Establishing Digital Trust: Don't Sacrifice Security for Convenience
The legislation, which President Bush has promised to sign, establishes the first nationalstandards for commercial email and charges the Federal Trade Commission (FTC) with enforcingthe Act.
But don't expect less spam in your inboxes or clogging up your bandwidth.
The Act permits the sending of unsolicited commercial email as long as the email contains anopt-out option, a working return email address, and a valid subject line.https://o1.qnsr.com/log/p.gif?;n=203;c=204650394;s=9477;x=7936;f=201801171506010;u=j;z=TIMESTAMP;a=20392931;e=i ''This is a pretty bad bill,'' says Ray Everett-Church, chief privacy officer of theePrivacy Group. ''It fails to tell people not to spam. It actually legitimizes most forms ofspam provided that you don't lie about the origins of the email and you don't lie abouttaking people off lists. Don't lie and you can spam. That's a pretty low threshold.''
Everett-Church says he not only doesn't think people will see less spam because of this Act,he actually thinks there will be more spam.
Legitimate companies sending out marketing material most likely don't lie about who they areand they already include an opt-out mechanism in their emails. Rogue spammers, many of whomare outside U.S. borders, don't much care about breaking a law about lying.
''This legitimizes spam,'' says Everett-Church. ''This piece of legislation is tellingpeople that as long as they don't lie, spam is all right... Today, the biggest problem isindeed coming from folks who are operating on the fringes of legality. This bill gives themlegal cover. If they don't lie, their email can be treated as legitimate and legal. And thisgives legitimate companies legal cover, enabling them to do what only the herbal viagradealers have been doing.''
Sen. Charles Schumer, D.-N.Y, a supporter of the legislation, points to reports that say 250spammers are responsible for 90 percent of the email being sent. ''With this bill, Congressis saying that if you are a spammer, you can wind up in the slammer,'' says Schumer, asreported in Internetnews. ''And we are saying to those 250, no matter where you are,or how you try to hide your spam, we will find you. This bill gives the FTC and the JusticeDepartment the tools to go after you.''
However, Jesse Dougherty, director of development at Sophos, Inc., an anti-virus andanti-spam company, says the Can Spam Act doesn't have any teeth to use to snap at thesespammers.
''This doesn't add any enforcement or recourse for the individual,'' says Dougherty, whoworks for Sophos Canada, the arm of the company that develops anti-spam and messagingproducts. ''It may allow some large ISPs to make an example of a few by tripping them up onthe part about not lying... But it redefines spam so that a fairly large amount of whatbothers you in your in box won't be illegal.''
Sara Radicati, president and CEO of industry analysts The Radicati Group, says legitimizingspam will only make the matter worse.
''The worst spam is being sent from offshore,'' says Radicati. ''It's malicious and there'stons of it. The bill doesn't even begin to deal with this larger, more disruptive aspect ofspam... This is going to have absolutely no effect on the most disruptive, the mostoffensive, the most hard to deal with spam.''