The following text is copyright 2004 by Network World, permission is hearby given for reproduction, as long as attribution is given and this notice is included.


Enforcing the permission-to-spam act


By Scott Bradner


It has now been 4 months since the federal permission-to-spam act passed the US Congress with speeches galore and signed with gusto by President Bush and the first actual rule related to this act has just been published and the period to allow you, me and the spam industry to comment on the act's purposefully vague language has just ended.   It may still be quite a while before we see any enforcement action related to this act and it is likely to be the end of time before we see any effective enforcement action.


President Bush signed the "Controlling the Assault of Non-Solicited Pornography and Marketing Act of 2003" (short name: "CAN-SPAM Act") last December 12th.  The Act went into effect on January 1st of this year.  The bill's sponsors at the time touted the imminent end to the flood of crap in everyone's mailboxes.  But anyone actually taking the time to read the act quickly realized that the primary goals of this legislation were to legally enable the sending of unsolicited bulk mail and to void any state or local regulations that actually tried to control the onslaught.  This should not have been a surprise to anyone considering the apparent role of the spam industry in formulating the bill in the first place.


The Act put the responsibility of interpreting and enforcing the Act into the hands of the U.S. Federal Trade Commission (FTC). (  The FTC has moved with care  (i.e. slowly) to get public comment on various aspects of the Act so that it can write the set of regulations that need to be written before any actual enforcement of the mostly useless provisions of the Act can be undertaken.  I find it hard to get all that enthusiastic about the usefulness of enforcing a law that makes it legal for every single one of the many millions of companies in the world to send me email and provides me no way to say that I do not want to get their initial messages. I can, by going through a dance defined by each sender, say I do not want any follow up mail - whoop de do.


One of the few provisions of the Act that might make it easier to automatically filter out some of the worst crap is the provision that requires the sender of sexually explicit unsolicited email to include words in the subject line to warn the recipient of the type of content.  The FTC has just finalized a regulation that says the warning must be the English character string "SEXUALLY-EXPLICIT: ".  (  We will see, conceivably soon but I would not predict that, if the FTC is willing to even try to enforce any parts of this generally silly Act.


By all measures and experience, the amount of spam has significantly increased since the federal government said it was OK to spam and I find it hard to imagine that the FTC, mostly on its own, will have any perceivable impact since it must enforce an act that says it is fine to spam.  It is possible that the FTC could penalize some spam senders for illegally using third party computers to forward the spam but I'm not holding my breath for that to have any useful effect.


disclaimer: The concept of "useful effect" and the name "Harvard" are not always associated with each other, at least in some people's minds.  But this pessimistic view is my own, not that of the university.