US states lay down the law to spammers

All 50 US states may have antispam laws laws by the end of this year. Lawmakers have never been under greater pressure to take...

All 50 US states may have antispam laws laws by the end of this year. Lawmakers have never been under greater pressure to take action to fight spam, but many doubt that legislation will bring IT managers much relief.

So far, 26 states have adopted spam laws that do things such as making forged address headers illegal. Other laws require that "ADV", short for advertisement, be included in the subject line of unsolicited commercial e-mail.

Emily Hackett, state policy director of the Internet Alliance in Washington, which represents some large internet service providers, said states without an antispam law will soon have one. "There isn't any opposition to it," she said.

But the state bills are troubling for the marketing industry. Some allow lawsuits against spammers that violate posted policies, which has worried companies using unsolicited e-mail to prospect for customers. There are also states eyeing a "do-not-spam" list similar to do-not-call telemarketing lists.

Congress is being pushed to act, in part to pre-empt state laws with a national one. The Direct Marketing Association (DMA) in New York, which has long opposed any spam regulation, is now backing a federal law to end the hodge-podge of state laws. No bills have been introduced yet, but that is expected to change.

"It's very difficult to keep track of varying state laws," said Louis Mastria, a DMA spokesman, who added that state laws are ineffective because a marketer does not necessarily know the physical address of a person being solicited. The state laws "set up legitimate e-mail marketers for a black eye", he added.

Another major proponent of action is Microsoft, which last month ran ads in newspapers saying that "new, strong laws are needed" to combat spam. The US Federal Trade Commission is planning a three-day forum on spam next month, an event that is seen as a pivotal gathering of all sides in the debate.

The success of any legislation will depend on enforcement, said Michael Redman, information systems director at Nicholson Manufacturing in Seattle. Washington has an antispam law, but Redman said he has seen little impact from it.

"There is a substantial amount of legislation out there already," he said. "If it's ignored and not enforced, it doesn't do us any good."

There is much scepticism that new laws would curb spam, because finding the most egregious spammers is difficult. "People are setting up dummy corporations and fly-by-night operations," said Stephen Winkelman, an internet attorney at Fennemore Craig in Phoenix.

Accompanying the push for laws are efforts to create standards for regulating e-mail.

The ePrivacy Group in Philadelphia is developing open-standards, machine-readable technology that sets minimum principles for ensuring that an ISP does not filter a digitally signed message from a business.

Filtering sometimes screens out too much information, said Vincent Schiavone, the company's president. "We don't see a way where you can fix e-mail with the current protocol."

Read more on IT risk management