FTC Puts ‘Do-Not-Spam’ Registry on Hold

FTC Puts ‘Do-Not-Spam’ Registry on Hold
Rhett Pardon
WASHINGTON, D.C. — Fearing that spammers would mine a “do-not-spam” registry and look for new victims, the Federal Trade Commission said Tuesday it won’t immediately create a national list.

In a study, the regulators concluded that it would be "largely powerless to identify those responsible for misusing the registry" and might generate even more unsolicited sales pitches across the Internet.

The FTC instead proposed adoption of new authentication technology that will make it more difficult to disguise the origin of unwanted e-mails. Several plans from leading technology companies are under industry consideration.

In a study released last week from network security firm MX Logic, only one in six pornographic unsolicited emails complied with the Can-Spam Act regarding the labeling of pornographic spam.

The Denver-based company said that the FTC rule, which went into effect May 19, has been flouted.

The law requires all unsolicited email with sexually oriented content to bear the label "SEXUALLY-EXPLICIT" in the subject line.

The Can-Spam Act (Controlling the Assault of Non-Solicited Pornography and Marketing) requires that unsolicited commercial email senders ensure that the "from" line clearly reflects the sender's identity; that it includes a subject line text consistent with message content; that it includes the advertiser's valid postal address; and that it contains a working opt-out mechanism as a way for the consumer to decline to receive further commercial email from the sender.

The FTC on Tuesday said it was obligated to consider the proposal under the Can-Spam legislation that Bush signed in December.

"A national do-not-email registry, without a system in place to authenticate the origin of email messages, would fail to reduce the burden of spam and may even increase the amount of spam received by consumers," the regulators concluded.

If new authentication plans don’t emerge, the FTC it will convene a federal advisory panel to determine whether the government could require Internet providers to adopt one.

The FTC said it was worried about security and privacy issues of children whose addresses might be added to such a list.

"A registry that identified accounts used by children, for example, could assist legitimate marketers to avoid sending inappropriate messages to children," the FTC said. "At the same time, however, the Internet's most dangerous users, including pedophiles, also could use this information to target children."