Spinning CAN-SPAM

Is CAN-SPAM working to unclog enterprise in-boxes? The legislation (technically known as the Controlling the Assault of Non-Solicited Pornography and Marketing Act of 2003) was meant to stem the tide of spam. According to many experts, however, the law has had little or no effect.

Nevertheless, the Federal Trade Commission, which enforces CAN-SPAM and must report on the law's effectiveness to Congress, last month released a report recommending no CAN-SPAM modifications, essentially finding the law is working. The commission says it interviewed a number of individuals and organizations. Furthermore, the FTC says it used "its compulsory process powers to require the 9 ISPs that collectively control over 60 percent of the market for consumer email accounts to provide detailed information concerning their experiences with spam."

Based on those interviews, the FTC claims CAN-SPAM victory on two fronts. "First, the substantive provisions of the act have mandated adoption of a number of commercial email best practices that many legitimate online marketers are now following. Second, the act has provided law enforcement agencies and ISPs with an additional tool to use when bringing suit against spammers. The more than 50 cases brought to date by the FTC, the Department of Justice, state Attorneys General and ISPs demonstrate CAN-SPAM's enforcement efficacy."

Yet are those two things actually CAN-SPAM victories? To the first point, CAN-SPAM requires companies sending email to customers to include such things as company contact information, including a legitimate mailing address, and to honor opt-outs. Though these provisions may be followed by "many legitimate emailers," the problem was never legitimate emailers, but spammers. As to the effectiveness of CAN-SPAM as a prosecutorial tool, the jury is still out. "Certain state laws appear to have made spammers think twice about spamming, but not the federal CAN-SPAM Act," notes Ferris Research analyst Rich Jennings. Even if CAN-SPAM has had an affect, that can't be measured for at least several more years, until there have been more CAN-SPAM prosecutions, he says.

More help is needed, especially in the international arena. To that end, the FTC recommends Congress pass the US SAFE WEB Act (yet another unwieldy acronym: Undertaking Spam, Spyware, and Fraud Enforcement with Enforcers Beyond Borders), which promotes international information sharing and enforcement. As this underscores, the FTC is moving to stop spam on multiple fronts.