U.S., States Turn Focus to Curbing Spam

After years of ineffectual action, state and national leaders now are rushing to enact new barriers to spam, the unsolicited commercial e-mail that is growing so fast it has triggered anger and alarm among consumers and businesses alike.

This week, Virginia enacted what may be the toughest anti-spam measure in the nation -- classifying some forms of spamming as felonies and permitting confiscation of assets purchased with profits from commercial e-mail that is fraudulent and deceptive. That put it out front among the more than two dozen states with anti-spam laws. But legislatures across the country, including California’s, are considering still-tougher measures.

And while Congress has played down the problem for several years, lawmakers on Wednesday denounced the practice and insisted new federal laws must be enacted swiftly.

“We’ve got to do something now, and it has to have real teeth with real enforcement,” Sen. Conrad R. Burns (R-Mont.) declared at a Federal Trade Commission conference focusing on the problem. “We are killing the very tool we use every day, not only in our business but in our personal world.”

The difficulty is that, while tougher state laws and the brightening prospects for federal action are widely applauded, most experts say neither offers much hope for relief. Rather -- like unauthorized downloading of copyrighted music -- spam may be a problem that yields only to time and a combination of technological, political and social pressures.

Unwelcome as it may be, spam is such a low-cost advertising gimmick, and so difficult to stamp out in a global communications system that it now generates tens of billions of dollars a year in revenues, according to computer science specialist Peter Cook of Temple University in Philadelphia.

Although often fraudulent or pornographic -- and almost always unwelcome -- spam has jumped from about 8% of all e-mails just two years ago to almost half today. Mailboxes are choking. Businesses are losing money with every moment that employees spend deleting. Service providers face cost and other pressures. Consumers are hassled or offended.

Yet “the scope of it is so huge that it’s hard to say what if anything can stop it, ever,” Cook said.

Moreover, spammers’ techniques for avoiding filters and disguising their origins are continually evolving. Some spam now contains hidden coding that, in effect, turns a recipient’s own computer into a spammer.

Spammers also use hoaxes -- such as promising charitable contributions to Internet users who contact a particular address -- in order to collect e-mail addresses.

What seems to be driving the current rush to attack the problem is not the irritation of the millions of Internet users who get spam. Rather, the greatest pressure is coming from the big Internet service providers and system operators who must buy more servers and pay more workers to deal with the growing flood.

America Online, for example, essentially drafted the Virginia bill signed by Gov. Mark R. Warner. Located near Dulles International Airport in Virginia, AOL is the world’s largest Internet service provider and a prize in the state’s long-running campaign to become a center for Internet and computer-related business.

About half of all U.S. e-mail traffic passes through Virginia each day. By some estimates, fully half the messages are unsought and unwanted by their recipients; a majority of those are also said to be fraudulent or deceptive.

AOL currently blocks up to 2.37 billion spam messages a day to its servers, according to company spokesman Nicholas Graham. The number of blocked messages has almost tripled in just eight weeks.

That’s why AOL “did more than advocate for” the tougher Virginia law, he said.

Internet service providers such as AOL are not the only ones feeling the pressure. Spam also is flooding the internal e-mail systems used by businesses and other secondary service providers, such as colleges and universities.

Macalester College, a small liberal arts school in St. Paul, Minn., for example, provides Internet accounts for 2,700 students, faculty and others. It handles about 20,000 e-mail messages a day -- about 20% of them spam, according to Joel Clemmer, who is responsible for computing and information technology.

For a relatively small institution, “that’s a lot of space across our pipes to the Internet and on our servers,” Clemmer said. And arbitrarily winnowing it out can be touchy. “One person’s spam is another person’s information,” he said.

At Macalester, as at giant AOL and many other corporations, the mushrooming dimensions of the spam phenomenon have stiffened the demand for action -- that and the ineffectiveness of anti-spamming laws passed by state legislatures.

Most existing state laws are relatively modest.

California, for instance, is one of many states that require senders of unsolicited commercial e-mails to include the abbreviation “ADV” in the subject line. The 1998 law also directs senders to include a toll-free number or valid e-mail return address through which people can ask for a halt to the messages.

Prosecution is difficult, for legal as well as technical reasons. Violations carry only a $1,000 fine. Overburdened law enforcement officials seldom follow up.

A bill pending before the state Senate would make it a crime to send unsolicited commercial e-mails within California. People who receive such spam could sue for at least $500 per violation.

Such measures may win political points with Internet service providers and others, but spammers find it relatively easy to evade what Sen. Ron Wyden (D-Ore.) called the “crazy quilt of state laws.”

“Spammers play the states off each other,” said Wyden, co-sponsor with Burns of a bill to impose stiff civil penalties on spammers who failed to include valid links allowing recipients to unsubscribe to unwanted e-mails.

Rep. Zoe Lofgren (D-San Jose) said she had come around to seeing a need for federal action. Addressing the FTC conference -- an overflow crowd of direct marketers, anti-spam vigilantes and Internet executives -- she said she used to believe, “We have a delete button. That’s all we need.”

But she decided that if something wasn’t done now, the Internet companies would start to deal with spam in their own way, quite possibly changing and diminishing the openness and freedom of the Internet.

Her proposed law, based on an idea by Stanford University professor Lawrence Lessig, would open up the Internet for bounty hunting. Spammers who didn’t label their e-mail as advertisements would be fair game to be reported to the Federal Trade Commission.

The first individual to do so would collect a share of the spammer’s fine.

The notion is that it takes ingenuity to fight the spammers, who often are very technically adept. “We’re unleashing the 18-year-olds to go after the spammers,” Lofgren said.

Sen. Charles E. Schumer (D-N.Y.) advocated another approach. He wants a federal anti-spam registry, modeled after the do-not-call registries for telemarketers.

The no-spam list would be a massive database of people who said they never wanted to receive unsolicited commercial mail. While this approach would be technologically complex and potentially expensive, Schumer said the necessary funding would be available.

“Money is no object,” he told an FTC official. “Whatever you need.”

Times staff writers David Streitfeld and Jube Shiver contributed to this report.