On June 14, the US House of Representatives' Commerce Committee approved a bill that further legalises and somewhat restricts spam e-mail. The bill is very much a mixed blessing, and a few small additions would make a big difference.
The bill, H.R. 3113 (http://thomas.loc.gov/cgi-bin/query/z?c106:H.R.3113:), bears the grand title "Unsolicited Electronic Mail Act of 1999" and aims to "protect individuals, families and Internet service providers from unsolicited and unwanted electronic mail."
While the bill's ostensible purpose is to protect people from junk e-mail, the biggest effect would unequivocally make such e-mail legal. The bill does not even give ISPs the right to ban this type of e-mail outright; it only gives them the right to demand compensation from a sender of unsolicited e-mail for the cost of delivering the mail. It is far from clear if an ISP could set a high value on its spam delivery services under this proposed law.
The task for anyone who actually would like to control unsolicited e-mail is that so far the US courts have decided the free speech clause in the US Constitution enables spammers to inundate our mailboxes with all sorts of textual and visual garbage. Thus, the bill limits itself to "unsolicited commercial electronic mail and unsolicited pandering electronic e-mail," but does not address unsolicited noncommercial e-mail. For example, someone could send a copy of the Unabomber's manifesto to his 10 million closest friends and this bill would provide no way to block that.
This bill may be about as good as we are going to get, but there are a few things missing.
Basically, the bill tells the US Federal Communications Commission to maintain a list of people who do not want to get spam and tells people who send spam not to send any to people on the list. But the bill should target people who sell lists of e-mail addresses as well as those who use such lists.
It also should include some way that the operator of an e-mail list, such as the Internet Engineering Task Force's, can get the list name onto the FCC list.
The bill requires a "conspicuously displayed" e-mail address to ask to get off but should require that this address be the return address on the spam.
The bill also requires that notice be given to a spammer through "registered or certified mail" but does not require a working postal address in the spam - it should. The bill should permit ISPs to "just say no."
The bill should especially enable class action lawsuits against spammers. The way it is now, you can sue if you got e-mail after saying no, but who is going to bother for the $500 to $2,500 you might get?
We are doomed to be inundated with more spam, but a good law might help some.
Disclaimer: I'm sure Harvard Business and Law Schools have people profiting on all sides of this issue, but I did not ask them, and the above advice is my own.
Bradner is a consultant with Harvard University's University Information Systems. He can be reached at sob@ sobco.com