washingtonpost.com  > Technology > Special Reports > Spam

One Year After Law, Spam Still Out of the Can

By David McGuire
washingtonpost.com Staff Writer
Monday, January 3, 2005; 8:50 AM

The nation's first law aimed at curtailing junk e-mail earned a mixed report card after a year on the books as few spammers faced legal action and recent surveys showed that spam makes up an even larger proportion of online messages.

Signed into law Dec. 16, 2003, the Can-Spam Act made it illegal to falsify the "from" and "subject" lines of e-mail solicitations. It also required senders of bulk e-mail to include a working "unsubscribe" link in their messages and to honor consumers' requests to be taken off their mailing lists. The law doesn't allow individual e-mail users to sue spammers -- an omission decried by anti-spam activists -- but it did open the door for state attorneys general and ISPs to mount a legal offensive.

_____Spam In The News_____
A Year After Legislation, Spam Still Widespread (The Washington Post, Jan 4, 2005)
Spam Lowers Its Appeal (The Washington Post, Dec 30, 2004)
AOL Reports Decline In Spam in the Past Year (The Washington Post, Dec 28, 2004)
More Spam News

The nation's big four e-mail providers -- America Online, Microsoft, Yahoo and Earthlink -- were among the most ardent supporters of the law, and wasted no time using the new provisions. In March, the four firms fired off a barrage of lawsuits targeting some of the most prolific spammers on their respective networks. The providers announced another round of suits in October.

On the criminal front, a Virginia jury in November recommended a nine year jail term for a North Carolina man who became the first ever person convicted for felony spamming. The man was convicted under Virginia's spam law, which is similar to the federal legislation but with stiffer penalties.

"We've seen great progress made," said Sen. Conrad Burns (R-Mont.), Can-Spam's original sponsor in Congress. "It's been a great first step, and as we look ahead it's important that the [government] utilizes the tools in place to ... effectively stem the tide of this unwanted burden."

Still, through all the courtroom activity and the media attention it generated, spam levels rose in 2004, by almost all accounts. At the beginning of 2003, spam accounted for about 50 percent of all e-mail, according to Postini, a Redwood City, Calif.-based anti-spam firm that scans about 400 million e-mail messages a day for its clients. By the time Can-Spam passed at the end of 2003, that figure had grown to roughly 75 percent. Throughout 2004, spam accounted for 75 to 80 percent of all e-mail, said Chris Smith, Postini's senior director of product marketing.

Denver-based MX Logic reported similar numbers, saying spam accounted for roughly 77 percent of the messages it scanned in 2004. In December 2003, the month before Can-Spam took effect, MX Logic reported that spam accounted for 67 percent of messages. MX Logic also tracked the number of spam messages that were complying with Can-Spam's extensive labeling rules and found that only about 3 percent of them met the law's requirements.

John Levine, author of "The Internet for Dummies" and operator of a small ISP in Trumansburg, N.Y., said the figures are damning. "It [Can-Spam] didn't work. It's been utterly useless. I haven't seen spam decline. I haven't seen spammers even make nominal efforts to comply with Can-Spam," Levine said. "They clearly don't think they'll be caught."

But Michael Osterman, president of Osterman Research Inc., a Black Diamond, Wash.-based research firm that specializes in the e-mail and instant-messaging industry, said the failure really isn't the fault of lawmakers.

"As a law it's pretty well written. The problem is that spam is almost like drugs -- a law isn't going to have an effect. This whole spamming industry is very shadowy," Osterman said. The underlying technology of e-mail makes it extremely easy for spammers to hide their identities by using dozens of tricks, including sending messages from the computers of innocent Internet users who've had their computers compromised by viruses.

CONTINUED    1 2    Next >

© 2005 TechNews.com