Slashdot Mirror

← Back to Stories (view on slashdot.org)

Michigan Enforces Do-Not-Email Registry Law

Posted by ryuzaki0 on from the think-of-the-children dept.

elanghe writes "The Michigan Attorney General filed suit against two companies sending adult-oriented email messages to the state's children, in violation of the Michigan Children's Protection Registry. A similar law in Utah is being challenged by the porn industry. While the FTC, influenced by the Direct Marketing Association, rejected the idea of a do-not-email registry, have these two states proven anti-spam laws like these — unlike CAN-SPAM — really have teeth?"

36 of 133 comments (clear)

  1. The Love of Money by eldavojohn · · Score: 3, Insightful
    A similar law in Utah is being challenged by the porn industry.
    What's there to challenge? A state makes a perfectly reasonable law that requires you to check an e-mail against a database of registered users who don't want that mail. Take some porn and go to your downtown local metropolis. Now hand out those pornographic pictures to everyone, young and old alike. See how long you can do that until you're arrested. Nobody challenges those laws, why the hell would anybody be able to challenge laws against people who randomly distribute lewd messages online? The least they can do is check if the person has registered not to receive them. Ohhh, that's right. Silly me, porn is a $10 billion dollar industry. They'll just throw money and lawyers at that problem to fix it.

    While the FTC, influenced by the Direct Marketing Association, rejected the idea of a do-not-email registry...
    Yeah, influenced by a marketing association? Well, if you delve into this deeper, you'll find articles quoting FTC chairman Timothy J. Muris who offered these sage words of wisdom:
    More dangerous, he said, was the possibility that spammers might get hold of the list, which would provide them with a gold mine of valid e-mail addresses that would be used for more spam.

    "Consumers will be spammed if we do a registry and spammed if we don't," said Muris, who has long opposed the idea.
    I'm sure that if you start hitting these companies with $10,000 fines per violation that they would pay attention to the list. And if they stole it, it's all the more fines.

    Muris does raise a good point that should be taken into consideration:
    Instead of starting a registry, Muris said, the FTC would first push the private sector to agree on a method for electronically authenticating senders of e-mail, which would cut down on spammers' ability to hide their identities and locations. Muris said such authentication is a necessary precursor to any no-spam registry.
    I'm not sure how feasible that idea is, however. I would recommend just hitting the company that owns the last server to forward the e-mail. If they can't provide/prove another source from which the e-mail came, hit them with the $10,000 fine. I would wager that companies would be awful quick to clamp down their SMTP servers and keep records of where everything came from. Not only would this increase a company's security but it would reduce much of the spam you see that has a legitimate address from a careless company.
    --
    My work here is dung.
    1. Re:The Love of Money by Anonymous Coward · · Score: 5, Funny

      Take some porn and go to your downtown local metropolis. Now hand out those pornographic pictures to everyone, young and old alike. See how long you can do that until you're arrested.

      Point well taken, but have you been to Las Vegas lately :).

    2. Re:The Love of Money by giorgiofr · · Score: 4, Insightful

      I'm sure that if you start hitting these companies with $10,000 fines per violation that they would pay attention to the list.

      Good luck fining and/or shutting down a fly-by-night company registered in Vanuatu using an anonimous credit card founded via E-Gold.
      Unless you barricade yourself behind a US-only barrier of SMTP servers, required by law to apply certain filtering criteria to email *or else* (China, anyone?), you're not going to stop them. And I think the remedy would be far worse than the illness, to be frank.

      --
      Global warming is a cube.
    3. Re:The Love of Money by thebdj · · Score: 3, Interesting
      What's there to challenge? A state makes a perfectly reasonable law that requires you to check an e-mail against a database of registered users who don't want that mail. Take some porn and go to your downtown local metropolis. Now hand out those pornographic pictures to everyone, young and old alike. See how long you can do that until you're arrested. Nobody challenges those laws, why the hell would anybody be able to challenge laws against people who randomly distribute lewd messages online? The least they can do is check if the person has registered not to receive them. Ohhh, that's right. Silly me, porn is a $10 billion dollar industry. They'll just throw money and lawyers at that problem to fix it.
      Free speech? I do not see them slapping fines on people for unsolicited snail mail. And trust me, you can get a lot of that crap and getting addresses is really damn easy. Also, the article isn't clear about the Utah law. It could be using those nice, vague terms that make the law unenforceable and could even target e-mail that was solicited. Remember, people sometimes identify items as spam that really are not.

      I'm sure that if you start hitting these companies with $10,000 fines per violation that they would pay attention to the list. And if they stole it, it's all the more fines.
      The problem is that a lot of the real spam companies are outside the US. It is sort of hard to enforce US laws outside the US. If a spam company has no office, no location and no connection to the US, it will be hard to enforce. Also $10k per violation will be hard to uphold. If you charge that by millions of e-mails, companies will claim you are asking for unreasonable damages and the truth is you would. The damage caused per spam e-mail is minimal, and certainly not a $10k violation. This idea that the children are being hurt (the articles own words almost) is nothing more then a red herring.

      I'm not sure how feasible that idea is, however. I would recommend just hitting the company that owns the last server to forward the e-mail. If they can't provide/prove another source from which the e-mail came, hit them with the $10,000 fine. I would wager that companies would be awful quick to clamp down their SMTP servers and keep records of where everything came from. Not only would this increase a company's security but it would reduce much of the spam you see that has a legitimate address from a careless company.
      This only hurts ISPs. Watch the way an e-mail hops from router to router, point to point, on the "information super highway". Your statement almost screams, "I do not understand networks or the internet." This is unreasonable and puts blame on providers because of the actions of their users.
      --
      "Some days you just can't get rid of a bomb."
    4. Re:The Love of Money by Silver+Sloth · · Score: 3, Informative
      Free speech? I do not see them slapping fines on people for unsolicited snail mail. And trust me, you can get a lot of that crap and getting addresses is really damn easy. Also, the article isn't clear about the Utah law. It could be using those nice, vague terms that make the law unenforceable and could even target e-mail that was solicited. Remember, people sometimes identify items as spam that really are not.
      I don't know about Utah, and IANAL, but here in the UK, you do get prosecuted for sending snailmail pr0n, there are quite stringent laws about what can, and can't be sent via snail mail for this very reason.
      --
      init 11 - for when you need that edge.
    5. Re:The Love of Money by irc.goatse.cx+troll · · Score: 3, Insightful

      You could say the same thing about piracy, but even after the huge scene busts there are still plenty of people that consider it worth the risk.

      --
      Pain lasts, kid. Its how you know you're alive. Sometimes I think this growing up thing is just pain management-TheMaxx
    6. Re:The Love of Money by bhmit1 · · Score: 2, Interesting
      More dangerous, he said, was the possibility that spammers might get hold of the list, which would provide them with a gold mine of valid e-mail addresses that would be used for more spam.
      Then only distribute the registry as a set of hashes. Simply run a hash on the email you want to send to, and skip it if it matches a hash in the registry. This has the added benefit of making the spammers waste a little more cpu time before filling our inboxes.
    7. Re:The Love of Money by Rydia · · Score: 2, Informative

      The supreme court has drawn a clear distinction between speech that can be censored by parents and speech that can't. You can send whatever in snail mail because, the court reasoned, adults have an opportunity to ensure that it doesn't reach the family proper by censoring it at the mailbox. The situation with spam is much more complicated. It'd make an interesting case.

    8. Re:The Love of Money by Gorm+the+DBA · · Score: 2, Informative
      Would you be so kind as to cite the portion of the Constitution that excludes "adult oriented" from the first amendment?

      "Obscene" is a legally defined (albeit very loosey goosey and hard to know exactly where the line is) term, but the mere fact that material is of interest to Adults does not exempt it from First Amendment protection.

      In this case, the issue is that Interstate Commerce is involved. You're attempting to subject a company based in, let's say Maine, to Utah's laws, becase an e-mail address that is not clearly marked as belonging to someone in Utah (let's say "@gmail.com") does. That's exactly the kind of thing that is supposed to be within the purview of Federal Regulation, not State powers.

      Otherwise, what keeps South Carolina from saying "Anyone that provides an e-mail advocating kissing shall be publically flogged, unless they pay us $20 per e-mail address they want to send this to to check it against our list of folks who think girls have cooties". It's the same exact law

    9. Re:The Love of Money by castoridae · · Score: 3, Informative

      Yeah - but in Vegas, notice how they have to stand in those little slices of land between the casino properties - city-owned land - because casino security won't let them distribute it on their private property which extends all the way to the street.

      Funny how that works; the CASINOS of all entities are the ones enforcing "decency." :-)

    10. Re:The Love of Money by Creepy · · Score: 2, Interesting

      bravo - I was going to post something much the same.

      I think the only way enforcing a law like that would be to go after anybody in the US that is caught hiring offshore work for spam purposes. It would be hard to go after the pornographers unless they are the ones actually sending the spam because most of the time it's legal to create it where they are located. I seriously doubt that most porn mail originates in someplace like China or my spam box would be filled with Hot, Horny Asians just waiting for you - I'm pretty sure it's mostly outsourced from somebody in the US. I do get a few Russian, Asian, and Black e-mails like that, but 95% of them point to US sites tauting caucasian girls. Rarely do these get into my in-box (and if the filter catches them it blocks all links back to the site unless I release it to my inbox), but I sometimes lose legitimate mails like my Am-Ex bill (though I'm still messing with sensitivity settings)

    11. Re:The Love of Money by Anonymous Coward · · Score: 2, Informative

      "Free speech? I do not see them slapping fines on people for unsolicited snail mail. And trust me, you can get a lot of that crap and getting addresses is really damn easy."

      Junk fax laws withstood legal challeges based on the first amendment. I can't see e-mail-related laws being any different in this respect.

    12. Re:The Love of Money by Electrum · · Score: 2, Informative
      I would recommend just hitting the company that owns the last server to forward the e-mail. If they can't provide/prove another source from which the e-mail came, hit them with the $10,000 fine. I would wager that companies would be awful quick to clamp down their SMTP servers and keep records of where everything came from. Not only would this increase a company's security but it would reduce much of the spam you see that has a legitimate address from a careless company.
      This only hurts ISPs. Watch the way an e-mail hops from router to router, point to point, on the "information super highway". Your statement almost screams, "I do not understand networks or the internet." This is unreasonable and puts blame on providers because of the actions of their users.
      His post was dead-on. It is you who does not understand how email works. Mail is not normally relayed. All relays need to be secure and correctly identify the sender.
    13. Re:The Love of Money by inviolet · · Score: 2, Interesting
      Then only distribute the registry as a set of hashes. Simply run a hash on the email you want to send to, and skip it if it matches a hash in the registry. This has the added benefit of making the spammers waste a little more cpu time before filling our inboxes.

      Do you know where spammers get their CPU time?

      Indeed, the future of the internet seems to be a war over computing cycles, in the same way that the snail world was (is) a war over energy. Well, the world mostly fights over real estate, but that is at heart a fight over two things: ease of access to energy, and living areas with low energy requirements.

      In any case, they are fighting to pilfer CPU cycles, which are then directed towards the most profitable endeavor that spare distributed CPU cycles can be applied to: sending spam, blackmail DDOSing, etc. But that will change as more we'll-buy-your-CPU-cycles projects come online, SETI@home and BOINC being the pioneer of course. At that time, the owners of zombie networks may switch over from spamming to something more socially and fiscally constructive.

      Sorry, I'm rambling. What were we talking about again? :)

      Oh yeah, hashing the do-not-email list. How long could that thing take to get brute-forced? The entropy value of a typical email address is low: maybe 15 characters from a ~30-character charset? That doesn't seem like too hard of a thing to brute-force, if you're the owner of a big zombie network.

      In fact I remember when somebody brute-forced the entire AOL userlist just by sending test pings to the AOL email server: AAAAAAA@AOL.COM, nope. AAAAAAB@AOL.com, nope. AAAAAAC@AOL.COM, nope.....

      --
      FATMOUSE + YOU = FATMOUSE
    14. Re:The Love of Money by norman619 · · Score: 2, Informative

      I suggest you try using your Gmail account when registering for different forums and such. You will find after doign this on a few sites you will start to get hammered. No spam filter can get rid of the majority of spam. That's a pipe dream. Only way to get rid of spam on your system is to set your email app to only allow email form your contact/address list to get through. If they are not on either list they get tossed into the trash. I have 2 domains. Both email addresses listed in the whois info are hammered with junk. All the other email accounts I have created which are not posted for all the world to see are junk free. Only becasue I don't use them for anything other than business. I use a special junk account when applying for membership to different sites. Big suprise it's become the mother of all junkmail magnets. Mind you the places I sign up with claim to not sell or share your address with anyone if you select this little box telling them no. LOL!!! You also can't control what others do with your email address. :-) Your claim that "better filters" will reduce the problem is not true. The best draconian filters will stop the email but they will also add some administrative tasts to your email exp. The best practice is not to hand out your regular email to anyone other than those you truest. Do not use it to register with ANY website other than banking stitutions and so on. Maintain a current list of contacts and block all but the people on this list in. It's a pain but you can have a junk free email in box. It's something akin to what China does. It's not a bad idea but you have to be willing to maintain your filters. If you don't you will miss important emails and give up on it.

    15. Re:The Love of Money by kbielefe · · Score: 3, Insightful
      Would you be so kind as to cite the portion of the Constitution that excludes "adult oriented" from the first amendment?
      Certainly. Please see Roth v. United States and Miller v. California.
      ...the mere fact that material is of interest to Adults does not exempt it from First Amendment protection.
      The mere fact that the material is being distributed to minors and/or unwilling third parties does.
      In this case, the issue is that Interstate Commerce is involved. ... That's exactly the kind of thing that is supposed to be within the purview of Federal Regulation, not State powers.

      You are oversimplifying the commerce clause. The fact that a business operates across state lines does not preclude individual states from applying their own restrictions, as long as they do not contradict federal regulations.

      For example, you still pay state and local sales tax on things you buy in a local store, even if none of the products sold were actually produced in the state. For another example, in order for an insurance salesperson in a national call center to conduct business with a customer in another state, he or she must hold a license issued by that state.

      Every business must comply with all federal and state laws, unless the state law is struck down as unconstitutional by the Supreme Court. Thousands of businesses do just fine with this restriction; obscene spammers should be no different. In fact, supreme court decisions have specifically said that community standards must be applied in deciding what is obscene. There is an undue burden standard, but I find it hard to believe a court will rule that checking 50 blacklist databases is an undue burden for a business that handles databases of millions of email addresses.

      --
      This space intentionally left blank.
    16. Re:The Love of Money by Kaikopere · · Score: 2, Informative
      I use a special junk account when applying for membership to different sites.

      For sites that need a "real" e-mail address to get in touch with me, I use http://sneakemail.com/ Everyone gets a unique address, so when the spam hits, I know where the spammer found the address. If someone starts abusing the privilege of being able to communicate with me electronically, I shut off the e-mail address, as one of my credit card companies discovered recently. All in all a very useful service for those of us that are too busy to set it up for ourselves.

    17. Re:The Love of Money by Tim+C · · Score: 2, Insightful

      Funny how that works; the CASINOS of all entities are the ones enforcing "decency." :-)

      They're enforcing not having people potentially harrassing paying customers and possibly scaring them off; I don't suppose morality comes into it for a second.

      --
      It's official. Most of you are morons.
  2. How does it work? by telchine · · Score: 3, Interesting

    Does everyone in the world have to check these databases, or just if you're sending mail from inside of the US?

    1. Re:How does it work? by porkmusket · · Score: 2, Interesting

      It works questionably, because no one HAS to use the database. There need to be clear and enforcable punishments for not using it in order to get people to use it. If a couple cases get attention and the spammers pay out, more suits could possible be filed, but obviously you'll have trouble suing some dude in Nigeria. Personally, as a victim of the whole Blue Security crap that ended up with a whole lot more spam after that DB was compromised, I am reluctant to sign up for these sorts of lists and would rather protect my inbox by being discrete about who I give email information to. It not's too much trouble to hit the 'junk' button on the mails that occassionally sneak past the filter in my opinion. However it's nice to see them trying. We suffered decades of phone abuse by solicitors before laws and structures were in place to prevent it, but that's still more of a domestic issue... doing the same thing with email is not going to be nearly as easy. At this point, I am not sure what can be done other than moving to challenge/response systems, which I plan on doing on my next email server.

    2. Re:How does it work? by Andy_R · · Score: 2, Insightful

      Nobody has to check against these databases at all.

      The options for bulk mailers are:
      1) Check against them
      2) Only mail people who have opted in
      or best of all
      3) Don't send adult-oriented spam at all.

      --
      A pizza of radius z and thickness a has a volume of pi z z a
  3. Non-miner? :) by Anonymous Coward · · Score: 3, Insightful

    What about us non-minors here? Not all of us want spam, do we have to impregnate some woman to be eligible for this kind of protection? :)... And ofcourse move to one of theese two countries of which you speak.

    What about non-porn spam, like the nigeria passport scam, and all that valium crap? I don't see it providing a defence against that.

  4. we should be thanking them... by Mark19960 · · Score: 2, Interesting

    Send these guys in Michigan a thank-you note for creating laws that have some bite.
    Use Michigan as an example for your own politicians....

    The feds cannot do it, they are too corrupt with big industry hanging dollar bills in their faces.
    On the state level, its a little bit less corrupt and you actually have SOME chance of getting a
    law against spam thru.

  5. Cart ahead of the horse by davmoo · · Score: 2, Informative

    have these two states proven anti-spam laws like these -- unlike CAN-SPAM -- really have teeth?"

    Folks, we're putting the proverbial cart *way* ahead of the horse here. This law doesn't have teeth until it produces a win in a courtroom. In the US, I can file a suit against anyone reading this message just because I don't like you're hair color...but that doesn't mean I'm going to win that suit.

    --
    I want a new quote. One that won't spill. One that don't cost too much. Or come in a pill.
  6. I just don't understand... by MorderVonAllem · · Score: 2, Interesting

    ...why everybody doesn't just whitelist. Sure some spam may get by but it removes 99% of it right off the bat. Everything that isn't on my whitelist isn't email I want in the first place.

    1. Re:I just don't understand... by irc.goatse.cx+troll · · Score: 2, Informative

      Why even put your email address somewhere public in the first place?

      Whitelisting is very impractical for people that do email support of any kind, even if its just being the leader/owner of a website or project. Sometimes people need to contact you, and frankly email is still the best way.

      --
      Pain lasts, kid. Its how you know you're alive. Sometimes I think this growing up thing is just pain management-TheMaxx
  7. Re:How about by $RANDOMLUSER · · Score: 2, Informative

    And when you're spamflooding through a Russian botnet, how exactly does one determine that the target email address belongs to a "think of teh children"?

    --
    No folly is more costly than the folly of intolerant idealism. - Winston Churchill
  8. Re:Been to Las Vegas lately? by AndersOSU · · Score: 2, Funny

    And i just collected a Miss Veluptia - she had 450 homeruns last season.

    I'm looking to complete the set, so if anyone has Foxy Downtown let me know, I'd be willing to trade.

  9. Re:How about by AndersOSU · · Score: 2, Insightful

    Clearly they're trying to develop brand loyalty in these youngsters. It is a page right out of Phillip Morris's marketing playbook.

  10. Trading cards by krell · · Score: 3, Funny

    "I'm looking to complete the set, so if anyone has Foxy Downtown let me know, I'd be willing to trade."

    You need to hook up with other collectors to play the game "Gasmic: The Gathering". You'll get a lot more cards that way.

    --
    Where were you when the voynix came?
  11. Michigan AG's name... by SwedeGeek · · Score: 5, Funny

    Is it just me or is there some irony in the Michigan AG's name being Mike Cox. Seems like we should also be protecting our children from inapproriate material by leaving his name out of the news reports!

  12. Re:I'm in Michigan by laffer1 · · Score: 3, Informative

    If you sell any items you have to check unless you like jailtime.

    From their website:

      Under the law, "a person shall not send, cause to be sent, or conspire with a third party to send a message to a contact point that has been registered for more than 30 calendar days with the department if the primary purpose of the message is to, directly or indirectly, advertise or otherwise link to a message that advertises a product or service that a minor is prohibited by law from purchasing, viewing, possessing, participating in, or otherwise receiving."

    The covered categories of messages include, but are not necessarily limited to:

            * Alcohol (MCL 436.1701)
            * Tobacco (MCL 722.641)
            * Pornography or Obscene Material (MCL 722.673-722.677, MCL 750.142-750.143, 47 USC 231(e)(6))
            * Gambling (MCL 432.218)
            * Illegal Drugs (MCL 333.7401)
            * Firearms (MCL 750.223,MCL 28.422)

    Marketers who fail to comply with the law face criminal penalties of up to three years in jail, and criminal fines of up to $30,000. In addition, marketers may face civil penalties of up to $5,000 per message sent in violation of the law, to a maximum of $250,000 per day. Civil suits may be filed by the Michigan attorney general, Internet service providers, and parents on behalf of their children.

    --
    MidnightBSD: The BSD for Everyone
  13. Re:I'm in Michigan by operagost · · Score: 2, Insightful

    It's the cost of doing business. Right now, spam costs nearly nothing and that's why it's overrun with halfwits and losers.

    --

    Gamingmuseum.com: Give your 3D accelerator a rest.
  14. Re:The one bit I don't get by michaelwexler · · Score: 2, Insightful

    While the porn industry certainly uses spam, there are (hard to believe) some companies which run fully confirmed opt-in mailings that outsource because (hard to believe) email done right is not in most company's capabilities.

    These 3rd parties are concerned about the abusive use of the do-not-email list, including the following:
    1) The only company providing those services (http://www.unspam.com/) is the one lobbying for the laws. We don't seem to appeciate things like Cheney pushing Halliburton; should we accept the same for the do-not-email? Their solution is the very one the FTC suggested was a disaster in the report linked below; should we assume that the states did a deeper investigation of the implementation issues than the multi-year FTC one?
    2) The list doesn't solve the very problem it is supposed to handle. That is, it provides an easy way to detect who are kids on the list, and then hammer-mail them with kid-oriented spam. Sure, less porn, but more spam. That seems like a problem to me.
    3) Others have mentioned the forgery issues: If you get joejobbed, the current law in MI (and proposed in Utah) doesn't care. You are liable. Too bad.
    4) Its a state level law, meaning that its close to impossible to use against international mailers.
    5) Legit companies _agree with you_ that spam is bad. However, like many slashdotters, they think dumb laws (like DMCA) i.e. poor implementations, are bad and should be removed. The Mich and Utah laws and approaches are bad ways to solve important problems.

    Previous posters are correct about spamgangs and other issues there... but not all direct marketers are spammers. If you are stupid enough to believe that all marketing is bad, etc. etc., feel free to put your name on the current do-not-email http://www.ftc.gov/reports/dneregistry/report.pdf is the link to the FTC's report, which includes many of these ideas expanded.

  15. Re:I'm in Michigan by Secrity · · Score: 2, Informative

    You don't have to check the email address if you have the permission of the holder of the email addess, you will have permission of the holder of the email address, won't you? If you don't have permission, then you will be a spammer -- and are fair game.

  16. Re:OH NO THE CHILDREN! by slackmaster2000 · · Score: 2, Insightful

    Refer back to this post after your first child turns 10.