As Sorkin points out, the costs of implementing technical solutions can only
increase with time, given the lack of deterrent these efforts pose to spammers
and the continuous increase in unsolicted e-mail traffic.
There are also drawbacks to many technical solutions. Spam filters tend to
block some legitimate e-mail along with the intruders, an uncomfortable
compromise for anyone who relies on e-mail for personal or business reasons.
This is also harmful to marketers, who may be blocked either because of a
filter error or because their company’s SMTP server has been hijacked by
spammers for mail relay purposes.
Additionally, it’s important to note that block-list services are held to no
standard of accountability. This can only be bad for legitimate e-mail
marketers, who may be block-listed due to an innocent sending error or a
policy change on the part of the block-list service.
This happened recently when MAPS, known for its Black Hole list of documented
spammers, created a new list to keep track of marketers that don’t verify a
user’s addition to its database with a separate e-mail. Suddenly and without
warning, numerous formerly legit e-mail marketers found themselves ranked
alongside unscrupulous spammers on a list trusted by ISPs and online
consumers. Not surprisingly, many were outraged.
“Our lists are nothing more than our opinion about their email practices, each
fully backed up by documented fact,” says Anne Mitchell, director of legal and
public affairs for MAPS. “We simply publish that information, much like
Consumer Reports or a restaurant reviewer.”
None of this is good news for online marketers, all of whom are dependent, to
some extent, on the accuracy of spam filters and the definitions chosen by
services like MAPS to get their messages out.
An unannounced policy change on the part of a block-list or a filter error can
be disastrous, in terms of both sales and PR. When that happens, it doesn’t
matter whether a marketer’s permission policy is opt-out, opt-in, or the
so-called “double opt-in” (a.k.a. “opt-in with verification”). It’s a
situation many find intolerable.
For these reasons and others, consumer groups and e-mail marketing interests
alike are hopeful that the worst perpetrators of spam can be sued out of
business. It’s a daunting proposition, given the huge number of spammers and
the difficulty in tracing them, but a number of precedents have already been
established which may point to a future victory over spam.
“Go Ahead, Sue Me,”
As the rising tide of spam threatens to swamp e-mail recipients and drown out the
messages of legitimate marketers, some are hoping that the government — in the form
of Congress and the Federal Trade Commission — will take meaningful action.
So far, existing laws have proven to be helpful in some cases. As most marketers are
by now aware, a number of spammers have been successfully defeated in court by ISPs
and even by solo recipients of unsolicited e-mail.
A number of early examples involved Cyber Promotions, a major bulk e-mailer of the
mid-’90s. Cyber Promotions sued AOL in 1996, after AOL received
complaints of spam and blocked its messages. The spammer sued the ISP, arguing that it
had a first amendment right to send junk e-mail and that AOL was in violation of the
constitution. The court ruled in AOL’s favor in two separate decisions. Shortly
thereafter, CompuServe filed an injunction against Cyber Promotions and won.
“In 1996 and 1997, the most important were the suits by AOL and CompuServe against
Cyber Promotions,” said Junkbusters executive director Jason Catlett. “They
established that there’s no first amendment right to spam and that ISPs could take
actions on behalf of their customers’ privacy.”
Since then, AOL has filed a huge number of injunctions against spammers, and other
ISPs have followed its lead. It’s hard to know how many, because ISPs rarely publicize
the information and because many complaints are now settled out of court. However,
these lawsuits and settlements have done little to curb the flow of spam, mainly
because it’s so easy for a chastised spammer to turn around and spam again.
“The real problem is that it’s trivially easy to create a new identity, send millions
of spams, then disappear,” according to professor David Sorkin of the John Marshall
Law School. Sorkin believes that a simply worded federal law making it illegal to send
unsolicted bulk e-mail would help. Problem is, no such law exists.
State Laws: 19; Federal Laws: Zero
Laws with implications for spam have been passed in almost half of the United States,
and have accounted for the most dramatic court actions taken against spammers so far
in the U.S.
In Washington state, Bennett Haselton was handed four well-publicized
victories in small claims court last December.
Haselton, who heads Web advocacy nonprofit Peacefire.org, is in the process of
assembling a guide to suing spammers under Washington law.
“I’m hoping that if enough Washingtonians file lawsuits against spammers, it will
become too risky and expensive for people to spam,” Hasselton said. “And the amount of
spam received by everybody will go down.”
Haselton is now organizing a class action suit, naming one defendant and 50
plaintiffs. The strategy, if it works, is to seek higher damages for a larger base of
spam recipients and thereby increase the deterrent for would-be bulk e-mailers.
While there are no national laws in the U.S. regulating unsolicited e-mail, several
bills are pending before the House. H.R.718, identical to two previous bills, would
require unsolicited commercial e-mail to be labelled, to include opt-out instructions,
and to use accurate header information.
But many Web activists say the laws so far under consideration are too weak. Anne
Mitchell, director of legal and public affairs for Mail Abuse Prevention System
(MAPS), would rather see an absolute legal standard — specifically, universal opt-in
with verification, which she refers to as “confirmed opt-in.” The FTC has so far
implicitly supported the “opt-out” standard, a premise she rejects.
“Any scheme which gives an air of legitimacy to opt-out simply exacerbates the
problem,” she says, pointing out the difficulty in proving which recipients have
signed up and which have simply been crawled. “And that is assuming that the lists
actually honor the unsubscribe requests, which many… do not.”
Standard or no standard, the issue is clearly becoming a priority to Congress, if the number of
bills being introduced is any indication. But even more important than getting a
federal bill passed is the issue of enforcement. How well equipped is the FTC to
follow up on the thousands of reports of illegal marketing activity that
would follow passage of an anti-spam bill?
The Federal Trade Commission, which has historically kept out of the spam battle,
underwent a shuffle in its leadership in 2001. Timothy Muris was sworn in as chairman
in June — replacing Robert Pitofsky, a chairman who had promised much and delivered
little in the privacy wars. Additionally, December saw the appointment of commissioner
Orson Swindle to a key security and privacy review post. Jointly, the two have
announced a plan to crack down on those using fraudulent headers.