With a name like Can Spam, what did you expect


Technical and legal experts from California (which has some stringent anti- spam laws of its own) are weighing in on the CANSPAM act, passed by congress and signed into law in December by President Bush. The word... well, with it you Can Spam.

I'm reminded of the faux advertisement for the flowbie look-alike in the first Wayne's World. For those of you who don't remember, the device was called the "SuckCut." Wayne's response, "Well, it sure does suck!"

What is the problem with the CANSPAM act? There are a few different arguments. One is that it tries to be too one-size-fits all and by overruled existing state legislation actually reduces the amount of "protection" provided to end- users by the existing laws.

In an article from Wired, legal expert and Stanford Law Professor Lawrence Lessig was quoted as calling the act "an abomination at the federal level." Lessig is well known in the Internet community as being a strong privacy and innovation advocate.

One of his largest gripes is that legislation at the state level that would have allowed individuals to sue spammers directly has now been pre-empted by the federal legislation, that provides no such right.

My problem with it is that spam is like tax evasion, and like tax evasion needs to be treated in a manner that makes the spammer paranoid. If you ever have asked your accountant about a questionable tax item, wondering "can I deduct this?" they will invariably tell you "probably." The reason for this is that most federal statutes pertaining to federal income tax are pretty vague. This gives the IRS a large stick to hit people with because they get to interpret the law. As annoying as it can be to try and figure out how the IRS interprets things like the difference between a business that loses money and a hobby, it does keep those who willfully attempt to subvert the system on their toes because there are no hard and fast safe havens for "proving" that you are doing the right thing. The same thing needs to be done with spam.

CANSPAM basically creates safe havens by writing specific rules by which the spammers must operate and providing them an opportunity to seek out the loopholes to create minimum compliance. If you doubt this is going on, check out CAN-SPAM 2003, it's a web site devoted to selling a book and some software that makes it easy for internet marketers to "comply" with the legislation.

Further, it leaves open the problem of how to deal with spam from other countries. In the end, as much as I'd like to see a magic wand approach to this problem, SPAM appears to be one of those things that just won't go away and needs to be treated in a defensive posture. For those with Macintoshes (so far), it's an annoying problem, but there is some help from OS X's Mail program and its learning spam filter. For those on PCs, it means a continuation of the hunt for good anti-spam software and (more importantly) the constant vigil against viruses. These days, many of the most prolific viruses are arriving along with spam (such as the recent forged PayPal notices that contained a virus).