Five Advantages of Cloud-Based SIEM for Security Intelligence and Operations REGISTER >
With AOL executives at his side, Virginia Governor Mark Warner signed into law the toughest anti-spam bill in the nation Tuesday, making fraudulent spam a felony in the state.
Virginia is just one of 26 states that have passed anti-spam laws, but the signing was heralded by the governor and AOL executives as an important step toward treating spam as more than simply a nuisance.
"A number of states have anti-spamming laws, but for the most part these anti-spamming laws carry civil penalties..." Warner said at the bill signing held at AOL's Dulles, Va., headquarters. "So what we've put in place is the toughest spam law in the country."
AOL hailed the law as an important breakthrough in its own fight against the deluge of spam sent its 28 million subscribers. The ISP said today that it recently blocked 2.3 billion spams in a single day. The company also recently launched legal broadsides against a handful of spammers.
Unlike the measures in most states, many of which proscribe civil penalties with small fines, Virginia's law stipulates that a person can be prosecuted for a felony by sending over 10,000 unsolicited, deceptive e-mails per day or 100,000 in a month. The law defines deception as altering an e-mail header or other routing information. Those convicted are liable to a prison term of up to five years and the seizure of assets and profits from the mailings.
The Virginia law is not directed at all unsolicited bulk commercial e-mail, only the ones with fraudulent claims. According to the Federal Trade Commission (FTC), nearly two thirds of spam contains false claims.
In most states, the penalties against spammers are relatively small, as evidenced recently in the first successful use of Kansas' anti-spam law in which a consumer was awarded $500 by a small-claims court.
The differences in the spam laws in various states, and the difficulty for legitimate e-mail marketers to navigate differing requirements, is one of the reasons even staunch defenders of industry self-regulation, including the Direct Marketing Association, have recently begun advocating for federal legislation that would over-ride any state laws -- thereby creating an overarching standard for the United States. With this consensus about the need for a federal statute emerging, the question has turned to what shape a law would take.
While there is no federal law against spam, the FTC has taken action against spammers for sending deceptive business practices and fraudulent claims.
Like the Virginia law, the CAN-SPAM Act (Controlling the Assault of Non-Solicited Pornography and Marketing) targets spammers along these lines. The bill, introduced by Sens. Conrad Burns and Ron Wyden last week, was proposed in two previous sessions of Congress and last year passed a key committee.
New York Sen. Charles Schumer, on the other hand, has proposed legislation taking a more sweeping approach that targets all spam, including non-fraudulent mailings. His bill, which has not been drawn up yet, would create a national registry along the lines of a "do not call" list, imposing penalties on bulk e-mailers that do not weed out names on the database from their e-mail lists.
Some anti-spam activists have said the approaches are too meek, since they fail to empower consumers to take matters into their own hands. In a letter sent to the FTC today, a variety of consumer advocacy groups urged lawmakers to take a more aggressive approach, outlawing the sending of unsolicited mail, instead of relying on opt-out provisions, and giving consumers the right to sue spammers.
The consumer groups, including the Consumers Union and Center for Digital Democracy, argue that a federal anti-spam law should be modeled on the 1991 "junk fax" law that outlawed unsolicited commercial faxes. That law allows consumers to sue violators for $500 per unsolicited fax received. A proposed law in California follows this example.