More spammers are following the act's regulations, resulting in more spam rather than less, according to anti-spam vendor Commtouch.
The Can-Spam Act may have been named to suggest spam being sent to the trash, but it's proving to be an affirmation for spammers. The law says that you can send spam, provided your messages meet a few basic requirements. And, according to anti-spam vendor Commtouch Software Ltd., spammers are toeing the legal line in increasing numbers, resulting in more spam rather than less.
In May, Commtouch executive VP Avner Amram says, 9.5% of spam messages complied with Can-Spam regulations, up from less than 1% in January. That, coupled with a continuing rise in the volume of spam in recent months, suggests that the law is leading to an even greater amount of spam. "Having those two facts, let's try to think what's going on here," he says. "One of the reasons that we see is that Can-Spam basically tells spammers what their mail has to comply with in order to be legitimate in the eyes of the law."
Amram says that if users availed themselves of the increasingly prevalent, mandated opt-out link in spam messages, there would be both less compliant spam and less spam in general on the Internet. But the reverse appears to be true--there's more compliant spam and more spam in general.
Scott Chasin, chief technology officer at E-mail security vendor MX Logic Inc., says that's a safe assumption because spamming is a business people still want to be in. He cites a study from the nonprofit Pew Internet & American Life Project that suggests the potential profitability of E-mail marketing. The October study found 7% of E-mail users had purchased a product as a result of unsolicited E-mail.
Deborah Peckham, a partner with Boston law firm Testa, Hurwitz & Thibeault LLP, says it's hard to know whether the law is actually causing more spam, but she says the law was driven by E-mail marketers looking to send more messages.
Bennie Smith, chief privacy officer at Internet marketer DoubleClick Inc., said as much in September in the company's third-quarter policy and Internet service provider update. "I have spent a lot of time on the Hill speaking with senators, congresspeople, and their staffs pushing the need for a bill that helps to reduce spam without adding unnecessary cost and complexity to legitimate marketers," he said shortly before Can-Spam was signed into law.
Part of the problem, Peckham says, is that the law, marketers, and consumers often have differing definitions of acceptable E-mail.
Perceptions also vary among anti-spam vendors. MX Logic found in May that while 12% of E-mail was partially compliant with the Can-Spam law, only 1% was fully compliant, owing to subject lines that remained inconsistent with the body of the message. This represents a decrease from previous months, when fully compliant E-mail comprised 3% of messages.
While legitimate marketers generally make an effort to see and respect the consumer point of view, even a small misalignment in perception can mean a large amount of unwelcome E-mail when dealing with millions of message mailings. The issue becomes even more complicated in a business environment, where IT managers tend to be even less receptive to solicitations, legal or otherwise.
Trust remains a sticking point. E-mail users don't trust the opt-out links required by law. "People were educated that opt-out links are one of the ways that spammers validate activate E-mail addresses," Amram says.
Peckham acknowledges the problem but says the law does contain a provision about knowingly selling addresses of people who've opted out of future mailings. She says her firm's E-mail marketing clients are very eager to make sure their campaigns comply with the law.
Whatever its failings, the Can-Spam law has led to some high-profile prosecutions, which experts believe will encourage more-responsible marketing practices. "The value of the law is as a deterrent and as a vehicle to regulate the fastest-growing global broadcast medium on the planet," Chasin says. He predicts that the states, in response to the relatively toothless Can-Spam law, will enact further spam legislation, as happened last week in Maryland with the passage of the Maryland Spam Deterrence Act.
How Enterprises Are Attacking the IT Security EnterpriseTo learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Infographic: The State of DevOps in 2017Is DevOps helping organizations reduce costs and time-to-market for software releases? What's getting in the way of DevOps adoption? Find out in this InformationWeek and Interop ITX infographic on the state of DevOps in 2017.
IT Strategies to Conquer the CloudChances are your organization is adopting cloud computing in one way or another -- or in multiple ways. Understanding the skills you need and how cloud affects IT operations and networking will help you adapt.