When a new unsolicited email law, the Can-Spam Act, was passed in the US in January, campaigners joked that it would prove so ineffective it ought to be relabelled the ‘You Can Spam Act’. Two months since it came into force, the signs are that its many critics may be proved right.
The act grants regulators at the Federal Trade Commission (FTC) new powers against unsolicited email and adds fresh criminal penalties for spammers. But the federal law has some big drawbacks, its critics claim. For instance, the law cuts across some reasonably effective anti-spam rules at a state level. It also blocks individuals from suing spammers.
Since January, spam levels in the US have, if anything, increased. One poll has found that 71% of people are receiving the same amount of spam as before the law was passed, while an additional 10% say their spam problem has actually got worse.
Even those people close to the law seem to accept its limitations. The FTC official in charge of enforcing it, Howard Beales, told journalists recently: “This law provides some tools that we hope will be helpful, but it’s not going to make a major difference.” Still, a spokeswoman for Senator Conrad Burns, a Republican sponsor of the bill, says that people should not hurry to write it off since it is time-consuming to build cases against spammers and the first prosecutions might be many months off. For users, there are no easy solutions. A particular concern is the overly aggressive use of anti-spam ‘blacklist’ services, which tend to discard thousands of legitimate messages.
Enterprise spam filter products, on the other hand, such as those provided by Symantec and CipherTrust, tend to be more reliable – but only if used correctly.
In an interview with the Boston Globe, Chris Miller, group product manager for enterprise email products at Symantec, cited the example of a Symantec salesperson whose messages to a customer were consistently rejected. Someone at the customer’s company had modified the anti-spam software to automatically reject emails that contained certain words deemed likely to appear in spam messages. One of these words was ‘hooker’, which happened to be the salesperson’s last name.