CAN-SPAM not seen to be effective

A year after the U.S. Congress passed the first federal antispam law, observers see no evidence that it has cut the amount of unwanted commercial e-mail arriving in U.S. residents' inboxes.

Most vendors of antispam products have charted an increase in the amount of spam since the Controlling the Assault of Non-Solicited Pornography and Marketing (CAN-SPAM) Act went into effect on Jan. 1.

CAN-SPAM includes criminal penalties, ranging up to five years in prison, for some common spamming practices, including hacking into someone else's computer to send spam and using open relays to send deceptive spam. The law allows fines of up to $250 per spam e-mail with a cap of $6 million for aggravated violations.

But some antispam activists assert that the law has aided spammers because CAN-SPAM requires recipients to opt out of unwanted commercial e-mail by contacting each sender, instead of forcing senders to get opt-in permission. The federal law also hurt spam-fighting efforts by pre-empting parts of some tougher state laws, including a California opt-in requirement, said Laura Atkins, president of the SpamCon Foundation.

CAN-SPAM also prohibits private citizens from suing spammers, instead allowing only state attorneys general or ISPs (Internet service providers) to file civil suits. People like Atkins, who operate their own mail servers and receive thousands of spam e-mail, have no recourse against spammers under CAN-SPAM.

"CAN-SPAM has not made it any easier to find spammers," Atkins said. "It has not decreased the amount of spam."

Backers of CAN-SPAM say it provides for the possibility of civil lawsuits and jail time for spammers. ISPs have used CAN-SPAM to file hundreds of civil lawsuits against spammers in 2004, and the key to making the law work is more enforcement, said a spokeswoman for Senator Conrad Burns, a Montana Republican and main sponsor of CAN-SPAM.

"Senator Burns has said from day one that enforcement is key for this legislation to be effective," said Jennifer O'Shea, his spokeswoman. "We have seen several big lawsuits, which have been helpful, but we need to continue to see more of these lawsuits in order to keep up with big time spammers and keep spam out of inboxes."

Burns believed businesses should have an opportunity to market over e-mail, instead of having to get opt-in permission from all e-mail recipients, she added.

"The opt-out provision … gives the e-mail user the responsibility of opting out if there is something they do not want to receive messages about," O'Shea said in an e-mail.

Statistics supplied by vendors of antispam products seem to bear out the criticism of CAN-SPAM. Postini Inc., an e-mail security service provider, said the percentage of legitimate nonspam e-mail it sees dropped from 22 percent of all e-mail at the beginning of 2004 to just 12 percent by December. The company processes 2.4 billion e-mail messages a week.

MX Logic Inc., another antispam vendor, found 67 percent of all e-mail to be spam in February. By November, 75 percent of all e-mail was spam, according to MX Logic.