Order Code RL31953
CRS Report for Congress
Received through the CRS Web
“Junk E-Mail”: An Overview of Issues
and Legislation Concerning Unsolicited
Commercial Electronic Mail (“Spam”)
Updated October 17, 2003
Marcia S. Smith
Specialist in Aerospace and Telecommunications Policy
Resources, Science, and Industry Division
Congressional Research Service ˜ The Library of Congress
“Junk E-Mail”: An Overview of Issues and
Legislation Concerning Unsolicited
Commercial Electronic Mail (“Spam”)
Summary
Unsolicited commercial e-mail (UCE), also called “spam” or “junk e-mail,”
aggravates many computer users. Not only can spam be a nuisance, but its cost may
be passed on to consumers through higher charges from Internet service providers
who must upgrade their systems to handle the traffic. Also, some spam involves
fraud, or includes adult-oriented material that offends recipients or that parents want
to protect their children from seeing.
Proponents of UCE insist it is a legitimate
marketing technique that is protected by the First Amendment. While 36 states have
anti-spam laws, there is no federal law specifically concerning spam. Nine “anti-
spam” bills are pending in the 108th Congress: H.R. 1933 (Lofgren), H.R. 2214 (Burr-
Tauzin-Sensenbrenner), H.R. 2515 (Wilson-Green), S. 563 (Dayton), S. 877 (Burns-
Wyden), S. 1052 (Nelson-FL), S. 1231 (Schumer), S. 1293 (Hatch), and S. 1327
(Corzine). Two (S. 877 and S. 1293) have been reported from committee. Tables
providing brief “side-by-side” comparisons of the bills are included at the end of this
report.
Publicity about the National Do Not Call registry through which consumers can
indicate that they do not want to receive telemarketing phone calls is raising
questions about whether a parallel “do not spam” registry should be created. Two of
the pending bills (S. 563 and S. 1231) would require the Federal Trade Commission
(FTC) to create such a registry.
S. 877 would require the FTC to submit
recommendations concerning creation of such a registry. FTC Chairman Timothy
Muris has cautioned in congressional testimony and elsewhere that consumers should
not expect any legislation to be a “silver bullet” for solving the spam problem. In an
August 2003 speech to the Aspen Institute, he specifically warned that he does not
believe a “do not spam” registry would be enforceable or noticeably reduce spam.
Though he sees a role for legislation (to enhance the ability to track down spammers,
establish penalties, and determine standards for non-deceptive UCE), he insists that
a combination of consumer education, technological advancements, and legislation
is needed to address the problem.
Spam on wireless devices such as cell phones is discussed in CRS Report
RL31636, Wireless Privacy: Availability of Location Information for Telemarketing.
State spam laws, and an existing federal law (the Computer Fraud and Abuse statute)
that currently is being used to bring suit against spammers, are discussed in CRS
Report RL31488, Regulation of Unsolicited Commercial E-Mail.
This report will be updated as events warrant.
Contents
Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1
What Is Spam? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2
Avoiding and Reporting Spam . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
Restraining Spam . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
Opt-In and Opt-Out . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
Prior Business Relationship . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
Labels . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
Non-Legislative Approaches . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
Bush Administration Position . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
Federal Trade Commission Position . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
State Action . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
Congressional Action: 105th-107th Congresses . . . . . . . . . . . . . . . . . . . . . . . 7
Congressional Action: 108th Congress . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
List of Tables
Table 1: Brief Comparison of Pending Spam Legislation in the House . . . . . . . . 9
Table 2: Brief Comparison of Pending Spam Legislation in the Senate . . . . . . . 13
“Junk E-Mail”: An Overview of Issues and
Legislation Concerning Unsolicited
Commercial Electronic Mail (“Spam”)
Overview
One aspect of increased use of the Internet for electronic mail (e-mail) has been
the advent of unsolicited advertising, also called “unsolicited commercial e-mail
(UCE),” “unsolicited bulk e-mail,” “junk e-mail, “or “spam.”1
Complaints focus
on the fact that some spam contains, or has links to, pornography, that much of it is
fraudulent, and the volume of spam is steadily increasing. In April 2003, the Federal
Trade Commission (FTC) reported that of a random survey of 1,000 pieces of spam,
18% concerned “adult” offers (pornography, dating services, etc.) and 66% contained
indications of falsity in “from” lines, “subject” lines, or message text.2 According to
Brightmail [http://www.brightmail.com], a company that sells anti-spam software,
the volume of spam rose from 8% of all e-mail in January 2001 to 45% in January
2003. Brightmail forecasts that it will reach 50% by September 2003.
Opponents of junk e-mail argue that not only is it annoying and an invasion of
privacy (see CRS Report RL31408 for more on Internet privacy), but that its cost is
borne by recipients and Internet Service Providers (ISPs), not the marketers.
Consumers reportedly are charged higher fees by ISPs that must invest resources to
upgrade equipment to manage the high volume of e-mail, deal with customer
complaints, and mount legal challenges to junk e-mailers. Businesses may incur
costs due to lost productivity, or investing in upgraded equipment or anti-spam
software.
The Ferris Research Group [http://www.ferris.com], which offers
consulting services on managing spam, estimates that spam will cost U.S.
organizations over $10 billion in 2003.
Proponents of UCE argue that it is a valid method of advertising, and is
protected by the First Amendment. The Direct Marketing Association (DMA)
released figures in May 2003 showing that commercial e-mail generates more than
$7.1 billion in annual sales and $1.5 billion in potential savings to American
1
The origin of the term spam for unsolicited commercial e-mail was recounted in
Computerworld, April 5, 1999, p. 70: “It all started in early Internet chat rooms and
interactive fantasy games where someone repeating the same sentence or comment was said
to be making a ‘spam.’ The term referred to a Monty Python’s Flying Circus scene in which
actors keep saying ‘Spam, Spam, Spam and Spam’ when reading options from a menu.”
2 Federal Trade Commission. False Claims in Spam: A Report by the FTC’s Division of
Marketing Practices. April 30, 2003. P. 10. Available at the FTC’s spam Web site:
[http://www.ftc.gov/bcp/conline/edcams/spam/index.html]
CRS-2
consumers.3 DMA argued for several years that instead of banning UCE, individuals
should be given the opportunity to “opt-out” by notifying the sender that they want
to be removed from the mailing list. (The concepts of opt-out and opt-in are
discussed below.) Hoping to demonstrate that self regulation could work, in January
2000, the DMA launched the E-mail Preference Service where consumers who wish
to opt-out can register themselves at a DMA Web site [http://www.e-mps.org].
DMA members sending UCE must check their lists of recipients and delete those
who have opted out. Critics argued that most spam does not come from DMA
members, so the plan is insufficient, and on October 20, 2002, the DMA agreed.
Concerned that the volume of unwanted and fraudulent spam is undermining the use
of e-mail as a marketing tool, the DMA announced that it now would pursue
legislation to battle the rising volume of spam.
One challenge of controlling spam is that some of it originates outside the
United States and thus is not subject to U.S. laws or regulations. Spam is a global
problem, and the European Commission estimates that Internet subscribers globally
pay 10 billion Euros a year in connection costs to download spam
[http://europa.eu.int/comm/internal_market/privacy/studies/spam_en.htm].
The
European Union has adopted an “opt-in” requirement for e-mail that will become
effective October 31, 2003 whereby prior affirmative consent of the recipient must
be obtained before sending commercial e-mail. Opt-in is not required where there
is an existing customer relationship, but in that case, the sender must provide an opt-
out opportunity. (See [http://www.europa.eu.int/scadplus/leg/en/lvb/l24120.htm].
The EU directive sets the broad policy, but each member nation must pass its own
law as to how to implement it.) The FTC and other U.S. and foreign agencies have
called on organizations in 59 countries to close “open relays” that allow spam to be
routed through third-party computers, permitting spammers to avoid detection
[http://www.ftc.gov/opa/2003/05/swnetforce.htm].
What Is Spam?
One challenge in debating the issue of spam is defining it. To some, it is any
commercial e-mail to which the recipient did not “opt-in” by giving prior affirmative
consent to receiving it. To others, it is commercial e-mail to which affirmative or
implied consent was not given, where implied consent can be defined in various ways
(such as whether there is a pre-existing business relationship).
Still others view
spam as “unwanted” commercial e-mail.
Whether or not a particular e-mail is
unwanted, of course, varies per recipient. Since senders of UCE do find buyers for
some of their products, it can be argued that at least some UCE is reaching interested
consumers, and therefore is wanted, and thus is not spam. Consequently, some argue
that marketers should be able to send commercial e-mail messages as long as they
allow each recipient an opportunity to indicate that future such e-mails are not
desired (called “opt-out”).
Another group considers spam to be only fraudulent
commercial e-mail, and believe that commercial e-mail messages from “legitimate”
senders should be permitted. The DMA, for example, considers spam to be only
fraudulent UCE. The differences in defining spam add to the complexity of devising
legislative or regulatory remedies for it. The spam bills pending before the 108th
3 Quoted in: Digits. Wall Street Journal, May 22, 2003, p. B3.
CRS-3
Congress (see tables at end of this report) define spam in various ways, or do not
define it at all.
Avoiding and Reporting Spam
Tips on avoiding spam are available on the FTC Web site [http://www.ftc.gov/
bcp/menu-internet.htm], and from [http://home.cnet.com/internet/0-3793-8-5181225-
1.html], a non-government site. Consumers may file a complaint about spam with
the FTC by visiting the FTC Web site [http://www.ftc.gov] and choosing “File a
Complaint” at the bottom of the page. The offending spam also may be forwarded
to the FTC (UCE@ftc.gov) to assist the FTC in monitoring UCE trends and
developments.
Restraining Spam
To date, the objective of restraining junk e-mail has been fought primarily over
the Internet or in the courts. Some groups opposed to junk e-mail will send blasts of
e-mail to a mass e-mail company, disrupting the company’s computer systems. The
FTC has taken action against spam involving fraud under its existing authority, and
is requesting expanded legislative authority to track, investigate, and sue spammers.4
In addition, three major ISPs—America OnLine (AOL), Earthlink, and Microsoft
Network—all have brought lawsuits under existing laws to stop spammers.5
Another approach is to pass laws placing restrictions on UCE. As discussed
below, 34 states have passed anti-spam laws. No federal law has been passed, but
nine bills are currently pending before the 108th Congress (three in the House, six in
the Senate), which are summarized in the table of the end of this report. Although
there appears to be widespread agreement that “something” must be done about
spam, there are many different suggestions regarding precisely what to do. Some of
the proposals are outlined next.
Opt-In and Opt-Out. As discussed earlier, much of the spam debate focuses
on whether consumers should be given the opportunity to opt-in (where affirmative
prior consent is required) or opt-out (where consent is assumed unless the consumer
notifies the sender that such e-mails are not desired) of receiving UCE.6 The details
4 The FTC proposal for increased authority was detailed at hearings on reauthorization of
the FTC on June 11, 2003 before the Senate Commerce Committee and the House Energy
and Commerce Committee.
A copy of the FTC statement is available at
[http://commerce.senate.gov] and [http://energycommerce.house.gov] under hearings for
that day.
5 CRS Report RL31488, Regulation of Unsolicited Commercial E-Mail, summarizes existing
laws and FTC actions.
6 Some spam already contains instructions, usually to send a message to an e-mail address,
for how a recipient can opt-out. However, in many cases this is a ruse by the sender to trick
a recipient into confirming that the e-mail has reached a valid e-mail address. The sender
then sends more spam to that address and/or includes the e-mail address on lists of e-mail
addresses that are sold to bulk e-mailers. It is virtually impossible for a recipient to discern
(continued...)
CRS-4
vary, but seven of the pending nine bills (H.R. 1933, H.R. 2214, H.R. 2515, S. 877,
S. 1052, S. 1231, and S. 1327) would require senders of UCE to provide a legitimate
opt-out opportunity to recipients, and some would require opt-out for all commercial
e-mail. One of those bills (S. 1231) and another bill (S. 563) would create a “do not
e-mail” list similar to the “do not call” list for telemarketers, where individuals could
place their names on a centralized list to opt-out of UCE instead of being required to
respond to each e-mail or each organization sending UCE. In both bills, the Federal
Trade Commission (FTC) would be responsible for maintaining the list. S. 877
would require the FTC to submit recommendations about creating such a registry.
In testimony to Congress on June 11, 2003, FTC Chairman Timothy Muris
commented that there is no single solution to the spam problem, saying that “a
balanced blend of technological fixes, business and consumer education, legislation,
and enforcement will be required.”7 Although there appears to be widespread public
support for a “do not e-mail” (or “do not spam”) list,8 some worry that the database
containing the e-mail addresses of all those who do not want spam would be
vulnerable to hackers, potentially exacerbating rather than solving the problem.
Others, including Mr. Muris, argue that such a registry would not be enforceable (for
more on the FTC’s position, see that section below).
Several anti-spam groups argue, however, that legislation should go further,
prohibiting commercial e-mail from being sent to recipients unless they have opted-
in. As noted earlier, the European Union has adopted an opt-in approach. Eight U.S.
groups, including Junkbusters, the Coalition Against Unsolicited Commercial Email
(CAUCE), and the Consumer Federation of America, wrote a letter to several
Members of Congress expressing their view that the opt-out approach advanced in
several of the pending bills would “undercut those businesses who respect consumer
preferences and give legal protection to those who do not.”9 The founder of the
Spamhaus Project [http://www.spamhaus.org/],
Steve Linford, asserts that
“Spammers are cheering the [U.S.] opt-out legislation. It legalizes the status quo.”10
He also states that 90% of the world’s spam originates in the United States.
Prior Business Relationship. One variation is to allow UCE to be sent to
recipients with whom the sender has a prior business relationship, an approach
similar to that for junk fax (see CRS Report RL30763 for information on the law
pertaining to junk fax). H.R. 1933, S. 877, and S. 1231 include a prior business
6 (...continued)
whether the proffered opt-out instructions are genuine or duplicitous.
7 Timothy Muris, Chairman, Federal Trade Commission. Prepared statement to Senate
Commerce Committee, June 11, 2003, p. 13; [http://www.commerce.senate.gov]. Mr.
Muris gave the same statement to the House Energy and Commerce Committee the same
day. See [http://energycommerce.house.gov].
8 A survey by the ePrivacy Group found that 74% of consumers want such a list. Lisa
Bowman, Study: Do-Not-Spam Plan Winning Support, c|net news.com, July 23, 2003, 12:28
PM PT.
9 [http://www.cauce.org/pressreleases/20030522.shtml].
10 Declaring a World War on Spam. Wired News, July 1, 2003, 09:31 AM.
[http://www.wired.com/news/politics/0,1283,59459,00.html]
CRS-5
relationship as part of the definition of implied consent; the specifics are different
(see tables below under “Definition of Unsolicited Commercial E-mail”).
Labels. Another possibility is requiring that senders of UCE use a label, such
as “ADV” in the subject line of the message, so the recipient will know before
opening an e-mail message that it is an advertisement. That would also make it
easier for spam filtering software to identify UCE and eliminate it. Some propose
that adult-oriented spam have a special label, such as ADV-ADLT, to highlight that
the e-mail may contain material or links that are inappropriate for children, such as
pornography. H.R. 1933, S. 1231, and S. 1327 require ADV or ADV-ADLT in
subject lines (with exceptions—see table below for details). H.R. 2214, H.R. 2515
and S. 877 require that the message provide clear and conspicuous identification that
it is an advertisement, but do not specify where or how that must appear. H.R. 2214
and H.R. 2515 require that sexually-oriented e-mails have an FTC-prescribed
“warning label.”
Non-Legislative Approaches. The fact that the amount of spam is rising
despite the number of state laws restraining it suggests that legislation is not a sure
solution to the spam problem. Some spam originates outside the United States or
is routed through non-U.S. computers, or legislation may include so many
“loopholes” that it is ineffective. Senator McCain was quoted in Time magazine as
saying that he supports legislation, but is not optimistic about its effect: “I’ll support
it, report it, vote for it, take credit for it, but will it make much difference? I don’t
think so.”
One proposed non-legislative alternative is trying to make spam less attractive
economically by increasing the cost of sending spam, perhaps by establishing systems
whereby recipients could charge spammers “postage” for UCE.
Another alternative is using “challenge-response” software that requires the
sender to respond to an action requested in an automatically generated return e-mail
before the original e-mail reaches the intended recipient. Earthlink offers this option
to its subscribers. Challenge-response is based on the concept that spammers are
sending e-mail with automated systems that cannot read a return e-mail and respond
to a question (such as “how many kittens are in this picture”), but a person can, so if
the e-mail was sent by an individual rather than a bulk e-mail system, the person will
answer the question or perform a requested action and the e-mail will be delivered.
It is not clear to what extent such software may become popular. Business Week
outlined some of the potential unintended consequences, including recipients not
receiving confirmation of orders placed over the Internet (which often are generated
by automated systems), and difficulty if the sender is using an Internet-access device
that does not display graphics (e.g., a Blackberry) or is visually impaired.11
Still another non-legislative option is leaving the issue of controlling spam to
the ISPs, since they have the economic incentive to do so in terms of retaining
subscribers who might weary of spam and abandon e-mail entirely, avoiding the costs
11 Stephen H. Wildstrom. A Spam-Fighter More Noxious Than Spam. Business Week, July
7, 2003, p. 21.
CRS-6
associated with litigation, and reducing the need to upgrade server capacity to cope
with the traffic. Many ISPs (and consumers) already use spam filtering software, but
with the increase in the amount of spam, a large number of such messages still get
through. On June 5, 2003, the Associated Press reported that Earthlink’s spam filter
blocks up to 80% of spam, and AOL blocks 80% of incoming e-mail traffic.12 In
June 2003, Microsoft announced the creation of a special team of researchers and
programmers to develop new technological tools to fight spam.
Bush Administration Position
In testimony to the House Judiciary Committee regarding H.R. 2214 (the Burr-
Tauzin-Sensenbrenner bill), a witness from the Department of Justice13 generally
supported the bill (with some suggested modifications) and discussed the Justice
Department’s view that although some measures are needed to combat the rising tide
of spam, Congress should be careful not to over-regulate. He supported efforts to
target spam that facilitates fraud or the unwanted transmission of pornography, but
not legitimate marketers.14 He added that while the Justice Department can play a
supporting role, the spam issue cannot be solved by one agency alone and, indeed,
the government cannot solve the problem by itself.
Federal Trade Commission Position
As noted earlier, FTC Chairman Muris told both the Senate Commerce
Committee and the House Energy and Commerce Committee on June 11, 2003, that
there is no single solution to the spam problem. He argues that a combination of
legislation, technological advancements, and consumer education is needed.
Mr. Muris expanded on those comments in an August 19, 2003 speech to the
Aspen Institute [http://www.ftc.gov/speeches/muris/030819aspen.htm]. Drawing
attention to the significant differences between telemarketing and spam, he
specifically cautioned against expectations that a “do not spam” registry would be
enforceable or noticeably reduce spam. Calling spam “one of the most daunting
consumer protection problems that the Commission has ever faced ,” he noted that
“Despite the concerted efforts of government regulators, Internet service providers,
and other interested parties, the problem continues to worsen.”
He cited two significant differences between spam and other types of marketing.
First, spammers can easily hide their identities and cross international borders.
Second, sending additional spam “is essentially costless” to the spammer; the cost
is borne by ISPs and recipients instead. This “cost shifting” means there is no
incentive to the spammer to reduce the volume of messages being sent, and a bulk
12 Anick Jesdanun, Technology for Challenging Spam is Challenged, AP, June 5, 2003,
23:59.
13
Statement of Assistant Attorney General William Moschella.
Available at the
committee’s Web site: [http://www.house.gov/judiciary/moschella070803.htm].
14 Transcript of hearing, provided by Federal Document Clearing House.
CRS-7
emailer testified at an FTC forum on spam that he could profit even if his response
rate was less than 0.0001%.
Concluding that spam is a problem that market forces will not solve, Mr. Muris
agreed that it appeared to be a “prime candidate for governmental intervention.” He
added, however, that the very technology that makes e-mail such a powerful tool also
makes spam a problem that cannot be solved through the FTC’s law enforcement and
regulatory efforts. “Rather, solutions must be pursued from many directions —
technological, legal, and consumer action.”
Regarding the current debate in Congress, Mr. Muris commented that
“Unfortunately, the legislative debate seems to be veering off on the wrong track,
exploring largely ineffective solutions.” Specifically, he called the “do not spam” list
concept interesting, “but it is unclear how we can make it work” because it would not
be enforceable. “If it were established, my advice to consumers would be: Don’t
waste the time and effort to sign up.” He cautioned that legislation can only make
a limited contribution to solving the fundamental issues of anonymity and cost
shifting, and warned that some of the pending legislative proposals “could be harmful
or, at best, useless.”
He noted three areas in which legislation would be helpful. He reiterated the
need for five procedural changes that he said would assist in tracking down
spammers (which he had raised in previous congressional testimony); for additional
penalties for spammers; and for standards for non-deceptive UCE. He called the
latter the “least important issue” even though it is the subject of most of the pending
legislation.
State Action
According to the SpamLaws Web site [http://www.spamlaws.com], 36 states
have passed laws regulating spam: Alaska, Arizona, Arkansas, California, Colorado,
Connecticut, Delaware, Idaho, Illinois, Indiana, Iowa, Kansas, Louisiana, Maine,
Maryland, Michigan, Minnesota, Missouri, Nevada, New Mexico, North Carolina,
North Dakota, Ohio, Oklahoma, Oregon, Pennsylvania, Rhode Island, South Dakota,
Tennessee, Texas, Utah, Virginia, Washington, West Virginia, Wisconsin, and
Wyoming. The specifics of each law varies. Summaries of and links to each law are
provided on that Web site. CRS Report RL31488, Regulation of Unsolicited
Commercial E-Mail, provides a brief review of the state laws and challenges to them.
Congressional Action: 105th-107th Congresses
In the 105th Congress, the House and Senate each passed legislation (H.R. 3888,
and S. 1618), but no bill ultimately cleared Congress. In the 106th Congress, several
UCE bills were introduced. One, H.R. 3113 Wilson-Green), passed the House. There
was no further action. Several spam bills were introduced in the 107th Congress, but
none passed. One, H.R. 718 (Wilson-Green), was reported from the House Energy
and Commerce Committee (H.Rept. 107-41, Part I), and the House Judiciary
Committee (H.Rept. 107-41, Part II). The two versions were substantially different.
CRS-8
A Senate bill, S. 630 (Burns), was reported (S.Rept. 107-318) from the Senate
Commerce Committee. There was no further action.
Congressional Action: 108th Congress
As discussed above, nine bills are currently pending: H.R. 1933 (Lofgren), H.R.
2214 (Burr-Tauzin-Sensenbrenner), H.R. 2515 (Wilson-Green), S. 877 (Burns-
Wyden), S. 1052 (Nelson-FL), and S. 1327 (Corzine) are “opt-out” bills. (H.R. 1933
and S. 1327 have the same title and are similar, but not identical.) S. 563 (Dayton)
is a “do not e-mail” bill. S. 1231 (Schumer) combines elements of both approaches.
S. 1293 (Hatch) creates criminal penalties for fraudulent e-mail.
The provisions of these bills are summarized in the following two tables — one
for House bills and one for Senate bills.
Some of the provisions affect all
commercial e-mail, while others affect only unsolicited commercial e-mail (spam).
S. 877 was reported, amended, by the Senate Commerce Committee on July 16, 2003
(S.Rept. 108-102). S. 1293 was reported from the Senate Judiciary Committee,
without written report, on September 25. Table 2 shows the provisions in those bills
as reported.
CRS-9
Table 1: Brief Comparison of Pending Spam Legislation in the House
Provision
H.R. 1933 (Lofgren)*
H.R. 2214 (Burr-Tauzin-Sensenbrenner)
H.R. 2515 (Wilson-Green)
Title
REDUCE Spam Act
Reduction in Distribution of Spam Act
Anti-Spam Act
Definition of Commercial E-Mail
E-mail whose primary purpose is
E-mail whose primary purpose is commercial
E-mail that contains a commercial
commercial advertisement or promotion
advertisement or promotion of commercial
advertisement or promotion of a product or
of commercial product or service, unless
product or service, with exceptions.
service, but is not a commercial transactional
the sender has a personal relationship
e-mail message (as defined in the Act).
with the recipient.
Definition of Unsolicited
Commercial e-mail sent to a recipient
Commercial e-mail transmitted without prior
Not defined.
Commercial E-mail (UCE)
with whom the sender does not have a
consent.
pre-existing business relationship, and is
not sent at the request of, or with the
Consent means the recipient has expressly
express consent of, the recipient.
consented to receive the message, and it
includes consent to receipt of a message from
Pre-existing business relationship means
a third party pursuant to transfer of the
that there has been a business
recipient’s e-mail address if the recipient was
transaction between the sender and
notified that such transfer could occur. If
recipient within the past 5 years and the
commercial e-mail is delivered to a recipient
recipient was provided at that time with
at an e-mail address that was reassigned from
an opt-out opportunity and did not
a previous user, the recipient is considered to
exercise it, or the recipient opted-in and
have consented to the same extent as the
has not revoked that permission.
previous address user unless the sender knows
that the address has been reassigned or the
new user has opted-out.
Prohibits false or misleading
Yes, in UCE.
Yes, in all commercial e-mail.
Yes, in all commercial e-mail.
header information
Prohibits deceptive subject
Yes, in UCE.
No
Yes, in all commercial e-mail.
headings
Prohibits false, misleading, or
No
No
No
deceptive information in body of
message
CRS-10
Provision
H.R. 1933 (Lofgren)*
H.R. 2214 (Burr-Tauzin-Sensenbrenner)
H.R. 2515 (Wilson-Green)
Prohibits transmission of e-mail
No
Yes, for all commercial e-mail.
Yes, in commercial e-mail prohibited under
from improperly or illegally
other sections of the Act.
harvested e-mail addresses
Also prohibits dictionary attacks.
Prohibits sending e-mails through
NA
NA
NA
computers accessed without
authorization
Creates “do not e-mail” registry at
No
No
No
FTC
Penalties for falsifying sender’s
No
Yes
Yes
identity
Requires FTC-prescribed
No, but see requirements for subject line
Yes
Yes
“warning labels” on sexually
labels (next).
oriented material
Requires specific characters in
Yes, “ADV:” for advertisement;
No, but message must provide clear and
No, but message must contain clear and
subject line of UCE to indicate the
“ADV-ADLT:” for adult-oriented
conspicuous identification that it is an
conspicuous identification that it is a
message is an advertisement
advertisements. Or identification may
advertisement.
commercial e-mail message.
comply with standards set by Internet
Engineering Task Force.
Requires opt-out mechanism
UCE must contain valid sender-operated
Commercial e-mail must contain functioning
Commercial e-mail must contain functioning
return e-mail address to which recipient
return e-mail address or other Internet-based
return e-mail address or other Internet-based
may opt-out.
mechanism to which the recipient may opt-
mechanism to which the recipient may opt-
out.
out.
Damages or Penalties
Civil penalties to be set by FTC, except
Varies per section of Act.
Varies per section of Act. Also creates
that under private right of action, court
criminal penalties for falsifying sender’s
may impose penalties up to $10 per
identity, failing to placing warning labels on
violation.
sexually oriented material, illicit e-mail
address harvesting, and other sections of the
act.
CRS-11
Provision
H.R. 1933 (Lofgren)*
H.R. 2214 (Burr-Tauzin-Sensenbrenner)
H.R. 2515 (Wilson-Green)
Penalties for persons who promote
NA
NA
NA
their trade, business, goods,
products, etc. in e-mail that
violates Act, under specific
circumstances
Reward for first person identifying
Yes, not less than 20% of the penalty.
No
No
a violator and supplying
information leading to the
collection of a civil penalty
Private Right of Action
Yes. Recipient of UCE or ISP may
Yes, but for ISPs only.
Yes, but for ISPs only.
bring civil action in a U.S. district court
to enjoin further violations and recover
damages.
Affirmative Defense/Safe Harbor
Person is not liable if the person has
It is an affirmative defense against charges
NA
established and implemented, with due
that a commercial e-mail message falsifies the
care, reasonable practices and
sender’s identity if the defendant sent fewer
procedures to prevent violations, and
than 100 such messages during any 30-day
violation occurred despite good faith
period.
efforts to comply, or if, within 2-days
ending upon the initiation of the
transmission that is in violation, such
person initiated the transmission of such
message, or one substantially similar to
it, to less than 1,000 e-mail addresses.
Enforcement
By FTC
By FTC and U.S. Attorney General.
By FTC and U.S. Attorney General.
State action allowed
NA
Yes, but not if FTC or Attorney General
Yes, but U.S. district courts, the U.S. courts
already has commenced an action. FTC must
of any territory, and the D.C. court have
be notified in all cases, and may intervene.
exclusive jurisdiction over all civil actions
brought by states. State must notify FTC,
and FTC may intervene.
CRS-12
Provision
H.R. 1933 (Lofgren)*
H.R. 2214 (Burr-Tauzin-Sensenbrenner)
H.R. 2515 (Wilson-Green)
Class action suits allowed
NA
No
NA
Effect on ISPs
ISPs may bring civil action in U.S.
ISPs may bring civil action in U.S. district
ISPs may bring civil action in U.S. district
district court.
court.
court.
Does not change law regarding when
Does not affect the lawfulness or
Does not affect the lawfulness or
ISP may disclose customer
unlawfulness under other laws of ISP policies
unlawfulness under other laws of ISP
communications or records; does not
declining to transmit, route, relay, handle, or
policies declining to transmit, route, relay,
require ISP to block, transmit, route,
store certain types of e-mail.
handle, receive or store certain types of e-
relay, handle or store certain types of e-
mail.
mail; does not prevent or limit ISP from
adopting a policy regarding commercial
e-mail including declining to transmit
certain commercial e-mail; and does not
render lawful any such policy that is
unlawful under any other provision of
law.
Supersedes state and local laws
State and local governments may not
Yes, with exceptions.
Yes, with exceptions.
and regulations
impose civil liabilities inconsistent with
Act. The Act does not preempt certain
remedies available under certain other
federal, state, or local laws.
NA = Not Addressed
* S. 1327 (Corzine) has the same title as the Lofgren bill and is similar in many respects, but is not identical. See Table 2 for a summary of S. 1327.
CRS-13
Table 2: Brief Comparison of Pending Spam Legislation in the Senate
Provision
S. 563 (Dayton)
S. 877 (Burns-Wyden)
S. 1052
S. 1231 (Schumer)
S. 1293 (Hatch)
S. 1327 (Corzine)
(As reported)
(Nelson-FL)
(As reported)
Title
Computer
CAN SPAM Act
Ban on
SPAM Act
Criminal Spam Act
REDUCE Spam Act
Owners Bill of
Deceptive
Rights Act
Unsolicited
Bulk
Electronic
Mail Act
Definition of
None
E-mail whose primary
None
E-mail whose primary
E-mail whose
E-mail whose
Commercial E-
purpose is commercial
purpose is to advertise or
primary purpose is
primary purpose is
Mail
advertisement or promotion
promote, for a
commercial
commercial
of commercial product or
commercial purpose, a
advertisement or
advertisement or
service, with exceptions.
commercial product or
promotion of a
promotion of
service.
commercial product
commercial product
or service.
or service
Definition of
None
Commercial e-mail sent
None
Commercial e-mail sent
None
Commercial e-mail
Unsolicited
without the recipient’s prior
without prior affirmative
sent without the
Commercial E-
affirmative or implied
consent or implied
recipient’s prior
mail (UCE)
consent and that is not a
consent, or sent after the
affirmative or implied
transactional or relationship
recipient has opted-out,
consent and that is
message (as defined in the
with an exception.
not a transactional or
Act). A visit to a Web site,
relationship message.
if the recipient did not
Affirmative consent
knowingly submit his e-
means the message falls
(Affirmative and
mail address, is not a
within the scope of an
implied consent are
transaction.
express and unambiguous
not defined.)
invitation or permission
Affirmative consent means
granted by the recipient
the recipient has expressly
and not subsequently
consented to receive the
revoked; the recipient
message. Implied consent
knew permission was
means there has been a
being granted; and the
business transaction
recipient did not
between the sender and
subsequently opt-out.
CRS-14
Provision
S. 563 (Dayton)
S. 877 (Burns-Wyden)
S. 1052
S. 1231 (Schumer)
S. 1293 (Hatch)
S. 1327 (Corzine)
(As reported)
(Nelson-FL)
(As reported)
recipient within the past 3
Implied consent means
years and the recipient was
there has been a business
provided at that time with
transaction between the
an opt-out opportunity and
sender and recipient
did not exercise it.
within the past 3 years
and the recipient was
provided at that time with
an opt-out opportunity
and did not exercise it.
Prohibits false or
No
Yes, in all commercial e-
Illegal to
Yes, in all commercial e-
Yes
Yes, in UCE.
misleading header
mail.
falsify or
mail.
information
forge certain
header
information.
Prohibits
No
Yes, in all commercial e-
No
Yes, in all commercial e-
No
Yes, in UCE.
deceptive subject
mail.
mail.
headings
Prohibits false,
No
No, but does not affect
No
Yes
No
No
misleading, or
FTC’s authority to bring
deceptive
enforcement actions for
information in
materially false or deceptive
body of message
representations in
commercial e-mail.
Prohibits
No
Yes, for unlawful UCE.
Prohibits
Yes, of all commercial e-
No
No
transmission of e-
collecting e-
mail to addresses
mail from
Also prohibits dictionary
mail
obtained through illegal
improperly or
attacks and the automated
addresses
harvesting or automated
illegally
creation of multiple e-mail
from public
means.
harvested e-mail
or on-line accounts from
and private
addresses
which to transmit, or enable
spaces for the
someone else to transmit,
purpose of
UCE.
transmitting
UCE.
CRS-15
Provision
S. 563 (Dayton)
S. 877 (Burns-Wyden)
S. 1052
S. 1231 (Schumer)
S. 1293 (Hatch)
S. 1327 (Corzine)
(As reported)
(Nelson-FL)
(As reported)
Prohibits sending
NA
Prohibits accessing a
NA
NA
Prohibits accessing a
NA
e-mails through
computer without
computer without
computers
authorization and
authorization and
accessed without
transmitting UCE from or
transmitting multiple
authorization
through it.
e-mails from or
through it.
Creates “do not e-
Yes
No, but requires FTC to
No
Yes, but “safe harbor”
No
No
mail” registry at
submit recommendations
provided if e-mail
FTC
concerning creation of such
address has been or list
a registry.
for less than 30 days or
person reasonably relied
on registry and takes
reasonable measures to
comply with the Act.
FTC to issue regulations
for the list, and may
create specific categories
to protect minors, e.g.
regarding e-mail that
contains or advertises
adult content or links to
such content. Senders
shall honor such
categories without regard
to actual or implied
consent given by the
minor.
Penalties for
No
No
No
No
Yes
No
falsifying
sender’s identity
CRS-16
Provision
S. 563 (Dayton)
S. 877 (Burns-Wyden)
S. 1052
S. 1231 (Schumer)
S. 1293 (Hatch)
S. 1327 (Corzine)
(As reported)
(Nelson-FL)
(As reported)
Requires FTC-
No
No
No
No, but see provision
No
No, but see
prescribed
regarding “do not e-mail”
requirements for
“warning labels”
registry (above).
subject line labels
on sexually
(next).
oriented material
Requires specific
No
No, but message must
No
Yes, “ADV” must be in
No
Yes, “ADV:” for
characters in
provide clear and
subject line, but “safe
advertisement;
subject line of
conspicuous identification
harbor” provided if the
“ADV-ADLT:” for
UCE to indicate
that it is an advertisement.
sender is a member of an
adult-oriented
the message is an
FTC-approved self
advertisements. Or
advertisement
regulatory organization
identification may
and complies with those
comply with
requirements.
standards set by
Internet Engineering
Task Force.
Requires opt-out
Creates opt-out
Commercial e-mail must
Person
All commercial e-mail,
No
UCE must contain
mechanism
mechanism
contain functioning e-mail
sending UCE
including UCE, must
valid sender-operated
through do not e-
return address or other
must provide
have functioning e-mail
return e-mail address
mail registry.
Internet-based mechanism
recipient
address or other Internet-
to which recipient
to which the recipient may
clear and
based mechanism to
may opt-out.
opt-out.
conspicuous
which the recipient may
opportunity
opt-out.
to request to
opt-out.
Damages or
Up to $10,000 per
Varies per violation.
Civil
Varies per section of Act.
Establishes civil and
To be set by FTC,
Penalties
violation
penalties and
criminal penalties
except that under
fines to be set
which vary per
private right of
in accordance
specifics of the
action, statutory
with 18
violation.
damages of up to $10
U.S.C.
per violation.
CRS-17
Provision
S. 563 (Dayton)
S. 877 (Burns-Wyden)
S. 1052
S. 1231 (Schumer)
S. 1293 (Hatch)
S. 1327 (Corzine)
(As reported)
(Nelson-FL)
(As reported)
Penalties for
NA
Yes
NA
NA
NA
NA
persons who
promote their
trade, business,
goods, products,
etc. in e-mail that
violates Act,
under specific
circumstances
Reward for first
No
No
No
No
No
Yes, not less than
person identifying
20% of the penalty.
a violator and
supplying
information
leading to the
collection of a
civil penalty
Private Right of
No
No
No
Recipient adversely
ISPs may bring civil
Yes. Recipient of
Action
affected may, if otherwise
action in U.S.
UCE or ISP may
permitted by laws or rules
District Court.
bring civil action in a
of State court, bring, in
U.S. district court to
an appropriate court of
enjoin further
the State, an action to
violations and recover
enjoin further violation
damages.
and recover damages.
Affirmative
NA
Person is not liable if the
NA
Establishes “safe harbors”
No
Person is not liable if
Defense/Safe
person has established and
as noted above.
the person has
Harbor
implemented, with due care,
established and
reasonable practices and
implemented, with
procedures to prevent
due care, reasonable
violations, and violation
practices and
occurred despite good faith
procedures to prevent
efforts to comply.
violations, and
violation occurred
CRS-18
Provision
S. 563 (Dayton)
S. 877 (Burns-Wyden)
S. 1052
S. 1231 (Schumer)
S. 1293 (Hatch)
S. 1327 (Corzine)
(As reported)
(Nelson-FL)
(As reported)
despite good faith
efforts to comply, or
if, within 2-days
ending upon the
initiation of the
transmission that is in
violation, such person
initiated the
transmission of such
message, or one
substantially similar
to it, to less than
1,000 e-mail
addresses.
Enforcement
By FTC.
By FTC, except for certain
Violation
By FTC, except for
By the Attorney
By FTC.
entities that are regulated by
considered a
certain entities that are
General.
other agencies.
predicate
regulated by other
offense under
agencies.
RICO and an
unfair or
deceptive
practice
under FTC
Act.
State action
NA
Yes, but must notify FTC or
NA
Yes, but must notify
NA
NA
allowed
other appropriate regulator,
FTC, which may
which may intervene.
intervene.
Class action suits
NA
NA
NA
No
NA
NA
allowed
Effect on ISPs
NA
ISPs may bring civil action
NA
ISPs may bring civil
ISPs may bring civil
ISPs may bring civil
in U.S. district court.
action in U.S. district
action in U.S.
action in U.S. district
court.
district court.
court.
Does not affect the
Provision
S. 563 (Dayton)
S. 877 (Burns-Wyden)
S. 1052
S. 1231 (Schumer)
S. 1293 (Hatch)
S. 1327 (Corzine)
(As reported)
(Nelson-FL)
(As reported)
lawfulness or unlawfulness
Senders of commercial e-
Does not change law
under other laws of ISP
mail including UCE must
regarding when ISP
policies declining to
comply with ISP policies
may disclose
transmit, route, relay,
with respect to electronic
customer
handle, or store certain
mail, account registration
communications or
types of e-mail.
and use, or other terms of
records; does not
service.
require ISP to block,
transmit, route, relay,
handle or store
certain types of e-
mail; does not
prevent or limit ISP
from adopting a
policy regarding
commercial e-mail
including declining to
transmit certain
commercial e-mail;
and does not render
lawful any such
policy that is
unlawful under any
other provision of
law.
Supersedes state
NA
Yes, with exceptions.
NA
NA
NA
NA
and local laws
and regulations
NA = Not addressed
RICO = Racketeer Influenced and Corrupt Organizations Act