Supporters call it the most significant Internet-related legislation by this Congress; critics say all it's going to do, if it becomes law, is give the spammers even more license to spam. But as the House gets to work on finishing year-end spending bills, it's expected to put what are called the finishing touches on its end of the so-called CanSpam Act of 2003, which originated in the Senate.
"With this bill, Congress is saying that if you are a spammer, you can wind up in the slammer. That is the bottom line," said a chief co-sponsor, Sen. Charles Schumer (D-New York). "The bottom line is that there will be criminal penalties and real prosecution. Will we go after every spammer, somebody who makes a mistake here and there? No. But the studies show us -- this is what gives all of us such hope -- that maybe 250 spammers send out 90 percent of the e-mail. And we are saying to those 250, no matter where you are, or how you try to hide your spam, we will find you. This bill gives the FTC and the Justice Department the tools to go after you."
The problem, critics say, is that the lack of an opt-in mechanism will just about let the spammers thumb their noses at even those kinds of penalties, even if it requires the Federal Trade Commission to report to Congress after two years on the law's effectiveness if it's signed. The legislation lets e-mail marketers send unsolicited e-mail messages as long as the messages include opt-out mechanisms and a functioning return e-mail address.
"Consumers expecting to see a significant drop in e-mail are likely to be disappointed," said InternetNews.com.
The bill – which would override a number of state spam laws including the tough new one in effect in California – would also make it a misdemeanor with up to one year behind bars to send spam intentionally with false header information. The bill would also outlaw hijacking computers or open relays to set up spam conductors, as a number of the Internet's most pestiferous viruses this year succeeded in doing.
The bill also required the FTC to devise a do-not-spam list plan within six months or explain to Congress why it couldn't be done. The FTC testified to the Senate earlier this year that such a list – similar to the do-not-call list affecting the telemarketing industry – raises important privacy, security, and technical question that need resolution before a do-not-spam list could come online.
Schumer told InternetNews a do-not-spam list would work in spite of the FTC's doubts. "My answer to the FTC: try it," he said. "We do not have anything better. It is not going to solve everything, but it is the best tool we have."
Critics like Spamhaus Project say that, if the bill is signed by President Bush January 1, the bill might as well be called the You Can Spam Act, saying spammers "overwhelmingly" back this bill. "Spam king Alan Ralsky (said original) passage of the House bill 'made my day'," Spamhaus has said. "Spammers say they will now pour money into installations of new spam servers to heavily ramp up their outgoing spam volumes 'all legally'."
Spamhaus also fears that if the bill becomes law it could provoke new tensions between the United States and Europe.
"If CAN-SPAM becomes law, from January Europe and the United States will have opposing legislation, as Europe has already introduced legislation making spamming illegal," the group said. "But 90 percent of Europe's spam problem originates in the United States where spamming will now be legal…What this will do for relations between Europe and the United States, is easy to predict, with millions of European Internet users already angry at being deluged in American 'make-penis-fast' spam. From December 11, spamming will be illegal in the UK, but with 90 percent of the UK's spam problem originating in the United States, British users will continue to be flooded, now with 'legal' spam from the U.S."
