FTC Reports to Congress on Effectiveness and Enforcement of CAN-SPAM Act
The Federal Trade Commission (FTC) issued a report to Congress entitled Effectiveness and Enforcement of the CAN-SPAM Act to fulfill the Controlling the Assault of Non-Solicited Pornography and Marketing Act’s (CAN-SPAM Act) mandate to provide a detailed analysis of its effectiveness and enforcement, and the need—if any—for legislative revisions.
The report reflects the FTC’s own enforcement experience and that of other entities empowered to enforce the CAN-SPAM Act, FTC staff interviews with interested parties, use of FTC compulsory process powers to obtain data from nine ISPs that collectively control over 60 percent of the market for consumer email accounts, and the FTC staff’s “broad review” of CAN-SPAM articles. The FTC also consulted with “two preeminent computer scientists for their independent evaluations of the Act’s effectiveness.”
The report concludes that the Act is effective in providing protection for consumers, and that it is aggressively enforced by state and federal regulators and by the private sector. In reaching its conclusions, the report distinguished between spam sent by legitimate marketers promoting legitimate products or services, and that sent by “‘outlaw’ spammers who ignore the law,” seek to hide their identities and whereabouts, and “may well infect consumers’ computers with malware.” With respect to the former, the FTC found legitimate marketers are following the “best practices” codified by the Act. Perhaps more importantly for the prospect of future regulation in this area, the FTC notes that technological advancements “may be the most useful tool in combating outlaw spammers.” The report found that the volume of spam has begun to level off and, more significantly, the amount reaching consumers has decreased due to enhanced anti-spam technology, and that consumers accordingly have begun to report decreased annoyance with spam. The FTC concludes, in short, that developments suggest spam has not destroyed email as a viable communications channel, as was once feared.
At the same time, however, the report notes some aspects of spam, such as its international dimension, have not changed materially since the Act became law and continue to pose problems. The email landscape also has changed in potentially troubling ways as well. The FTC cites the example that there has been a shift toward the inclusion in spam of content that is increasingly malicious, and it noted that spammers have sought to frustrate enforcement efforts by using increasingly complex multi-layered business arrangements and continuing to hide their identities by providing false information to domain name registrars.
The report went on to recommend three proposed steps to improve the efficacy of the CAN-SPAM Act. First, while no changes to the Act itself were recommended, the FTC urged Congress to enact the “US SAFE WEB Act” to improve FTC authority to trace spammers who operate outside the U.S. Second, the FTC stated that it should continue education efforts to ensure consumers are aware of the ways they can protect themselves from spam, spyware and sexually-explicit material. Third, improvements should continue with respect to anti-spam technology, and in particular, tools that prevent spammers from operating anonymously, including domain-level authentication and reputation and accreditation systems.
