Policy Framework for Effective Spam Legislation

July 18, 2003

Dear Members of Congress,

We write to you on behalf of a wide range of consumer, civil liberties, computer science, and privacy organizations across the United States regarding the urgent need to address the growing problem of unsolicited commercial email, or "spam." We recognize that Congress will likely act on legislation this session. We thank the Members and the sponsors of the various bills who have focused attention on this problem and have worked to address it.

We support strong, effective and sensible solutions to limit the growth of spam. The proposals currently before the Congress contain important elements, but no single proposal includes all of the key provisions.

After lengthy meetings and discussion, we have developed a basic policy framework for effective spam legislation. We believe that effective spam legislation will be based on the following principles:

A Clear Definition. Spam is best understood as "unsolicited, bulk, commercial email." While Congress may choose to further refine these terms, we believe all the elements should be present for the regulation of spam.

Establish Opt-in. The rule for bulk, commercial emails should be that they can only be sent with the recipients' prior affirmative agreement, with an exception for previously existing business relationships. This is the approach that email users overwhelmingly favor, and it is the approach that all European countries will adopt by October under a Directive approved last year. Cross-border fraud enforcement against spam will only be effective if countries adopt similar legal requirements. Furthermore, it makes no sense for multinational companies to operate on an opt-out basis when sending emails to people in the US and an opt-in basis for when sending emails to people in other countries.

Ensure a Private Rights of Action. Individuals as well as ISPs should have the legal right to bring action against spammers. This the approach that Congress took with telemarketers and junk faxes and it is the approach that has been taken in the states to address the spam challenge. Depriving individuals of the right to seek legal action weakens consumer rights and leaves too much discretion to government agencies. We are confident that a private right of action can be crafted in a manner that gives meaningful recourse to consumers while protecting legitimate businesses from frivolous litigation.

Enable Technical Solutions. Technology plays a critical role in reducing the amount of spam. The ISPs currently rely on filters. Many users also use client-side filters to control the flood of incoming email. Other techniques are being developed. We think these efforts, along with strong legislation, can be helpful to address the spam problem. (Some of us are concerned, however, that technical solutions to spam also block much non-spam at a significant cost to freedom of speech.) Furthermore, spammers have threatened and sued ISPs who attempt to protect their customers by implementing technological solutions. ISPs should be protected from such harassment by limiting their liability to bulk commercial emailers for good faith efforts they take to protect their customers from spam.

Support International Cooperation. Spam is a global problem. International cooperation is vital. We favor proposals to allow the FTC to cooperate with consumer protection agencies in other countries as long as such legislation does not reduce privacy safeguard or open government obligations that currently exist in law. We also believe that cross-border enforcement against spam will only be possible if the U.S. and other countries work together to enact similar laws and regulations.

Oppose Preemption. State officials have been on the front lines of the battle to combat spam. For this reason, many of us oppose the preemption of state legislative and enforcement authority, though some would support a preemptive federal bill if it has all of the other elements we believe are crucial. We would all strongly oppose an ineffective bill that includes federal preemption.

In addition, we favor prohibiting false and deceptive headers and subject lines, requiring commercial senders to provide their physical addresses, enabling consumers to opt-out easily from continuing to receive commercial emails, and setting significant penalties for harvesting email addresses.

We urge you to work with consumer and privacy groups, scientific organizations, as well as other relevant stakeholders to fashion legislation that all can support. The worst outcome from Congress this year would be to enact ineffective legislation that does not give people meaningful control over their inboxes.

We appreciate you consideration of our views.

Sincerely,

Marc Rotenberg, Executive Director
Electronic Privacy Information Center

Dr. Barbara Simons and Dr. Eugene H. Spafford, Co-Chairs
U.S. Public Policy Committee of the Association for Computing Machinery (USACM)

Hans Klein, Chairman
Computer Professionals for Social Responsibility

Ken McEldowney, Executive Director
Consumer Action

Jean Ann Fox, Director of Consumer Protection
Consumer Federation of America

Cindy Cohn, Legal Director
Electronic Frontier Foundation

Jason Catlett, President
Junkbusters

Susan Grant, VP for Public Policy
National Consumers League

Deborah Pierce, Executive Director
Privacy Activism

Stephen Keating, Executive Director
Privacy Foundation

Beth Givens, Executive Director
Privacy Rights Clearinghouse

Remar Sutton, Co-Founder
Privacy Rights Now Coalition

Evan Hendricks, Editor
Privacy Times