Slashdot Mirror
Cornucopia Of Spam Bills
frankie writes "Anti-spam legislation is getting serious attention from the U.S. Congress and the media. Several bills are on the front burner, including REDUCE, CAN SPAM, and a RICO amendment. However, the strongest contender is a new bill sponsored by Billy Tauzin (R-La.). It would allow spam from any company you've done business with in the past 3 years, override stronger state laws, and block private lawsuits. You can complain now or complain more later."
In recent weeks, several pieces of legislation have been proposed in the US Congress. We are currently preparing analyses and will publish them on the website as soon as they are available. However, at present we have seen no legislative proposals that CAUCE is prepared to endorse.
On April 30, 2003, CAUCE joined a number of other consumer groups in expressing opposition to the Burns-Wyden CAN-SPAM Act:
[This letter was published April 28 for delivery to the FTC April 30.]
We, the undersigned groups, representing consumer interests, urge Congress to pass legislation to empower individuals to act against senders of Unsolicited Commercial Email (UCE). The leading bill currently before Congress, S.877 (CAN-SPAM Act of 2003) does not meet two requirements that we consider essential: an opt-in policy, and a private right of action.
Because spammers impose costs on recipients, the correct policy is to prohibit it, just as Congress prohibited junk faxes in the Telephone Consumer Protection Act of 1991 (TCPA). An acceptable alternative would be to enable network owners such as ISPs to post an electronic No Spamming sign, as was done in the 106th Congress's H.R. 3113, which passed the House. An opt-out policy, which is taken in S. 877, will not significantly reduce the widespread damage to consumers' interests and confidence.
The second essential requirement is that recipients of UCE have a private right of action. Liquidated damages of $500, as in the TCPA, are appropriate. ISPs should also have a right of action, but leaving enforcement solely to them, or state or federal regulators would leave far too many spammers breaking the law.
Beyond these fundamental requirements are numerous details, including a narrow exemption for existing business relationships such as the one that Federal Trade Commission (FTC) arrived at in their Telemarketing Sales Rule this year.
The definition of a solicitation should be carefully limited to avoid any impact on non-commercial speech, such as speech about religion or politics. Measures against typical spammer tactics such as the falsification of return addresses and other headers are desirable but not sufficient.
We urge members of Congress to pass anti-spam legislation with an opt-in policy and a private right of action. We also ask the FTC to recommend and support such legislation.
Respectfully
Jason Catlett, President, Junkbusters Corp.
Jeff Chester, Executive Director, Center for Digital Democracy
Tom Geller, Secretary, SpamCon Foundation
Beth Givens, Director, Privacy Rights Clearing House
Ken McEldowney, Executive Director, Consumer Action
Scott Hazen Mueller, Chairman, CAUCE.org (Coalition Against Unsolicited Commercial Email)
Chris Murray, Legislative Counsel, Consumers Union
Gary Ruskin, Executive Director, Commercial Alert
Actually I'm not sure this is such a completely bad thing. Junk mail from legitimate companies that I have given my e-mail address to voluntarily is such a small problem - compared to the other crap flooding my mailbox - that I usually don't even count it as spam, even if it is unsolicited.
I know, some people think anything they don't want is spam and will report it as such via SpamCop or other tools. That's dumb. If it's stupid chain letters from your uncle, it's not spam. If it comes from a legitimate company, they'll offer an opt-out link that will actually works, because they don't want to piss off potential customers and they know how much people hate spam.
With that in mind, what are the other serious problems with this bill?
$x='S24;r)>63/* h@<5+oZ)32"5cz';$me='phroggy'x$];
$x=~y+ -xz+\0-Tx+;print$_^chop$me for split'',$x;
It would allow spam from any company you've done business with in the past 3 years
Damn, and I just bought some penis enlargement tablets. Now I have to wait 3 years to stop receiving spam from them!!
Read reviews of shopping cart software
That is not the main wrecking clause. The wrecking clause is the requirement for individual opt-out from every mailing list. So the spam sender can create a new 'division' once a day and send you new spam no matter how often you opt out.
A global opt-out list is not such a problem, provided it is one-way encrypted (an old MIT suggestion) so the opt-out list can be used to see if a particular email is opted out but not as a source of addresses to spam. Yes we know the spam senders will ignore it, however making people sign up to get a right to sue a spam sender is not a major obstacle.
The real problem is the Republican's attempt to take out the private right of action. AOL and Earthlink have been very effective in suing the spammy bastards into the ground. They have judgements for millions against a lot of spammers. OK they will not collect it all but they will make the spam senders miserable.
In one case they got the spammer's lawyer who set up fake companies for him - now liable jointly and severally for a $6.9 million contempt judgment
Looking for an Information Security student project suggestion?
Try http://dotcrimeManifesto.com/
The only people that _can't_ spam you are people you've done business with. The privacy laws dictate that, unless you have to keep records for legal reasons, or your _primary_ purpose for the records is marketting, then you have to remove them upon request. Which I found really weird. I don't mind if my bank/mechanic/energy company have my details, I _do_ mind that some impossible to track down marketting company called Sydney Promotions Pty Ltd sends me email from pgraysepw@yahoo.com (very professional guys) can get my records from who knows where, keep them for as long as I want, and there's not a damn thing I can do about it :(
Prior to that law I was getting zero junk faxes, and now I'm getting an average of 5 a week.
Some synopses:
- REDUCE: Rep. Zoe Lofgren and Professor Lawrence Lessig's plan to set a bounty for citizens catching spammers
- CAN-SPAM: Sen. Conrad Burns et al, requires valid headers and working opt-out, but doesn't allow private lawsuits
- Do-Not-Spam: Sen. Chuck Schumer's proposal covers everything from CAN-SPAM plus has a national do-not-email registry and bans address harvesting.
And there's lots of others.I now have multi-homed bandwidth. Dialup users. Network users from various locations. Inter-connections betwee the offices. Handle all my own forward and reverse (classless) DNS, web, and email traffic. UPS' to generators ranging from T1's to 10Mbit uplink wireless.
/24 subnet is gone. Even have some /8 blocked (210. 211. ring a bell?). MY time frame? _Forever_. I unblock (whitelist) IP's upon a PHONE CALL ... and trust me -- the callers get a copy of the SPAM to pass along to their ISP.
I have more users than some ISP's I know. I just happen to also EMPLOY them and they use computers supplied by me getting data from servers I own.
I can't sue? PUHLEEZ...
Which "ISP" should I call for my spam then to sue on my behalf? Apple? Earthlink? MCI? and a couple of dozen multi-homed "ISP"'s feeding me. Heck, I even back feed many a employee @ home through some wireless connections on a tower erected on one of the properties.
Can I sue yet? Oh -- I need to call SBC or Verizon I guess.
Isn't public networking fun. Fuck 'em, my rules just changed too. Spam me once and that
+11,000 subnets blocked. ~150 new daily recently. THOUSANDS just blocked. Three phone calls in YEARS so far. Problem ISP's will just go away as their "good" users will leave if they don't clean up their act.
While I want to see the likes of Ralsky wiped from the face of the Earth for their crimes against Humanity, I DON'T want to see them replaced with today's telespammer types.
Which is what the Tauzin bill would create.
As much as we hate spammers, the DMA hates them worse... Why? They are competition. They want to drive them away so they can take their place.
I pay for my bandwidth. "Marketers" should have to PAY ME for what they use of mine if they want to reach me with their copy. If they want to provide free bandwidth in exchange for receiving their crap, fine. Until they start SUBSIDIZING my internet bill (which is considerable, considering I'm running dual-dialups, because I can't yet get DSL or cable out here in the sticks), they have no RIGHT to intrude.
Unlike TV, which throws ads at me in exchange for "free" programming, or even websites that throw banners and even pop-ups at me in exchange for "free" content, a spammer gives NOTHING AT ALL to me in exchange for their intrusion.
I don't think even "prior business relations" should be an exception, unless there is an EXPLICIT OPT IN. But even then someone should be able to OPT OUT at any time they choose, and the spammer be obligated to stop.
Just like legit mailing lists. I opt in. When I want out, I opt out. Mail stops coming from the list.
Honestly, spam has such a HORRID reputation, does the DMA think they will EVER get it accepted?
Corporatism != Free Market