Joint Open Letter on Spam Legislation

Senator Orrin G. Hatch, Chairman
Senator Patrick J. Leahy, Ranking Member
Senate Judiciary Committee

Senator John McCain, Chairman
Senator Fritz Hollings, Ranking Member
Senate Commerce, Science & Transportation Committee

Rep. F. James Sensenbrenner, Chairman
Rep. John Conyers, Jr., Ranking Member
House Judiciary Committee

Rep. W.J. “Billy” Tauzin, Chairman
Rep. John D. Dingell, Ranking Member
House Energy & Commerce Committee

Dear Sirs:

We are writing you to express our concerns regarding several pieces of anti-spam legislation that have been introduced or are currently being prepared for introduction. As anti-spam and consumer advocacy organizations that have worked on the spam problem for several years, we have closely analyzed many of today’s current anti-spam laws, in the United States and abroad, and we would like to offer our opinion on what we have become convinced are the only legislative measures that will make any meaningful difference in the lives of consumers. At present, none of the legislative proposals currently being considered in Congress contain the measures we recommend; rather, they repeat many of the legislative mistakes that have exacerbated the unsolicited commercial email problem, permitting it to grow to the epidemic proportions it has reached today.

First and most importantly, to have any meaningful effect on the growing volume of unsolicited email, any law should prohibit the sending of unsolicited bulk commercial email. Any law that defines acceptable criteria for sending unsolicited bulk commercial email will amount to little more than establishing the conditions for a federal license to spam. The vast majority of online marketing organizations have active and robust permission-based marketing programs that generate significant profits using “opt-in” business models. By establishing an “opt-out” legal regime, Congress would undercut those businesses who respect consumer preferences and give legal protection to those who do not.

An opt-in criterion, requiring the affirmative prior consent of the addressee, is essential to reduce the rising tide of spam, while an opt-out law gives safe harbor to ever-growing floods of unsolicited bulk commercial email. Opt-out places the burden on consumers to remove themselves from potentially tens of thousands of mailing lists that they never wanted to be on in the first place. Because most consumers do not wish to interact with the senders of unsolicited bulk commercial email, few consumers will have the time or inclination to comply with hundreds or thousands of different variations of opt-out procedures.

We also note that opt-out has proven disastrous in South Korea, where the legislature is now scrambling to enact opt-in legislation. Furthermore, opt-in is the law in the European Union and soon to be law in several other countries. Therefore any company operating on a global basis will not be placed under a unique or undue burden by treating American consumers in a consistent fashion. Ultimately, the opt-out approach supported by some direct marketers places their own business convenience over the best interests of American consumers. If Congress accepts their approach, it will condemn consumers to lives with more unsolicited email, not less.

Second, individuals who receive spam should have a private right of action allowing them to recover liquidated damages for violations of the law. It is important that Federal agencies, state Attorneys General and ISPs should also be able to sue spammers, but as it was made clear by Washington’s Attorney General at the Federal Trade Commission’s Spam Forum (April 30 – May 2, 2003), the only way you will see meaningful enforcement of anti-spam laws is to give the individual victim the right to sue. Federal agencies and state Attorneys General have made it quite clear that they do not have the resources needed to enforce new anti-spam laws. If it is the intent of Congress that any anti-spam law actually be enforced, Congress has two choices: appropriate massive amounts of new funding to all of the responsible law enforcement agencies, or empower consumers to bring their own actions.

The individual private right of action created against junk faxers in the Telephone Consumer Protection Act of 1991 (TCPA) has worked well to keep junk faxes at a tolerable level without any added expense to law enforcement, and without creating the much-hyped “flood of unwarranted litigation” that critics erroneously cite. The TCPA does this by creating an action at the lowest court in a state, typically a small claims court. If floods of litigation are feared, there are ways to create a private right of action for individuals that sharply limit that potential. But a failure to create an individual private right of action will ensure extremely limited enforcement, much as we see today with existing state laws.

Third, a federal law should not preempt stronger state law, particularly if the federal law fails to meet the two criteria above. As with all consumer protection, federal law should set a floor, not a ceiling, and should give victims the ability to bring their actions in any court that provides a competent and convenient forum. By preempting state laws with an ineffective federal law, and by giving federal courts sole jurisdiction to hear cases, Congress would strip away what little protection consumers already have under the handful of strong state anti-spam laws.

All the proposed bills we have seen fail on these three fundamental counts. At the Federal Trade Commission Spam Forum, a substantial majority of the expert participants very clearly articulated that to be effective, spam legislation needed to be opt-in and contain a private right of action.¹ (The only dissenting opinions came from spammers and the Direct Marketing Association.) Recent proposals not only ignore this consensus and side with the spammers, they include exemptions that seem to have been designed to make life easier for spammers.

For example, the draft bill being circulated among committee staff at Energy and Commerce and the Judiciary Committee makes an opt-out choice only effective for three years and would permit a company to send unsolicited email for any product in their portfolio, while forcing consumers to opt-out each time they receive an unwanted mailing. We ask you to envision how this process will play out in a real-world situation, wherein the estimated 23 million small businesses in America could send email to consumers, requiring an individual to opt-out every three years. By creating such a potential, it is a gross misnomer to label a bill containing such provisions as “anti-spam” legislation; the burdens shifted onto consumers by such a bill are more properly described as “anti-consumer” or “pro-spam.”

In the last several years, many of the ideas embodied in the current “anti-spam” legislative proposals have been demonstrated to be ineffective and in some cases likely to exacerbate the spam problem. We urge you to not simply reintroduce discredited approaches, but to move past them and look to solutions that have a real chance of making a difference. In the coming days, we will be contacting your staffs with recommendations for addressing the specific concerns we have with the current proposals, and will suggest ways of getting to a simple and fair bill that gives individual consumers, businesses both small and large, educational institutions, charitable organizations, and government itself, the means to defend themselves.

Sincerely,

Jason Catlett, President, Junkbusters Corp.
Jean Ann Fox, Director of Consumer Protection, Consumer Federation of America
Beth Givens, Director, Privacy Rights Clearing House
Susan Grant, Vice President for Public Policy, National Consumers League
Ken McEldowney, Executive Director, Consumer Action
Scott Hazen Mueller, Chairman, Coalition Against Unsolicited Commercial Email
Gary Ruskin, Executive Director, Commercial Alert
The Officers and Board of Directors of the SpamCon Foundation

¹ There were many other lessons learned at the Federal Trade Commission Spam Forum that have not been reflected in any of the current proposals. For example, many participants provided evidence that opt-out “anti-spam” laws have resulted in greater and greater volumes of unsolicited email. Many panelists stated that even criminal penalties for certain deceptive spamming practices will not substantially reduce the volume of spam if unlimited quantities of non-deceptive spam are given safe harbor under law. Similarly, advances in spamming technology have made irrelevant provisions against “harvesting” of email addresses; many such email lists have already been compiled, and spammers are now moving on to “dictionary attacks” which dispense with lists altogether and simply use systematic guesswork.