US House, Senate Agree on Anti-Spam Bill 448
Folic_Acid writes "Rep. Billy Tauzin, chairman of the House Energy and Commerce committee, has announced that the House and the Senate have reached a deal to both pass an anti-spam bill, the first ever federal anti-spam law in the United States. Specifically, the law contains: opt-out, authority for the FTC to set up a "Do-Not-SPAM" registry, criminal charges for fraudulent spam, including five years in prison, statutory damages of $2 million for violations, tripled to $6 million for intentional violations, unlimited damages for fraud and abuse." News.com has a copy of the bill and a story.
The RIAA/MPAA has their mitts in this one too! (Score:5, Interesting)
Unbelievable.
Re:The RIAA/MPAA has their mitts in this one too! (Score:2, Funny)
~~~
Translated version (Score:3, Insightful)
Too bad.
Re:Translated version (Score:5, Insightful)
They do if the the intended recipient of the mail is not, indeed, using said protected material unlawfully. Hmmmmmm. This could be VERY interesting the next time they make a mistake on the identity of the alleged pirate.
Re:Translated version (Score:2)
So a false notice by the RIAA *D *is* SPAM? (Score:5, Insightful)
Nonsense (Score:3, Insightful)
Re:Nonsense (Score:5, Insightful)
Wow.
You're missing the point. The question isn't so much whether their email should be considered spam, as it is the fact that such a provision is front-loaded into legislation that on its face has absolutely nothing to do with copyright issues.
This is particularly relevant given the past instances of industry involvement in the legislative process, and most especially the DMCA itself, which it has been alleged saw language included at the last moment on behest of the RIAA that was never approved by any member of the House or Senate.
In other words, it is just another example of corruption of our government by the "entertainment" industry.
Maybe if these people spent less time choking our freedoms with self-serving laws and spent more time on creating art we wouldn't have to deal with fare such as Matrix: Sucks and Matrix: Really Sucks.
Re:Nonsense (Score:3, Insightful)
Re:Nonsense (Score:2)
If I have a credit card with a bank, and the banks calls me out of the blue to try to sell me anti-fraud protection, that is legal, and should be.
Should be? I wouldn't go that far. If you're on the DNC list, no one should be allowed to call you to try to sell you something without prior consent. If they're calling to tell me I'm over my limit, or even that I'm nearly over the limit, that's fine. Calling to try to sell me something isn't. Of course, it really doesn't matter all that much. If someon
Re:Nonsense (Score:3)
If they're calling to tell me I'm over my limit, or even that I'm nearly over the limit, that's fine. Calling to try to sell me something isn't.
I don't want to be called about other stuff. For example, Discover is an awesome company as far as financial institutions go. I did not want to be called about new offers, so I opted out. No more calls since. They respected my decision. We both prosper from this business relationship.
If someone is going to harrass me like that, I'll just cancel my service wit
This is to be consitent with DMCA's safe-harbor (Score:5, Informative)
From keytlaw [keytlaw.com]
- Digital Millennium Copyright Act Safe Harbor
I think they just wanted to make it consitent with DMCA.The simplest, cheapest and best way a web site owner may protect against liability for copyright infringement resulting from users' uploaded content is to comply with the safe harbor provisions of the Digital Millennium Copyright Act. Web site owners who comply with the requirements of the DMCA and who take appropriate action after receiving notice of copyright infringement from a copyright owner, will not be liable for money damages for users' uploaded content.
The closest distance between two points is a tunnel
- Lyndon Johnson.
IAAL (Score:5, Insightful)
And since Web sites are often maintained by various people, the DMCA safe harbor generally applies, which is why most commercial Web sites have DMCA contact info for an agent to receive notices of claimed infringement.
Obviously, if the infringer infringes on purpose, there is no safe harbor.
Re:The RIAA/MPAA has their mitts in this one too! (Score:3, Insightful)
Re:The RIAA/MPAA has their mitts in this one too! (Score:3, Insightful)
Re:The RIAA/MPAA has their mitts in this one too! (Score:3, Insightful)
The big issue today isn't even the actions of these corporations, it's the power and influence they hold. That microsoft illegally abuses it's monopoly is one thing, that microsoft had the power to weasel out of the issue is far far worse. That the RIAA is suing
No, believable and necessary (Score:3, Insightful)
You mean that a message from a wounded party asking the (possibly inadvertant) offender to stop the tort is unbelievable?
Bah.
The darn law doesn't mean that an e-mail is now legal service; it means that the RIAA won't have a "we'd get sued" excuse to not try and tell people "please stop that, we see what you're doing" before starting a lawsuit.
Re:The RIAA/MPAA has their mitts in this one too! (Score:5, Funny)
After scanning your network, this is an automated message notifying you that the copyright owner, Meds2U.com, believes you are making unlawful use of one or more copyrighted materials held by said owner. Please cease and desist immediately your unlawful use of these materials, or contact us so that licensing of said materials can be arranged. Under the DMCA, we hereby certify that we act as representatives of Meds2U.com which sells phentermine, Xanax, Viagra, Prozac, Celebrex, and many other prescription medications available at below pharmacy cost to you from http://www.meds2u.com 24 hours a day, 7 days a week!
Yours truly,
Dewey, Cheatem, and Howe
Attorneys at Law
Can you say loophole (Score:5, Funny)
- - - - - - - - - - - -
Dear Sir no doubt you have been receiving messages on increasing your penis size.
Let me take this time to inform you that my company Hammer Inc. has a US Trademark and copyright on the term "penis enlargement" and a patent on our exclusive fully herbal penis enlargement treatment plan. All those other companies are violating our establish copyrights and infringing on our patent. We have very strong IP rights in this area let me assure you.
So therefore let me offer our treatment at an incredible savings, just sign up now and we will give you 30% of list. Your lover will love you for it...
v/r McBribe CEO Hammer Inc.
Re:The RIAA/MPAA has their mitts in this one too! (Score:3, Informative)
Last time I checked, the only way to be sure was to send a registered letter via the USPS. E-Mail is not a very reliable delivery mechanism, certainly not good enough for sending legal notices. I doubt such an E-Mail would hold up in a court of law, should a lawsuit be filed with just E-Mail notifications, so it's kind of pointless to be sending them.
Inline with spamhaus' definition (Score:3, Insightful)
A couple of notes:
- Content of a message is not relevent.
- Significantly, spam is spam if the recipient is irrelevent. RIAA/MPAA's messages would be sent to specific people.
RIAA/MPAA might be evil bastards, but their not evil bastards because of this....
Re:This does what.... (Score:3, Insightful)
The crime is "sending FRAUDULENT spam". It's an opt-out law. It lets 'charities' and 'political organisations' spam you. And there's a nice little clause in there which means that it's only fraudulent if you forge five or more addresses. NOT GOOD.
Be prepared for spam to dwarf Swen as the biggest bandwidth hit on the Net next year. And legally, you can't do a goddamn thing; it's whack-a-mole all ove
Re:This does what.... (Score:3, Insightful)
The US-originating spammers already use open proxies, r00ted cablemodem boxes and other funness to market their sites, generally hosted on dodgy ISPs in the Far East (China especially) using fake WHOIS registrations and idiotic registrars (VeriSign et al). You really think this law is goin
Finally! (Score:3, Interesting)
Is this really just fluff to impress voters? Or do you think it will actually carry any weight?
Re:Finally! (Score:5, Insightful)
(1.) U.S. Laws only reach as far as U.S. borders. Where does 95% of spam come from?
(2.) What is to stop spammers(who have previously shown themselves to be willing to break the law and root people's servers to use as relays) from using this Do-not-spam list as a database to spam? I mean, think about it, a nice, large index of completely valid email addresses? This is spammer gold people!
Re:Finally! (Score:3, Interesting)
The same goes for ISP's. We have all seen Earthlink, Yahoo, even Hotmail include anti-spam methods, could they have their entire domain listed? Should they?
This raises several other questions, but at least in response to your (2), this would cover all recipients of a domain without giving a single address away.
great... wait... (Score:5, Insightful)
And even if they MD5 each address or something not-totally-braindead, it turns into a us spammer hash-checking, finding it on the do-not-spam list, and selling it to a foreign counterpart as a quality address.
Re:Finally! (Score:3, Informative)
However, I'd say that at least 60% comes from within the US (and yes, I'm in the US.)
I don't think legislation is a magic bullet, but it may just help. Certainly, the `do not call' lists have reduced the telemarking phone calls we receive by over 95%.
Re:Finally! (Score:3)
Re:Finally! (Score:3, Insightful)
The USA. Well, maybe not exactly 95%, but certainly the vast majority is sent by people in the USA, plugging "products" targeted at US citizens. Spamhaus is currently not responding, otherwise I'd provide a link to the page with their research about the big spammers. They're almost all in the USA.
The fact that messages originate from open relays in Asia does not change the fact that the people responsible for sending those messages are in the US.
What is to stop spam
Re:Finally! - BAD, BAD, BAD (Score:5, Insightful)
Judging by the text of the bill, not long enough.
Properly implemented, a law would be a good thing, but this misses on several counts..
First - it defines spam incorrectly.
Spam is unsolicited bulk email. This uses the term 'unsolicited commercial electronic mail message' - whether an email is commercial or not is irrelevant as to whether it is spam. Although the majority of spam is commercial in nature, not all of it is, just as not all unsolicited commercial email is spam (as evidenced by their need to include an exemption for copyright infringement notices.)
Second, the fact that it's opt-out, means that it legalizes spam - it's a pro-spam bill, not an anti-spam bill.
I haven't finished reading it, but if it overrides state legislation, then it's the worst possible outcome.
Re:Finally! (Score:3, Insightful)
How? (Score:3, Insightful)
Re:How? (Score:5, Insightful)
Re:How? (Score:3, Informative)
Really? Filters perhaps, but certainly not anything fundamental at the protocol level.
The simplest and most backwards compatible approaches under consideration are IP-number-based sender authentication. These don't require any significant changes to SMTP/ESMTP, and they can be adopted gradually and interoperate with systems not yet deploying them. SPF [pobox.com] is probably one most likely to be adopted. The basic idea is to provide a mechanism for
Re:How? (Score:3, Insightful)
Hey, I kinda like that word. Tech-norant, as in "tech ignorant."
Re:How? (Score:2)
Define "good." If, by "good" you mean "will stop spam" forget it. If good means "giving the pols a talking point for their reelection bid" then perhaps it might help.
Unlimited Damages ...!? (Score:5, Funny)
What the -- unlimited damages
Holy crap, get ready for the undead legion of attorneys to rise from the grave!
-kgj
Exactly... (Score:5, Insightful)
Re:Exactly... (Score:2)
Re:Exactly... (Score:3, Insightful)
If I may provide an example:
J. Random Person is fed up with spam from the infamous Mr. Rawlsky [slashdot.org]. In order to combat this, J. signs up with the "Do Not Spam" list.
Several months go by to allow Mr. Ralsky time to get the list and remove addresses from it. However, Mr. Ralsky doesn't remove J.'s email address and J. (after some careful tracking with his anti-spam breathren) forwards his email
Oooo...Oooo...I have a question! (Score:3, Funny)
Aren't those old dudes in the Senate the ones that are buying all that Viagra?
I thought so.
more of the same (Score:5, Informative)
At this point, the only way you can realistically take action against a spammer based on these laws is by printing them out, finding the spammer and then hitting him over the head with the actual laws. Law enforcement agencies and district attorneys have repeatedly demonstrated an apathy towards pursuing and prosecuting spammers. The FBI has a monetary threshold of damages on any case of this nature it even elects to investigate. There are virtually no resources dedicated to enforcing this bill and there are no competent agencies available to even investigate! Please send a message to your political leaders that enforcement and not more laws are key to dealing with this problem.
The law looks good, but without dedicated provisions and a change in policy which will actually insure that these issues will be enforced, this is just a joke.
Re:more of the same (Score:2)
I would expect that this new law will close many of the loopholes that other laws leave. That will make it much more difficult for someone accused of a criminal offense by spamming to win the court battle that follows.
Re:more of the same (Score:2)
Re:more of the same (Score:2)
Re:more of the same (Score:3, Informative)
Basically because it's a federal law. This means all of the issues of jurisdiction that the state laws face are gone. There are certainly lots of issues left, but having some sort of federal law is a big step IMO.
(I haven't read this particular law yet, since its 55 pages long)
Office Space, anyone?... (Score:5, Funny)
Bet someone's going to regret pushing all those penis patches (of grow 3 inches! fame).
how long before... (Score:5, Insightful)
Re:how long before... (Score:5, Insightful)
Pretty long, seeing as state courts can't rule on a Federal issue. Spam, being 'insterstate commerce' (in a manner of speaking) is most certainly all Federal. I also doubt there are many Federal courts that would consider the question of the bill's constitutionality. You have the right to speak, not to be heard; most certainly not at someone else's expense. If you had the right to be heard by your audience, you could sue deaf people for violating your right to free speech. How absurd is that? Free speech protects you when you're standing on a corner preaching your religious views or publishing a political opposition newspaper. It does not force everyone to stop and listen to you speak, nor force anyone to buy a copy of your newspaper.
If spammers want to continue to spam legally, they ought to stand on a street corner and hand out fliers to anyone who wants one. Thus, the optimal example of an 'opt-in' system. The way it works now, they're jamming the fliers into your pocket, whether you want them or not, to the point that your pockets explode when you get home. Every time you try to cover your pockets, they find another way to jam another flier into your pants. Activity like that would get you shot in New York, and perhaps worse in L.A.
deeply dissapointed (Score:3, Interesting)
1. No requirement for opt-in
2. No jail time only monetary damages
3. No public stonings
Re:deeply dissapointed (Score:2)
Re:deeply dissapointed (Score:2)
I think the DO-NOT-SPAM registry pretty much takes care of that.
2. No jail time only monetary damages
Not true. Senders of fraudulent SPAM are subject to five years in prison.
3. No public stonings
OK well, I guess we'll all have to make a compromise here. Maybe we can get them to introduce public stonings for repeat offenders?
Did you read? (Score:2)
Makes it a crime, subject to five years in prison, to send fraudulent SPAM
While of course, fraud is already fraud... this covers in particular spam fraud - which does account for a goodly percentage of total spam.
I personally don't think that somebody needs to go to jail for spamming, there are cases where spamming is accidental or at very least due to extreme ignorance (see those who hire spammers). Not to mention the spambots hijacking computers... wouldn't want to
Not going to sign up for Don't-email-list (Score:3, Insightful)
Re:Not going to sign up for Don't-email-list (Score:3, Insightful)
The previous version of the bill didn't specify whether entire domains would be included, but apparently left it to the FCC to decide. Of course, the DMA and their pet congressmen want the bil
Re:Not going to sign up for Don't-email-list (Score:3, Funny)
You know, that sounds like a pretty good idea. I
Finally.. (Score:3, Interesting)
First thing, I'm going and registering all the domains I own, and my comcast account. Then, for good measure, I'm going to see if I can pipe all emails through servers in California.
One question: does this federal law overrule the Calif law, and if so, is it for better or worse? What's CAUCE's opinion on this?
Re:Finally.. (Score:2)
I'm hanging on to my 10 year old MB, it's got ISA slots, which are much easier to work with than PCI for the hobbiest.
Good god, never get rid of old hardware. Just store it in a box somewhere like your grandma saving old National Geographics. They'll be good for something eventually, I'm sure.
Re:Finally.. (Score:3, Insightful)
This law makes it legal to send spam in all 50 states.
The law has many things wrong with it:
Unlimited damages (Score:5, Funny)
"Should PARTNER at any time divulge material covered by this agreement, then financial reparation may not be sufficient"...
(No, the NDA wasn't under the NDA - do you think I'd be telling you this, if it was ???)
I never did get clarification on what non-financial reparations would be demanded (first-born son?, ritual dismemberment ?)
Simon.
Re:Unlimited damages (Score:2)
Yeah yeah, I know, they can't dismember you either, but the idea of spilling all the PS2's secrets was more likely to invoke avenging ninja than avenging lawyers, it was a while back, lawyers were kept more on their leash then
Simon
What about the people... (Score:2, Insightful)
Re:What about the people... (Score:2)
Maybe that'll start showing people they need to install firewalls and virusscanners. If a few examples are made, perhaps people will finally learn.
Problem is.. (Score:2)
Make all the laws you want. How can you enforce it, when the spammers are in S.Korea, or in an Eastern Bloc country?
or:
"The intarweb worm diddit!!"
My phone still rings. (Score:2)
So what does this new upcoming law offer? I doubt very much that it will change anything. If anything does change, more than
Here's what I'm going to do: (Score:5, Insightful)
I'm going to create a new email account, and register it on the "do not spam" registry. It will have a random account name on my own domain.
I will not use this account for anything else.
As a control, I will create another random account under the same domain, and not use it anywhere, even on the "do not spam" registry.
I will measure how long it takes before the first address receives spam, how long before the second receives spam, and the amount of spam each receives.
Hypothesis: The first account will start receiving spam almost immediately. Due to the nature of the spam, the second should never receive spam unless someone is sending email to random 8-character accounts at my domain (brute force attack).
600.000.000 to opt our from (Score:2)
I should opt out from each of them?
If it takes 5 seconds to scan a single message, identify it as unwanted, searching for the opt-out link and clicking on it, this would take me 833333 hours, or 190 years (assuming I sit 12 hours a day in front of my pc).
How to fund enforcement (Score:2, Redundant)
I don't know about anyone els
Won't help me much... (Score:2)
Except, what if the viruses are also spam?
A little overbroad (Score:2, Insightful)
Re:A little overbroad (Score:2)
Real Bad Idea (Score:2)
While I personally think that Ashcroft is abusing his power very badly, I can safely assume that will follow will make Ashcroft look like an angel. Absolute Power Corrupts absolutly.
MAILER-DAEMON: user unknown (Score:2)
To: U.S. Congress
Subject: undeliverable: user unknown
The following mail could not be delivered:
user unknown <joespammer@spammer.com>
> From: U.S. Congress
> To: <joespammer@spammer.com>
> Subject: You are under arrest
>
> Attention Joe Spammer,
> Please be notified that you are hereby under arrest for violating the new US Anti-Spam law.
> You will be subject to up to 5 years in jail
> and two million dollars in damage.
>
> Seriously yours,
> The U.
Obligatory defeatest cynical comment (Score:2)
It's better than nothing (Score:3, Informative)
Then they'll argue that the spammers will move their mail servers to another country. So what? If the company doing business is still located in the U.S., the anti-spam laws will apply. I already block China and South Korea. I'm damn close to blocking Brazil. If the spammers move, it will be easier to block them.
Then they'll say the spammers will move their entire business to another country. Hell, that works for me. Maybe they'll move to the next country on the anti-terrorism hit list.
As for the idiots saying spam is protected by the Constutition. Bzzt! Wrong! Your right to free speech does not extend to breaking into my home to set up your soap box. Your right to free speech does not give you the right to make me pay to listen. Your right to free speech does not continue when I tell you to shut up and get the hell out of my house, nor does it mean you can sneak back in the next day to make me listen yet again.
Re:It's better than nothing (Score:3, Insightful)
Horribly flawed idea. (Score:3, Insightful)
This list will need to be distributed for spammers to check it for compliance. When it gets distributed it will be explicitly added to all spam lists by illegal spammers and list aggregators. All current and future illegal and foreign spammers (i.e. most of them) will then bombard everyone on the list with more spam.
As usual they will get away scott free thanks to hijacked servers and IP blocks foreign immunity & the usual shady practices.
This is unworkable.
Re:Horribly flawed idea. (Score:3, Insightful)
> This is unworkable
Please see my previous posting [slashdot.org] on why this is actually very workable.
There's no reason you can't give a spammer an encrypted list of addresses. All they have to do take one of their addresses, encrypt it, and compare the encrypted address with each address on the Do-Not-Spam list. If they match, then the address must be removed.
No decryption of the Do-Not-Spam list required.
Wow (Score:4, Troll)
Now, I appreciate that spam, for a lot of people, is a major problem. I know that as a user, rather than an admin, and a careful one at that, I don't see the true extent of the problem. I get perhaps a couple of dozen spams a week to a single address that I was foolish enough to have in plaintext on a website a couple of years ago. To me, it's no big problem - Mozilla Mail's junk tools catch 95% of them. Still, I'm aware that spam is a serious problem for a lot of people.
But five years in jail? That seems somewhat excessive to me. I condemn the RIAA's lobbying partly because of the excessive penalties they seek; I cannot, in all conscience, support similar penalties for a crime which, to me at least, doesn't seem a great deal more heinous.
This is not an anti-spam bill (Score:5, Insightful)
It seems like the meat of this bill is in this clause:
So, basically, spam all you want as long as the recipient isn't on the do-not-spam list, and as long as the spam is labeled. Point-by-point for today's news release:The bill is opt-out. Enough said.
Won't work, for many reasons that have been copiously explained elsewhere. Primarily, great, give the spammers a list of valid email addresses.
The pornifity of the email is irrelevant. Spam is spam. Again, you have to say "no," possibly thousands or tens of thousands of times. Opt-out.
But non-fraudulent spam is ok? I thought fraud, whatever the medium, was already illegal.
I just don't see the point of a law where enforcement is not permitted.
Spam is abuse of the email system. Who can sue for these statutory damages? The ISP, the recipient, the states?
Opt-out is very bad for non-individual mail (Score:3, Insightful)
#1 (Score:3, Interesting)
Just as I refuse/block UNAVAILABLE calls and judiciously decide what profanity of choice to use on PRIVATE callers.
With _any_ OPT-OUT type of choice shortly I'll simply white-list a very few and block everybody else. Email is pretty much dead already anyway. How many hundreds of thousands, if not millions of business' are there in the US alone? For next to nothing they'll all be spamming me -- no thanks.
I guess this means I won't be getting funds transfered to my bank account from Africa. Darn.
easiest anti-spam bill (Score:3, Funny)
just visit various spammers, liquidate them, no consequences.
Hell, I'd even make a very large campaign contribution to Bush for that piece of paper, and I can't stand the man.
Simple solution to spam problem (Score:3, Funny)
Hasn't passed the House yet. Call Congress now. (Score:5, Informative)
This bill could still die. Call your Congressional office. [house.gov] The staff is still there, very tired, and answering the phone.
Re:SPAM fines (Score:5, Funny)
Re:SPAM fines (Score:3, Funny)
Re:SPAM fines (Score:3, Informative)
Re:SPAM fines (Score:2)
This is a BAD bill (Score:5, Insightful)
Don't preempt the SPAM state laws!!!
Re:SPAM fines (Score:2, Insightful)
Sounds like they're making a distinction between intentional and non-intentional... as in hijacked pc's??? I don't want to wake up one day and have a $2 mill lawsuit on my front door having no clue someone hijacked my pc and sent spam. I'm pretty up on my protection and common sense, but this is kinda scary. ????
Re:SPAM fines (Score:3, Interesting)
get your own government to actually do something useful instead of this piece-of-shit legislation. Here's a quote about it from Spamhaus.org:
All todays spammers applaud Tauzin's "Reduction in Distribution of Spam Act", as does the Direct Marketing Association. It's what spamme
Most spam *IS* from the USA (Score:5, Informative)
Have a quick scan down the list of countries...
Simon
Oil, oil, and more oil (Score:2)
Probably not. Instead, we'll invade them for the oil.
-kgj
Re:Oil, oil, and more oil (Score:2)
good. (Score:2)
Re:Another attempt to kill capitalism (Score:4, Informative)
Spam will NOT be profitable if it generates NOISE. In order for Spam to work, it must leave behind a point of contact of some sort. If we collectively fill that point of contact with JUNK responses, spam will disappear because it cost MORE to the spammers than it is worth. Imagine a spammer having to sort through millions of fake responses to find the one that is legit?
That is how spam will be defeated.
Re:Do-not-spam list (Score:3, Interesting)
It doesn't have to. Consider the Unix/Linux password system. When your account is created, your password is encrypted and stored in /etc/shadow. When you login, the password you enter is encrypted and compared with the password stored on disk. If they match, then the system knows you typed in the right password and lets you in. At no point does your stored password have to be decrypted.
Applying tha
What, Just Today? (Score:3, Funny)
Try this on for size next time a telemarketer calls you at work, "Who the fuck gave you this number? This is my work number. You do not call me at my work number! If you ever call me here again, I will find out where you work, I will come there, and I will bitch slap you into the middle of next week! Do I make myself clear?!"
I can't claim credit for this though. I heard this tirade f