FTC Closing CAN-SPAM Loopholes
Spam-fighting feds figure out the fine points of anti-spam law.
MILLBRAE, Calif. -- The Federal Trade Commission (FTC) said it has made progress on refining the admittedly vague CAN-SPAM Act, which Congress passed last year in an attempt to spare citizens from the surge of unsolicited commercial e-mail.
The complaining and fault-finding began as Congress debated anti-spam laws and continued unabated after the enactment of CAN-SPAM on Jan. 1, 2004. Spam fighters argued there were too many loopholes, while marketers complained that the law was too vague and could cover the most innocent and welcome of electronic missives.
"It's far broader than what people think of as spam," admitted Lisa Rosenthal, an attorney with the FTC. "It covers all commercial messages."
Rosenthal was speaking at the Second Annual Spam and the Law Conference, held in Millbrae, Calif., on Friday.
By now, e-mailers should be familiar with the act's basics: no misleading header information or subject lines; the mailing must provide a clear, operable way to opt out from further messages; and the advertiser provides a physical address in the body of the e-mail.
Congress voted CAN-SPAM into law, and then directed the FTC to write rules and prepare progress reports. Rosenthal gave the audience of security experts, attorneys and marketers information on the FTC's progress in elucidating the law and providing guidelines for good-guy commercial e-mailers.
During the CAN-SPAM debates, many marketers argued that their ability to communicate with existing customers could become illegal, while traditional businesses feared that any B2B inquiry could get them into hot water. To address such concerns, the FTC developed rules for determining the primary purpose of an e-mail that will become effective at the end of March.
The rules distinguish between "transactional/relationship" messages versus "commercial" e-mails, Rosenthal said. Transactional e-mails relate to purchases that already have been completed, while commercial messages offer an opportunity to buy.
For example, providing confirmation of a purchase, shipping information, membership or account status, or anything relating to an employment relationship, would qualify as transactional and, therefore, free from CAN-SPAM demands -- except for the requirement of accuracy in the header information.
The FTC also devised a method to determine the primary purpose of hybrid e-mails, which may contain both transactional and commercial messaging. For example, a retailer might both confirm a purchase and promote additional sales.
Rosenthal said that if the recipient would reasonably interpret the subject line as commercial or if the body of the e-mail is primarily commercial, CAN-SPAM would kick in. For example, a message that began with offers, then concluded with account information, should comply with CAN-SPAM rules.
The FTC defined the header for X-rated pitches, as directed by Congress. The subject lines of such messages must begin with "SEXUALLY-EXPLICIT." Also, the sender must provide additional steps to view the explicit content, beyond opening the e-mail.
The FTC officially came out against the establishment of a Do Not E-Mail Registry, because, as critics charged, it could become a Best-to-Spam Registry if it fell into the wrong hands. The feds recommended against developing a similar list of minors' e-mail addresses, for fear it could fall into the hands of predators.
Anti-spam activists decried CAN-SPAM's omission of the right of private action, that is, the ability of an individual to bring a civil suit against a spammer. But the act does allow ISPs to enforce it. Rosenthal said the law defines ISPs very broadly. For example, a firm that provides Internet access to employees would qualify.
The FTC has much more on its to-do list: It recently requested input on whether the 10 days marketers have to comply with consumers' opt-out requests is workable. It also is considering how to address viral marketing messages, where consumers are encouraged to forward e-mails or provide friends' addresses to the marketer.
Also at the conference, messaging consultant Michael Osterman of Osterman Research predicted that spam will represent 93 to 95 percent of all e-mail in 2005 and that CAN-SPAM will not make a discernible dent in the impact during that time.
Some critics of the law say CAN-SPAM hurts legitimate marketers without reducing spam because spammers don't follow the law.
But Rosenthal told internetnews.com, "You can make that pronouncement about any crime or law. Why outlaw theft, if you'll still have thieves?"
She said that laws do discourage some people from negative activities.
"There are people sitting in their living rooms in fuzzy slippers sending out spam and potentially making millions of dollars a year," she said. "Knowing that at the end of the road, they could face civil penalties sends the message that it's not as cheap as it once was."