Five years ago, the U.S. tech industry, politicians and Internet users were wringing their hands over the escalating problem of spam.
Watch a slideshow of the most notorious convicted spammers.
Follow the famous quotes about spam throughout the years.
Back then, 45% of all e-mails were unwanted pitches for such products as Viagra, penny stocks or porn sites. An estimated 15 billion spam messages were sent over the Internet daily in 2003, prompting 74% of online adults to favor a law that would make mass spamming illegal.
Statistics like these prompted Congress to pass a landmark antispam bill known as the CAN-SPAM Act in December 2003.
Fast forward five years.
The number of spam messages sent over the Internet every day has grown more than 10-fold, topping 164 billion worldwide in August 2008. Almost 97% of all e-mails are spam, costing U.S. ISPs and corporations an estimated $42 billion a year.
The content of spam has changed, too. In 2003, spam was an annoying or offensive come-on to buy a product. Today, more than 83% of spam contains a URL for a Web site that is trying to infect computers with malicious software.
Law enforcement officials have prosecuted dozens of spammers under the CAN-SPAM Act and won some high-profile cases, such as putting pharmacy spam king "Rizler" behind bars for 30 years and awarding MySpace damages of $234 million from two spammers. (See a slideshow of the most notorious convicted spammers.)
Nonetheless, CAN-SPAM has done little to deter spammers. So much for the legislation that lawmakers once said was the “best tool we have” for eradicating spam and putting spammers in the slammer.
CAN-SPAM "is mostly a flop," says Jaime de Guerre, CTO of antispam vendor Cloudmark. "I think [legislation] is rather futile anyways because the attackers are so advanced in their threats, and it’s so hard to detect where they are coming from."
"CAN-SPAM was not the solution that many people hoped it would be," adds Ray Everett Church, Director of Privacy and Industry Relations at Responsys. "As the ultimate solution to spam, it was definitely a bust. As a first step toward pushing the marketplace in a reasonable direction, it was OK."
Industry observers say the CAN-SPAM Act of 2003 wasn’t a complete failure because it defined spam. It prompted legitimate e-mail senders to improve their online marketing, and it led to several high-profile convictions of spammers in conjunction with other fraud laws.
CAN-SPAM "sets some basic standards for the industry that have been useful in encouraging companies to follow good e-mail practices," Church says. "What it hasn’t done is stop the bad guys from being bad. I don’t think anybody really believed CAN-SPAM would do that."
The CAN-SPAM Act of 2003 provides a framework for commercial e-mail senders -- a minimum set of rules that companies must follow to ensure that its online sales pitches are not dubbed spam.
Most e-retailers and newsletter publishers go beyond CAN-SPAM and use an opt-in mechanism for consumers to request e-mail promotions instead of the law’s lesser requirement of an opt-out mechanism.
"The primary thing that CAN-SPAM was successful at is giving a clearer message to legitimate companies about how to use e-mail in direct marketing and how to do it appropriately," says Graham Cluley, senior technology consultant at Sophos, a security software vendor. "It made a distinction between the really bad guys on the one hand, and incompetent companies on the other hand."
Legitimate e-mail senders quickly complied with CAN-SPAM to avoid being fined or jailed. That’s why CAN-SPAM has reduced the number of consumer complaints lodged against legitimate companies.
"It has created better e-mail hygiene for legitimate senders," de Guerre says. "In the past, they may have struggled with a message falling in the grey area and being called spam. CAN-SPAM does help a bit in that area."
Another positive of CAN-SPAM is that it has led to more spammers being caught, prosecuted and convicted.
"A lot of spammers have been caught and sentenced to jail," Cluley says. "The good news is that we constantly see headlines of spammers sent to jail, but they are the tip of the iceberg. There are other spammers waiting to jump in."
CAN-SPAM provides a tool for law enforcement agencies to use to prosecute spammers.
"Lawyers were having to work overtime to stretch existing laws to cover what was going on with spam. Issues like falsified headers were not clear-cut legal offenses," Church explains. "A lot of folks were saying: 'What can we do to give some teeth to legal efforts to try to stop spam?' There were a number of different proposals over many years, and the one that carried the day was the CAN-SPAM Act."
Rss FeedRss Feed
The Leader in Network Knowledge
Comments (35)
What Went Wrong?By Anonymous on October 6, 2008, 10:18 amConsider the source. "I have come to the conclusion that one useless man is a disgrace, two men are called a Law Firm, and three or more become a Congress." --...
Reply | Read entire comment
Technology not lawsBy Anonymous on October 6, 2008, 3:27 pmWe could eliminate most spam by employing address and domain verification, and enforcing it at the ISP gateways. This was proposed by several groups and advanced...
Reply | Read entire comment
Are you surprised?By Anonymous on October 6, 2008, 3:30 pmCan you name one thing the govt has done that actually worked? After we just spent $700,000,000,000 to "save" the economy the market is down around 800 points.
Reply | Read entire comment
CAN-SPAMBy Anonymous on October 6, 2008, 4:24 pmThe ultimate solution to SPAM is to impose some sort of fee -- and it can be very small -- for each e-mail that is sent, with the fee paid then being credited to...
Reply | Read entire comment
What good does a U.S. law do?By HaveANiceDay on October 6, 2008, 4:38 pmWhat good does a U.S. law do against spam when most high-volume spammers either set up bulletproof accounts overseas or hijack innocent bystanders to make themselves...
Reply | Read entire comment
CAN-SPAMBy RG on October 6, 2008, 6:52 pmAgreed - SPAM exists as an economic problem that can't be solved with technology or the law. Based on the article, the cost of SPAM spread over legit emails is 1.9...
Reply | Read entire comment
View all comments