• United States

Canning a do-not-spam list

Jun 28, 20044 mins
Enterprise ApplicationsGovernmentMalware

* Why a do-not-spam list wouldn't work

For once, I have to give the Federal Trade Commission a round of applause for not wasting the taxpayers’ money.  The FTC recently rejected the notion of developing a national “do-not-spam” list, saying spammers would ignore it.  Agency chairman Timothy Muris said, “Consumers will be spammed if we do a registry and spammed if we don’t.”  Unfortunately, this is true.

Senator Charles Schumer (D-N.Y.) isn’t giving up on the idea of the registry, however.  He pledges to “pursue congressional alternatives in light of the FTC’s adamancy.”  Senator Schumer likens the do-not-spam registry to the similar do-not-call registry for telemarketers, which he calls “an overwhelming success.” 

With all due respect, Mr. Schumer, I think you should heed the advice of the FTC on this issue. 

The federal CAN-SPAM Act is barely a half-year old, and we’re still waiting for convincing evidence of its effectiveness.  I agree that we need some kind of legislation that makes spam illegal, because we cannot prosecute unless we have a law.  However, the new law hasn’t yet resulted in noteworthy indictments, and it certainly hasn’t stemmed the flow of spam to our e-mail inboxes.  Before we try to create a do-not-spam registry, let’s give the CAN-SPAM Act a bit of time to show results.

And maybe it already has.  Canadian uber-spammer Eric Head has decided to get out of the business, issuing the following statement:  “I urge everyone who is involved in the commercial bulk e-mail business to cease all operations unless and until they are completely compliant with the requirements of the new U.S. anti-spam laws.”

Critics of the CAN-SPAM Act complain that it is based on opt-out requirements, forcing the mail recipient to ask to be removed from numerous mailing lists.  Proponents of a do-not-spam registry say the burden would be on the spammer, not the holder of the e-mail address.  Once on the list, the e-mail address theoretically would be compared to a mass mailing list that the, uh, “bulk e-mail businessman” would use.  The spammer would be in violation of the law if he uses an address on the do-not-spam registry.

OK, all you e-mail administrators out there – let me pose a simple question.  Would you give out your entire company e-mail directory to the FTC or whatever agency is deemed appropriate to collect all the addresses for the do-not-spam registry? For that matter, would you list your personal e-mail address, or those used by your kids?  This master list, of course, will be available to every bulk e-mail businessman who requests it.  We’d expect that every recipient of the list would act with the highest level of ethics, right? 

The FTC doesn’t think so either, and that’s the prime reason for rejecting the national registry.  If a spammer flagrantly steals cyber identities and misrepresents the origin of his messages already, why would he care if he “accidentally” uses addresses on the do-not-spam registry?

For the moment, let’s suppose that a list is put into effect, and you add your personal e-mail address to it.  What happens if you still receive an offending piece of spam that is in clear violation of the law?  If we model the do-not-spam registry after the do-not-call list, then you do have recourse for a complaint.  You would need to go to an agency Web site to log your complaint.  You might be asked for specific information about the source of the e-mail, such as the originating IP address or the name of the business.  These identifiers are needed to thoroughly investigate the complaint and gather evidence in the case.

Hello!  These are the very things a spammer already fakes to hide his tracks.  How could anyone ever have the time to trace even a minute percentage of illegal spam mails?  What’s more, who would foot the bill for this service?  U.S. taxpayers, probably.

Call me cynical, but I think I’ll stick with my anti-spam technology for now and leave the do-not-spam list for Senator Schumer and his staff.

Linda Musthaler is vice president of Currid & Company.  You can write to her at