Transcript: Anti-spam company chief exec who disagrees with the FTC and wants a do-not-spam list.
Transcript: Howard Beales, head of the FTC's consumer protection division, explaining the commission's decision.
Transcript: Direct Marketing Association lobbyist who agrees with the FTC and opposes the do-not-spam list.
Underlying the no-spam registry question is a larger debate over whether the new federal anti-spam law, known as the CAN-SPAM Act, is working. Industry estimates vary, but spam accounts for between 60 and 80 percent of all e-mail traffic, an increase since the law took effect in January.
In a survey of chief information officers at nearly 700 companies, 39 percent of 141 respondents said fighting spam will cost their firms more than $100,000 this year.
The survey, sponsored by the Chief Information Officer Executive Council, concluded that the act was ineffective. A majority of respondents, 55 percent, favored a do-not-spam registry.
Direct marketers and Internet companies, which supported CAN-SPAM, argue that the law needs time to work, in conjunction with technological tools.
"Today's FTC announcement reflects the widely held belief that a do-not-e-mail list would not be a do-not-spam list," said Jerry Cerasale, head of government affairs for the Direct Marketing Association.
"It is imperative that there will be an authentication system in place so that consumers and regulators can determine who sent the e-mail and take appropriate action."
But proponents of the registry said it could help address what they see as flaws in CAN-SPAM.
Most particularly, the federal law is based on a system known as opt-out, whereby users have to ask to be removed from marketing lists and bulk e-mailers must honor the requests.
Anti-spam activists and many consumer groups favor an opt-in system, meaning that marketers cannot send commercial e-mail without permission. That same philosophy underlies a 1991 law prohibiting junk faxes.
A registry would have the same effect by sparing consumers from having to opt out of every e-mail pitch they receive. That, proponents say, would simplify enforcement and avoid arguments over whether an opt-out request was made and whether it was honored in a timely way.
Under a registry system, consumers or organizations would send the FTC or a designated list manager the e-mail addresses they wanted to be free of unsolicited messages. Marketers would have to check their lists against the list, in a way that kept the list secure.
Ray Everett-Church, legal director of the Coalition Against Unsolicited Commercial E-mail, said that he supports a registry but is not surprised it was rejected.
The CAN-SPAM Act would have to be overhauled to allow proper enforcement of a registry, including allowing consumers to sue marketers that ignored the list. Under CAN-SPAM, consumers cannot sue.
But Church said the FTC could have started with a registry for all users at a certain Internet domain. In this system, for example, XYZ Inc. could state that all users with an xyz.com address were on the registry, thus avoiding a list containing individual addresses.
Muris said the FTC examined that option but determined it would simply be ignored by spammers, many of whom peddle fraudulent schemes or products. He said the national do-not-call list is effective in part because most telemarketers are legitimate businesses that abide by the law.
As for security of a list of individual addresses, the FTC said that even systems to encrypt the information to protect it from spammers would not necessarily be secure, based on the feedback it received from three cyber-security experts it hired as consultants.
Eric Castelli, chief technology officer of LashBack LLC, an e-mail security company, said he thinks a registry could be kept secure. But he said he agrees with the FTC's decision to wait until an authentication system can be used to more easily allow abusers to be tracked down and punished.