Slashdot Mirror

← Back to Stories (view on slashdot.org)

U.S. Spam Law to Take Effect Jan. 1

Posted by michael on from the 2004-becomes-year-of-the-spam dept.

We lead with news that the U.S. 'anti'-spam law, written largely by the Direct Marketing Association, will enter into effect on January 1. The bill preempts existing state laws which are tougher (states' rights anyone?), so for many citizens, this is purely a pro-spam law. The FTC is thinking about bounty hunters to enforce the new law (which you can and probably should read for yourself).

15 of 573 comments (clear)

  1. Opt-in for all email... by shakamojo · · Score: 5, Interesting

    The problem is that our current email system is flawed... one of the best solutions (or actually work-arounds) for the current protocol is obvious, and already being used by several major ISPs... opt-in for ALL email. I know a few people who do this (their server rejects email from all senders except those on an approved list) and it works very well for them, but the average Joe wants both convenience AND security for their email, so the hassle of having to "approve" folks is not worth it (apparently it's easier to weed the 30 or 40 legit emails out of the 100's of spam messages)

    Face it, email, in its current incarnation, is inherently flawed. Until we actually change the way we implement and use email (perhaps even changing protocols) we will continue to have spam problems. Even Britain's "opt-in" version of anti-spam legislation has done little to curb the problem. The US "opt-out" version is even worse! When a prominent spammer is quoted as saying this 'anti'-spam legislation "makes my day", you KNOW it's a bad law!

    I think that the problem needs to be tackled from a technical standpoint, rather than a legal one. If we were able to improve the system, legislation like this wouldn't be necessary!

    1. Re:Opt-in for all email... by shakamojo · · Score: 5, Insightful

      "To just change the email system around isn't feasable."

      If this were true than everyone would still be using CTSS Mail circa 1965. I'm not saying that we take on the "preposterous" job of implementing a worldwide change overnight, I'm merely suggesting that some thought be put into how we move forward.

      If you think that SMTP will still be "de rigour" thirty years from now, you're in for a surprise, by then it will have gone the way of CTSS Mail, Autodin, Multics, the ARPANET, etc... things change!

  2. Re:compression by dschuetz · · Score: 5, Funny

    Somebody please compress the text of law

    It's not very efficient, but here goes:

    OneHundredEighthCongressoftheUnitedStatesofAmeri ca ATTHEFIRSTSESSIONBegunandheldattheCityofWashington onTuesday,theseventhdayofJanuary,twothousandandthr eeAnActToregulateinterstatecommercebyimposinglimit ationsandpenaltiesonthetransmissionofunsolicitedco mmercialelectronicmailviatheInternet.Beitenactedby theSenateandHouseofRepresentativesoftheUnitedState sofAmericainCongressassembled,SECTION1.SHORTTITLE. ThisActmaybecitedasthe`ControllingtheAssaultofNon- SolicitedPornographyandMarketi.....

    (oh, like somebody ELSE wasn't going to do that?)

  3. More on bounties by wmspringer · · Score: 5, Informative

    For those looking, the section on bounties is on page 19 of the pdf file: Improving Enforcement by Providing Rewards etc

    It basically says that within 9 months of the enactment of the act, the commission is to set forth a system for rewarding those who supply information about violators; the first person who supplies the required information is to recieve a reward of not less than 20% of the total civil penalty collected.

    I only scanned the file and I'm not sure how large the fines are expect to be; it does say that all property traceable to illegal spamming proceeds and all equipment used for such is forfiet.

    --
    Twenties Retirement
  4. Opt out? by RT+Alec · · Score: 5, Insightful

    The problem with "opt-out" is two-fold:

    • First, we have all been trained (correctly) to NEVER opt-out, since it confirms our e-mail address is valid. How do we know if a particular spam is from someone who will obey the law?
    • Second, it can often be difficult to opt-out anyway, purely from a technical standpoint. I receive e-mail addressed "To:" several addresses, including "info@", "webmaster@", etc. While I am savvy enough to reconfigure my e-mail client to send an e-mail that appears to be "From:" any of my addresses, it is a pain. Most people will not know how to do this, and many people (AOL, etc.) do not use an e-mail client that is capable of altering the sending address.

    If the law mandated that opt-out must be implemented by use of a web link (e.g. "This message was addressed to john.doe@mail.us, click the link below and you will be removed immediately"), that would be a little better. None of this detracts from the overriding issue, and that is by requiring opt-out instead of opt-in (either double opt-in or a verification link) this law essentialy legalizes, indeed encourages, spam.

  5. Re:What is going on in the US? by Scrameustache · · Score: 5, Funny

    How can anyone complain about and Anti-SPAM law?

    How could anyone complain about my new (patented) Hugs And Kisses greeting? Of course, its actually punching you in the face and dropping a brick on your foot, buts its called "hugs and kisses", so how could anyone complain about that?

    --

    You can't take the sky from me...

  6. Read my lips, no more spam. by zwanglos · · Score: 5, Interesting

    Three things strike me about this law:
     1. After reading the text, it does not include the word "bulk" in any context for spam, which basically means that any single person email to another person (even if sent in good faith) could be applicable to the law if the receiver deems it "spam." I think that is a mistake.

    2. It limits statutory damages for civil violations. This is ridiculous, is it really necessary to protect the spammers, basically the most hated group of people within the net?.

    3. It still allows "spam" email from charities, religious organisations and government bodies. Now all I need is my penis enlargement emails coming to me from the church of large testicles. Seriously though, why is junk mail from churches or the even the government for that matter better than my daily breast enlargement emails?

  7. Re:Please opt-out - 10,000 times by Scrameustache · · Score: 5, Interesting
    Even if spammers follow the law, you'd have to opt-out for every "company" [that] spams you.

    Well, at least no spammer would ever ruin their great brand recognition and close down shop only to open up again under a new name every couple weeks...

    /sarcasm

    --

    You can't take the sky from me...

  8. Re:compression by gantos · · Score: 5, Insightful

    Here's my version: The Direct Marketing Association drafted an anti-spam law to protect US from THEM.

    We're screwed.

    --

    "How do you expect me to see the forest with all these damn trees in the way?!"
  9. More anti-government ranting... by fmaxwell · · Score: 5, Interesting

    Technology could have solved this problem a better way. But leave it to the federal gov't to reign over another portion of our lives.

    BULLSHIT, BULLSHIT, BULLSHIT! I've been listening to this anti-government crap for the past 5+ years in the discussions of spam. If technology has had the ability to solve this problem, then just when the hell was it going to happen? Are you waiting for Moses to come down from the mountain with a stone tablet proclaiming that it's time for you to deploy your technological solution? Spam has been increasing at an alarming rate and, with the exception of a tiny percentage of technically savvy users, most people have no technical solution to the problem. This law doesn't prevent you from rolling out the technical solution that you've been witholding for the past few years. Go ahead. Let me know when you've gotten every ISP, business, and individual running a mail server to adopt your heretofore secret spam solution.

    It's like suggesting that we abolish laws against rape by reasoning that technology can solve that problem using chastity belts, mace, pepper spray, stun guns, and whistles.

    If something is unethical and harms innocent people, then it should be illegal. The problem with the federal law is that it doesn't do nearly enough. But I'd rather that they outlaw some spam than make it all legal. Having a legitimate return address to clog with complaints is worth something to me.

  10. Re:Isn't a weak federal law better? by Shalda · · Score: 5, Interesting

    Isn't even a weak federal law bettern than a strong local law?

    No, definately not. Firstly, federal law should only ever trump state law when state boundries are crossed. A spammer that sends spam from Virginia to Virginia should still be held accountable to Virginia law on the subject. Secondly, the only provision in the new law that has any potential is the "do not spam registry". That won't stop the illegal spammers, but it will stop those that pretend to be legit (which for me is about 50% of my spam traffic.)

    All this law has done is kill the few useful state anti-spam laws that are on the books. Besides, it's hard to escape state laws by crossing state borders. Recently, North Carolina extradited 2 spammers to VA for fellony spamming charges.

    However, one area that can still be prosecuted at the state and local level is obscenity charges. If you can track down a porn spammer, who incorporates explicit images in their message, your local District Attorney can file charges. If the message was sent to a minor, that's usually a fellony. Yet, I'm amazed that no one is really persuing this that I've seen. Probably because it's a real pain to track down the source of messages sent over hacked machines.

    --
    bance.net
  11. Still the wrong date. by Tackhead · · Score: 5, Funny
    > It may go into effect on January 1, but expect spammers to treat it like April 1.

    I believe you've confused "April 1st" with "December 25th".

  12. Webs of trust... by Saeger · · Score: 5, Interesting
    Don't you want to be able to receive legitimate e-mail from people you haven't met yet?

    I'd love to be contacted by strangers, depending on the distributed reputation of the person or machine contacting me.

    If "James T. Kirk" sends me a message, and the fringes of my weighted Six Degrees of Separation net have never seen him before (newly generated cert for spam), or have seen him but say that he's a spammer (or maybe just an asshole in general), then I'll just ignore him.

    If "Juicy Jane" sends me a message, and a few friends of friends trust her, even just a little bit, I'll give her the time of day.

    --

    --
    Power to the Peaceful
  13. Re:No, it isn't by schon · · Score: 5, Insightful

    assuming that the law did work, who's to say that spammers can't skip the US

    Nobody's saying they can't - people are saying they won't

    Spammers are sociopaths, like any other sociopath, they do what they do because it's the path of least resistance. They are not spamming because they believe in their rights, they are spamming because they want money, and this is the easiest way to get it.

    It's like saying, when the War On Drugs(tm) started, "what's to stop all the pot dealers from moving to Amsterdam"?

    Unlike pot dealers, spammers (by definition) can't conceal their identities/location (they have to broadcast some way to contact them, otherwise they have no way to get your money.)
    If spam truly became illegal, I think spammers would move to other, less publically visible ways to steal.

  14. Re:Quarantine Digests by mjh · · Score: 5, Interesting
    Use opt-in, and if you get a message from somebody that isn't on the list, it gets quarantined. Once a day (or however often) you get a digest that lists all the quarantined messages, their senders, the subjects. Next to each list item is a link that allows you to release/view the quarantined mail.
    As someone how uses a Challenge/Response (C/R) system, I'm not sure I understand what the point would be of getting a list of quarantined email. How is scanning that list and manually looking at the good things substantially different than scanning your list of emails and only reading the ones that don't look like spam?

    For a quarantine system to actually improve the spam problem, you need some way of allowing legitimate email to get through without you having to check the list. In the case of C/R only people with legitimate email addresses who respond to your challenge get out of quarantine. Since 99.9% of spam uses fake addresses, C/R is incredibly effective.

    Personally, I think that we need two additional things in order to start having effective spam prevention and enforcement:

    1. A socially accepted introduction mechanism which allows us to introduce ourselves to each other only if we have real, working email addresses. (C/R is one way to do this.)
    2. A legal framework for enforcing spam restrictions on anyone who continues to spam even though they have a real, working email address.
    I like C/R. I think it's a good idea. I wish that everyone would get accustomed to it. Then everyone (including businesses) would be able to use it. Right now businesses don't like telling their customers that their email hasn't gotten through yet. That's a good way to lose a customer. But if everyone knew that this was the way that we had to operate, then even businesses could implement it. If everyone did this, then the cost of spamming would dramatically increase because every spammer would have to have a working email address. And if they had a working email address, then they'd have to deal with the bandwidth to handle all of the challenges (and bounces).

    But even then I think that spammers will continue to spam even from working email addresses. Which is where I think a legal framework comes in. If everyone uses C/R, and everyone has to have a real working email address in order to get through, then everyone who spams is trackable and enforcement can have some meaning.

    $.02

    --
    Key to financial independence: Spend less than you earn. Save and invest the difference. Do it for a long time.