FTC cans no-spam list

CAN-SPAM Act of 2003

The Federal Trade Commission says a national "do not spam" registry could be counterproductive as long as officials and experts can't definitively identify the sources of e-mails.

Instead of creating the registry now, FTC officials plan to hold a summit this fall focused on developing mechanisms authenticating e-mail senders. By having the ability to link the exact source of any e-mail to the message itself, Internet service providers would finally be able to apply spam filters, which could possibly eliminate the need for a registry in the first place, according to the Commission's report given to Congress and released today.

The report details a long investigation of the practical, technical, security, privacy and enforcement issues in developing a solution similar to the National Do Not Call Registry, which FTC officials put in place to help people avoid telemarketing calls. That registry went into effect last summer and has been hugely popular, with almost 62 million numbers now on the list.

Following that success, Congress passed the Controlling the Assault of Non-Solicited Pornography and Marketing (CAN-SPAM) Act in December 2003.

FTC officials examined three types of possible registries. The first type would list individual e-mail addresses that do not want to receive spam and the second would be for listing domains. The third possible solution would list the names of individuals and require that all unsolicited e-mails be sent to a third party, which would pass on the messages only to those addresses not on the registry.

However, the FTC's analysis concluded that none of those registries could be enforced effectively.

Beyond potential privacy and security problems, the Commission's greatest concern was that the basic list registry would effectively turn into a "do spam" list because spammers would know that those in the registry were valid addresses.

The report also raised the concern that a third-party forwarding solution would be "wholly unworkable" and "threaten e-mail's viability as a communications medium...[by] increas[ing] the volume of e-mail traffic while creating choke points in the e-mail system that do not currently exist," according to the report.