FTC Stays Out of Spam’s Way, Rejecting List Idea
Spammed if we do, spammed if we don’t.
Following that reasoning, the Federal Trade Commission on Tuesday rejected a plan to create a “do-not-e-mail” list modeled after the popular “do-not-call” registry that keeps telemarketers at bay. In a 5-0 vote, the FTC decided that the proposed list would entice spammers to send more junk e-mail, not less.
Many e-mail marketers flout the federal and state anti-spam laws already on the books. If a list of e-mail addresses were compiled and published, unscrupulous e-mailers would simply use the list as fodder for their campaigns, the commission decided.
At best, it concluded, such a registry wouldn’t cut the amount of spam coursing over the Internet. At worst, it would cause spam to proliferate.
“Consumers will be spammed if we do a registry and spammed if we do not,” said FTC Chairman Timothy J. Muris.
The federal Can Spam Act, which took effect Jan. 1, compelled the FTC to investigate the wisdom of creating a do-not- e-mail list. The commission concluded it would be better for Internet service providers to find a technological solution to the problem of unwanted messages.
In particular, the FTC urged ISPs to agree on an authentication standard that would prevent spammers from hiding their identities, a common trick for evading spam-filtering software. Without knowing for sure who’s sending a message, ISPs and other spam fighters can’t distinguish legitimate marketers from lawbreaking spammers.
Several solutions have been proposed. Microsoft Corp. recently merged its preferred technology, dubbed Caller ID for E-mail, with a competing standard called SPF, or Sender Policy Framework, backed by the e-mail service Pobox.com. Meanwhile, Yahoo Inc. is pushing its own authentication standard called DomainKeys.
All of the standards work by giving recipients a way to verify that senders are who they say they are.
The FTC said it would let the market decide which approach was best. But if no single standard emerges, the commission said, the FTC could convene an advisory committee to pick one that Congress might require by law.
“If people can’t come up with a solution, at some point the government would intervene,” said Frank Gorman, a Washington lawyer with the firm Bryan Cave who formerly worked in the FTC Bureau of Consumer Protection.
Sen. Charles E. Schumer (D-N.Y.), a determined advocate of a do-not-e-mail list, expressed far less patience Tuesday.
“The registry is not the perfect solution, but it is the best solution we have to the growing problem of spam,” he said in a written statement. “We will pursue congressional alternatives in light of the FTC’s adamancy.”
The Can Spam Act would be much improved by a do-not- e-mail registry because the law allows e-mail marketers to send unsolicited messages to anyone until they receive a request to stop, said John Mozena, co-founder of the Coalition Against Unsolicited Commercial Email, a consumer advocacy group.
But the FTC concluded that if technology couldn’t be found to authenticate senders, those requests couldn’t be enforced and “any registry is doomed to fail,” according to the commission’s report.
Muris said the FTC would revisit the issue after an authentication standard had been reached.
“With authentication, better Can Spam Act enforcement and better filtering by ISPs may even make a registry unnecessary,” the FTC said.
