Science Fair Project Encyclopedia
CAN-SPAM Act of 2003
The CAN-SPAM Act of 2003, signed into law by President Bush on December 16, 2003, establishes the first national standards for the sending of commercial e-mail and requires the Federal Trade Commission (FTC) to enforce its provisions. The bill's full name is an acronym: Controlling the Assault of Non-Solicited Pornography and Marketing Act of 2003. Critics of the law's perceived weaknesses sometimes refer to it as You CAN SPAM.
It also requires the FTC to promulgate rules to shield consumers from unwanted mobile service commercial messages.
CAN-SPAM defines spam as "any electronic mail message the primary purpose of which is the commercial advertisement or promotion of a commercial product or service (including content on an Internet website operated for a commercial purpose)." It exempts "transactional or relationship messages." The FTC has yet to clarify what "primary purpose" means; it has already delayed rule-making for this terminology. Previous state laws had used bulk (a number threshold), content (commercial), or unsolicited to define spam.
The bill permits e-mail marketers to send unsolicited commercial e-mail as long as it contains all of the following:
- an opt-out mechanism;
- a functioning return e-mail address;
- a valid subject line and header (routing) information; and
- the legitimate physical address of the mailer.
The legislation also prohibits the sale or other transfer of an e-mail address obtained through an opt-out request. It criminalizes the use of automated means to register for multiple e-mail accounts from which to send spam. It prohibits sending sexually-oriented spam without the label later determined by the FTC of SEXUALLY-EXPLICIT. This label replaced the similar state labeling requirements of ADV:ADLT or ADLT. Labeling regulations for general spam will be commented on by the FTC this summer.
CAN-SPAM pre-empts existing state anti-spam laws that do not deal with fraud. It makes it a misdemeanor to send spam with falsified header information. A host of other common spamming practices can make a CAN-SPAM violation an "aggravated offense," including harvesting, dictionary attacks, Internet protocol spoofing, hijacking computers through Trojan horses or worms, or using open mail relays for the purpose of sending spam.
CAN-SPAM allows the FTC to implement a national do-not-email list similar to the FTC's popular do-not-call registry, or to report back to Congress why the creation of such a list is not currently feasible. The FTC soundly rejected this proposal, and such a list will not be implemented. The FTC concluded that the lack of authentication of email would undermine the list, and it could raise security concerns.
The legislation does not allow e-mail recipients to sue spammers or class-action lawsuits, but allows enforcement by the FTC, State Attorneys General, Internet service providers, and other federal agencies for special categories of spammers (such as banks). An individuals could still sue as an ISP if (s)he ran a mail server, but this would likely be cost-prohibitive. Individuals can also sue using state laws about fraud, such as Virginia's which gives standing based on actual damages, in effect limiting enforcement to ISPs.
Senator John McCain is responsible for a last-minute amendment which makes businesses promoted in spam subject to FTC penalties and enforcement remedies, regardless of whether the FTC is able to identify the specific spammer who initiated the e-mail.
Anti-spam activists greeted the new law with dismay and disappointment. Internet activists who work to stop spam stated that the Act would not prevent any spam -- in fact, it appeared to give Federal approval to the practice, and it was feared that spam would increase as a result of the law. The Coalition Against Unsolicited Commercial Email stated:
- "This legislation fails the most fundamental test of any anti-spam law, in that it neglects to actually tell any marketers not to spam. Instead, it gives each marketer in the United States one free shot at each consumer's e-mail inbox, and will force companies to continue to deploy costly and disruptive anti-spam technologies to block advertising messages from reaching their employees on company time and using company resources. It also fails to learn from the experiences of the states and other countries that have tried "opt-out" legal frameworks, where marketers must be asked to stop, to no avail.
AOL Executive Vice President and General Counsel Randall Boe stated:
- "[CAN-SPAM] not only empowered us to help can the spam, but also to can the spammers as well . . . Our actions today clearly demonstrate that CAN-SPAM is alive and kicking - and we're using it to give hardcore, outlaw spammers the boot.
Within a few months, literally hundreds of lawsuits had been filed by an alliance of ISPs. Many of these efforts resulted in settlements; most are still pending. Though most defendant were "John Does," many spam operations, such as Scott Richter's were known.
On April 29, 2004, the first criminal charges were filed under the CAN-SPAM act. The FTC named the defendant as a group calling itself "Phoenix Avatar," which sent hundreds of thousands of spam emails advertising a "diet patch" and "hormone products." The FTC stated that these products were effectively worthless.
Court records identified the four U.S. defendants as Daniel J. Lin, James J. Lin, Mark M. Sadek and Christopher Chung of West Bloomfield, Michigan. Authorities said they face up to five years in prison under the anti-spam law and up to 20 years in prison under U.S. mail fraud statutes.
On February 1, 2005, a New York Times article suggested that the Can Spam Act had resulted in little to no effect on the flow of spam, and the amount of spam saturating the Internet had actually increased since the law went into effect.
The contents of this article is licensed from www.wikipedia.org under the GNU Free Documentation License. Click here to see the transparent copy and copyright details