Order Code RS20037
Updated October 23, 2002
CRS Report for Congress
Received through the CRS Web
“Junk E-mail”: An Overview of Issues and
Legislation Concerning Unsolicited
Commercial Electronic Mail (“Spam”)
Marcia S. Smith
Specialist in Aerospace and Telecommunications Policy
Resources, Science, and Industry Division
Summary
Unsolicited commercial e-mail (UCE), also called “spam” or “junk e-mail,”
aggravates many computer users. Not only can it be a nuisance, but its cost may be
passed on to consumers through higher charges from Internet service providers who
must upgrade their systems to handle the traffic. Proponents of UCE insist it is a
legitimate marketing technique and protected by the First Amendment. Legislation to
place limits on UCE was considered by the last two Congresses, but no bill cleared
Congress. Several bills have been introduced in the 107th Congress. H.R. 718 was
reported from the House Energy and Commerce Committee and the House Judiciary
Committee (H.Rept. 107-41, Parts 1 and 2). The two versions are quite different. S.
630 was reported from the Senate Commerce Committee on October 16 (S.Rept. 107-
318). This report will be updated.
Overview
One aspect of increased use of the Internet for electronic mail (e-mail) has been the
advent of unsolicited advertising, also called “unsolicited commercial e-mail (UCE),”
“unsolicited bulk e-mail,” “junk e-mail, ”or “spam.”1 Issues involved in the debate are
reviewed in Report to the Federal Trade Commission of the Ad-Hoc Working Group on
Unsolicited Commercial Email [http://www.cdt.org/spam].
1 The origin of the term spam for unsolicited commercial e-mail was recounted in
Computerworld, April 5, 1999, p. 70: “It all started in early Internet chat rooms and interactive
fantasy games where someone repeating the same sentence or comment was said to be making
a ‘spam.’ The term referred to a Monty Python’s Flying Circus scene in which actors keep saying
‘Spam, Spam, Spam and Spam’ when reading options from a menu.”
Congressional Research Service ˜ The Library of Congress
CRS-2
Consumers may file a complaint about spam with the Federal Trade Commission
(FTC) by visiting the FTC Web site [http://www.ftc.gov] and scrolling down to
“complaint form” at the bottom of the page. The offending spam also may be forwarded
to the FTC (UCE@ftc.gov) to assist the FTC in monitoring UCE trends and
developments. Three consumer publications are available on the FTC Web site
[http://www.ftc.gov/opa/1999/9911/spam.htm]. Separately, CNET.com, a non-
government site, has tips for consumers on how to protect themselves from spam at
[http://home.cnet.com/internet/0-3793-8-5181225-1.html].
In 1991, Congress passed the Telephone Consumer Protection Act (P.L. 102-243)
that prohibits, inter alia, unsolicited advertising via facsimile machines, or “junk fax”
(see CRS Report RL30763, Telemarketing: Dealing with Unwanted Telephone Calls).
Many think there should be an analogous law for computers, or some method for letting
a consumer know before opening an e-mail message whether or not it is UCE and how
to direct the sender to cease transmission of such messages. At a November 3, 1999
hearing of the House Commerce telecommunications subcommittee, a representative of
SBC Internet Services stated that 35% of all the e-mail transmitted over SBC’s Internet
systems in its Pacific Bell and Southwestern Bell regions is UCE.
Opponents of junk e-mail argue that not only is it annoying and an invasion of
privacy,2 but that its cost is borne by consumers, not marketers. Consumers reportedly are
charged higher fees by Internet service providers that must invest resources to upgrade
equipment to manage the high volume of e-mail, deal with customer complaints, and
mount legal challenges to junk e-mailers. Consumers also may incur costs for the time
spent reading and/or deleting such e-mail. Some want to prevent bulk e-mailers from
sending messages to anyone with whom they do not have an established business
relationship, treating junk e-mail the same way as junk fax. The Coalition Against
Unsolicited Commercial Email (CAUCE) [http://www.cauce.org] is one group opposing
spam. Its founder, Ray Everett-Church, is cited in the January 31, 2001 edition of
Newsday as saying that some Internet Service Providers (ISPs) estimate that spam costs
consumers about $2-3 per month. The European Commission estimates that Internet
subscribers globally pay 10 billion Euros a year in connection costs to download spam
[http://europa.eu.int/comm/internal_market/en/dataprot/studies/spam.htm].
Proponents of UCE argue that it is a valid method of advertising. The Direct
Marketing Association (DMA), for example, argued for several years that instead of
banning UCE, individuals should be given the opportunity to “opt-out” by notifying the
sender that they want to be removed from the mailing list. Hoping to demonstrate that
self regulation could work, in January 2000, the DMA launched the E-mail Preference
Service where consumers who wish to opt-out can register themselves at a DMA Web site
[http://www.e-mps.org]. DMA members sending UCE must check their lists of
recipients and delete those who have opted out. Critics argue that most spam does not
come from DMA members, so the plan is insufficient. On October 20, 2002, the DMA
agreed it was insufficient, announcing that it would pursue legislation to battle the rising
volume of spam. A DMA official said spam must be curbed “to preserve the promise of
e-mai l as t h e n ex t great m ar k et i n g chan n el ” [ h t t p : / / w ww.the-
dma.org/cgi/disppressrelease?article=354].
2 For more on Internet privacy issues, see CRS Report RL31408.
CRS-3
To date, the issue of restraining junk e-mail has been fought primarily over the
Internet or in the courts. Some Internet service providers (ISPs) will return junk e-mail to
its origin, and groups opposed to junk e-mail will send blasts of e-mail to a mass e-mail
company, disrupting the company’s computer systems. Filtering software also is available
to screen out e-mail based on keywords or return addresses. Knowing this, mass e-
mailers may avoid certain keywords or continually change addresses to foil the software,
however. In the courts, ISPs with unhappy customers and businesses that believe their
reputations have been tarnished by misrepresentations in junk e-mail have brought suit
against mass e-mailers.
Some UCE either contains indecent material or links to Web sites where indecent
material is available. Thus, controls over junk e-mail have also arisen in the context of
protecting children from unsuitable material. The House Judiciary Committee version of
H.R. 718 (see below) and H.R. 2472 address this issue. Other spam involves fraud. On
February 12, 2002, the FTC announced that seven defendants caught in an FTC sting
involving illegal chain letters had agreed to settle charges, and that it was mailing warning
letters to more than 2,000 individuals still involved in the chain letter scheme (the FTC
press release is available at [http://www.ftc.gov/opa/2002/02/eileenspam1.html].
State Action
Although the U.S. Congress has not passed a law addressing junk e-mail, several
states have passed or considered such legislation. According to the SpamLaws Web site
[http://www.spamlaws.com], 25 states have passed laws regulating spam: Arkansas,
California, Colorado, Connecticut, Delaware, Idaho, Illinois, Iowa, Kansas, Louisiana,
Maryland, Minnesota, Missouri, Nevada, North Carolina, Oklahoma, Pennsylvania,
Rhode Island, South Dakota, Tennessee, Utah, Virginia, Washington, West Virginia, and
Wisconsin. The specifics of each law varies. Summaries of and links to each law are
provided on that Web site.
Congressional Action
The House and Senate each passed legislation during the 105th Congress addressing
UCE, but no bill ultimately cleared Congress. The Senate-passed version of S. 1618
(concerning “slamming”) would have required senders of UCE to clearly identify in the
subject line of the message that it was an advertisement, required Internet service
providers to make software available to their subscribers to block such e-mail, and
prohibited sending e-mail to anyone who had asked not to receive such mail (“opt-out”)
The House-passed version of the bill (H.R. 3888) included a sense of Congress statement
that industry should self-regulate. Conference agreement was not reached. Several UCE
bills were introduced in the 106th Congress. One, H.R. 3113, passed the House.
In the 107th Congress, several spam bills have been introduced: H.R. 95 (Green),
H.R. 718 (Wilson), H.R. 1017 (Goodlatte), H.R. 3146 (Smith) and S. 630 (Burns). H.R.
2472 (Lofgren) is not a spam bill per se, but would require marks or notices on e-mail
forwarded to minors that contains sexually oriented advertising. Since both the House
Energy and Commerce Committee and the House Judiciary Committees have acted on
H.R. 718, and the brevity of this report precludes lengthy narrative, it is the only House
CRS-4
bill summarized below. Note that some of the bills refer to “providers of Internet access
service” which is abbreviated “ISP,” for Internet Service Provider, in the text below.
H.R. 718 (Wilson) was referred to the House Energy and Commerce Committee
and the House Judiciary Committee. As introduced, it was the same as H.R. 3113 from
the 106th Congress, but was altered by the House Energy and Commerce Committee
(H.Rept. 107-41, Part 1) and the House Judiciary Committee (H.Rept. 107-41, Part 2).
The two committee versions are substantially different.
As reported from the House Energy and Commerce Committee, H.R. 718 would
be entitled the Unsolicited Commercial Electronic Mail Act and would —
•
define unsolicited commercial electronic mail (UCE), inter alia, as commercial e-
mail sent to a recipient without the recipient’s prior consent and with whom the
initiator does not have a pre-existing business relationship.
•
amend 18 U.S.C. 10303 to prohibit the intentional initiation of transmission of any
UCE to a protected computer in the United States with knowledge that certain
identifying information is false.
•
make it unlawful to initiate the transmission of a commercial e-mail message to any
person within the United States unless such message contains a valid return e-mail
address, conspicuously displayed, to which a recipient may opt-out.
•
make it unlawful to initiate transmission of UCE to a recipient within the United
States—
÷ if the recipient has opted-out and a reasonable period of time has expired for
removal from distribution lists. The bill also requires that the recipient’s e-mail
address be deleted or suppressed from all mailing lists owned by the initiator
(and its agents or assigns), and makes it unlawful for the initiator (and such
agents or assigns) to sell, lease, exchange, license, or engage in any other
transaction involving mailing lists bearing the recipient’s e-mail address.
÷ unless it provides in a manner that is clear and conspicuous: identification that
the message is UCE, notice of the opportunity to opt-out, and the physical
mailing address of the initiator.
÷ that uses an ISP’s equipment if the ISP has a policy that meets certain
requirements set forth in the bill, after a reasonable period of time following a
request by a recipient to opt-out. The Act does not prevent or limit an ISP from
adopting a policy regarding commercial or other e-mail and from enforcing
such policy through technical means, through contract, or pursuant to any
remedy available under other laws. ISPs are not liable for actions taken in
good faith to block UCE.
•
make it unlawful for an ISP that has a policy requiring compensation specifically for
the transmission of UCE into its system to fail to provide opt-out to a subscriber
unless the subscriber has agreed to receive UCE in exchange for discounted or free
Internet access services. It shall be an affirmative defense if the violation was not
intentional.
3 18 U.S.C. 1030 is the federal computer fraud and abuse statute; it defines a protected computer
as a computer exclusively for the use of a financial institution or the U.S. government, used by
or for a financial institution or the U.S. government, or used in interstate or foreign commerce
or communication.
CRS-5
•
give the FTC enforcement authority through the FTC Act.
•
allow UCE recipients and ISPs to bring action to enjoin violations and/or recover
actual monetary loss, or $500 per violation up to $50,000, whichever is greater. A
court may increase the amount up to three times for willful, repeated violators. Class
actions are prohibited. Courts may protect trade secrets.
•
allow state attorneys general to bring civil action on behalf of the residents of that
state in an appropriate state court or U.S. district court to enjoin violations, enforce
compliance, or recover actual monetary loss or receive $500 in damages fo reach
violation, and the amount may be tripled for wilful or repeated violations. The state
attorney general shall notify the FTC before it files such an action, or at the same
time if advance notification is not possible. The FTC may intervene. State and local
governments may not impose civil liabilities inconsistent with the Act, but the Act
does not preempt civil actions under State trespass or contract law or any laws
relating to computer fraud or abuse arising from unauthorized transmission of UCE.
As reported from the House Judiciary Committee, H.R. 718 would be entitled the
Anti-Spamming Act, and would amend 18 U.S.C. by adding a new chapter 30, Electronic
Mail, that would—
•
create penalties for whoever intentionally initiates in one or more transactions the
transmission of 10 or more UCE messages to one or more protected computers in the
United States knowing that such message contains or is accompanied by header
information that is materially false or misleading as to the identity of the person
initiating the transmission, and
÷ commercial e-mail is defined as e-mail the primary purpose of which is to
advertise or promote, for a commercial purpose, a product or service,
including content on an Internet Web site;
÷ ISPs are permitted to bring action to recover actual or statutory damages
of $5 per violation not to exceed a total of $1 million, except that during
any one-year period for which the defendant has transmitted in excess of
20 million UCE messages, no liability limit exists; and
÷ courts may award reasonable litigation expenses incurred by a prevailing
party, including reasonable attorney’s fees.
•
require the Attorney General to prescribe marks or notices to be included in e-mail
that contains a sexually oriented advertisement, and
÷ whoever, in any e-mail carried on an instrumentality in or affecting
interstate or foreign commerce, knowingly includes a sexually oriented
advertisement but does not include those marks or notices shall be fined
or imprisoned not more than one year or both;
÷ “sexually oriented advertisement” means any advertisement that depicts,
in actual or simulated form, or explicitly describes, in a predominantly
sexual context, human genitalia, any act of natural or unnatural sexual
intercourse, any act of sadism or masochism, or any other erotic subject
directly related to the foregoing, unless it constitutes only a small and
insignificant part of the whole, the remainder of which is not primarily
devoted to sexual matters.
•
require a report from the Attorney General no later than 18 months after
enactment on the effectiveness and enforcement of the Act.
CRS-6
It should be noted that the provision regarding e-mail with sexually oriented advertising
is not limited to UCE; it would apply to any e-mail. (H.R. 2472 also would require marks
or notices on any e-mail containing sexually oriented advertisements, but only if the e-
mail is “forwarded” to minors.)
In the Senate, S. 630 (Burns), the CAN SPAM Act, was reported from the Senate
Commerce Committee on October 16, 2002. As reported (S.Rept. 107-318), S. 630
amends Chapter 63 of Title 18 U.S.C. (concerning mail fraud), and would —
•
define UCE as commercial e-mail sent without the recipient’s prior affirmative or
implied consent (as defined in the Act).
•
set penalties for initiating the transmission of UCE to a protected computer in the
United States with knowledge and intent that the message contains or is
accompanied by header information that is materially false or misleading.
•
prohibit false or misleading transmission information in commercial e-mail.
•
prohibit deceptive subject headings in commercial e-mail. If a person establishes
and implements reasonable practices and procedures to prevent a violation of this
provision, and the violation occurred despite good faith efforts to comply with them,
that person is not in violation of this provision.
•
require the inclusion of a functioning return address or comparable mechanism in
UCE to which the recipient can opt-out. If a recipient opts-out, it is unlawful for the
sender, or a person acting on behalf of the sender, to send additional UCE more than
10 days after receipt of the opt-out request. UCE messages must provide in a clear
and conspicuous manner: identification that the message is an advertisement or
solicitation; notice of the opportunity to opt-out; and a valid physical postal address
for the sender. If a person establishes and implements reasonable practices and
procedures to prevent violations, and the violation occurred despite good faith efforts
to comply with them, the person is not in violation of these provisions.
•
be enforced by the FTC under the FTC Act, except for certain entities that are
regulated by other agencies (e.g, national banks and federal branches and federal
agencies of foreign banks would be enforced by the Office of the Comptroller of the
Currency under the Federal Deposit Insurance Act).
•
allow states to bring civil actions on behalf on residents of that state to enjoin
practices prohibited by the Act or to obtain damages equal to the greater of actual
monetary loss or statutory damages. State attorneys general must notify the FTC and
the FTC may intervene. If the FTC or another federal agency has instituted a civil
or administrative action for violation of the Act, no state attorney general may bring
an action against that defendant while the action is pending.
•
allow an ISP that is adversely affected by a violation of the Act to bring civil action
in U.S. district court to enjoin further violations and recover damages.
•
supersede state or local government statutes, regulations or rules regulating the use
of e-mail to send commercial messages, with exceptions.
•
prohibit transmission of UCE from illegally harvested e-mail addresses.
•
not impair the enforcement of sections 223 or 231 of the Communications Act of
1934, chapter 71 of Title 18 U.S.C., or any other federal criminal statute. Nothing
in the Act affects the FTC’s authority to bring enforcement actions regarding false
or deceptive representations in commercial e-mail messages.
•
not affect the lawfulness or unlawfulness under any other provision of law of the
adoption, implementation, or enforcement by an ISP of a policy declining to
transmit, route, relay, handle, or store certain types of e-mail.