Friday, 12 March 2004
FTC Chair continues to question do-not-spam registry
The San Jose Mercury News reports that FTC Chair Timothy Muris continues to question the wisdom of a do-not-spam registry. The CAN-SPAM Act requires the FTC to consider implementing such a registry. Yesterday, Muris reiterated the same reasons he cited when he questioned the registry idea before the bill became a law. His argument appears to boil down to a jurisdicitonal problem: "The problem, he said, is tracking down the spammers. Many are overseas. Many use aliases or conceal their identities by routing e-mail through hacked or unprotected computers." This argument has at least three major flaws.
First, Muris seems to be focusing on one provision of the Act to the exclusion of others. The core protection of the Act is its prohibition on sending unsolicited commercial email to individuals who have requested not to receive it. However, it is an additional violation — with separate civil and criminal penalties — to disguise the origin and routing information in the header of such messages. The Act grants both a substantive right and a right of action in federal court to any ISP adversely affected by such behavior. Therefore, the pool of potential plaintiffs includes all service providers whose computers were "hacked or unprotected" and used to send spam, in addition to the ISPs whose customers received illegal spam. With that many potential plaintiffs, at least one of them will have the will and means to fight the good fight. Indeed, four titans filed a major CAN-SPAM lawsuit earlier this week ("Spam's Tet Offensive").
Second, national borders are not as big a problem as Muris would have us believe. A huge proportion of spam advertises goods and services that are on sale in the U.S. or at least made available for purchase by people within the U.S. These sellers must have either (1) assets located in the U.S. or (2) mechanisms for moving money out of the U.S. Otherwise, they would have no means to sell things to Americans. U.S. authorities can attach those assets or garnish those money flows to enforce a judgment under the CAN-SPAM Act. Internet-based transactions depend on credit cards or other payment clearinghouses that overwhelmingly have physical presences in the U.S. — think Visa, MasterCard, and PayPal. We may not be able to put a citizen of the Caymen Islands in an American jail for violating CAN-SPAM, but we can ensure that he makes no money from those activities.
Finally, the Act goes to some length to apply liability to spam customers and vendors. By "customer," I mean someone who hires the services of a spammer to advertise a product — i.e., someone who buys the advertising space. By "vendors," I mean someone who sells goods or services to a spamming outfit. Both of these bases for liability require notice to the customer or vendor. However, this notice should be easy to serve (to customers, at least), because spam would be useless if it failed to identify the product being sold and how to buy it. Thus, we have even more people on the hook for sending illegal spam. Once one of these people goes to jail or gets socked with a $1 million judgment, I believe the demand for spam will decline precipitiously.
Mr. Muris, I encourage you to rethink your position.