Can Spam Be Stopped?

As Sorkin points out, the costs of implementing technical solutions can only

increase with time, given the lack of deterrent these efforts pose to spammers

and the continuous increase in unsolicted e-mail traffic.

There are also drawbacks to many technical solutions. Spam filters tend to

block some legitimate e-mail along with the intruders, an uncomfortable

compromise for anyone who relies on e-mail for personal or business reasons.

This is also harmful to marketers, who may be blocked either because of a

filter error or because their company’s SMTP server has been hijacked by

spammers for mail relay purposes.

Additionally, it’s important to note that block-list services are held to no

standard of accountability. This can only be bad for legitimate e-mail

marketers, who may be block-listed due to an innocent sending error or a

policy change on the part of the block-list service.

This happened recently when MAPS, known for its Black Hole list of documented

spammers, created a new list to keep track of marketers that don’t verify a

user’s addition to its database with a separate e-mail. Suddenly and without

warning, numerous formerly legit e-mail marketers found themselves ranked

alongside unscrupulous spammers on a list trusted by ISPs and online

consumers. Not surprisingly, many were outraged.

“Our lists are nothing more than our opinion about their email practices, each

fully backed up by documented fact,” says Anne Mitchell, director of legal and

public affairs for MAPS. “We simply publish that information, much like

Consumer Reports or a restaurant reviewer.”

None of this is good news for online marketers, all of whom are dependent, to

some extent, on the accuracy of spam filters and the definitions chosen by

services like MAPS to get their messages out.

An unannounced policy change on the part of a block-list or a filter error can

be disastrous, in terms of both sales and PR. When that happens, it doesn’t

matter whether a marketer’s permission policy is opt-out, opt-in, or the

so-called “double opt-in” (a.k.a. “opt-in with verification”). It’s a

situation many find intolerable.

For these reasons and others, consumer groups and e-mail marketing interests

alike are hopeful that the worst perpetrators of spam can be sued out of

business. It’s a daunting proposition, given the huge number of spammers and

the difficulty in tracing them, but a number of precedents have already been

established which may point to a future victory over spam.

“Go Ahead, Sue Me,”

As the rising tide of spam threatens to swamp e-mail recipients and drown out the

messages of legitimate marketers, some are hoping that the government — in the form

of Congress and the Federal Trade Commission — will take meaningful action.

So far, existing laws have proven to be helpful in some cases. As most marketers are

by now aware, a number of spammers have been successfully defeated in court by ISPs

and even by solo recipients of unsolicited e-mail.

A number of early examples involved Cyber Promotions, a major bulk e-mailer of the

mid-’90s. Cyber Promotions sued AOL in 1996, after AOL received

complaints of spam and blocked its messages. The spammer sued the ISP, arguing that it

had a first amendment right to send junk e-mail and that AOL was in violation of the

constitution. The court ruled in AOL’s favor in two separate decisions. Shortly

thereafter, CompuServe filed an injunction against Cyber Promotions and won.

“In 1996 and 1997, the most important were the suits by AOL and CompuServe against

Cyber Promotions,” said Junkbusters executive director Jason Catlett. “They

established that there’s no first amendment right to spam and that ISPs could take

actions on behalf of their customers’ privacy.”

Since then, AOL has filed a huge number of injunctions against spammers, and other

ISPs have followed its lead. It’s hard to know how many, because ISPs rarely publicize

the information and because many complaints are now settled out of court. However,

these lawsuits and settlements have done little to curb the flow of spam, mainly

because it’s so easy for a chastised spammer to turn around and spam again.

“The real problem is that it’s trivially easy to create a new identity, send millions

of spams, then disappear,” according to professor David Sorkin of the John Marshall

Law School. Sorkin believes that a simply worded federal law making it illegal to send

unsolicted bulk e-mail would help. Problem is, no such law exists.

State Laws: 19; Federal Laws: Zero

Laws with implications for spam have been passed in almost half of the United States,

and have accounted for the most dramatic court actions taken against spammers so far

in the U.S.

In Washington state, Bennett Haselton was handed four well-publicized

victories in small claims court last December.

Haselton, who heads Web advocacy nonprofit, is in the process of

assembling a guide to suing spammers under Washington law.

“I’m hoping that if enough Washingtonians file lawsuits against spammers, it will

become too risky and expensive for people to spam,” Hasselton said. “And the amount of

spam received by everybody will go down.”

Haselton is now organizing a class action suit, naming one defendant and 50

plaintiffs. The strategy, if it works, is to seek higher damages for a larger base of

spam recipients and thereby increase the deterrent for would-be bulk e-mailers.


While there are no national laws in the U.S. regulating unsolicited e-mail, several

bills are pending before the House. H.R.718, identical to two previous bills, would

require unsolicited commercial e-mail to be labelled, to include opt-out instructions,

and to use accurate header information.

But many Web activists say the laws so far under consideration are too weak. Anne

Mitchell, director of legal and public affairs for Mail Abuse Prevention System

(MAPS), would rather see an absolute legal standard — specifically, universal opt-in

with verification, which she refers to as “confirmed opt-in.” The FTC has so far

implicitly supported the “opt-out” standard, a premise she rejects.

“Any scheme which gives an air of legitimacy to opt-out simply exacerbates the

problem,” she says, pointing out the difficulty in proving which recipients have

signed up and which have simply been crawled. “And that is assuming that the lists

actually honor the unsubscribe requests, which many… do not.”

Standard or no standard, the issue is clearly becoming a priority to Congress, if the number of

bills being introduced is any indication. But even more important than getting a

federal bill passed is the issue of enforcement. How well equipped is the FTC to

follow up on the thousands of reports of illegal marketing activity that

would follow passage of an anti-spam bill?

Regulatory Wrangling

The Federal Trade Commission, which has historically kept out of the spam battle,

underwent a shuffle in its leadership in 2001. Timothy Muris was sworn in as chairman

in June — replacing Robert Pitofsky, a chairman who had promised much and delivered

little in the privacy wars. Additionally, December saw the appointment of commissioner

Orson Swindle to a key security and privacy review post. Jointly, the two have

announced a plan to crack down on those using fraudulent headers.