In Virginia, a federal judge in November sentenced a North Carolina man to nine years in prison, making him the first person convicted for a felony spam violation. While the case was a federal conviction, much of the initiative came from Virginia Attorney General Jerry W. Kilgore (R), who is responsible for a statewide cyber-crime task force.
Other states probably will take an active role in cyber-security in 2005, said Eric Allman, founder and chief technical officer of Sendmail, an e-mail security company. "From a legislation point of view in the coming year, you'll see it at the state level rather than the federal level."
The federal government, meanwhile, was repeatedly criticized as not giving enough attention to cyber-security within the Department of Homeland Security. Tech lobbyists tried twice to get Congress to pass a bill elevating the National Cyber Security Division director's post in the department, but failed each time. The department also lost cyber-security chief Amit Yoran; a Washington Post report said Yoran was frustrated with his inability to draw more attention to securing the nation's computer networks against attack.
Rep. Adam Putnam (R-Fla.) established a group comprising the software industry and other companies to figure out ways for private industry to work on cyber-security. By mid-2004 the group had produced five lengthy reports that included dozens of recommendations for action, but neither Putnam nor the Bush administration acted on the ideas.
Next year promises renewed attempts to fight spam. Much junk e-mail still contains pitches for impotence remedies, investment schemes and other too-good-to-be-true offers that range from the hilarious to the vulgar, but an increasing amount contains worms, viruses and fraud schemes. Congress failed to a pass legislation that would penalize people and companies that download spyware and other software onto computers without their owners' consent, but it is expected to surface again next year.
Microsoft, Yahoo, Earthlink and America Online -- the nation's largest e-mail service providers -- sued dozens of spammers shortly after the federal Can-Spam law took effect in early 2004, and is trying to find common ground on a technological means to reduce the amount of junk e-mail that tries to stuff itself into their mail servers.
But despite a profusion of anti-spam companies, filtering software and blacklists of known spamming addresses, the decline in unwanted e-mail that the national law was supposed to effect has not materialized.
The FTC, in a report to Congress earlier this year, said a "do-not-spam" list, similar to the no-telemarketing list that contains millions of home telephone numbers, would not set up an effective bulwark against junk mail and could even be used as a phonebook of sorts for spammers.
Even as a solution eludes the government, the amount of junk messages grows. In 2004, just 12 percent of all e-mail on the Internet was legitimate, according to Redwood, Calif.-based e-mail filtering company Postini. The company, which quarantines up to 133 million spam messages for its customers each day, predicted that that number would shrink to 8 percent in 2005.
"The general trend is that the problem is getting worse," said Andrew Lochart, Postini's director of product marketing.
Anne Mitchell, the president of the Institute for Spam and Public Policy, defended the Can-Spam law. "What I see when I look back across 2004, I see that there were these tools put in place ... and while they may not be perfect, I see ISPs as well as the government starting to pick them up and really wield them."
Although it's unlikely that Congress would consider a new anti-spam law, lawmakers will probably take a more aggressive oversight role in 2005, said Ari Schwarz, associate director of the Center for Democracy and Technology.
At least part of that response is due to the increased awareness that online security can be tenuous at best, said some security executives.
"In the past there's been this perception that the Internet is a safe enclave," said Julian Haight, founder of SpamCop, a San Bruno, Calif.-based anti-spam company. "It's vaporizing."