Policy Framework For Effective Spam Legislation

Download PDF

 The Privacy Coalition



July 18, 2003

Dear Members of Congress,

We write to you on behalf of a wide range of consumer, civil liberties, computer science, and privacy organizations across the United States regarding the urgent need to address the growing problem of unsolicited commercial email, or "spam." We recognize that Congress will likely act on legislation this session. We thank the Members and the sponsors of the various bills who have focused attention on this problem and have worked to address it.

We support strong, effective and sensible solutions to limit the growth of spam. The proposals currently before the Congress contain important elements, but no single proposal includes all of the key provisions.

After lengthy meetings and discussion, we have developed a basic policy framework for effective spam legislation. We believe that effective spam legislation will be based on the following principles:

A Clear Definition. Spam is best understood as "unsolicited, bulk, commercial email." While Congress may choose to further refine these terms, we believe all the elements should be present for the regulation of spam.

Establish Opt-in. The rule for bulk, commercial emails should be that they can only be sent with the recipients' prior affirmative agreement, with an exception for previously existing business relationships. This is the approach that email users overwhelmingly favor, and it is the approach that all European countries will adopt by October under a Directive approved last year. Cross-border fraud enforcement against spam will only be effective if countries adopt similar legal requirements. Furthermore, it makes no sense for multinational companies to operate on an opt-out basis when sending emails to people in the US and an opt-in basis for when sending emails to people in other countries.

Ensure a Private Rights of Action. Individuals as well as ISPs should have the legal right to bring action against spammers. This the approach that Congress took with telemarketers and junk faxes and it is the approach that has been taken in the states to address the spam challenge. Depriving individuals of the right to seek legal action weakens consumer rights and leaves too much discretion to government agencies. We are confident that a private right of action can be crafted in a manner that gives meaningful recourse to consumers while protecting legitimate businesses from frivolous litigation.

Enable Technical Solutions. Technology plays a critical role in reducing the amount of spam. The ISPs currently rely on filters. Many users also use client-side filters to control the flood of incoming email. Other techniques are being developed. We think these efforts, along with strong legislation, can be helpful to address the spam problem. (Some of us are concerned, however, that technical solutions to spam also block much non-spam at a significant cost to freedom of speech.) Furthermore, spammers have threatened and sued ISPs who attempt to protect their customers by implementing technological solutions. ISPs should be protected from such harassment by limiting their liability to bulk commercial emailers for good faith efforts they take to protect their customers from spam.

Support International Cooperation. Spam is a global problem. International cooperation is vital. We favor proposals to allow the FTC to cooperate with consumer protection agencies in other countries as long as such legislation does not reduce privacy safeguard or open government obligations that currently exist in law. We also believe that cross-border enforcement against spam will only be possible if the U.S. and other countries work together to enact similar laws and regulations.

Oppose Preemption. State officials have been on the front lines of the battle to combat spam. For this reason, many of us oppose the preemption of state legislative and enforcement authority, though some would support a preemptive federal bill if it has all of the other elements we believe are crucial. We would all strongly oppose an ineffective bill that includes federal preemption.

In addition, we favor prohibiting false and deceptive headers and subject lines, requiring commercial senders to provide their physical addresses, enabling consumers to opt-out easily from continuing to receive commercial emails, and setting significant penalties for harvesting email addresses.

We urge you to work with consumer and privacy groups, scientific organizations,  as well as other relevant stakeholders to fashion legislation that all can support. The worst outcome from Congress this year would be to enact ineffective legislation that does not give people meaningful control over their inboxes.

We appreciate you consideration of our views.


Marc Rotenberg, Executive Director
Electronic Privacy Information Center

Dr. Barbara Simons and Dr. Eugene H. Spafford, Co-Chairs
U.S. Public Policy Committee of the Association for Computing Machinery (USACM)

Hans Klein, Chairman
Computer Professionals for Social Responsibility

Ken McEldowney, Executive Director
Consumer Action

Jean Ann Fox, Director of Consumer Protection
Consumer Federation of America

Cindy Cohn, Legal Director
Electronic Frontier Foundation

Jason Catlett, President

Susan Grant, VP for Public Policy
National Consumers League

Deborah Pierce, Executive Director
Privacy Activism

Stephen Keating, Executive Director
Privacy Foundation

Beth Givens, Executive Director
Privacy Rights Clearinghouse

Remar Sutton, Co-Founder
Privacy Rights Now Coalition

Evan Hendricks, Editor
Privacy Times

Related Articles

Global Technology Policy Newsletter – March 2017
ACM PUBLIC POLICY HIGHLIGHTS ACM provides independent, nonpartisan, and technology-neutral research and resources to policy leaders, stakeholders, and the public about public policy issues, as drawn from the deep technical expertise of the computing community. Apply for the new A ...Read More

  • (Posted on 12-Mar-17)
  • ACM Joint Task Force on Cybersecurity Education Grabs Spotlight at U.S. Congressional Hearing
    The ACM Joint Task Force on Cybersecurity Education seized the spotlight during a congressional hearing on “Strengthening U.S. Cybersecurity Capabilities” on Capitol Hill on February 14, 2017. The hearing before the House Science, Space, and Technology Subcommittee on ...Read More

  • (Posted on 18-Feb-17)
  • Global Technology Policy Newsletter – February 2017
    ACM PUBLIC POLICY HIGHLIGHTS ACM seeks to educate policymakers, the computing community, and the public about policies that will that foster and accelerate innovations in computing, computing education, and related disciplines in ways that benefit society. ACM Statement on U.S. E ...Read More

  • (Posted on 12-Feb-17)
  • ACM Sponsors Data Sciences Education Roundtable at the U.S. National Academies of Sciences
    ACM is sponsoring a new 3-year initiative by the National Academy of Sciences on data science postsecondary education. A series of roundtable discussions will bring together representatives from academia, industry, funding agencies, and professional societies to explore the trans ...Read More

  • (Posted on 17-Jan-17)
  • Global Technology Policy Update – December 2016
    ACM PUBLIC POLICY HIGHLIGHTS Cybersecurity Education and Research in Europe – The ACM Europe Policy Committee released a policy white paper “Advancing Cybersecurity Education and Research in Europe.” Committee Chair Fabrizio Gagliardi recently presented the find ...Read More

  • (Posted on 12-Dec-16)
  • Global Technology Policy Update – October 2016
    ACM PUBLIC POLICY HIGHLIGHTS Computer Science Education and Research in Europe – ACM Europe Policy Committee members will be attending the European Computer Science Summit in Budapest, Hungary on October 24-26, which features programs on the challenges and opportunities in ...Read More

  • (Posted on 09-Oct-16)