deliver a plan for a national do-not-e-mail registry by a 16 June deadline.
Representatives of spam-filtering service Postini and the Consumers Union told the committee that the amount of unsolicited commercial e-mail continues to rise. Postini, which processes about 1.3 billion e-mails a week, has seen the percentage of spam in that e-mail increase from 78 percent to 83 percent since CAN-SPAM went into effect.
Still, CAN-SPAM was a positive step in fighting spam because it set the ground rules for what is acceptable behavior, said Shinya Akamine, chief executive officer of Postini. The increase in the amount of spam may have been higher without the CAN-SPAM law, he said. "We think that it's a great law," Akamine said. "It prohibits illegal activity, now we believe it's the role of the private sector to actually go out and secure e-mail."
Akamine and Hans Peter Brondmo, senior vice president of e-mail marketing vendor Digital Impact, disagreed on what technological measures can be effective in blocking spam. Postini is blocking close to 99 percent of its customers' spam, Akamine said, but Brondmo said the only way to get rid of spam is to adopt sender-authentication protocols proposed by large ISPs including Microsoft and AOL.
AOL on Thursday announced during the hearing that the amount of spam e-mail hitting its subscribers' in-boxes declined by 20 percent to 30 percent in the last year, through a variety of spam-fighting initiatives. CAN-SPAM helped AOL and other ISPs sue hundreds of spammers in early March, said vice chairman Ted Leonsis.
"You did a great service to the online medium and tens of millions of online consumers," Leonsis told the committee. "CAN-SPAM was the right bill at the right time for all the right reasons and we look forward to measuring its success with more time."
While Leonsis and Scelson argued over whether AOL was blocking Scelson's e-mails, James Guest, president of the Consumers Union, said the debate missed the point: that consumers don't want unsolicited commercial e-mail.
CAN-SPAM requires all commercial e-mail to have a working opt-out mechanism and requires senders to include valid postal addresses. The law also includes a criminal penalty of up to a year in jail for sending commercial e-mail with false or misleading header information, plus criminal penalties of up to five years in prison, for some common spamming practices, including hacking into someone else's computer to send spam.
But the law forces consumers to opt out of commercial e-mail, instead of requiring e-mailers to get opt-in permission, and Guest urged the committee to change the opt-out requirement. Spam can come from thousands of sources, and a consumer would have to send an opt-out request to each sender to cut off all spam, Guest said.
E-mail users should have the same protections as phone owners do under the national do-not-call list, which the do-not-e-mail list proposal is modelled after, he said. "Obviously, this is an absurd burden to place on people," he added. "Congress should put the burden on spammers to get permission, not on consumers to fend off the intrusion."