fbpx
Wikipedia

CAN-SPAM Act of 2003

January 01, 1970

The Controlling the Assault of Non-Solicited Pornography And Marketing (CAN-SPAM) Act of 2003 is a law passed in 2003 establishing the United States' first national standards for the sending of commercial e-mail. The law requires the Federal Trade Commission (FTC) to enforce its provisions. Introduced by Republican Conrad Burns, the act passed both the House and Senate during the 108th United States Congress and was signed into law by President George W. Bush in December 2003 and was enacted on January 1, 2004.[1][2]

Controlling the Assault of Non-Solicited Pornography And Marketing Act of 2003
Other short titlesCAN-SPAM Act of 2003
Long titleAn Act to regulate interstate commerce by imposing limitations and penalties on the transmission of unsolicited commercial electronic mail via the Internet.
Enacted bythe 108th United States Congress
Citations
Public lawPub. L.Tooltip Public Law (United States) 108–187 (text) (PDF)
Statutes at Large117 Stat. 2699
Codification
Titles amended15 U.S.C.: Commerce and Trade
U.S.C. sections created15 U.S.C. ch. 103
Legislative history
  • Introduced in the Senate as S.877 by Conrad Burns (RMT) on April 10, 2003
  • Passed the Senate on October 22, 2003 (97–0)
  • Passed the House on November 22, 2003 (392–5)
  • Signed into law by President George W. Bush on December 16, 2003

History edit

The backronym CAN-SPAM derives from the bill's full name: Controlling the Assault of Non-Solicited Pornography And Marketing Act of 2003. It plays on the word "canning" (putting an end to) spam, as in the usual term for unsolicited email of this type. The bill was sponsored in Congress by Senators Conrad Burns and Ron Wyden.

The CAN-SPAM Act is occasionally referred to by critics as the "You-Can-Spam" Act because the bill fails to prohibit many types of e-mail spam and preempts some state laws that would otherwise have provided victims with practical means of redress. In particular, it does not require e-mailers to get permission before they send marketing messages.[3] It also prevents states from enacting stronger anti-spam protections, and prohibits individuals who receive spam from suing spammers except under laws not specific to e-mail. The Act has been largely unenforced,[4] despite a letter to the FTC from Senator Burns, who noted that "Enforcement is key regarding the CAN-SPAM legislation." In 2004, less than 1% of spam complied with the CAN-SPAM Act of 2003.[5]

The law prescribed the FTC to report back to Congress within 24 months of the effectiveness of the act.[6] Once this took place, no changes were recommended. It also requires the FTC to promulgate rules to shield consumers from unwanted mobile phone spam. On December 20, 2005 the FTC reported that the volume of spam has begun to level off, and due to enhanced anti-spam technologies, less was reaching consumer inboxes. A significant decrease in sexually explicit e-mail was also reported.[7]

Later modifications changed the original CAN-SPAM Act of 2003 by (1) Adding a definition of the term "person"; (2) Modifying the term "sender"; (3) Clarifying that a sender may comply with the act by including a post office box or private mailbox; and (4) Clarifying that to submit a valid opt-out request, a recipient cannot be required to pay a fee, provide information other than his or her email address and opt-out preferences, or take any other steps other than sending a reply email message or visiting a single page on an Internet website.

The mechanics of CAN-SPAM edit

Applicability edit

CAN-SPAM, a direct response of the growing number of complaints over spam e-mails,[8] defines a "commercial electronic mail message" as "any electronic mail message the primary purpose of which is the commercial advertisement or promotion of a commercial product or service (including content on an Internet website operated for a commercial purpose)." It exempts "transactional or relationship messages." The FTC issued final rules[9] (16 CFR 316) clarifying the phrase "primary purpose" on December 16, 2004. Previous state laws had used bulk (a number threshold), content (commercial), or unsolicited to define spam. The explicit restriction of the law to commercial e-mails is widely considered by those in the industry[10][11] to essentially exempt purely political and religious e-mail from its specific requirements. Such non-commercial messages also have stronger First Amendment protection, as shown in Jaynes v. Commonwealth.[12]

Congress determined that the US government was showing an increased interest in the regulation of commercial electronic mail nationally, that those who send commercial e-mails should not mislead recipients over the source or content of them, and that all recipients of such emails have a right to decline them.[8] However, CAN-SPAM does not ban spam emailing outright, but imposes laws on using deceptive marketing methods through headings that are "materially false or misleading". In addition there are conditions that email marketers must meet in terms of their format, their content, and labeling.[8] The three basic types of compliance defined in the CAN-SPAM Act—unsubscribe, content, and sending behavior — are as follows:

Unsubscribe compliance edit

  • A visible and operable unsubscribe mechanism is present in all emails.
  • Consumer opt-out requests are honored within 10 business days.[13]
  • Opt-out lists also known as suppression lists are used only for compliance purposes.

Content compliance edit

  • Accurate "From" lines[14]
  • Relevant subject lines (relative to offer in body content and not deceptive)[14]
  • A legitimate physical address of the publisher or advertiser is present. PO Box addresses are acceptable in compliance with 16 CFR 316.2 and if the email is sent by a third party, the legitimate physical address of the entity, whose products or services are promoted through the email should be visible.
  • A label is present if the content is adult.

Sending behavior compliance edit

  • A message cannot be sent without an unsubscribe option.
  • A message cannot contain a false header
  • A message should contain at least one sentence.[15]
  • A message cannot be null.[15]
  • Unsubscribe option should be below the message.[16]

There are no restrictions against a company emailing its existing customers or anyone who has inquired about its products or services, even if these individuals have not given permission, as these messages are classified as "relationship" messages under CAN-SPAM.[17] But when sending unsolicited commercial emails, it must be stated that the email is an advertisement or a marketing solicitation. Note that recipients who have signed up to receive commercial messages from you are exempt from this rule.

If a user opts out, a sender has ten days to cease sending and can use that email address only for compliance purposes. The legislation also prohibits the sale or other transfer of an e-mail address after an opt-out request. The law also requires that the unsubscribe mechanism must be able to process opt-out requests for at least 30 days after the transmission of the original message.[18]

Use of automated means to register for multiple e-mail accounts from which to send spam compound other violations. It prohibits sending sexually oriented spam without the label later determined by the FTC of "SEXUALLY EXPLICIT." This label replaced the similar state labeling requirements of "ADV:ADLT" or "ADLT."

CAN-SPAM makes it a misdemeanor to send spam with falsified header information.[19] A host of other common spamming practices can make a CAN-SPAM violation an "aggravated offense," including harvesting, dictionary attacks, IP address spoofing, hijacking computers through Trojan horses or worms, or using open mail relays for the purpose of sending spam.

Criminal offenses edit

Although according to the law, legitimate businesses and marketers should be conscientious regarding the aspects mentioned above, there are misinterpretations and fraudulent practices that are viewed as criminal offenses:

  • Sending multiple spam emails with the use of a hijacked computer
  • Sending multiple emails through Internet Protocol addresses that the sender represents falsely as being his/her property
  • Trying to disguise the source of the email and to deceive recipients regarding the origins of the emails, by routing them through other computers
  • Sending multiple spam emails via multiple mailings with falsified information in the header
  • Using various email accounts obtained by falsifying account registration information, in order to send multiple spam emails.[20]

Private right of action edit

CAN-SPAM provides a limited private right of action to Internet Access Services that have been adversely affected by the receipt of emails that violate the Act;[21] and does not allow natural persons to bring suit.[22] A CAN-SPAM plaintiff must satisfy a higher standard of proof as compared with government agencies enforcing the Act; thus, a private plaintiff must demonstrate that the defendant either sent the email at issue or paid another person to send it knowing that the sender would violate the Act. Despite this heightened standard, private CAN-SPAM lawsuits have cropped up around the country, as plaintiffs seek to take advantage of the statutory damages available under the Act.[citation needed]

Overriding state anti-spam laws edit

CAN-SPAM preempts (supersedes) state anti-spam laws that do not deal with false or deceptive activity.[23] The relevant portion of CAN-SPAM reads:

This chapter supersedes any statute, regulation, or rule of a State or political subdivision of a State that expressly regulates the use of electronic mail to send commercial messages, except to the extent that any such statute, regulation, or rule prohibits falsity or deception in any portion of a commercial electronic mail message or information attached thereto.

Though this move was criticized by some anti-spam activists, some legal commentators praised it, citing a heavily punitive California law seen as over broad and a wave of allegedly dubious suits filed in Utah.[24]

CAN-SPAM and the FTC edit

CAN-SPAM allows the FTC to implement a national do-not-email list similar to the FTC's popular National Do Not Call Registry against telemarketing, or to report back to Congress why the creation of such a list is not currently feasible. The FTC soundly rejected this proposal, and such a list will not be implemented. The FTC concluded that the lack of authentication of email would undermine the list, and it could raise security concerns.

The legislation prohibits e-mail recipients from suing spammers or filing class-action lawsuits. It allows enforcement by the FTC, State Attorneys General, Internet service providers, and other federal agencies for special categories of spammers (such as banks). An individual might be able to sue as an ISP if (s)he ran a mail server, but this would likely be cost-prohibitive and would not necessarily hold up in court. Individuals can also sue using state laws about fraud, such as Virginia's that gives standing based on actual damages, in effect limiting enforcement to ISPs.

The McCain amendment[25] made businesses promoted in spam subject to FTC penalties and enforcement remedies, if they knew or should have known that their business was being promoted by the use of spam. This amendment was designed to close a loophole that allowed those running affiliate programs to allow spammers to abuse their programs, and encouraged such businesses to assist the FTC in identifying such spammers.

Senator Corzine sponsored an amendment to allow bounties for some informants.[26] The FTC has limited these bounties to individuals with inside information.[26] The bounties are expected to be over $100,000 but none have been awarded yet.[26]

Reaction edit

Those opposing spam greeted the new law with dismay and disappointment, almost immediately dubbing it the "You Can Spam" Act.[27][28] Internet activists who work to stop spam stated that the Act would not prevent any spam — in fact, it appeared to give federal approval to the practice, and it was feared that spam would increase as a result of the law. CAUCE (Coalition Against Unsolicited Commercial Email) stated:

This legislation fails the most fundamental test of any anti-spam law, in that it neglects to actually tell any marketers not to spam. Instead, it gives each marketer in the United States one free shot at each consumer's e-mail inbox, and will force companies to continue to deploy costly and disruptive anti-spam technologies to block advertising messages from reaching their employees on company time and using company resources. It also fails to learn from the experiences of the states and other countries that have tried "opt-out" legal frameworks, where marketers must be asked to stop, to no avail.[29]

AOL Executive Vice President and General Counsel Randall Boe stated:

[CAN-SPAM] not only empowered us to help can the spam, but also to can the spammers as well. ... Our actions today clearly demonstrate that CAN-SPAM is alive and kicking — and we're using it to give hardcore, outlaw spammers the boot.

Advertising organizations such as the Data & Marketing Association (DMA) have sought to weaken implementation of the law in various ways. These include lengthening the time for honoring opt-outs from 10 business days to 31 calendar days, limiting the validity of opt-out requests to no more than two to three years, and eliminating rewards to persons who assist the Federal Trade Commission in enforcement of the act.[30] The DMA has also opposed provisions requiring the subject line of spam to indicate that the message is an advertisement.[31]

Criminal enforcement edit

On February 16, 2005, Anthony Greco, 18, of Cheektowaga, New York, was the first person to be arrested under the CAN-SPAM Act of 2003. After pleading guilty, he was sentenced in a closed session.[32][33]

Within a few months, hundreds of lawsuits had been filed by an alliance of ISPs. Many of these efforts resulted in settlements; most are still pending.[needs update] Though most defendants were "John Does," many spam operations, such as Scott Richter's, were known.

On April 29, 2004, the United States government brought the first criminal and civil charges under the Act. Criminal charges were filed by the United States Attorney for the Eastern District of Michigan, and the FTC filed a civil enforcement action in the Northern District of Illinois. The defendants were a company, Phoenix Avatar, and four associated individuals: Daniel J. Lin, James J. Lin, Mark M. Sadek, and Christopher Chung of West Bloomfield, Michigan. Defendants were charged with sending hundreds of thousands of spam emails advertising a "diet patch" and "hormone products." The FTC stated that these products were effectively worthless. Authorities said they face up to five years in prison under the anti-spam law and up to 20 years in prison under U.S. mail fraud statutes.

On September 27, 2004, Nicholas Tombros pled guilty to charges and became the first spammer to be convicted under the Can-Spam Act of 2003.[34] He was sentenced in July 2007 to three years probation, six months house arrest, and a fine of $10,000.[35]

On April 1, 2006, Mounir Balarbi, of Tangier, Morocco, was the first person outside the United States to have an arrest warrant validated under the CAN-SPAM Act of 2003. Mounir's trial was held in absentia, and he was sentenced in a closed session.[33][36]

On January 16, 2006, Jeffrey Goodin, 45, of Azusa, California, was convicted by a jury in United States district court in Los Angeles in United States v. Goodin, U.S. District Court, Central District of California, 06-110, under the CAN-SPAM Act (the first conviction under the Act),[37] and on June 11, 2007, he was sentenced to 70 months in federal prison. Out of a potential sentence of 101 years, prosecutors asked for a sentence of 94 months. Goodin was already detained in custody, as he had missed a court hearing.[38]

As of late 2006, CAN-SPAM has been all but ignored by spammers. A review of spam levels in October 2006 estimated that 75% of all email messages were spam, and the number of spam emails complying with the requirements of the law were estimated to be 0.27% of all spam emails. As of 2010, about 90% of email was spam.[39][40]

On August 25, 2005, three people were indicted on two counts of fraud and one count of criminal conspiracy.[41] On March 6, 2006 Jennifer R. Clason, 33, of Raymond, New Hampshire, pled guilty and was to be sentenced on June 5, 2006. She faced a maximum sentence of 5 years on each of the three counts and agreed to forfeit money received in the commission of these crimes.[42] On June 25, 2007, the remaining two were convicted of spamming out millions of e-mail messages that included hardcore pornographic images. Jeffrey A. Kilbride, 41, of Venice, California, and James R. Schaffer, 41, of Paradise Valley, Arizona, were convicted on eight counts in U.S. District Court in Phoenix, Arizona. Both were sentenced to five years in prison, and ordered to forfeit $1,300,000. The charges included conspiracy, fraud, money laundering, and transportation of obscene materials. The trial, which began on June 5, was the first to include charges under the CAN-SPAM Act of 2003, according to the Department of Justice. The specific law that prosecutors used under the CAN-Spam Act was designed to crack down on the transmission of pornography in spam.[43][44] Two other men, Andrew D. Ellifson, 31, of Scottsdale, Arizona, and Kirk F. Rogers, 43, of Manhattan Beach, California, also pled guilty to charges under the CAN-SPAM Act related to this spamming operation. Both were scheduled to be sentenced on June 5, 2006 in Phoenix.[42] After sentencing, Ellifson received a presidential pardon by President Obama.[45]

Civil enforcement edit

In July 2005, the Federal Trade Commission lodged civil CAN-SPAM complaints against nine companies alleging that they were responsible for spam emails that had been sent by them or by their affiliates.[46][47] Eight of the nine companies, Cyberheat[48] of Tucson, Arizona, APC Entertainment, Inc.,[49] of Davie, Florida, MD Media, Inc.,[50] of Bingham Farms, Michigan, Pure Marketing Solutions, LLC,[51] of Tampa, Florida, TJ Web Productions, LLC,[52] of Tampa, Florida, and BangBros.com, Inc., RK Netmedia, Inc., and OX Ideas, Inc., LLC,[53] of Miami, Florida entered into stipulated consent decrees. Impulse Media Group, Inc.[54] of Seattle, Washington, represented by CarpeLaw PLLC, defended the case brought against it.[55][56]

The Department of Justice asserted that the CAN-SPAM statute imposed strict-liability on producers such as Impulse Media for the actions of its non-agent, independent-contractor affiliates. However, the two courts to consider that argument rejected the DOJ's contention.[57][58] In March 2008 the remaining defendant, Impulse Media Group, went to trial. At trial, it was determined that IMG's Affiliate Agreement specifically prohibited spam bulk-email and that if an affiliate violated that agreement, it would be terminated from the program. In fact, several affiliates had been terminated for that very reason. After a 2½ day trial, the jury retired to determine whether Impulse Media should be held liable for the bad acts of its affiliates. Three and one-half hours later, the jury returned with a verdict that IMG was not liable and that the emails were the fault of the affiliates.[59]

In March 2006, the FTC obtained its largest settlement to date—a $900,000 consent decree against Jumpstart Technologies, LLC for numerous alleged violations of the CAN-SPAM act.[60] However, the FTC has never prevailed at trial with their theory of strict liability.

See also edit

References edit

Notes edit

  • Lee, Younghwa (June 2005). "The CAN-SPAM Act: A Silver Bullet Solution?". Communications of the ACM, p. 131–132.

Citations edit

  1. ^ Burns, Conrad R. (2003-12-16). "S.877 - 108th Congress (2003-2004): CAN-SPAM Act of 2003". www.congress.gov. Retrieved 2021-06-26.
  2. ^ Kigerl, Alex C. (2018-03-01). "Email spam origins: does the CAN SPAM act shift spam beyond United States jurisdiction?". Trends in Organized Crime. 21 (1): 62–78. doi:10.1007/s12117-016-9289-9. ISSN 1936-4830.
  3. ^ "With This Law, You Can Spam". Wired. January 23, 2004. Retrieved March 21, 2009.
  4. ^ "United States: A New Weapon in The Fight Against Spam". mondaq. Retrieved March 21, 2009.
  5. ^ "Is the CAN-SPAM Law Working?". PC World. Retrieved May 12, 2015.
  6. ^ . FTC. Archived from the original on December 17, 2008. Retrieved March 21, 2009.
  7. ^ (PDF). FTC. Archived from the original on 8 October 2013. Retrieved 8 October 2015.{{cite web}}: CS1 maint: bot: original URL status unknown (link)
  8. ^ a b c "How To Do Email Marketing Right". Aplegal.com. 21 July 2014. Retrieved 15 August 2014.
  9. ^ (PDF). FTC. Archived from the original (PDF) on February 7, 2009. Retrieved March 21, 2009.
  10. ^ Roth, Wendy. "The Letter of the CAN-SPAM Law". iMedia Connection. Retrieved 8 October 2015.
  11. ^ Atkins, Laura (21 May 2008). "Political Spam". Word to the Wise. Retrieved 8 October 2015.
  12. ^ Helman, Igor. "SPAM-A-LOT: THE STATES' CRUSADE AGAINST UNSOLICITED E-MAIL IN LIGHT OF THE CAN-SPAM ACT AND THE OVERBREADTH DOCTRINE" (PDF). Boston College Law Review. Retrieved 8 October 2015.
  13. ^ "The CAN-SPAM Act: Trying to Protect Consumers From Unsolicited Commercial E-Mail". Consumer.findlaw.com. Retrieved 15 August 2014.
  14. ^ a b . Federal Trade Commission. 2 September 2009. Archived from the original on 2018-01-12. Retrieved 2018-01-12.
  15. ^ a b "canspam act".
  16. ^ . Federal Trade Commission. 2 September 2009. Archived from the original on 2016-09-18. Retrieved 2016-09-19.
  17. ^ 15 U.S.C. § 7702(17)
  18. ^ 15 U.S.C. § 7704(a_3)
  19. ^ 15 U.S.C. § 7704(a)
  20. ^ "Technology: What You Need To Know About Complying With CAN-SPAM Act". Presti & Naegele. Retrieved 7 January 2015.
  21. ^ "CAN-SPAM Act of 2003: Private Right of Action for". LII / Legal Information Institute. Retrieved 2022-05-07.
  22. ^ "Do I have ANY recourse under the CAN-SPAM Act?". LII / Legal Information Institute. Retrieved 2022-05-07.
  23. ^ Swire, Peter; Kennedy-Mayo, DeBrae (2020). U.S. Private-Sector Privacy. United States: IAPP. p. 293. ISBN 978-1-948771-37-5.
  24. ^ "You May Already Be a Loser". Reason.com. 8 December 2003. Retrieved 7 January 2015.
  25. ^ . Archived from the original on 2009-12-07.
  26. ^ a b c . Thomas.loc.gov. Archived from the original on 2015-10-18. Retrieved 7 January 2015.
  27. ^ . Archived from the original on 2007-04-06. Retrieved 2007-03-09.
  28. ^ "United States set to Legalize Spamming on January 1, 2004". Spamhaus.org. Retrieved 7 January 2015.
  29. ^ . localfamemedia.com. Archived from the original on 22 January 2015. Retrieved 21 January 2015.
  30. ^ (PDF). The-dma.org. Archived from the original (PDF) on 24 January 2013. Retrieved 7 January 2015.
  31. ^ (PDF). The-dma.org. Archived from the original (PDF) on 3 September 2013. Retrieved 7 January 2015.
  32. ^ . Archived from the original on 2007-10-17. Retrieved 2007-10-06.
  33. ^ a b "NY spammer sentenced in closed session". Theage.com.au. 18 October 2005. Retrieved 7 January 2015.
  34. ^ "First "War Spammer" Convicted Under Fed Laws". FBI.
  35. ^ "War-Driving Pornographic Spammer Escapes Jail Time". InformationWeek. Retrieved 7 January 2015.
  36. ^ [1] [dead link]
  37. ^ Pettersson, Edvard (2006-01-16). "California Man Guilty of Defrauding AOL Subscribers, U.S. Says". Bloomberg.com. Retrieved 2007-01-22.
  38. ^ "California Man Gets 6-Year Sentence For Phishing". InformationWeek. Retrieved 7 January 2015.
  39. ^ "BarracudaCentral.org - Technical Insight for Security Pros". Barracudacentral.org. Retrieved 7 January 2015.
  40. ^ . Spamfighter.com. Archived from the original on 19 August 2014. Retrieved 7 January 2015.
  41. ^ "Routine Maintenance". Law.com. Retrieved 7 January 2015.
  42. ^ a b "#06-123: 03-06-06 Third Defendant Pleads Guilty In Prosecution Of Major International Pornographic Spam Operation". Usdoj.gov. Retrieved 7 January 2015.
  43. ^ "Two Men Convicted Of Spamming Pornography". InformationWeek. Retrieved 7 January 2015.
  44. ^ Tracy McVeigh (2007-10-14). "Porn spammers jailed for five years". Guardian Unlimited. Retrieved 2007-10-14.
  45. ^ . Archived from the original on 2019-08-24. Retrieved 2019-06-26.
  46. ^ "FTC Cracks Down on Illegal X-rated Spam". Ftc.gov. 20 July 2005. Retrieved 7 January 2015.
  47. ^ Federal Trade Commission (2005-07-20). "FTC Cracks down on Illegal "X-rated" Spam". Federal Trade Commission. Retrieved 2009-02-23.]
  48. ^ "Cyberheat, Inc., et al., US vs". Ftc.gov. 20 July 2005. Retrieved 7 January 2015.
  49. ^ "APC Entertainment, Inc., et al., US". Ftc.gov. 20 July 2005. Retrieved 7 January 2015.
  50. ^ "MD Media, Inc., et al., US vs". Ftc.gov. 20 July 2005. Retrieved 7 January 2015.
  51. ^ "Pure Marketing Solutions, LLC, et al., US vs". Ftc.gov. 20 July 2005. Retrieved 7 January 2015.
  52. ^ "TJ Web Productions, LLC, et al., US vs". Ftc.gov. 20 July 2005. Retrieved 7 January 2015.
  53. ^ "BangBros.com, Inc., et al., US vs". Ftc.gov. Retrieved 7 January 2015.
  54. ^ "Impulse Media Group, Inc., et al., US vs". Ftc.gov. 20 July 2005. Retrieved 7 January 2015.
  55. ^ "NOTICE of Appearance by attorney Robert S Apgood on behalf of Defendant Impulse Media Group Inc for United States of America v. Impulse Media Group Inc :: Justia Dockets & Filings". Justia Dockets & Filings. Retrieved 7 January 2015.
  56. ^ , archived from the original on 2013-07-29{{citation}}: CS1 maint: bot: original URL status unknown (link)
  57. ^ "ORDER DENYING MOTIONS FOR SUMMARY JUDGMENT; denying 17 Motion for Summary Judgment; denying 23 Motion for Summary Judgment by Judge Robert S Lasnik for United States of America v. Impulse Media Group Inc :: Justia Dockets & Filings". Justia Dockets & Filings. Retrieved 7 January 2015.
  58. ^ "Attachment 1 NOTICE of Filing in a Related Proceeding; filed by Plaintiff United States of America for United States of America v. Impulse Media Group Inc :: Justia Dockets & Filings". Justia Dockets & Filings. Retrieved 7 January 2015.
  59. ^ "Adult Web business off the hook for spam". seattlepi.com. 25 March 2008. Retrieved 7 January 2015.
  60. ^ . Archived from the original on 2011-04-12.{{cite web}}: CS1 maint: bot: original URL status unknown (link)

External links edit

  • CAN-SPAM Act of 2003 (PDF/details) as amended in the GPO Statute Compilations collection
  • The full text of the CAN-SPAM Act in HTML Format
  • FCC CAN-SPAM Act Policy
  • CAN-SPAM Act: FTC Compliance Guide 2016-09-18 at the Wayback Machine
  • Cybertelecom :: Can Spam Act
  • Hearing on SPAM and Its Effects on Small Business (October 30, 2003), House of Representatives, Committee on Small Business, Subcommittee on Regulatory Reform and Oversight

January 01, 1970
spam, 2003, controlling, assault, solicited, pornography, marketing, spam, 2003, passed, 2003, establishing, united, states, first, national, standards, sending, commercial, mail, requires, federal, trade, commission, enforce, provisions, introduced, republica. The Controlling the Assault of Non Solicited Pornography And Marketing CAN SPAM Act of 2003 is a law passed in 2003 establishing the United States first national standards for the sending of commercial e mail The law requires the Federal Trade Commission FTC to enforce its provisions Introduced by Republican Conrad Burns the act passed both the House and Senate during the 108th United States Congress and was signed into law by President George W Bush in December 2003 and was enacted on January 1 2004 1 2 Controlling the Assault of Non Solicited Pornography And Marketing Act of 2003Other short titlesCAN SPAM Act of 2003Long titleAn Act to regulate interstate commerce by imposing limitations and penalties on the transmission of unsolicited commercial electronic mail via the Internet Enacted bythe 108th United States CongressCitationsPublic lawPub L Tooltip Public Law United States 108 187 text PDF Statutes at Large117 Stat 2699CodificationTitles amended15 U S C Commerce and TradeU S C sections created15 U S C ch 103Legislative historyIntroduced in the Senate as S 877 by Conrad Burns R MT on April 10 2003Passed the Senate on October 22 2003 97 0 Passed the House on November 22 2003 392 5 Signed into law by President George W Bush on December 16 2003 Contents 1 History 2 The mechanics of CAN SPAM 2 1 Applicability 2 2 Unsubscribe compliance 2 3 Content compliance 2 4 Sending behavior compliance 2 4 1 Criminal offenses 3 Private right of action 4 Overriding state anti spam laws 5 CAN SPAM and the FTC 6 Reaction 7 Criminal enforcement 8 Civil enforcement 9 See also 10 References 10 1 Notes 10 2 Citations 11 External linksHistory editThe backronym CAN SPAM derives from the bill s full name Controlling the Assault of Non Solicited Pornography And Marketing Act of 2003 It plays on the word canning putting an end to spam as in the usual term for unsolicited email of this type The bill was sponsored in Congress by Senators Conrad Burns and Ron Wyden The CAN SPAM Act is occasionally referred to by critics as the You Can Spam Act because the bill fails to prohibit many types of e mail spam and preempts some state laws that would otherwise have provided victims with practical means of redress In particular it does not require e mailers to get permission before they send marketing messages 3 It also prevents states from enacting stronger anti spam protections and prohibits individuals who receive spam from suing spammers except under laws not specific to e mail The Act has been largely unenforced 4 despite a letter to the FTC from Senator Burns who noted that Enforcement is key regarding the CAN SPAM legislation In 2004 less than 1 of spam complied with the CAN SPAM Act of 2003 5 The law prescribed the FTC to report back to Congress within 24 months of the effectiveness of the act 6 Once this took place no changes were recommended It also requires the FTC to promulgate rules to shield consumers from unwanted mobile phone spam On December 20 2005 the FTC reported that the volume of spam has begun to level off and due to enhanced anti spam technologies less was reaching consumer inboxes A significant decrease in sexually explicit e mail was also reported 7 Later modifications changed the original CAN SPAM Act of 2003 by 1 Adding a definition of the term person 2 Modifying the term sender 3 Clarifying that a sender may comply with the act by including a post office box or private mailbox and 4 Clarifying that to submit a valid opt out request a recipient cannot be required to pay a fee provide information other than his or her email address and opt out preferences or take any other steps other than sending a reply email message or visiting a single page on an Internet website The mechanics of CAN SPAM editApplicability edit CAN SPAM a direct response of the growing number of complaints over spam e mails 8 defines a commercial electronic mail message as any electronic mail message the primary purpose of which is the commercial advertisement or promotion of a commercial product or service including content on an Internet website operated for a commercial purpose It exempts transactional or relationship messages The FTC issued final rules 9 16 CFR 316 clarifying the phrase primary purpose on December 16 2004 Previous state laws had used bulk a number threshold content commercial or unsolicited to define spam The explicit restriction of the law to commercial e mails is widely considered by those in the industry 10 11 to essentially exempt purely political and religious e mail from its specific requirements Such non commercial messages also have stronger First Amendment protection as shown in Jaynes v Commonwealth 12 Congress determined that the US government was showing an increased interest in the regulation of commercial electronic mail nationally that those who send commercial e mails should not mislead recipients over the source or content of them and that all recipients of such emails have a right to decline them 8 However CAN SPAM does not ban spam emailing outright but imposes laws on using deceptive marketing methods through headings that are materially false or misleading In addition there are conditions that email marketers must meet in terms of their format their content and labeling 8 The three basic types of compliance defined in the CAN SPAM Act unsubscribe content and sending behavior are as follows Unsubscribe compliance edit A visible and operable unsubscribe mechanism is present in all emails Consumer opt out requests are honored within 10 business days 13 Opt out lists also known as suppression lists are used only for compliance purposes Content compliance edit Accurate From lines 14 Relevant subject lines relative to offer in body content and not deceptive 14 A legitimate physical address of the publisher or advertiser is present PO Box addresses are acceptable in compliance with 16 CFR 316 2 and if the email is sent by a third party the legitimate physical address of the entity whose products or services are promoted through the email should be visible A label is present if the content is adult Sending behavior compliance edit A message cannot be sent without an unsubscribe option A message cannot contain a false header A message should contain at least one sentence 15 A message cannot be null 15 Unsubscribe option should be below the message 16 There are no restrictions against a company emailing its existing customers or anyone who has inquired about its products or services even if these individuals have not given permission as these messages are classified as relationship messages under CAN SPAM 17 But when sending unsolicited commercial emails it must be stated that the email is an advertisement or a marketing solicitation Note that recipients who have signed up to receive commercial messages from you are exempt from this rule If a user opts out a sender has ten days to cease sending and can use that email address only for compliance purposes The legislation also prohibits the sale or other transfer of an e mail address after an opt out request The law also requires that the unsubscribe mechanism must be able to process opt out requests for at least 30 days after the transmission of the original message 18 Use of automated means to register for multiple e mail accounts from which to send spam compound other violations It prohibits sending sexually oriented spam without the label later determined by the FTC of SEXUALLY EXPLICIT This label replaced the similar state labeling requirements of ADV ADLT or ADLT CAN SPAM makes it a misdemeanor to send spam with falsified header information 19 A host of other common spamming practices can make a CAN SPAM violation an aggravated offense including harvesting dictionary attacks IP address spoofing hijacking computers through Trojan horses or worms or using open mail relays for the purpose of sending spam Criminal offenses edit Although according to the law legitimate businesses and marketers should be conscientious regarding the aspects mentioned above there are misinterpretations and fraudulent practices that are viewed as criminal offenses Sending multiple spam emails with the use of a hijacked computer Sending multiple emails through Internet Protocol addresses that the sender represents falsely as being his her property Trying to disguise the source of the email and to deceive recipients regarding the origins of the emails by routing them through other computers Sending multiple spam emails via multiple mailings with falsified information in the header Using various email accounts obtained by falsifying account registration information in order to send multiple spam emails 20 Private right of action editCAN SPAM provides a limited private right of action to Internet Access Services that have been adversely affected by the receipt of emails that violate the Act 21 and does not allow natural persons to bring suit 22 A CAN SPAM plaintiff must satisfy a higher standard of proof as compared with government agencies enforcing the Act thus a private plaintiff must demonstrate that the defendant either sent the email at issue or paid another person to send it knowing that the sender would violate the Act Despite this heightened standard private CAN SPAM lawsuits have cropped up around the country as plaintiffs seek to take advantage of the statutory damages available under the Act citation needed Overriding state anti spam laws editCAN SPAM preempts supersedes state anti spam laws that do not deal with false or deceptive activity 23 The relevant portion of CAN SPAM reads This chapter supersedes any statute regulation or rule of a State or political subdivision of a State that expressly regulates the use of electronic mail to send commercial messages except to the extent that any such statute regulation or rule prohibits falsity or deception in any portion of a commercial electronic mail message or information attached thereto Though this move was criticized by some anti spam activists some legal commentators praised it citing a heavily punitive California law seen as over broad and a wave of allegedly dubious suits filed in Utah 24 CAN SPAM and the FTC editCAN SPAM allows the FTC to implement a national do not email list similar to the FTC s popular National Do Not Call Registry against telemarketing or to report back to Congress why the creation of such a list is not currently feasible The FTC soundly rejected this proposal and such a list will not be implemented The FTC concluded that the lack of authentication of email would undermine the list and it could raise security concerns The legislation prohibits e mail recipients from suing spammers or filing class action lawsuits It allows enforcement by the FTC State Attorneys General Internet service providers and other federal agencies for special categories of spammers such as banks An individual might be able to sue as an ISP if s he ran a mail server but this would likely be cost prohibitive and would not necessarily hold up in court Individuals can also sue using state laws about fraud such as Virginia s that gives standing based on actual damages in effect limiting enforcement to ISPs The McCain amendment 25 made businesses promoted in spam subject to FTC penalties and enforcement remedies if they knew or should have known that their business was being promoted by the use of spam This amendment was designed to close a loophole that allowed those running affiliate programs to allow spammers to abuse their programs and encouraged such businesses to assist the FTC in identifying such spammers Senator Corzine sponsored an amendment to allow bounties for some informants 26 The FTC has limited these bounties to individuals with inside information 26 The bounties are expected to be over 100 000 but none have been awarded yet 26 Reaction editThose opposing spam greeted the new law with dismay and disappointment almost immediately dubbing it the You Can Spam Act 27 28 Internet activists who work to stop spam stated that the Act would not prevent any spam in fact it appeared to give federal approval to the practice and it was feared that spam would increase as a result of the law CAUCE Coalition Against Unsolicited Commercial Email stated This legislation fails the most fundamental test of any anti spam law in that it neglects to actually tell any marketers not to spam Instead it gives each marketer in the United States one free shot at each consumer s e mail inbox and will force companies to continue to deploy costly and disruptive anti spam technologies to block advertising messages from reaching their employees on company time and using company resources It also fails to learn from the experiences of the states and other countries that have tried opt out legal frameworks where marketers must be asked to stop to no avail 29 AOL Executive Vice President and General Counsel Randall Boe stated CAN SPAM not only empowered us to help can the spam but also to can the spammers as well Our actions today clearly demonstrate that CAN SPAM is alive and kicking and we re using it to give hardcore outlaw spammers the boot Advertising organizations such as the Data amp Marketing Association DMA have sought to weaken implementation of the law in various ways These include lengthening the time for honoring opt outs from 10 business days to 31 calendar days limiting the validity of opt out requests to no more than two to three years and eliminating rewards to persons who assist the Federal Trade Commission in enforcement of the act 30 The DMA has also opposed provisions requiring the subject line of spam to indicate that the message is an advertisement 31 Criminal enforcement editOn February 16 2005 Anthony Greco 18 of Cheektowaga New York was the first person to be arrested under the CAN SPAM Act of 2003 After pleading guilty he was sentenced in a closed session 32 33 Within a few months hundreds of lawsuits had been filed by an alliance of ISPs Many of these efforts resulted in settlements most are still pending needs update Though most defendants were John Does many spam operations such as Scott Richter s were known On April 29 2004 the United States government brought the first criminal and civil charges under the Act Criminal charges were filed by the United States Attorney for the Eastern District of Michigan and the FTC filed a civil enforcement action in the Northern District of Illinois The defendants were a company Phoenix Avatar and four associated individuals Daniel J Lin James J Lin Mark M Sadek and Christopher Chung of West Bloomfield Michigan Defendants were charged with sending hundreds of thousands of spam emails advertising a diet patch and hormone products The FTC stated that these products were effectively worthless Authorities said they face up to five years in prison under the anti spam law and up to 20 years in prison under U S mail fraud statutes On September 27 2004 Nicholas Tombros pled guilty to charges and became the first spammer to be convicted under the Can Spam Act of 2003 34 He was sentenced in July 2007 to three years probation six months house arrest and a fine of 10 000 35 On April 1 2006 Mounir Balarbi of Tangier Morocco was the first person outside the United States to have an arrest warrant validated under the CAN SPAM Act of 2003 Mounir s trial was held in absentia and he was sentenced in a closed session 33 36 On January 16 2006 Jeffrey Goodin 45 of Azusa California was convicted by a jury in United States district court in Los Angeles in United States v Goodin U S District Court Central District of California 06 110 under the CAN SPAM Act the first conviction under the Act 37 and on June 11 2007 he was sentenced to 70 months in federal prison Out of a potential sentence of 101 years prosecutors asked for a sentence of 94 months Goodin was already detained in custody as he had missed a court hearing 38 As of late 2006 CAN SPAM has been all but ignored by spammers A review of spam levels in October 2006 estimated that 75 of all email messages were spam and the number of spam emails complying with the requirements of the law were estimated to be 0 27 of all spam emails As of 2010 update about 90 of email was spam 39 40 On August 25 2005 three people were indicted on two counts of fraud and one count of criminal conspiracy 41 On March 6 2006 Jennifer R Clason 33 of Raymond New Hampshire pled guilty and was to be sentenced on June 5 2006 She faced a maximum sentence of 5 years on each of the three counts and agreed to forfeit money received in the commission of these crimes 42 On June 25 2007 the remaining two were convicted of spamming out millions of e mail messages that included hardcore pornographic images Jeffrey A Kilbride 41 of Venice California and James R Schaffer 41 of Paradise Valley Arizona were convicted on eight counts in U S District Court in Phoenix Arizona Both were sentenced to five years in prison and ordered to forfeit 1 300 000 The charges included conspiracy fraud money laundering and transportation of obscene materials The trial which began on June 5 was the first to include charges under the CAN SPAM Act of 2003 according to the Department of Justice The specific law that prosecutors used under the CAN Spam Act was designed to crack down on the transmission of pornography in spam 43 44 Two other men Andrew D Ellifson 31 of Scottsdale Arizona and Kirk F Rogers 43 of Manhattan Beach California also pled guilty to charges under the CAN SPAM Act related to this spamming operation Both were scheduled to be sentenced on June 5 2006 in Phoenix 42 After sentencing Ellifson received a presidential pardon by President Obama 45 Civil enforcement editIn July 2005 the Federal Trade Commission lodged civil CAN SPAM complaints against nine companies alleging that they were responsible for spam emails that had been sent by them or by their affiliates 46 47 Eight of the nine companies Cyberheat 48 of Tucson Arizona APC Entertainment Inc 49 of Davie Florida MD Media Inc 50 of Bingham Farms Michigan Pure Marketing Solutions LLC 51 of Tampa Florida TJ Web Productions LLC 52 of Tampa Florida and BangBros com Inc RK Netmedia Inc and OX Ideas Inc LLC 53 of Miami Florida entered into stipulated consent decrees Impulse Media Group Inc 54 of Seattle Washington represented by CarpeLaw PLLC defended the case brought against it 55 56 The Department of Justice asserted that the CAN SPAM statute imposed strict liability on producers such as Impulse Media for the actions of its non agent independent contractor affiliates However the two courts to consider that argument rejected the DOJ s contention 57 58 In March 2008 the remaining defendant Impulse Media Group went to trial At trial it was determined that IMG s Affiliate Agreement specifically prohibited spam bulk email and that if an affiliate violated that agreement it would be terminated from the program In fact several affiliates had been terminated for that very reason After a 2 day trial the jury retired to determine whether Impulse Media should be held liable for the bad acts of its affiliates Three and one half hours later the jury returned with a verdict that IMG was not liable and that the emails were the fault of the affiliates 59 In March 2006 the FTC obtained its largest settlement to date a 900 000 consent decree against Jumpstart Technologies LLC for numerous alleged violations of the CAN SPAM act 60 However the FTC has never prevailed at trial with their theory of strict liability See also editCommunications Act of 1934 Pub L Tooltip Public Law United States 73 416 Do Not Call Implementation Act of 2003 Pub L Tooltip Public Law United States 108 10 text PDF Email spam General Data Protection Regulation Junk Fax Prevention Act of 2005 Pub L Tooltip Public Law United States 109 21 text PDF Spamming Suppression list Email spam legislation by countryReferences editNotes edit Lee Younghwa June 2005 The CAN SPAM Act A Silver Bullet Solution Communications of the ACM p 131 132 Citations edit Burns Conrad R 2003 12 16 S 877 108th Congress 2003 2004 CAN SPAM Act of 2003 www congress gov Retrieved 2021 06 26 Kigerl Alex C 2018 03 01 Email spam origins does the CAN SPAM act shift spam beyond United States jurisdiction Trends in Organized Crime 21 1 62 78 doi 10 1007 s12117 016 9289 9 ISSN 1936 4830 With This Law You Can Spam Wired January 23 2004 Retrieved March 21 2009 United States A New Weapon in The Fight Against Spam mondaq Retrieved March 21 2009 Is the CAN SPAM Law Working PC World Retrieved May 12 2015 SPAM reports page FTC Archived from the original on December 17 2008 Retrieved March 21 2009 Effectiveness and Enforcement of the CAN SPAM Act A Report to Congress PDF FTC Archived from the original on 8 October 2013 Retrieved 8 October 2015 a href Template Cite web html title Template Cite web cite web a CS1 maint bot original URL status unknown link a b c How To Do Email Marketing Right Aplegal com 21 July 2014 Retrieved 15 August 2014 Definitions and Implementation Under the CAN SPAM Act PDF FTC Archived from the original PDF on February 7 2009 Retrieved March 21 2009 Roth Wendy The Letter of the CAN SPAM Law iMedia Connection Retrieved 8 October 2015 Atkins Laura 21 May 2008 Political Spam Word to the Wise Retrieved 8 October 2015 Helman Igor SPAM A LOT THE STATES CRUSADE AGAINST UNSOLICITED E MAIL IN LIGHT OF THE CAN SPAM ACT AND THE OVERBREADTH DOCTRINE PDF Boston College Law Review Retrieved 8 October 2015 The CAN SPAM Act Trying to Protect Consumers From Unsolicited Commercial E Mail Consumer findlaw com Retrieved 15 August 2014 a b CAN SPAM Act A Compliance Guide for Business Federal Trade Commission 2 September 2009 Archived from the original on 2018 01 12 Retrieved 2018 01 12 a b canspam act CAN SPAM Act A Compliance Guide for Business Federal Trade Commission 2 September 2009 Archived from the original on 2016 09 18 Retrieved 2016 09 19 15 U S C 7702 17 15 U S C 7704 a 3 15 U S C 7704 a Technology What You Need To Know About Complying With CAN SPAM Act Presti amp Naegele Retrieved 7 January 2015 CAN SPAM Act of 2003 Private Right of Action for LII Legal Information Institute Retrieved 2022 05 07 Do I have ANY recourse under the CAN SPAM Act LII Legal Information Institute Retrieved 2022 05 07 Swire Peter Kennedy Mayo DeBrae 2020 U S Private Sector Privacy United States IAPP p 293 ISBN 978 1 948771 37 5 You May Already Be a Loser Reason com 8 December 2003 Retrieved 7 January 2015 Spam Anne Mitchell Clarifies The McCain Amendment Archived from the original on 2009 12 07 a b c Bill Summary amp Status 108th Congress 2003 2004 S AMDT 1896 Thomas loc gov Archived from the original on 2015 10 18 Retrieved 7 January 2015 The Gripe Line Weblog by ed Foster Archived from the original on 2007 04 06 Retrieved 2007 03 09 United States set to Legalize Spamming on January 1 2004 Spamhaus org Retrieved 7 January 2015 CAUCE Statement on CAN SPAM Act localfamemedia com Archived from the original on 22 January 2015 Retrieved 21 January 2015 CAN SPAM Act Rulemaking Project No R411008 PDF The dma org Archived from the original PDF on 24 January 2013 Retrieved 7 January 2015 COMMENTS of the DIRECT MARKETING ASSOCIATION INC Responding to the Notice of Proposed Rulemaking re Primary Purpose PDF The dma org Archived from the original PDF on 3 September 2013 Retrieved 7 January 2015 Arrest but no relief from IM spam InfoWorld News 2005 02 22 by Paul Roberts IDG News Service Archived from the original on 2007 10 17 Retrieved 2007 10 06 a b NY spammer sentenced in closed session Theage com au 18 October 2005 Retrieved 7 January 2015 First War Spammer Convicted Under Fed Laws FBI War Driving Pornographic Spammer Escapes Jail Time InformationWeek Retrieved 7 January 2015 1 dead link Pettersson Edvard 2006 01 16 California Man Guilty of Defrauding AOL Subscribers U S Says Bloomberg com Retrieved 2007 01 22 California Man Gets 6 Year Sentence For Phishing InformationWeek Retrieved 7 January 2015 BarracudaCentral org Technical Insight for Security Pros Barracudacentral org Retrieved 7 January 2015 Spam Fighter statistics Spamfighter com Archived from the original on 19 August 2014 Retrieved 7 January 2015 Routine Maintenance Law com Retrieved 7 January 2015 a b 06 123 03 06 06 Third Defendant Pleads Guilty In Prosecution Of Major International Pornographic Spam Operation Usdoj gov Retrieved 7 January 2015 Two Men Convicted Of Spamming Pornography InformationWeek Retrieved 7 January 2015 Tracy McVeigh 2007 10 14 Porn spammers jailed for five years Guardian Unlimited Retrieved 2007 10 14 Pardons Granted by President Barack Obama 2009 2017 Archived from the original on 2019 08 24 Retrieved 2019 06 26 FTC Cracks Down on Illegal X rated Spam Ftc gov 20 July 2005 Retrieved 7 January 2015 Federal Trade Commission 2005 07 20 FTC Cracks down on Illegal X rated Spam Federal Trade Commission Retrieved 2009 02 23 Cyberheat Inc et al US vs Ftc gov 20 July 2005 Retrieved 7 January 2015 APC Entertainment Inc et al US Ftc gov 20 July 2005 Retrieved 7 January 2015 MD Media Inc et al US vs Ftc gov 20 July 2005 Retrieved 7 January 2015 Pure Marketing Solutions LLC et al US vs Ftc gov 20 July 2005 Retrieved 7 January 2015 TJ Web Productions LLC et al US vs Ftc gov 20 July 2005 Retrieved 7 January 2015 BangBros com Inc et al US vs Ftc gov Retrieved 7 January 2015 Impulse Media Group Inc et al US vs Ftc gov 20 July 2005 Retrieved 7 January 2015 NOTICE of Appearance by attorney Robert S Apgood on behalf of Defendant Impulse Media Group Inc for United States of America v Impulse Media Group Inc Justia Dockets amp Filings Justia Dockets amp Filings Retrieved 7 January 2015 CarpeLaw stands alone in defending fully litigated CAN SPAM claims made by the Department of Justice archived from the original on 2013 07 29 a href Template Citation html title Template Citation citation a CS1 maint bot original URL status unknown link ORDER DENYING MOTIONS FOR SUMMARY JUDGMENT denying 17 Motion for Summary Judgment denying 23 Motion for Summary Judgment by Judge Robert S Lasnik for United States of America v Impulse Media Group Inc Justia Dockets amp Filings Justia Dockets amp Filings Retrieved 7 January 2015 Attachment 1 NOTICE of Filing in a Related Proceeding filed by Plaintiff United States of America for United States of America v Impulse Media Group Inc Justia Dockets amp Filings Justia Dockets amp Filings Retrieved 7 January 2015 Adult Web business off the hook for spam seattlepi com 25 March 2008 Retrieved 7 January 2015 FTC Slams Spammer in Pocketbook Archived from the original on 2011 04 12 a href Template Cite web html title Template Cite web cite web a CS1 maint bot original URL status unknown link External links editCAN SPAM Act of 2003 PDF details as amended in the GPO Statute Compilations collection The full text of the CAN SPAM Act in HTML Format FCC CAN SPAM Act Policy CAN SPAM Act FTC Compliance Guide Archived 2016 09 18 at the Wayback Machine Cybertelecom Can Spam Act Hearing on SPAM and Its Effects on Small Business October 30 2003 House of Representatives Committee on Small Business Subcommittee on Regulatory Reform and Oversight Retrieved from https en wikipedia org w index php title CAN SPAM Act of 2003 amp oldid 1212450840, wikipedia, wiki, book, books, library,

article

, read, download, free, free download, mp3, video, mp4, 3gp, jpg, jpeg, gif, png, picture, music, song, movie, book, game, games.