Internet and e-mail policy and practice
including Notes on Internet E-mail


Click the comments link on any story to see comments or add your own.

Subscribe to this blog

RSS feed

Home :: Email

29 Dec 2005

FTC says CAN SPAM is working. Are they kidding? Email

In the CAN SPAM act, the Congress told the FTC to report back and tell them how it was working. Last week, the FTC sent out a press release about some anti-spam projects they're doing with the states and the Canadian competition bureau and mentioned, oh, by the way, we released this report, which says that CAN SPAM is working pretty well. I certainly haven't seen any drop in the amount of spam showing up at my mail server. Has the FTC lost their minds? Nope, but this reminds me that CAN SPAM was intended to do many things, but stop spam was not one of them.

The first part of the report discusses at length the law's effect on legal spam, that is, unsolicited commercial e-mail that is not fraudulent. It mandated a bunch of mild requirements on all commercial e-mail such as including an opt-out link that works and a postal mailing address. The report says that legal mailers do indeed comply with those rules. I agree, they do comply, and most of the legitimate lists I'm on from airlines, bookstores, and the like do include the CAN SPAM items, but since solicited mail isn't the problem and never has been, who cares? There is a tiny trickle of non-fraudulent UCE, and I believe that they may well follow the rules, too, but it's not enough to care about.

They then go on to say that consumers are getting less spam, but if you read carefully, that is due entirely to ISPs doing a better job of spam filtering than they did last year. They cite some numbers from MX Logic that purport to show that the overall amount of spam sent is dropping, but I don't believe them, and even if they're true, the change isn't significant. What is significant is that spam filtering is a major ``tax'' on any mail provider, one that contributes to nothing except perhaps to vendors of anti-spam software that wouldn't exist in the first place if we could get spam senders to stop. The FTC also opines that spam increasingly is entwined with malware, and that mail authentication could be helpful, both of which I agree with.

They list all of the cases they've filed, which have indeed shut down some spammers. The rest of the report is about international enforcement issues, noting that tons of spam comes from computers outside the US, even if the responsible party is inside the US. The FTC's ability to pursue international cases is limited, largely because they haven't had to deal with cases that hop from country to country before so they don't have much authority to work with other governments.. They propose a US SAFE WEB act that more or less gives the FTC the same international enforcement and cooperation powers as other agencies who already do international work, like the SEC. Assuming that the authority they're asking for is indeed similar to the SEC's, that seems reasonable.

So is the FTC being disingenuous? Only because the Congress told them to. The FTC is a creature of Congress, and if the Congress tells them that they can't go after spam per se, they won't. For now, the vast majority of spam is fraudulent in one way or another, so for practical purposes going after crooked spammers is nearly the same as going after all spammers, including going after them overseas. It's telling that rather than sending out a press release for the report itself, the FTC tagged it onto a release about international spam enforcement, giving us a strong hint that the only part of the report they really care about is the international enforcement and in particular, their plea for the US SAFE WEB act.

Should they get the crooks under control (I'm not holding my breath, but you never know) then we'll need to come back and figure out what to do about the stuff that's just spam because it's unsolicited.

posted at: 15:50 :: permanent link to this entry :: 1 comments
posted at: 15:50 :: permanent link to this entry :: 1 comments

comments...        (Jump to the end to add your own comment)

Rumor has it ...
... the FTC consulted closely with the ESPC during the writing of the actual report.

I don't know whether this is true. But, I remain bewildered as to why e-mail marketers support a law which only makes things worse, not better.

Perhaps it's the anathema towards "regulation" or the view, hey ... this is great, we can claim affirmative consent even if it is indirect.

What? Register at a site and by registering the user agrees to the site's privacy policy, allowing third parties to claim indirect affirmative consent.

Hey, I kid you not.

See the recent guidelines of the ESPC on best practices found at:

The ESPC's proposal for an industry wide standard.

One could go on, but ... let's stop here and simply say I tend to agree that tongue in cheek sublime humor may be the best answer to this whole sorry mess.

John Glube

(by John Glube 04 Jan 2006 14:55)

Add your comment...

Note: all comments require an email address to send a confirmation to verify that it was posted by a person and not a spambot. The comment won't be visible until you click the link in the confirmation. Unless you check the box below, which almost nobody does, your email won't be displayed, and I won't use it for other purposes.

Email: you@wherever (required, for confirmation)
Title: (optional)
Show my Email address
Save my Name and Email for next time


My other sites

Who is this guy?

Airline ticket info

Taughannock Networks

Other blogs

Domain Name Registration Data at the Crossroads
54 days ago

A keen grasp of the obvious
My high security debit card
521 days ago

Related sites

Coalition Against Unsolicited Commercial E-mail

Network Abuse Clearinghouse

© 2005-2018 John R. Levine.
CAN SPAM address harvesting notice: the operator of this website will not give, sell, or otherwise transfer addresses maintained by this website to any other party for the purposes of initiating, or enabling others to initiate, electronic mail messages.