Skip Links

Network World

  • Social Web 
  • Email 
  • Close

CAN-SPAM works but needs more muscle, says attorney

CAN-SPAM still an issue for legitimate marketers trying to stay compliant.
By Cara Garretson , Network World , 03/31/2006

While the federal CAN-SPAM law that was enacted two years ago has allowed prosecutors to put some big-name spammers behind bars, the law has also caused significant headaches for legitimate marketers who are trying to stay compliant, according to one attorney.

The Federal Trade Commission (FTC) reports that there have been more than fifty actions taken by federal and state prosecutors, as well as ISPs, since the law was enacted in January of 2004, said Jon Praed, a founding partner of the Internet Law Group, a law firm that represents large corporations such as AOL in Internet-related disputes, who spoke at the MIT Spam Conference in Cambridge, Mass., on Tuesday.

“The law is effective because it has encouraged adoption of best practices by legitimate [organizations] and has provided an additional tool for ISPs in law enforcement,” said Praed, referring to the law’s provision that lets ISPs file suit against spammers. “But that first benefit comes at a signification cost” and still spammers are not complying.

Spammers are able to skirt complaints brought up under CAN-SPAM by a practice called microbranding, Praed explained. This is where spammers create a shell company with so many small brands that each appears too insignificant to file a complaint against. “They disperse complaints across so many entities that anyone who wants to come after you thinks you’re so small that it’s not worth the time, when in fact you have hundreds of companies,” he explained.

Therefore, legitimate e-mailers are spending large sums of money on complying with the law, while the amount of spam isn’t declining, he said. “We are spending far more on CAN-SPAM compliance than we are getting for the bang.”

What would improve the situation would be finding a way to get a “hard ID” on the spammers, Praed said.

One way to do that would be is to establish a “custodian of record” practice. This practice comes from the pornography industry and requires all sources of illicit photographs to appoint a person the custodian of the models’ names and proof of age. The name of that custodian must be made publicly available. “This is extremely powerful if you’re trying to find out who is responsible for the porn on those Web sites, [the custodian] can tell you who produced all those photos.”

Partner Content

Brilliantly simple security and control solutions for email, web and endpoint

www.sophos.com

Stopping data leakage

Learn how to exploit your current security investment to control the information that flows into, through and out of your network.

Download the white paper.

Why detection rates aren't enough

Evaluating endpoint security products is a time-consuming and daunting task. Learn the six critical questions you need to ask to prospective vendors to get the right endpoint solution.

Download the white paper.

Unauthorized applications: Taking back control

Employees installing and using unauthorized applications like IM, VoIP, games and peer-to-peer file-sharing applications cause many businesses serious concern. How do you control these applications?

Download the white paper.

Comment
Login
Forgot your account info?
Add comment
Anonymous comments subject to moderator approval. Register here for member benefits.
Have a NetworkWorld account? Log in here. Register now for a free account.

Videos

rssRss Feed
Save The Date!
What They Are Saying

DLP solutions are the first-last opportunity to correct a policy problem...and do so at the last frontier...- Schratboy

Join the Discussion