Search: CAN-SPAM

Like a Kid in a Candy Store, Parental Supervision Still Needed for FTC Rulemakings

by Braden Cox on February 26, 2010 · 7 comments

Congress gets dinged a lot for slowing down innovation, but sometimes that is just what the doctor ordered. Thirty-five years ago, a Democratically controlled Congress passed the Magnuson-Moss Act in an attempt to check a hyperactive FTC.

Like a kid set loose in a candy store, the FTC at the time had gone on a binge of overreaching and harmful regulation. The core enabler of this action is the exceptionally broad mandate bestowed on the agency to regulate all “unfair” consumer activity. Unlike regulating the structural stability of bridges or safety in food, “fairness” is a subjective concept.

Congress’ prudent action to place special restrictions on FTC rulemaking [15 U.S.C. Sect. 57a(b)(2)(A)] was in direct response to the agency’s overreach and regulation of activities that would have included advertising children’s products – in essence, acting like a kid in a candy store. Magnuson-Moss was the equivalent of putting the candy behind the counter, providing Congress and courts control over how much candy was appropriate.

Now, 35 years later, the FTC has that ‘unfairness feeling’ again. In a NY Times interview last month, FTC Chairman Jon Leibowitz signaled his intent to change standard marketing tactics of disclosure and opt-out, by requiring users to opt-In for collection of information for targeting ads. They are concerned about what’s “fair” in advertising, but we know that low rates of opt-in will reduce ad revenue. If the change were put into effect, free online services might have to charge a “fare” to users.

At the same time, the FTC is seeking to shed what the Chair called “medieval restrictions” on its rulemaking powers. A change that would allow the FTC to move quickly to require opt-in. Taken together, these threats to online services and e-commerce are #1 on the NetChoice 2010 iAWFUL list. Continue reading →

7 comments

Ends, Means, and One Man’s War on Advertising

by Jim Harper on March 24, 2009 · 8 comments

Chris Soghoian has responded to my recent post lauding his Targeted Advertising Cookie Opt-Out (or “TACO” – documented and downloadable here). We’re agreed in the main on user empowerment. The interesting stuff is on the margin: He disagrees with me that blocking third party cookies as I do (and he does too) is a satisfactory approach to suppressing tracking by advertisers.

There are a couple of points worth making about the discussion.

The first has to do with our slightly differing objectives. Chris is deeply focused on advertisers and his dislike of being tracked by advertisers. Though it is not absolute, I have a preference against tracking by anyone other than sites that I know, like, and trust. I’m no more worried about advertisers than any entity that would track my surfing – and there are many.

Again, TLF readers, I ask you to try setting your browser to query you before setting cookies. It’s a real insight into the dozens of entities getting a look at you as you surf, including a bunch of social networks and news sites.

If “advertisers” are what you seek to harness, that seems like a group that can be captured through some kind of centralized control mechanism. (I don’t think it actually is.) But if your goal is privacy as against all comers, you don’t attempt to centrally plan or decide who is good and who is bad. Responsibility rests with the end user.

Let the goal be “advertisers,” though. And I ask: Those social networks and news aggregators – are they “advertisers”? If you’re going to require a subset of Web communicators to obey opt-out cookies, you have to be able to define that subset – a problem Chris doesn’t seem to have thought about yet.

Lots of different publishers, sites, and networks have data that is entirely fungible with the tracking data advertisers collect. What do you get if you push down on the “officially advertisers” part of the balloon? Workarounds.

But I’ve backed into the second point – the means to these ends. Chris soft-pedals how he would get at tracking, but as far as I can tell it’s a law that says “advertisers” have to obey opt-out cookies. Continue reading →

8 comments

McCain’s Tech Policy a Mixed Bag at Best

by Berin Szoka on August 14, 2008 · 14 comments

Braden has noted the release of John McCain’s tech policy–rightly decrying McCain’s socialistic community broadband concept. But far more outrageous, in my view is this bit of doublethink. First, the good part we should all applaud:

John McCain Has Fought to Keep the Internet Free From Government Regulation

The role of government in the Innovation Age should be focused on creating opportunities for all Americans and maintaining the vibrancy of the Internet economy. Given the enormous benefits we have seen from a lightly regulated Internet and software market, our government should refrain from imposing burdensome regulation. John McCain understands that unnecessary government intrusion can harm the innovative genius of the Internet. Government should have to prove regulation is needed, rather than have entrepreneurs prove it is not.

Amen! Even a hardened Ron Paul/Bob Taft/Grover Cleveland/Jack Randolph-survivalist/libertarian-crank like me can rally behind that banner. But then this self-styled champion of deregulation pulls a really fast one:

John McCain Will Preserve Consumer Freedoms. John McCain will focus on policies that leave consumers free to access the content they choose; free to use the applications and services they choose; free to attach devices they choose, if they do not harm the network; and free to chose among broadband service providers.

That sure sounds nice, but it’s all Wu-vian code for re-regulation, not de-regulation. You might recognize that McCain is talking obliquely here about the FCC’s 1968 Carterfone doctrine, which has consumed much attention on the TLF (see this piece in particular).

McCain then insists that he will be a bold leader for “good” regulations: Continue reading →

14 comments

Anti-Spam Laws and the First Amendment

by Tim Lee on August 7, 2008 · 14 comments

I’m reading about the first-ever felony conviction for spamming. While I almost always agree with the ACLU on free speech issues, I found the Virginia ACLU’s amicus brief in the acse totally unpersuasive.

The ACLU argues that the First Amendment protects a right to anonymous speech, which I wholeheartedly agree with. However, I don’t think that right can be stretched so far as to strike down the Virginia anti-spam statute at issue in this case. This statute prohibited the falsification of email headers while sending more than 10,000 pieces of unsolicited bulk email. So this means that under the statute, someone may (a) send out an unlimited number of emails using a real email address, (b) send out 9999 emails per day (99,999 per month, 999,999 per year) while falsifying email headers, or (c) send out an unlimited number of emails with falsified addresses to people who have previously consented to receive them. I find it extremely difficult to imagine a circumstance in which these restrictions would impinge on legitimate exercises of free speech. The activities prohibited by this statute simply don’t include the kinds of situations that motivate the constitutional protection of anonymous speech—defending a point of view or releasing sensitive information without fear of reprisal or public embarrassment. Whistleblowers might want to send falsified emails to a few dozen journalists, legislators, or business leaders, but I’m having trouble thinking of a plausible situation in which a whistle-blower had a genuine need to reach more than 10,000 people.

I find analogies to older technologies—and to 18th-century pamphleteers in particualr—unpersuasive in this case because this case just isn’t like anything that existed in the pre-Internet age. In 1975, there just wasn’t any way to transmit tens of thousands of messages for a fraction of a penny per message. The costliness of information transmission—any available communications technology cost at least a few pennies per message—meant that the law never had to grapple with the possibility that sending messages could become a significant enough nuisance to require regulation. Now we do live in that world, and I think it’s a mistake to put too much weight on misleading analogies to older communications technologies with vastly different properties.

A final reason anti-spam legislation doesn’t bother me from a First Amendment perspective is that I don’t see any slippery slope here. Not only is the activity being targeted unambiguously bad, but there are very few grey areas, and the grey areas are pretty bad themselves. The Virginia statute applies two very clear bright lines—spam must be unsolicited and it must consist of more than 10,000 pieces in a 24-hour period—that make it trivially easy for anyone interested in following the law to do so. Moreover, thanks to the growth of spam filters, there is an enormous gulf between bad spammers and legitimate emails users. Legitimate users who did vaguely spam-like things (say, a non-profit organization that sent out a fundraising appeal to people who hadn’t consented to receive it) would get most of their spam blocked by ISPs’ spam filters and would get contacted by email administrators very promptly to be told to knock it off. It’s hard to imagine such an organization breaking Virginia’s law (sending out 10,000 copies and forging email headers), and even if it did it’s hard to imagine a prosecutor going after them. Which means that only spammers are engaging in spammer-like behavior. It’s pretty easy to write a statute that criminalizes most spammers and few if any legitimate email users. To use the Supreme Court’s lingo, Virginia’s spam law strikes me as “narrowly tailored” to blocking an undisputed evil and is no more restrictive than is necessary to accomplish that objective. If there’s any speech restriction that should pass First Amendment scrutiny, this is it.

Update: None of this is to say that some anti-spam laws can’t be too broad. CAN-SPAM, for example, appears to criminalize the sending of “multiple” deceptive emails or the creation of more than five separate email accounts for sending commercial emails. I can certainly think of grey areas for those kinds of prohibitions, and would have serious doubts about their constitutionality.

14 comments

Deregulation in the House: 82 regulations in 77 pages

by James Gattuso on September 26, 2005

As noted in the post below, the telecommunications reform plan floated recently by the staff of the House Energy and Commerce committee includes some 80 regulations, mandates or restrictions. To be more precise, there are, by my count, 82–more than one per page. Of course, some might quibble over this number– the difference between a rule with two mandates and a rule with one two-part mandate is an ephemeral one. And certainly the mandates vary in significance. Some are trivial, some are burdensome, some are justified, some are outrageous. But any way you look at it, there are an awful lot of them. Here they are:

Continue reading →

Who’s Winning the Race to Control Spyware?

by Jim Harper on January 6, 2005

And they’re off! It’s a race between technology and law to see who can control spyware.

In Lane 5, the U.S. Congress is again considering anti-spyware legislation.

In Lane 6, Microsoft has just introduced an anti-spyware program that rivals Ad-Aware and SpyBot, according to one writer’s first impression.

Who’s in Lanes 1-4? Oh, it’s the anti-spyware tools that are already out there: Ad-Aware, SpyBot Search & Destroy, PestPatrol, and all the others.

Place your bets, ladies and gentlemen! If you backed CAN-SPAM, here’s a chance to make your money back – or double your losses.

81 Pages of Speech Restriction

by Jim Harper on December 20, 2004

The Federal Trade Commission has issued regulations fleshing out the CAN-SPAM Act. Given the impotence of CAN-SPAM to reduce spam, this weighty document can be regarded as regulation without a reason. Indeed, if, like me, you don’t buy the Supreme Court’s commerial speech doctrine, this is not just regulation without a reason, this is speech regulation without a reason.

There is (or may someday be) an argument that CAN-SPAM has (or will) reduce spam, but the recent successful spam lawsuits I’ve seen have gone off on laws other than CAN-SPAM or at least CAN-SPAM plus other laws. A full study of what laws are actually used against spammers, and perhaps an attempt to measure their deterrent effect, is needed. Volunteers?

Internet Pathologies: 2 Congress: 0

by Jim Harper on October 4, 2004

Here is my latest addition to the corpus of commentary on spyware. This week, your U.S. House of Representatives is scheduled to consider legislation to ban it. The legislation is junk.

Why? Well, for one thing: it wouldn’t actually stop actual spyware. Considering how Congress did with suppressing spam through the CAN-SPAM Act, you kind of wonder how many times Congress is willing to lie to the American people. (Don’t start counting because, if you do, a few weeks from now you’ll still be counting and you’ll get an aneurysm and you’ll have to stop.)

Mine follows on fellow TLFer James Gattuso’s very good spyware piece and it marginally improves on a quick and dirty spyware rant I laid on y’all earlier. James and I agree: Carefully applying existing law to the online world is going to be superior to fresh statutes passed in haste each time a new Internet pathology emerges.

FTC Authentication Summit – Industry Gathering or First Step Towards Government Regulation?

by Braden Cox on September 30, 2004

CEI filed comments today in response to a Federal Trade Commission request for comment about email authentication. The FTC will be holding a summit on November 9-10 about what authentication schemes will help the spam problem. The FTC, in its Federal Register notice, characterizes the summit as a “first step” towards “an active role in spurring the market’s development, testing, evaluation, and deployment” of authentication systems. Of course, what the FTC is really saying is that industry better play a card or else the government will force its hand.

I’m worried about the FTC role here. This summit is a foray into the technical standards setting process, which to me seems like it goes beyond the FTC’s consumer protection and antitrust mission.

Continue reading →

Next Entries →