There are also drawbacks to many technical solutions. Spam filters tend to block some legitimate e-mail along with the intruders, an uncomfortable compromise for anyone who relies on e-mail for personal or business reasons. This is also harmful to marketers, who may be blocked either because of a filter error or because their company's SMTP server has been hijacked by spammers for mail relay purposes.
Additionally, it's important to note that block-list services are held to no standard of accountability. This can only be bad for legitimate e-mail marketers, who may be block-listed due to an innocent sending error or a policy change on the part of the block-list service.
"Our lists are nothing more than our opinion about their email practices, each fully backed up by documented fact," says Anne Mitchell, director of legal and public affairs for MAPS. "We simply publish that information, much like Consumer Reports or a restaurant reviewer."
None of this is good news for online marketers, all of whom are dependent, to some extent, on the accuracy of spam filters and the definitions chosen by services like MAPS to get their messages out.
An unannounced policy change on the part of a block-list or a filter error can be disastrous, in terms of both sales and PR. When that happens, it doesn't matter whether a marketer's permission policy is opt-out, opt-in, or the so-called "double opt-in" (a.k.a. "opt-in with verification"). It's a situation many find intolerable.
For these reasons and others, consumer groups and e-mail marketing interests alike are hopeful that the worst perpetrators of spam can be sued out of business. It's a daunting proposition, given the huge number of spammers and the difficulty in tracing them, but a number of precedents have already been established which may point to a future victory over spam.
"Go Ahead, Sue Me,"
As the rising tide of spam threatens to swamp e-mail recipients and drown out the messages of legitimate marketers, some are hoping that the government -- in the form of Congress and the Federal Trade Commission -- will take meaningful action.
So far, existing laws have proven to be helpful in some cases. As most marketers are by now aware, a number of spammers have been successfully defeated in court by ISPs and even by solo recipients of unsolicited e-mail.
A number of early examples involved Cyber Promotions, a major bulk e-mailer of the mid-'90s. Cyber Promotions sued AOL in 1996, after AOL received complaints of spam and blocked its messages. The spammer sued the ISP, arguing that it had a first amendment right to send junk e-mail and that AOL was in violation of the constitution. The court ruled in AOL's favor in two separate decisions. Shortly thereafter, CompuServe filed an injunction against Cyber Promotions and won.
"In 1996 and 1997, the most important were the suits by AOL and CompuServe against Cyber Promotions," said Junkbusters executive director Jason Catlett. "They established that there's no first amendment right to spam and that ISPs could take actions on behalf of their customers' privacy."
Since then, AOL has filed a huge number of injunctions against spammers, and other ISPs have followed its lead. It's hard to know how many, because ISPs rarely publicize the information and because many complaints are now settled out of court. However, these lawsuits and settlements have done little to curb the flow of spam, mainly because it's so easy for a chastised spammer to turn around and spam again.
"The real problem is that it's trivially easy to create a new identity, send millions of spams, then disappear," according to professor David Sorkin of the John Marshall Law School. Sorkin believes that a simply worded federal law making it illegal to send unsolicted bulk e-mail would help. Problem is, no such law exists.
State Laws: 19; Federal Laws: Zero
Laws with implications for spam have been passed in almost half of the United States, and have accounted for the most dramatic court actions taken against spammers so far in the U.S.
In Washington state, Bennett Haselton was handed four well-publicized victories in small claims court last December.
Haselton, who heads Web advocacy nonprofit Peacefire.org, is in the process of assembling a guide to suing spammers under Washington law.
"I'm hoping that if enough Washingtonians file lawsuits against spammers, it will become too risky and expensive for people to spam," Hasselton said. "And the amount of spam received by everybody will go down."
Haselton is now organizing a class action suit, naming one defendant and 50 plaintiffs. The strategy, if it works, is to seek higher damages for a larger base of spam recipients and thereby increase the deterrent for would-be bulk e-mailers.
While there are no national laws in the U.S. regulating unsolicited e-mail, several bills are pending before the House. H.R.718, identical to two previous bills, would require unsolicited commercial e-mail to be labelled, to include opt-out instructions, and to use accurate header information.
But many Web activists say the laws so far under consideration are too weak. Anne Mitchell, director of legal and public affairs for Mail Abuse Prevention System (MAPS), would rather see an absolute legal standard -- specifically, universal opt-in with verification, which she refers to as "confirmed opt-in." The FTC has so far implicitly supported the "opt-out" standard, a premise she rejects.
"Any scheme which gives an air of legitimacy to opt-out simply exacerbates the problem," she says, pointing out the difficulty in proving which recipients have signed up and which have simply been crawled. "And that is assuming that the lists actually honor the unsubscribe requests, which many... do not."
Standard or no standard, the issue is clearly becoming a priority to Congress, if the number of bills being introduced is any indication. But even more important than getting a federal bill passed is the issue of enforcement. How well equipped is the FTC to follow up on the thousands of reports of illegal marketing activity that would follow passage of an anti-spam bill?
The Federal Trade Commission, which has historically kept out of the spam battle, underwent a shuffle in its leadership in 2001. Timothy Muris was sworn in as chairman in June -- replacing Robert Pitofsky, a chairman who had promised much and delivered little in the privacy wars. Additionally, December saw the appointment of commissioner Orson Swindle to a key security and privacy review post. Jointly, the two have announced a plan to crack down on those using fraudulent headers.