Is it possible there's someone more cynical than me when it comes to the Can Spam Act? Well, it looks like there might be. The FTC -- the organization in which enforcement powers are centered under the Act -- has just made it crystal clear that it can and will do nothing about the spam problem that it hasn't been doing all along.
The FTC's cynicism is revealed in a report it announced late last week on the feasibility of a bounty system for spam fighters. As with an earlier report also mandated by the Can Spam Act in which the FTC recommended against a national do-not-spam list, the new report said rewarding the general public and/or volunteer cybersleuths for tracking down spammers wouldn't work.
Instead, the FTC proposed what almost seems like a parody of the bounty idea: Congress should appropriate funds to allow the FTC to bribe spammers $100,000 to $250,000 to rat on each other. Great, that's really going to discourage people from going into the spam business.
But it's not just the FTC's attempt to corrupt the idea of a bounty system into something entirely different that I find disturbing. Throughout the FTC's report, it's made very clear that spam reports from the general public to the FTC's spam database are not appreciated. "Clearly, an FTC reward system should not encourage this type of informant..." says the report about the 300,000 spam messages the public forwards to them daily. Data from forwarded spam, says a footnote in the report, is only used in the aggregate for analyzing volume and patterns of the spam campaigns.
Moreover, the report emphasizes that forwarded spam might involve "technical violations" of the Can Spam Act by companies the FTC doesn't want to go after. "Legitimate companies that market through e-mail and inadvertently stray into these types of violations" are easily identified anyway, so the FTC doesn't want to hear any more about it. These technical violations include not providing a physical postal address in the e-mail or conspicuous identification that the message is an advertisement.
Strangely, the FTC report pays virtually no attention to another "technical violation" - the failure to provide a working method for opting out of receiving more spam from the spammer. Perhaps that's just an implicit acknowledgement by the FTC that consumers for their own safety should not follow a spammer's opt-out instructions in any case, but it's still an odd thing to overlook. After all, if there is to be no enforcement of Can Spam's opt-out provisions, what exactly is the law doing for us? Remember, the Can-Spam Act pre-empts state anti-spam laws and severely restricts the ability of state and law enforcement agencies to take action against spammers without the FTC's blessing. At the same time, it legalizes spam that meets its very minimal requirements -- requirements that the FTC apparently isn't going to enforce anyway.
As we discussed recently regarding the Direct Marketing Association's participation in federal enforcement efforts, every enforcement dollar should indeed be spent on going after the out-and-out criminals using spam in phishing scams, zombie attacks, etc. Presumably, that's what the FTC means when it says it wants to focus on the most egregious spammers whose acts involved falsity and deception. And that's fine, but such crimes have little to do with the Can Spam Act, as they violate many other laws.
In the meantime, the core spam problem has only gotten worse because of the Can Spam Act. Last year I dubbed it the "Yes, You Can Spam Act" even before it was enacted. The attitude the FTC's report displays to the law makes me wonder if it doesn't need a new name - the "Can't Fight Spam Act," perhaps? Of course, if Congress is really so stupid as to take the FTC up on its idea of bribing spammers, there will be many more possibilites. How does the "Spammer Relief and Retirement Funding Act" sound?
Read and post comments about this story here, or write to me directly at Foster@gripe2ed.com.
12:59:21 AM 
|
