The U.S. Congress has never passed an anti-spam law, despite nearly two dozen bills brought before the House and Senate in half a decade of trying. “We’ve had some terrific debates about combating spam, but the bills have just died,” says Representative Fred Upton, a Michigan Republican who chairs one of the subcommittees considering spam legislation. “Meanwhile, spam has proliferated, consumer patience has worn thin, and the volume of spam threatens to clog the arteries of the Internet.”
This isn’t the first time Washington has been slow to respond to public demands for relief from unsolicited advertising. In 1991, in the same telecommunications legislation that succeeded in bringing an end to junk faxes, Congress called on the FCC to consider establishing a “single national database” of citizens “who object to receiving telephone solicitations.” But it was not until June of 2003 that the FCC and FTC finally introduced a national Do Not Call Registry, to which Americans have stampeded. As of this writing, less than two months after the registry was activated, about 30 million phone numbers have been registered — and the telemarketers are worried, warning of lost jobs and even suing the FCC and FTC for abridgement of their First Amendment rights.
One of the bills presently before Congress would create a similar database for e-mail addresses: a national No-Spam Registry. The bill, sponsored by Charles Schumer, New York Democrat, would authorize the FTC to fine spammers up to $5,000 for each unsolicited commercial e-mail sent to an address on the registry. Other pending legislation would impose even greater penalties; one bill, for instance, would allow Internet service providers to sue spammers for up to $1.5 million.
Past spam bills have died in Congress — in part because committees have squabbled over jurisdiction — but recent reports about the growing magnitude of the spam problem have brought a new sense of urgency to Capitol Hill. Although statistics on the amount of spam and its economic impact vary wildly, it is certain that there are now billions of spam e-mails sent each day; that American corporations are spending hundreds of millions of dollars each year on anti-spam software; that spam is taking a toll on the productivity of the American workforce; and that spammers bombard everyone, even children, with pornographic smut.
It is also certain that spam is getting more dangerous. Not only is most spam deceptive — about two-thirds, according to the FTC — but spammers are finding more creative ways to defraud people. In one especially pernicious technique called “phishing,” a spammer sends an e-mail that purports to come from a reputable company, like eBay, AOL, or Amazon.com. The e-mail directs the user to a website that imitates the logo and look of the real company, and the user is directed to enter certain personal information — like credit card or Social Security numbers — which the scamming spammer can then exploit.
As the spam problem has grown worse, several states have passed anti-spam laws. Most of these laws require spammers to include a label in the e-mail subject line (like “ADV” or “ADV:ADULT”); many carry penalties of tens of thousands of dollars for violators; and some require that spam e-mails include instructions for users to unsubscribe from spam lists. But it is far from clear that legislation, from either the states or Congress, will reduce spam in any way — partly because so much spam comes from overseas, beyond the reach of U.S. law enforcement. Also, it’s possible that some anti-spam laws will perversely make the spam problem worse, by giving spammers legal protection as long as they conform to certain requirements.
Many companies and individuals are turning to technological solutions to the spam problem, like spam filters, or the increasingly popular “whitelist” approach. The filters try to automatically identify spam and keep it out, or file it in a designated folder. But they can easily mistake desired or important e-mail for spam, and keep you from seeing it (in fact, when the FTC started sending out confirmation e-mails to people who had signed onto the Do Not Call Registry this summer, many filters blocked them as though they were spam). Whitelists, meanwhile, take an even more radical approach, admitting e-mails only from pre-approved addresses. Although a whitelist can keep your inbox completely free of spam, it will also make it much more difficult for old friends or legitimate strangers to contact you — thus partly undermining the openness and connectivity that make the Internet so valuable.
The ideal spam solution would probably combine punitive sticks and technological gates: stiff, if barely enforceable, penalties for spammers, and improved filtering technology that screens out spam without blocking some wanted or merely unexpected e-mail. Software firms are working on the gates; now it’s up to Congress to find some sturdy sticks.