Spam -What is Your Protection Under the Law?

Spam has become an ever-increasing problem in recent years, costing legitimate businesses a great deal in both time and money.

In response to the growing threat from spam, new legislation was enacted in 2003. it was called: Controlling the Assault of Non Solicited Pornography and Marketing Act (CAN-SPAM act). This act created some requirements for all companies who are sending bulk commercial email, as well as those companies whose products are offered for sale in the spam emails. It also instituted penalties for violators, as well as giving the client or consumer the right and the means to request that the emailers cease the spam efforts.

CAN-SPAM was enacted in January, 2004. The act covers any email which have as its purpose advertising or promotional efforts for any service or product, including those whose contents reside solely on a web site.

The legislation also covers “transactional or relationship messages,” meaning those emails which help a web site to deal with any transaction, even those which are agreed on, or make updates to any customer whether new or exisiting. None of these may contain false or spoofed routing information.

The Federal Trade Commission (FTC), the United States agency for consumer protection, was granted the authority to enforce the act and the DOJ, or Department of Justice is additionally charged with the enforcement of the CAN SPAM act. It also provides that Internet Service Providers who are hurt by the spam may in fact sue the violators of the legislation to recoup losses to their own business.

Other Major Provisions of the Law

-It bans any attempt to falsify the information in the header or subject line.

These must correctly identify what the message is about, and accurately display routing information as well as “To” and “from” information. The email must accurately indicate the identity of the sender and recipient. It must accurately portray the domain from which the email originates as well as the senders real email address.

– It bans misleading subject lines

The subject line must not mislead the recipient to open the email under false pretenses. It should clearly indicate the actual subject matter of the email.

– Emails sent in this fashion must offer the recipient a legitimate means to get out of receiving the commercial email in the future. Any such requests to opt-out must be honored by the spamming company, and the email address deleted from its sending list. The commercial emailer will have 10 days to after the request to cease sending messages to that address

– Commercial bulk email should easily be identified as an advertisement or solicitation. It must also include the sender’s actual physical postal address

– The recipient must be fore-warned of any sexually explicit information the email may contain. This warning must be displayed in the email’s subject line.

Each and every violation of this law or the aspects of the law subjects the sender to strict fines that can go as high as $10,000 per incident and, for certain violations, the commercial emailer will face possible jail time.

Another legal initiative aimed at fighting spam is the “Digital PhishNet” (DPN), which was established in 2004. It is a collaborative effort between the Internet industry and criminal law enforcement. Its purpose is to identify and to prosecute spammers who break the law through phishing. Online auction sites, financial institutions, ISPs and other groups within the industry are all involved in this imitative. Important data and information is forwarded in real time to law enforcement.