Jon E. Dougherty, NewsMax.com
Thursday, July 8, 2004

Story Continues Below

  At least, that's the position of the Federal Trade Commission, reports the Direct Marketing News, which said earlier this month in a report required by the CAN-SPAM Act that a national "do-not-e-mail" anti-spam measure similar to the do-not-call list for telemarketers would likely only lead to more unwanted electronic spam.

The FTC, in its report, said any registry should be delayed until private industry can establish its own e-mail standards. The agency said the establishment of a "do-not-spam" list would likely generate more of the unsolicited traffic as spammers use the list to identify legitimate e-mail addresses.

"Without an effective system of authenticating the sender of e-mail, any registry would fail," said FTC chairman Timothy Muris, at a news conference. "I wouldn't put my e-mail [address] on such a registry."

The agency said its report concludes that without an authentication system, it could not identify spammers violating the list. It also said current technology systems couldn't guarantee spammers wouldn't violate the list to cull fresh, validated addresses.

Finally, the FTC said the establishment of a do-not-spam list would create the illusion that anyone who uses it would see a dramatic fall in spam, similar to the reduction in telemarketing calls experienced by users of the national "do not call" list.

FTC Balking

The CAN-SPAM law created a timetable for the FTC to create a do-not-spam national registry, but the agency doesn't want to do it.

Muris said if private industry doesn't create an authentication solution, the FTC would convene an industry summit on the issue, possibly by September. If private industry can't find a solution, he said the agency would convene a preliminary advisory committee as a precursor to a federal solution.

Muris is not crazy about the idea, for one because it would require further legislation by Congress.

Some groups applauded the FTC's decision to let private industry take care of the problem.

"They're very concerned about e-mail and the fact that you can't find who" is sending out so much electronic junk, Jerry Cerasale, senior vice president for government affairs at the Direct Marketing Association, says. "They can't find the people who are doing fraudulent things."

Spammers use a host of phony addresses and proxy Internet servers to hide their identity.

Urgency Building

Urgency is building within the industry, and with users of e-mail, for a solution to all the spam.

Some of the biggest names in the software and online industries – including Microsoft, Yahoo! and America Online – are looking at implementing authentication technologies.

"We're well down this path in there being a good first step in dealing with the server anonymity issues," says Michael Sippey, managing director at Quris, Denver, an e-mail service provider.

Authentication technology aims to correct a flaw in e-mail that gives senders anonymity. It is this obscurity that allows spammers to blast messages, offers and pornography throughout the Internet without giving away a person's – or a company's – identity.

Despite the urgency to find a solution, however, the FTC, in its report, notes that it could be as much as two years before being implemented, largely because authentication fixes haven't been tested widely yet.

Privacy, Legal Concerns

Some organizations are worried that any attempts to verify or authenticate e-mail will put a sender's privacy at risk.

The Electronic Frontier Foundation, a group that advocates for online privacy, says it is concerned about any government or industry attempts to find out whether "the primary purpose" of e-mail is commercial or private in nature.

"In order to avoid constitutional problems," EFF said in an analysis of the CAN-SPAM Act, "the FTC should interpret it to mean that a message qualifies as having commercial 'primary purpose' only when, if taken as a whole, it cannot be reasonably viewed as containing any non-commercial message."

The group says it strongly supports efforts at stopping spam, "which we define as unsolicited, commercial, bulk e-mail."

"In that effort," EFF continued, "it is unacceptable for non-commercial speech to be sacrificed as a side effect."

Another group, the Electronic Privacy Information Center, or EPIC, testified before the Senate regarding the CAN-SPAM Act that it favors "opt-in" mailing lists, "a private right of action for consumers, and freedom for states to pursue spammers, combined with technical measures and international cooperation."

Finding the Spammer

By far, the most compelling problem is actually finding out which companies, or which individuals, are actually sending the spam.

The FTC says that, after pursuing more than 62 spamming cases, identifying the sender is the biggest obstacle. Spammers, says the agency, hide behind a maze of fake headers, open proxies and zombie drones – and a registry would not improve those problems, said its report.

"It's not a problem, if you can find them, to prosecute them," Muris says. "Finding them is extraordinary."

Editor's note: