Senate Passes Revised Spam Bill
The CAN-SPAM Act of 2003 creates a single national standard regulating commercial e-mail to replace the patchwork of state laws. It bans common spamming practices, such as false headers and harvesting e-mail addresses, while imposing regulations on all commercial e-mail.
The bill does not ban unsolicited commercial e-mail. Instead, it requires that marketers remove customers from their lists when requested. Marketers are required to include a physical address and valid opt-out mechanism in messages along with an honest subject line and notice that the messages are ads. The law holds advertisers responsible for commercial e-mail sent on their behalf.
Marketers roundly praised the bill, particularly its pre-emption of more onerous anti-spam legislation in more than 35 states. California's toughened spam law was due to take effect Jan. 1. Direct marketers feared an avalanche of lawsuits under the California law's provision for private lawsuits. Under the federal law, consumers cannot sue.
"We are very pleased to see a federal anti-spam bill that harmonizes state efforts," said Trevor Hughes, executive director of the Network Advertising Initiative's E-mail Service Provider Coalition.
Michael Della Penna, chief marketing officer of New York e-mail service provider Bigfoot Interactive, said the new requirements would not appreciably raise the costs of e-mail marketing. "I think the legitimate guys are already doing a lot of the best practices," he said.
Passage before the Thanksgiving recess had appeared questionable, but the congressional logjam broke Nov. 21 after negotiations between the leadership of the House of Representatives and the Senate. The House shelved its competing spam bills in favor of a modified version of the CAN-SPAM Act, which the Senate had unanimously passed Oct. 22.
On the morning of Nov. 22, after an all-night session, the House voted 392-5 to pass a slightly amended version of the act. The Senate then passed a slightly changed version Nov. 25 that the House is expected to OK when it returns from Thanksgiving recess Dec. 8. The White House is expected to sign the measure into law before the end of the year.
Critics of the bill claim the opt-out provision is tantamount to legalizing spam.
"The real damage that will be done is consumers are likely to receive more unsolicited commercial e-mail, not less," said Ray Everett-Church, co-founder of the Coalition Against Unsolicited Commercial E-mail.
The one bugaboo for marketers is CAN-SPAM's call for the Federal Trade Commission to plan a do-not-e-mail registry. The bill, however, does not require the FTC to implement a list, only to report back in six months on the feasibility of a list and a timetable for implementing it. The FTC is to detail its objections to maintaining the list, including concerns over security, privacy and technical feasibility. FTC chairman Timothy Muris has questioned whether such a list would do much to combat spam.
Sen. Charles Schumer, D-NY, chief sponsor of the no-spam registry, noted the FTC's reluctance to the idea: "My answer to the FTC: Try it."
Schumer said Congress would use its appropriations power or enact a further law to compel the FTC to create the list. "We will make sure they implement it," he said. "We are going to make this no-spam registry a reality within a year."
The details of the do-not-e-mail registry remain left to be worked out by the FTC. "It's pretty well established that it can be done in a secure, reliable fashion," Everett-Church said.
Opponents of the registry say it would do nothing to combat spam while saddling legitimate e-mail marketers with more regulations.
"I've always had my doubts about it, primarily because I don't know how it can be implemented," said Ken Hirschman, general counsel for San Mateo, CA, e-mail marketing company Digital Impact.
The Direct Marketing Association panned the no-spam-list idea but otherwise expressed satisfaction with the law. In a statement, H. Robert Wientzen, the DMA's president/CEO, said the legislation represents "a great victory in the battle against spam because it delineates legitimate commercial e-mail from spam and criminalizes anyone who would take advantage of the Internet to send spam to consumers."
The CAN-SPAM Act forbids sending spam with false header information or using other means to disguise the sender's identity. The bill bans harvesting of e-mail addresses from Web sites and breaking into computers to send spam. It also forbids using automated methods to sign up for free Web-based e-mail accounts.
It includes provisions for Internet service providers to take spammers to court and gives state attorneys general the power to file lawsuits. Violators are subject to awards up to $2 million, potentially tripled for intentional violations, and five years in prison.
"My guess is the number of people willing to risk that amount of fines and jail time is not many," said William Nussey, chief executive of Atlanta e-mail service provider Silverpop.
Key CAN-SPAM Requirements
The CAN-SPAM Act of 2003 regulates all commercial e-mail, both requested and unsolicited. Beginning Jan. 1, federal law requires that all commercial e-mailers:
* Include truthful e-mail header information, including the "from" line.
* Use accurate subject lines.
* Provide an opt-out tool, either through an e-mail address or Internet-based form, that works for 30 days after the mailing.
* Process opt-out requests within 10 business days of receiving them.
* Put a physical postal address in all messages.
* Label messages as advertisements.**
* Display warning labels on commercial e-mail with sexually oriented material.**
** These do not apply to commercial e-mail with opt-in consent.