[Senate Hearing 107-1135]
[From the U.S. Government Publishing Office]



                                                       S. Hrg. 107-1135
 
                                SPAMMING

=======================================================================

                                HEARING

                               before the

                     SUBCOMMITTEE ON COMMUNICATIONS

                                 OF THE

                         COMMITTEE ON COMMERCE,
                      SCIENCE, AND TRANSPORTATION
                          UNITED STATES SENATE

                      ONE HUNDRED SEVENTH CONGRESS

                             FIRST SESSION

                               __________

                             APRIL 26, 2001

                               __________

    Printed for the use of the Committee on Commerce, Science, and 
                             Transportation


                    U.S. GOVERNMENT PRINTING OFFICE
88-536                      WASHINGTON : 2006
_____________________________________________________________________________
For Sale by the Superintendent of Documents, U.S. Government Printing Office
Internet: bookstore.gpo.gov  Phone: toll free (866) 512-1800; (202) 512ï¿½091800  
Fax: (202) 512ï¿½092250 Mail: Stop SSOP, Washington, DC 20402ï¿½090001

       SENATE COMMITTEE ON COMMERCE, SCIENCE, AND TRANSPORTATION

                      ONE HUNDRED SEVENTH CONGRESS

                             FIRST SESSION

                     JOHN McCAIN, Arizona, Chairman
TED STEVENS, Alaska                  ERNEST F. HOLLINGS, South Carolina
CONRAD BURNS, Montana                DANIEL K. INOUYE, Hawaii
TRENT LOTT, Mississippi              JOHN D. ROCKEFELLER IV, West 
KAY BAILEY HUTCHISON, Texas              Virginia
OLYMPIA J. SNOWE, Maine              JOHN F. KERRY, Massachusetts
SAM BROWNBACK, Kansas                JOHN B. BREAUX, Louisiana
GORDON SMITH, Oregon                 BYRON L. DORGAN, North Dakota
PETER G. FITZGERALD, Illinois        RON WYDEN, Oregon
JOHN ENSIGN, Nevada                  MAX CLELAND, Georgia
GEORGE ALLEN, Virginia               BARBARA BOXER, California
                                     JOHN EDWARDS, North Carolina
                                     JEAN CARNAHAN, Missouri
                  Mark Buse, Republican Staff Director
            Martha P. Allbright, Republican General Counsel
               Kevin D. Kayes, Democratic Staff Director
                  Moses Boyd, Democratic Chief Counsel

                     SUBCOMMITTEE ON COMMUNICATIONS

                    CONRAD BURNS, Montana, Chairman
TED STEVENS, Alaska                  ERNEST F. HOLLINGS, South Carolina
TRENT LOTT, Mississippi              DANIEL K. INOUYE, Hawaii
KAY BAILEY HUTCHISON, Texas          JOHN F. KERRY, Massachusetts
OLYMPIA J. SNOWE, Maine              JOHN B. BREAUX, Louisiana
SAM BROWNBACK, Kansas                JOHN D. ROCKEFELLER IV, West 
GORDON SMITH, Oregon                     Virginia
PETER G. FITZGERALD, Illinois        BYRON L. DORGAN, North Dakota
JOHN ENSIGN, Nevada                  RON WYDEN, Oregon
GEORGE ALLEN, Virginia               MAX CLELAND, Georgia
                                     BARBARA BOXER, California
                                     JOHN EDWARDS, North Carolina


                            C O N T E N T S

                              ----------                              
                                                                   Page
Hearing held on April 26, 2001...................................     1
Statement of Senator Allen.......................................    26
Statement of Senator Burns.......................................     1
Statement of Senator Rockefeller.................................    16
    Prepared statement...........................................    16
Statement of Senator Wyden.......................................    26

                               Witnesses

Buckley, Jr., Jeremiah S., General Counsel, Electronic Financial 
  Services Council...............................................    32
    Prepared statement...........................................    34
Catlett, Jason, President/CEO, Junkbusters Corp..................    39
    Prepared statement...........................................    41
Cerasale, Jerry, Senior Vice President, Government Affairs, The 
  Direct 
  Marketing Association Inc......................................    29
    Prepared statement...........................................    30
Goodlatte, Hon. Bob, U.S. Representative from Virginia...........    23
    Prepared statement...........................................    24
Harrington, Eileen, Associate Director of Marketing Practices, 
  Bureau of 
  Consumer Protection, Federal Trade Commission..................     3
    Prepared statement...........................................     6
McClure, David P., President/CEO, U.S. Internet Industry 
  Association....................................................    48
    Prepared statement...........................................    50
Moore, David, President/CEO, 24/7 Media..........................    36
    Prepared statement...........................................    38
Pogust, Esq., Harris L., Partner, Sherman, Silverstein, Kohl, 
  Rose and Podolsky..............................................    44
    Prepared statement...........................................    46

                                Appendix

Hollings, Hon. Ernest F., U.S. Senator from South Carolina, 
  prepared statement.............................................    61


                                SPAMMING

                              ----------                              


                        THURSDAY, APRIL 26, 2001

                               U.S. Senate,
                    Subcommittee on Communications,
        Committee on Commerce, Science, and Transportation,
                                                    Washington, DC.
    The Subcommittee met, pursuant to notice, at 2:35 p.m. in 
room SR-253, Russell Senate Office Building, Hon. Conrad Burns, 

Chairman of the Subcommittee, presiding.

            OPENING STATEMENT OF HON. CONRAD BURNS, 
                   U.S. SENATOR FROM MONTANA

    Senator Burns. We've got a Congressman on his way, but I'm 
going to open these hearings this morning, or this afternoon on 
the CAN-spam bill. We welcome everyone today to this hearing, 
which concerns a matter I think of critical importance to the 
future development of commerce on the Internet. How to control 
the explosion of unsolicited e-mail, or commerce mail known 
around the industry as spam. Specifically, we here are here to 
address the CAN-spam bill that Senator Wyden and I have 
introduced. Senator Allard of Colorado is also a co-sponsor of 
this bill and I thank him for his support.
    The CAN-spam bill would require e-mail marketers and 
spammers to comply with a straightforward set of workable 
common-sense rules designed to give consumers more control over 
spam e-mail. Specifically, it would require a sender of 
marketing e-mail to include a working return address so that 
the recipient can send a reply e-mail demanding not to receive 
any more messages. The marketer would be prohibited from 
sending further messages to that consumer who had informed them 
they wanted it to stop. Further, the bill would also prevent e-
mail marketers from using deceptive headers or subject lines so 
the consumers will be able to tell who initiated the 
solicitation.
    The bill includes strong enforcement provisions to ensure 
compliance. The Federal Trade Commission would have the 
authority to impose steep civil fines up to $500,000 on 
spammers. This fine would be tripled if the violation is found 
to be intentional. In short, this bill provides broad consumer 
protection against bad actors while still allowing Internet 
advertisers a justified means of flourishing.
    Senator Wyden and I have taken great care to make sure that 
this bill does not harm legitimate advertising. In fact, we are 
trying to help the Internet advertiser by allowing them to 
reach people who want to learn more about their product. If I 
open up my e-mail and find 100 messages, and they're all 
advertisers, chances are I'll never read one of them. However, 
if I have 10 that I want to receive their mail, advertisers, 
they might find a sale there. This is how a legitimate system 
should and would operate under the CAN-spam bill.
    Spamming is really a problem. And I believe it's absolutely 
critical that we address it now so that the Internet is allowed 
to reach it's full potential. Because of the vast distances in 
my home state of Montana, many of my constituents are forced to 
pay long distance charges for their time on the Internet. Spam 
makes it nearly impossible for these people to enjoy the 
experience, and it makes it even harder for them to see how 
this will help rural America flourish in the 21st Century.
    Also, Internet service providers are bombarded with spam 
that often corrupts and shuts down their systems. In today's 
information age, where beating a competitor to the next sale is 
absolutely critical to survival, these shutdowns can cause real 
economic damage. We may be in a down-turned American economy, 
and especially in the high-tech sector, we're going through a 
little shake-out and nobody has to read a newspaper to find 
that out. But the efficiencies created through the vast 
information-sharing are here to stay and will help propel our 
economy to levels beyond our imagination. But in order to reach 
its potential, we must eliminate the bad actors and those who 
threaten these efficiencies.
    I had initially hoped that the technology would solve the 
problem that it created. However, for every filter, there is a 
quick response by spammers to beat the filter. Where have I 
heard that argument before? I think we were talking about 
schools and libraries at one time and the use of filters. And 
this is--and we're finding out that it doesn't take much, just 
the change of a numerical, a number or a letter, and you're 
around the filter. It seems like a big game to them, and to us 
it's a bad game.
    I just recently read, and I would have most of you pick up 
a Monday, last Monday's Wall Street Journal which had a big 
article in the journal that says ``You've Got Mail''. And in 
parenthesis, you don't want. So I think it's a very creative 
article, probably laying out the problems and the challenges 
that we face on spamming. Spammers--ISP's who incorporate more 
sophisticated filtering to catch such alterations find that 
spammers will include 1-800 numbers as graphic files imbedded 
in an ordinary text message. Such telephone numbers would 
display normally in ordinary e-mail, but because they were 
encoded in the graphics format instead of in ordinary text, 
Internet filters would miss them entirely.
    I find the analysis of the anti-spamming activist quoted in 
the article quite instructive. They felt that ``the technical 
methods that have just given rise to an arms race situation, 
where each improvement of the technical means for blocking 
spam, just drives the creation of new spam means of getting 
spam past the block. It will only be stopped by legislative 
solutions. When it becomes too much of a financial risk for not 
enough benefit, the spammers will go away, and not before.''
    And I couldn't agree more. The CAN-spam bill will provide 
spammers with the only kind of incentives to get out of the 
business, and they understand stopping it and stop invading on 
the privacy of consumers.
    I look forward to hearing from the witnesses today, and I 
call them to the table at this time. We have Ms. Eileen 
Harrington, Associate Director of Marketing Practices, Bureau 
of Consumer Protection, Federal Trade Commission here in 
Washington, DC. Ms. Harrington, thank you for taking time out 
of your busy schedule and coming to testify before this 
Committee today. We look forward to your remarks.

STATEMENT OF EILEEN HARRINGTON, ASSOCIATE DIRECTOR OF MARKETING 
                 PRACTICES, BUREAU OF CONSUMER 
              PROTECTION, FEDERAL TRADE COMMISSION

    Ms. Harrington. Thank you very much, Mr. Chairman. As you 
said, I am Eileen Harrington of the Federal Trade Commission's 
Bureau of Consumer Protection. The Commission is very pleased 
to be asked to present its views today and has submitted its 
testimony to the staff for the record. I will be, of course, 
happy to answer any questions that you may have, and the 
answers will be my own views and not necessarily those of the 
Commission.
    The low cost of sending UCE or spam differentiates it from 
other forms of unsolicited marketing such as direct mail or 
outbound telemarketing.
    Those marketing techniques, unlike spam, impose costs on 
senders that may serve to limit their use. There are no 
comparable limits on spam, however. Nevertheless, well-known 
manufacturers and sellers of consumer good and services, 
generally do not send spam. Rather, these merchants use 
requested about available products, services and sales.
    For example, consumers may agree in advance to receive 
information about newly published books on subjects that 
interest them, or weekly e-mails from airlines advising them of 
discounted air fares, giving consumers the ability to choose 
the information they receive over the Internet. Known in the 
industry now as permission-based marketing, it is likely to 
create more confidence in its content and in the sender.
    This permission-based approach is the model mandated by S. 
630. Not all UCE is fraudulent. Fraud operators, however, are 
always among the first to exploit any technological innovation, 
and it is no surprise therefore, that they have seized on the 
Internet's capacity to reach literally millions of consumers 
quickly and at a low cost through spam.
    Not only are fraud operators able to reach millions of 
individuals with one message, but they can misuse the 
technology to conceal their identity.
    Many spam messages contain false information about the 
sender and where the message was routed from. This makes it 
nearly impossible to trace the spam back to the actual sender. 
In the same vein, spam often contains misleading subject lines 
and extravagant earnings or performance claims about goods and 
services. These types of claims are the stock in trade of 
fraudulent schemes.
    The Commission has conducted a vigorous law enforcement 
program against fraudulent or deceptive spam. At least thirty 
of the 173 cases the Commission has brought to date against 
fraud on the Internet, have targeted fraudulent operations that 
used spam as an essential integral part of their scheme.
    The Commission has also conducted an educational program to 
alert consumers and businesses about the dangers of spam. It 
has published nine consumer publications that relate to spam 
and more than 1.6 million of those documents have been 
distributed to consumers either through paper copies or via 
access to the FTC's website.
    I would add the Commission is also probably the only 
organization in the country that has invited consumers to send 
us their spam. We operate a special spam mailbox, [email protected] 
and to date we've received over 8 million pieces of unwanted 
spam from consumers. The Commission supports the goals of S. 
630 which are to help control the additional costs and other 
potential negative effects that spam can impose, both on 
Internet service providers and Internet users and to strengthen 
consumer choice in the matter of whether to receive spam.
    S. 630 addresses two basic problems that together pose a 
real threat to consumers' confidence in the Internet as a 
medium for personal electronic commerce. First, there is the 
problem of fraudulent or deceptive spam. This is addressed by 
the prohibitions in S. 630 against false or misleading header 
information or subject headers. The Commission welcomes these 
proposals as potential enhancements to its existing authority 
under the Federal Trade Commission Act.
    The second serious problem addressed by S. 630 is the 
stress on the Internet infrastructure resulting from the sheer 
volume of spam. Spam, even if not deceptive, may lead to 
disruptions and inefficiencies in Internet services and 
constitutes a great nuisance to consumers and businesses using 
the Internet. This aspect of the problem is addressed by the 
bill's opt-out provisions. S. 630 would require commercial e-
mail messages to contain an opt-out notice and a functioning 
return e-mail address for sending an opt-out request.
    Further, S. 630 would prohibit sending any spam after a 
recipient has opted out. These provisions are a big step in the 
right direction to stem the tide of spam by giving consumers 
more control over which commercial e-mail messages they 
receive.
    Now there are several issues raised by S. 630 that I want 
to mention for your consideration. First, a key term used 
throughout S. 630 is commercial electronic mail message. This 
term is defined in section 3 of the bill. The relevant portion 
of the definition provides that an electronic mail message 
shall not be considered to be a commercial electronic mail 
message solely because such message includes a reference or 
link to an Internet website operated for a commercial purpose.
    However, in our experience much spam, particularly spam 
related to pornographic websites consists of nothing more than 
such a reference or link. The definition as currently drafted 
could potentially be exploited by senders of such spam to evade 
the requirements of this bill.
    A second concern, the language in section 5 of the bill 
that prohibits header information that is not legitimately 
obtained, is ambiguous. To ensure that this language does not 
create enforcement problems or engender unintended lawsuits, 
clarification is essential.
    The third concern that we want to raise concerns the 
provision in S. 630 prohibiting deceptive subject lines. This 
provision raises an issue about the Federal Trade Commission's 
authority to challenge deception under the Federal Trade 
Commission Act. Currently, under the FTC Act, the Commission 
could challenge a materially false or misleading subject line 
in a commercial e-mail message by using section 5 of the FTC 
Act.
    And the Commission could use that section of the FTC Act to 
challenge this type of false or misleading representation or 
any other false or misleading representation.
    The applicable legal standard that the FTC must meet under 
this provision of the FTC Act to demonstrate a deceptive 
practice is that it is likely to mislead consumers acting 
reasonably under the circumstances about a material fact. S. 
630 would establish a higher standard applicable to subject 
lines in commercial e-mail messeges. It would require a showing 
that the person who sent the e-mail had knowledge that the 
subject line was likely to mislead the recipient about a 
material fact regarding the contents or subject matter of the 
message.
    This knowledge requirement, not an element of deception 
under well-established law under the FTC Act, would make it 
more difficult for the FTC to take action under S. 630 against 
materially false and misleading subject lines.
    As a matter of policy and fairness in enforcement, 
deceptive spam should not be treated differently from other 
deceptive marketing material. Moreover, the requirement of a 
showing that the subject line was likely to mislead the 
recipient and not reasonable consumer could increase the burden 
on the Commission to enforce this part of S. 630.
    This may require a showing that each individual recipient 
was likely to be misled, which is a very difficult burden to 
meet especially where millions and millions of consumers have 
received one particular message. Imagine proving that each one 
of them was likely to be misled.
    Because violators of section 5 of S. 630 would be exposed 
to liability for civil penalties of up to $11,000 per 
violation, it may be appropriate to adopt stringent standards 
for liability in S. 630 as a safeguard against penalties for 
what could be mere technical violations of the bill. However, 
the Commission recommends clarifying that S. 630 does not 
affect the FTC's current ability to bring enforcement actions 
targeting materially false or deceptive representations in 
commercial e-mail messages under the FTC Act, pursuant to the 
criteria of and seeking the remedies currently available under 
that Act. This could be accomplished by broadening the savings 
clause in section 7a of the bill.
    Additionally, section 7 of S. 630 appears to preclude 
enforcement of most existing federal civil laws that apply to 
commercial electronic mail such as the FTC Act's broad 
prohibition of deceptive advertising, except to the extent 
specifically provided in S. 630. We believe that S. 630 should 
not supplant other relevant federal law and we recommend 
expanding the savings clause to make this point clear.
    Before concluding, I do want to note that the enforcement 
scheme laid out by S. 630 and which you describe, Mr. Chairman, 
in your opening statement is modeled on similar schemes 
Congress established for enforcement for the Commission's 900 
number rule and the telemarketing sales rule in the statutes 
that mandated promulgation of those rules.
    The Commission's efforts would be supplemented with those 
of the state attorneys general and possibly by other federal 
agencies with jurisdiction in areas where the FTC has none.
    This type of dual federal/state enforcement scheme has 
proved extremely successful in the past, particularly in 
challenging deceptive and abusive telemarketing practices and 
the Commission would expect it to work equally well in this 
context.
    [The prepared statement of Ms. Harrington follows:]

    Prepared Statement of Eileen Harrington, Associate Director of 
   Marketing Practices, Bureau of Consumer Protection, Federal Trade 
                               Commission

    Mr. Chairman, I am Eileen Harrington of the Federal Trade 
Commission's Bureau of Consumer Protection. The Federal Trade 
Commission is pleased to provide testimony today on the subject of 
unsolicited commercial e-mail, the consumer protection issues raised by 
its widespread use, the FTC's program to combat deceptive and 
fraudulent unsolicited commercial e-mail, and the FTC's views on the 
``Controlling the Assault of Non-Solicited Pornography and Marketing 
Act of 2001'' (S. 630), which Chairman Burns has proposed.\1\

I. Introduction and Background
A. FTC Law Enforcement Authority
    As the Federal Government's principal consumer protection agency, 
the FTC's mission is to promote the efficient functioning of the 
marketplace by taking action against unfair or deceptive acts or 
practices, and increasing consumer choice by promoting vigorous 
competition. To fulfill this mission, the Commission enforces the 
Federal Trade Commission Act, which prohibits unfair methods of 
competition and unfair or deceptive acts or practices in or affecting 
commerce.\2\ The Commission's responsibilities are far-reaching. With 
certain exceptions, this statute provides the Commission with broad law 
enforcement authority over virtually every sector of our economy.\3\ 
Commerce on the Internet, including unsolicited commercial electronic 
mail, falls within the scope of this statutory mandate.

B. Concerns About Unsolicited Commercial E-mail
    Unsolicited commercial e-mail--``UCE,'' or ``spam,'' in the online 
vernacular--is any commercial electronic mail message sent, often in 
bulk, to a consumer without the consumer's prior request or consent. 
The very low cost of sending UCE differentiates it from other forms of 
unsolicited marketing, such as direct mail or out-bound telemarketing. 
Those marketing techniques, unlike UCE, impose costs on senders that 
may serve to limit their use.
    Generally, well-known manufacturers and sellers of consumer goods 
and services do not send UCE. Rather, such merchants use solicited e-
mail to give consumers information that they have requested about 
available products, services, and sales. For example, consumers may 
agree in advance to receive information about newly-published books on 
subjects of interest, online catalogues for products or services 
frequently purchased, or weekly e-mails about discounted airfares.
    These examples of bulk commercial e-mail sent at the consumer's 
request demonstrate the value of consumer sovereignty to the growth of 
Internet commerce. Giving consumers the ability to choose the 
information they receive over the Internet--known in the industry now 
as ``permission-based'' marketing--seems likely to create more 
confidence in its content and in the sender.
    By no means is all UCE fraudulent, but fraud operators, who are 
often among the first to exploit any technological innovation, have 
seized on the Internet's capacity to reach literally millions of 
consumers quickly and at a low cost through UCE. Not only are fraud 
operators able to reach millions of individuals with one message, but 
they can misuse the technology to conceal their identity. Many spam 
messages contain false information about the sender and where the 
message was routed from, making it nearly impossible to trace the UCE 
back to the actual sender. In the same vein, UCE messages also often 
contain misleading subject lines and extravagant earnings or 
performance claims about goods and services. These types of claims are 
the stock in trade of fraudulent schemes.
    Bulk UCE burdens (indeed, sometimes cripples) Internet service 
providers and frustrates their customers. The FTC's main concern with 
UCE, however, is its widespread use to disseminate false and misleading 
claims about products and services. The Commission believes the 
proliferation of deceptive bulk UCE on the Internet poses a threat to 
consumer confidence in online commerce and thus views the problem of 
deception as a significant issue in the debate over UCE.

II. The Federal Trade Commission's Approach to Fraud on the Internet
    In 1994, the Commission filed its first enforcement action against 
deception on the Internet, making it the first federal enforcement 
agency to take such an action.\4\ Since that time, the Commission has 
brought 173 law enforcement actions against more than 575 defendants to 
halt online deception and fraud. The pace of our Internet law 
enforcement has been increasing, in step with the growth of commerce--
and fraud--on the Internet; over two-thirds of the FTC's Internet-
related actions have been filed since the beginning of 1999.
    The Commission brings to the Internet a long history of promoting 
competition and protecting consumers in other once-new marketing media. 
Recent innovations have included 900-number technology and 
telemarketing. The development of each of these advances in the 
marketplace was characterized by early attempts of fraud artists who 
sought to capitalize on the new way of doing business. In each 
instance, the Commission used its statutory authority under Section 5 
of the FTC Act to bring tough law enforcement actions to halt specific 
deceptive or unfair practices, and establish principles for non-
deceptive marketing.\5\ In some instances, most notably national 
advertising, industry took an aggressive and strong self-regulatory 
stance that resulted in dramatic improvements in advertising and 
marketing practices.\6\
    In other instances, at the direction of Congress or on its own 
initiative, the Commission has issued trade regulation rules to 
establish a bright line between legitimate and deceptive conduct.\7\

III. The Commission's Approach to Unsolicited Commercial E-mail

A. Monitoring the Problem
    The Federal Trade Commission closely monitors the development of 
commerce on the Internet. Since the inception of the Internet as a 
commercial medium, the Commission has conducted a series of hearings 
and public workshops so that it could have the benefit of views from a 
wide range of stakeholders.\8\ In June 1997, at a workshop devoted to 
issues of privacy on the Internet, the Commission heard discussion of 
three distinct UCE problems: (1) deception in UCE content; (2) economic 
and technological burdens on the Internet and delivery networks caused 
by the large volume of UCE being sent; and (3) costs and frustrations 
imposed on consumers by their receipt of large amounts of UCE.
    While the Commission has maintained a focus on deception 
perpetuated through UCE, industry and advocacy groups that participated 
in the privacy workshop directed their attention to the economic and 
technological burdens caused by UCE. Under the leadership of the Center 
for Democracy in Technology, these groups spent a year studying the 
problem and identifying possible solutions, and in July 1998 issued 
their ``Report to the Federal Trade Commission of the Ad-Hoc Working 
Group on Unsolicited Commercial E-Mail.'' \9\ This report recommended 
the pursuit of technologies and public policies that would provide 
consumers with more control over the UCE they receive. Specifically, 
the report:

   urged marketers to give consumers a choice to ``opt-in'' or 
        ``opt-out'' of receiving a UCE solicitation; and

   urged law enforcement to continue to attack fraudulent UCE 
        solicitations, including those with deceptive ``header'' 
        information.\10\

    On another front, in 1998 the FTC set up a special electronic 
mailbox reserved for UCE in order to assess, first hand, emerging 
trends and developments. With the assistance of Internet service 
providers, privacy advocates, and other law enforcers, staff publicized 
the Commission's UCE mailbox, ``[email protected],'' and invited consumers 
and Internet service providers to forward their UCE to it. The 
Commission also created a database in which all of the forwarded UCE 
messages are stored. Over 8,300,000 pieces of UCE have been forwarded 
to the Commission since January 1998, and the UCE mailbox receives an 
average of 10,000 new pieces of UCE every day, 7 days a week. UCE 
received and entered in the database within the preceding 6 months is 
searchable. Periodically, staff has used the data to supplement law 
enforcement and consumer and business education efforts. Commission 
staff has recently made arrangements to purchase new indexing software 
that will allow staff to conduct much more sophisticated searches as 
well as manipulate the data to determine trends and patterns in the UCE 
received.

B. Aggressive Law Enforcement
    The Commission has responded to fraudulent UCE with a vigorous law 
enforcement program. To date, about 30 of the Commission's Internet 
cases have targeted scams in which spam was an essential, integral 
element. Most of these cases have been Section 13(b) actions in federal 
district court. For example, in May 1999, the Commission filed FTC v. 
Benoit.\11\ This scheme used the ruse of a spam notification about 
charges purportedly to be billed to consumers' credit card accounts to 
lure the consumers into calling an expensive international telephone 
number.\12\ The initial spam message purported to inform consumers that 
their ``orders had been received and processed'' and that their credit 
card accounts would be billed for charges ranging from $250 to $899. In 
fact, the consumers had not ordered anything. The spam advised 
recipients to call a specified telephone number in area code 767 with 
any questions about the ``order'' or to speak to a ``representative.'' 
Many consumers were unaware that area code 767 is in a foreign 
country--Dominica, West Indies. But because Dominica is included within 
the North American Numbering Plan,\13\ it was not necessary to dial 011 
or any country code to make the calls.
    Consumers who called to prevent charges to their credit cards, 
expecting to speak to a ``representative'' about the erroneous 
``order,'' were connected to an adult entertainment ``audiotext'' 
service.\14\ Later, these consumers received charges on their monthly 
telephone bills for the international long-distance call to Dominica, 
West Indies. The defendants shared in the revenue received by a foreign 
telephone company for the costly international calls. The defendants 
hid their tracks by using forged headers in the spam they used to make 
initial contact with consumers.
    The final stipulated order that resolved this case includes a 
provision specifically prohibiting the defendants from sending or 
causing to be sent any e-mail (including unsolicited commercial e-mail) 
that misrepresents the identity of the sender of the e-mail or the 
subject of the e-mail. The Order thus bans the defendants from 
falsifying information in the ``from'' and ``subject'' lines of e-
mails, as well as in the text of the message.
    Another recent case, FTC v. Martinelli,\15\ targeted an alleged 
pyramid scheme that centered on spam. The defendants in that case ran 
an operation called DP Marketing, which was a Connecticut-based pyramid 
scheme, elaborately disguised as a work-at-home opportunity. DP 
Marketing solicited new recruits through ``spam'' and through newspaper 
classified ads across the country. The spam contained messages such as: 
``National Marketing Company seeks individuals to handle office duties 
from home. This is a full or part-time position with a salary of 
$13.50/hr. The position consists of processing applications for credit, 
loans or employment, as well as online consumer service.''
    Consumers who responded by visiting DP Marketing's Web site or by 
calling the company received a pitch stating that they could receive 
$13.50 per hour by just processing orders for the company from the 
comfort of their own homes. The defendants also represented that no 
experience was necessary, and that for a ``registration fee'' ranging 
from $9.95 to $28.72 purchasers would be sent everything needed to get 
started, including telephone scripts, product sheets, time sheets and 
ID numbers. What consumers actually got was a kit instructing them 
first to place advertisements identical to the ones to which they had 
responded, and then to read the same script to people who responded to 
their ads. Instead of $13.50 per hour, consumers' earnings depended on 
the number of new victims they recruited.
    The FTC complaint alleged that the defendants misrepresented to 
consumers that DP Marketing offers jobs at a specified salary; failed 
to disclose the material fact that they were offering a pyramid work-
at-home scheme; and provided to others the ``means and 
instrumentalities'' to commit unlawful and deceptive acts. On November 
14, 2000, the court entered a stipulated final order banning the 
defendants from future pyramiding, barring them from misrepresenting 
the availability and profitability of jobs, and requiring the 
defendants to pay $72,000 in consumer redress.
    The Commission has also brought a number of cases against credit 
repair scams that used spam as an integral aspect of their 
deception.\16\ In a particularly pernicious variation on this scheme, 
consumers are urged to create a new credit identity in order to fix 
their credit. Using spam messages such as ``BRAND NEW CREDIT FILE IN 30 
DAYS,'' these scammers induce consumers to purchase instructions about 
how one can obtain a federally-issued, employee or taxpayer 
identification number, and use these numbers illegally in place of 
social security numbers to build a new credit profile that will 
purportedly allow one to get credit that would be denied based on one's 
true credit history. In fact, using a false identification number to 
apply for credit is a felony--a point these scammers omit from their 
solicitations. The Commission, either on its own or through the 
Department of Justice, filed cases against seven operations that used 
this type of deceptive spam.\17\
    More recently, in FTC v. Para-Link International,\18\ the FTC sued 
several Florida-based companies that were using spam to market a work-
at-home paralegal business opportunity. The Commission's complaint 
charged that the defendants use spam to induce consumers to purchase 
the business opportunity for $395-495. The spam contained 
representations such as: ``Make Over $200 An Hour,'' and ``You Can 
Process Simple Divorces and Bankruptcies From Home and Make Over $200 
An Hour in as little as 30 Days!!!''; and urged prospective purchasers 
to call a toll-free number for more information. Defendants promised 
that the business opportunity would include training so purchasers 
could become at-home paralegals; defendants also promised to refer a 
steady stream of clients to purchasers of the business opportunity for 
a fee of $25 each.
    According to the FTC's complaint, few consumers who purchased the 
business opportunity from the defendants ever realized these earnings. 
The court entered a temporary restraining order (``TRO'') against the 
defendants on October 17, 2000, ordering them to cease operations, 
freezing their assets, and appointing a receiver to take charge of the 
companies. Subsequently, the court issued an order that extended the 
relief granted in the TRO pending issuance of a preliminary injunction.
    Other types of deceptive schemes that use UCE have also been 
targets of FTC enforcement action, such as deceptive business 
opportunities \19\ and deceptive weight loss schemes.\20\ As these 
cases illustrate, the Commission's focus has been on the deceptive 
content of UCE messages.

C. Comprehensive Consumer and Business Education
    The Commission has published nine consumer publications related to 
UCE, available in paper format and downloadable from the FTC's Web 
site. More than 1.6 million of these documents have been distributed to 
consumers, either through paper copies or via access to the 
Commission's Web site.\21\
    The first, Phone, E-mail and Pager Messages May Signal Costly 
Scams, was published in 1996. It has been distributed in paper form 
over 16,000 times and has been accessed at the FTC's Web site more than 
18,000 times. Two versions of the related Trouble @ the In-Box help 
consumers identify some of the scams showing up in electronic in-boxes 
and offer tips and suggestions for assessing whether an opportunity is 
legitimate or fraudulent. These publications also advise consumers 
about how to handle UCE and offer ideas for consumers to control the 
flow of UCE. The publications steer consumers to additional resource 
materials that can help them determine the validity of a promotion or 
money making venture. To date, over 87,000 paper copies of the 
brochures have been distributed, and they have been accessed on the 
FTC's Web site nearly 53,000 times.
    How To Be Web Ready is a reader's bookmark that offers consumers 
tips for safe Internet browsing. It provides guidance for consumers on 
how to safeguard personal information, question unsolicited product or 
performance claims, exercise caution when giving their e-mail address, 
guard the security of financial transactions, and protect themselves 
from programs and files that could destroy their hard drives. A number 
of corporations and organizations have provided a link from their Web 
sites to the tips on the FTC's Web site, including Circuit City, 
Borders Group Inc., Netcom, Micron, and Compaq. More than 94,000 paper 
copies of the bookmark have been distributed, and it has been accessed 
more than 31,000 times on the FTC's Web site. A related publication, 
Site-Seeing on the Internet: A Consumer's Guide to Travel in 
Cyberspace, with similar helpful hints, has been accessed nearly a 
million times on the FTC's Web site, and over 165,000 papers copies 
have been distributed.
    In July 1998, the FTC launched a public education campaign called 
Spam's Dirty Dozen: 12 Scams Most Likely to Arrive Via Bulk E-mail to 
publicize the most prevalent UCE scams. The list of scams was culled 
from a sampling of more than 250,000 spam messages that consumers had 
forwarded to the FTC's spam mailbox at [email protected]. The consumer alert 
identified the following twelve types of deceptive solicitations and 
described how each operates: business opportunity schemes; bulk e-mail 
programs \22\; chain letters; work-at-home schemes; health and diet 
scams; effortless income; free goods; investment opportunities; cable 
descrambler kits; guaranteed loans or credit on easy terms; credit 
repair; and vacation prize promotions. More than 24,000 paper copies of 
this consumer alert have been distributed, and it has been accessed 
more than 100,000 times on the FTC's Web site.
    In March 2000, the Commission published an alert titled Unsolicited 
Mail, Telemarketing and E-mail: Where to Go to ``Just Say No'' which 
provided information to consumers on how to control junk mail and e-
mail. Over 21,000 copies of this alert have been distributed in paper 
form, and it has been accessed over 20,000 times on the FTC's Web site. 
In September 2000, the Commission published a consumer alert entitled 
The Lowdown on Chain Letters in an effort to warn consumers about the 
risks of chain letters that arrive via e-mail. Over 10,000 paper copies 
of this brochure have been distributed, and it has been accessed over 
8,200 times on the FTC's Web site.
    In January of this year, the FTC published Cracking Down on Mail, 
E-mail and Fax Scams: Project Mailbox that offers tips to consumers 
about avoiding being scammed by mail or e-mail offers. The publication 
is only available on the FTC's Web site, and has been accessed online 
nearly 1,300 times to date.

IV. The Commission's Views on S. 630, the ``Controlling the Assault of 
        Non-Solicited Pornography and Marketing Act of 2001'' ( the 
        ``CAN Spam Act of 2001'').
    The Commission generally favors the underlying goals of S. 630, 
which are to help control the additional costs and other potential 
negative effects that UCE can impose on Internet access service 
providers and other businesses and consumers that use the Internet, and 
to support consumer choice in the matter of whether to receive UCE. 
There are two basic problems that S. 630 addresses. First, there is the 
problem of fraudulent or deceptive UCE, and second, but also important, 
is the infrastructure problem that flows from the sheer volume of UCE. 
UCE, even if not deceptive, may lead to significant disruptions and 
inefficiencies in Internet services, and may constitute a great 
nuisance to consumers and businesses using the Internet. Both of these 
problems together pose a threat to consumers' confidence in the 
Internet as a medium for personal electronic commerce.\23\
    S. 630 mandates the ``permission-based'' marketing model already 
adopted by many well-known manufacturers and sellers of consumer goods 
and services, and advocated by the Center for Democracy in Technology 
and other groups in their 1998 ``Report to the Federal Trade Commission 
of the Ad-Hoc Working Group on Unsolicited Commercial E-Mail.''
    Section 5 of S. 630 would make it unlawful to initiate transmission 
of a commercial e-mail message that does not contain specified items of 
information designed to enable consumers to identify UCE and to prevent 
future receipt of it from that sender. These disclosures, required to 
be clear and conspicuous, are: an identification that the e-mail is an 
advertisement or solicitation; a notice of the opportunity (mandated by 
the bill) to decline to receive further UCE from the sender to the 
recipient; a functioning return e-mail address to which a recipient may 
send a reply to the sender to indicate a desire not to receive further 
e-mails from that sender; and a valid physical postal address of the 
sender. Section 5 of S. 630 would also make it unlawful:

   for a sender, or any person acting on behalf of the sender, 
        to initiate the transmission of UCE to any recipient after that 
        recipient has sent to the e-mail address provided by the sender 
        a request not to receive further e-mail from that sender;

   for any person to initiate the transmission of a commercial 
        e-mail message that ``contains, or is accompanied by, header 
        information that is materially or intentionally false or 
        misleading, or not legitimately obtained;'' or

   for any person to initiate the transmission of a commercial 
        e-mail message ``with a subject heading that such person knows 
        is likely to mislead the recipient about a material fact 
        regarding the contents or subject matter of the message.''

    S. 630 includes a multi-faceted enforcement scheme. First, Section 
5 of the bill, described above, would be enforceable by the FTC, and 
any violation of it would be treated as if it were a violation of an 
FTC Trade Regulation Rule adopted pursuant to Section 18 of the FTC 
Act, 45 U.S.C.Sec. 57a. This means that each such violation would 
subject the violator to a maximum civil penalty of $11,000 in an 
enforcement action by the FTC.\24\
    Second, the bill would allow other federal agencies that have 
jurisdiction over industries whose activities are wholly or partially 
exempt from the FTC's jurisdiction, such as banking and common 
carriers, to enforce the bill. Third, both providers of Internet access 
service and the Attorneys General of the various states would have 
enforcement authority to obtain injunctions against violations of 
Section 5 of the bill, and to recover damages.\25\
    In addition to civil enforcement of Section 5 of S. 630, Section 4 
of the bill would establish liability for criminal fines or up to one 
year imprisonment for anyone who ``intentionally initiates the 
transmission of any unsolicited commercial electronic mail message . . 
. with knowledge that such message contains or is accompanied by header 
information that is materially or intentionally false or misleading.''
    S. 630 specifically provides that it would have no effect on the 
ability of providers of Internet access service to enforce their anti-
UCE policies. Finally, the bill would mandate a study by the Commission 
within 18 months that would provide a detailed analysis of the 
effectiveness and enforcement of the bill's provisions.
    The Commission's views, set forth below, on the provisions of S. 
630, are informed by workshops and other discussions the Commission has 
had with interested members of the Internet and marketing industry, as 
well as the Commission's law enforcement experience in the area of UCE, 
and in related areas, such as the ``Do Not Call'' provision of the 
Telemarketing and Consumer Fraud and Abuse Prevention Act.\26\ Where 
useful, the Commission also sets forth its views on H.R. 718, another 
legislative proposal dealing with UCE that is similar to S. 630.\27\

A. The Definition of the Term ``Commercial Electronic Mail Message'' 
        [Sec. 3(2) of S. 630].
    A key term used throughout S. 630 is ``commercial electronic mail 
message''; this term is defined in Section 3 of the bill. The relevant 
portion of the definition provides that ``an electronic mail message 
shall not be considered to be a commercial electronic mail message 
solely because such message includes . . . a reference or link to an 
Internet web site operated for a commercial purpose.'' Commission staff 
has observed that much UCE--particularly UCE related to pornographic 
web sites--consists of nothing more than such a reference or link. The 
definition as currently drafted could potentially be exploited by 
senders of such UCE to evade the requirements of the bill. As a 
practical matter, it may be difficult to demonstrate to a court that an 
e-mail consisting of nothing more than a URL and perhaps a statement 
such as ``check this web site!'' falls within the bill's definition of 
``commercial electronic mail message''--i.e,. that its ``primary 
purpose . . . is to advertise or promote, for a commercial purpose, a 
commercial product or service''--when the definition apparently demands 
more than a reference or link to an Internet web site operated for a 
commercial purpose to bring an e-mail message within the scope of the 
bill's coverage. The House Bill currently under consideration, H.R. 
718, avoids this problem by employing a definition of the term that 
tracks the definition in S. 630 but excludes the final problematic 
clause.

B. The Prohibition Against Header Information That Is Materially or 
        Intentionally False or Misleading, or Not Legitimately Obtained 
        [Sec. 5(a)(1) of S. 630)].
    This provision would likely benefit consumers. Chief among consumer 
complaints about UCE is that consumers do not know who sent the UCE, 
and therefore do not know to whom they can send a request not to 
receive more UCE. In addition, false routing information can cause UCE 
messages to clog the e-mail systems of providers of Internet access 
service, thereby slowing service to consumers trying to dial into the 
Internet through those providers of Internet access service or even 
completely shutting down the providers' systems. Indeed, some providers 
have had to devote significant resources and staff to dealing with the 
sometimes overwhelming tide of UCE. These costs likely are passed on to 
consumers. The Commission is aware of no legitimate reason for using 
false header information.
    The provision prohibiting falsification of routing information 
would allow a consumer to know who sent him or her the UCE. It could 
also help providers of Internet access service better handle the flow 
of both solicited and unsolicited commercial e-mail, because valid 
routing information is more easily handled by the Internet access 
service providers' e-mail servers. This could result in fewer 
impairments to consumers' Internet service, and possibly fewer costs 
passed on to consumers.
    The provision strikes an appropriate balance by specifying that 
header information that is ``materially . . . false or misleading'' 
violates Section 5 of S. 630, while technically false header 
information not meeting the standard of ``materiality'' would be 
actionable only if it could be shown that the falsehood was 
intentional. This appropriately ensures that inadvertent and relatively 
minor mistakes in header information will not trigger enforcement 
action or private lawsuits.
    The language in the provision specifying that header information 
``not legitimately obtained'' violates Section 5 of the bill appears 
ambiguous. To ensure that this language does not create enforcement 
problems or engender unintended lawsuits, clarification would be 
helpful.
    This provision would impose few if any additional costs on senders 
of commercial e-mail. Further, the benefits to providers of Internet 
access service, recipients of e-mail, and Internet users generally who 
desire and expect optimum convenience, likely outweigh any additional 
costs. Also, these provisions could make the use of commercial e-mail a 
more effective marketing tool, because consumers likely would be more 
willing to trust the contents of a piece of UCE if they know the source 
of the e-mail.

C. The Prohibition Against a Subject Heading That Such Person Knows Is 
        Likely To Mislead the Recipient About a Material Fact Regarding 
        the Contents or Subject Matter of the Message [Sec. 5(a)(2) of 
        S. 630].
    Consumers also complain about being misled by false subject lines 
of UCE. These misrepresentations lead them into believing that the 
contents are about one thing, but when they open the e-mail, they 
discover that it is about something else entirely. For example, many 
senders of UCE that advertises pornography will use benign subject 
lines such as ``Thanks for lunch'' or ``An old friend'' that the 
average e-mail recipient might believe are messages from someone he or 
she knows. In fact, to the consumer's surprise, such UCE advertises 
pornographic Web sites. A subject line that non-deceptively described 
the contents of the UCE would allow a recipient to make an informed 
decision about whether to open the message.
    The Commission is aware of no legitimate reason for using false 
subject heading information and supports this provision. Prohibiting 
deceptive subject lines would impose few, if any, additional costs on 
legitimate companies that use commercial e-mail to promote their goods 
and services. Benefits to individual consumer recipients of e-mail and 
to Internet users generally would outweigh any costs. As with the 
provisions discussed above, this provision could make the use of 
commercial e-mail a more effective marketing tool, because consumers 
likely would be more willing to trust the contents of a piece of UCE if 
they could rely on representations made in the subject to accurately 
and truthfully reflect the message's contents.
    This provision of S. 630, however, raises an issue about the 
Commission's authority to challenge deception under Section 5 of the 
FTC Act. Currently, the Commission could challenge a materially false 
or misleading subject line in a commercial e-mail message under Section 
5 of the FTC Act, as it could any other deceptive representation. The 
applicable legal standard that must be met to demonstrate a deceptive 
practice is that it is ``likely to mislead consumers acting reasonably 
under the circumstances about a material fact.'' \28\ S. 630 would 
establish a higher standard applicable to subject lines in commercial 
e-mail messages by requiring a showing that the person who sent the e-
mail had knowledge that the subject line was likely to mislead the 
recipient about a material fact regarding the contents or subject 
matter of the message. The scienter requirement--not an element of 
deception under Section 5 of the FTC Act--would make it more difficult 
for the Commission to take action under S. 630 against materially false 
and misleading subject lines. As a matter of law enforcement, deceptive 
UCE should not be treated differently from any other deceptive act or 
practice. Moreover, the requirement of a showing that the subject line 
was likely to mislead the recipient, and not a reasonable consumer, 
could increase the burden on the Commission in any action targeting 
materially false or deceptive representations made in subject lines of 
commercial e-mail messages. This may require a showing that each 
individual recipient was likely to be misled, a very difficult burden 
to meet.
    Because violating Section 5 of S. 630 would expose a person to 
liability for civil penalties of up to $11,000 per violation, the 
Subcommittee may believe it appropriate to adopt stringent standards 
for liability in S. 630 to protect against penalties for what could be 
mere technical violations of the Bill.\29\ However, the Commission 
believes that it would be useful for S. 630 to make clear that it does 
not affect the FTC's current ability to bring enforcement actions 
targeting materially false or deceptive representations in commercial 
e-mail messages under Section 5 of the FTC Act, pursuant to the 
criteria of, and seeking the remedies available under, that Act.\30\ 
This could be accomplished by broadening the savings clause in Section 
7(a) of the bill.\31\ Therefore, clarification of an intent to leave 
intact the Commission's powers under the FTC Act with respect to 
deceptive representations in subject lines of commercial e-mail 
messages would be helpful.

D. The Requirement of an E-mail Address to Which Consumers Can Request 
        to No Longer Receive UCE, and the Requirement That Senders of 
        UCE Honor Such Requests [Sec. Sec. 3 & 4 of S. 630].
    These provisions would also likely benefit consumers. A major 
frustration among recipients of commercial e-mail, and particularly 
with UCE, is that often any reply to the sender's e-mail address 
``bounces back'' and is never received by the sender. In such a case 
there is nothing the consumer can do to avoid receipt of additional 
commercial e-mail from the same sender.
    The provision requiring senders of commercial e-mail messages to 
include a valid reply e-mail address to which consumers may send 
requests to receive no more e-mail, and requiring senders to honor such 
requests, would go a long way in helping consumers control the amount 
of commercial e-mail, both solicited and unsolicited, they receive. 
However, it would likely impose some burdens on senders of commercial 
e-mail. S. 630 would require every sender of commercial e-mail to set 
up and maintain an e-mail account to which consumers could send 
requests, and senders would have to monitor and update their mailing 
lists at least as often as every 10 days. Nevertheless, the benefits of 
such a requirement would likely outweigh the costs to the senders.

E. The Requirement of an Identifier, Opt-out Opportunity, and Physical 
        Address of the Sender in Each UCE Message.
    S. 630 would require that every UCE message contain an identifier 
indicating that the message is an advertisement or solicitation. This 
provision would benefit consumers by enabling them to immediately 
recognize UCE messages as advertisements. It also may allow consumers 
to employ software that would filter UCE into a separate folder, or 
block UCE messages entirely. This provision would thus help empower 
consumers to control the amount of UCE they receive. Notice that a 
message is an advertisement or solicitation would impose few, if any, 
additional costs on senders of UCE; they would merely have to add a few 
words (or even a few letters) to each message sent. Unlike print or 
broadcast communications, additional words in e-mail messages do not 
add to their cost.
    S. 630 would also require each UCE message to contain a clear and 
conspicuous notification of an opportunity for the recipient to decline 
to receive further UCE from the sender. This requirement would benefit 
consumers by helping them realize that they have a choice about whether 
they wish to receive additional UCE from a particular sender. Again, 
this requirement would impose few, if any, additional costs on senders 
of UCE; as with the identifier requirement, they would only have to add 
a few words to each message sent. It might also lower the overall 
volume of unwanted UCE on the Internet, thereby lowering certain cost 
burdens imposed on providers of Internet access service and potentially 
passed on to consumers.
    Finally, S. 630 would require that each UCE message include the 
physical location of the sender. This provision might produce benefits 
in the form of enhanced consumer confidence in the legitimacy of 
senders. In cases where the UCE eventually leads to a transaction, the 
consumer would have an additional means of contacting the seller if the 
goods or services are not provided in accordance with the consumer's 
understanding, or, where applicable, if the consumer wishes to go to a 
seller's store. It is noteworthy that this provision of S. 630 is 
consistent with the guidelines of the Organization for Economic Co-
operation and Development, which recommend that online businesses 
disclose their physical address. The Commission has endorsed those 
guidelines.\32\

F. The Enforcement Scheme.
    The enforcement scheme laid out by S. 630 likely would work well. 
It is modeled on similar schemes Congress established for enforcement 
for the Commission's 900-Number Rule and the Telemarketing Sales Rule 
in the statutes that mandated promulgation of those Rules.\33\ The 
enforcement provisions would allow the Commission to treat violations 
of S. 630 as violations of a rule under Section 18 (15 U.S.C. Sec. 57a) 
of the FTC Act regarding unfair or deceptive acts or practices. 
Moreover the Commission's efforts would be supplemented with those of 
the state Attorneys General, and possibly by other federal agencies 
with jurisdiction in areas where the FTC has none. This type of dual 
federal-state enforcement scheme has proved extremely successful in the 
past, particularly in challenging deceptive and abusive telemarketing 
practices, and the Commission would expect it to work equally well in 
this context.

G. The Effect on Other Laws [Sec. 7 of H.R. 630].
    S. 630 provides an express savings clause for specific enforcement 
provisions of the Communications Act of 1934 and for federal criminal 
statutes. This express clause appears to preclude enforcement of most 
existing federal civil laws that apply to commercial electronic mail, 
such as the FTC Act's broad prohibition of deceptive advertising, 
except to the extent specifically provided in S. 630. The Commission 
believes that S. 630 should not supplant other relevant federal law, 
and recommends expanding the savings clause to make this clear.

H. The Provision That Within 18 Months the Commission Conduct A Study 
        of the Effectiveness and Enforcement of S. 630's 
        Provisions.\34\
    A study of the effectiveness and enforcement of S. 630, if enacted 
with a requirement for such a study, would be based largely on the 
consumer complaint data from the Commission's UCE database. This 
database holds more than eight million UCE messages forwarded by 
consumers and providers of Internet access service. The Commission uses 
this database to assess the current state of UCE, spot emerging trends, 
and target its law enforcement efforts on the most serious problems. 
The Commission would be able to conduct a study on the effectiveness 
and enforcement of S. 630's provisions. However, 18 months may be too 
short a time frame for the Commission to effectively research and 
develop such a study. To meaningfully measure the effect of S. 630, it 
may be necessary to assess the situation before it goes into effect, 
and then gather data and information after it goes into effect and 
businesses have had time to come into compliance. The Commission 
therefore urges that the time frame for the study be extended to 24 
months, in order to enhance the value of the study.
    The Commission appreciates the opportunity to provide its views on 
S. 630 and on its efforts against deceptive UCE. I would be happy to 
answer any questions.

END NOTES
    \1\ The views expressed in this statement represent the views of 
the Commission. My responses to any questions you may have are my own.
    \2\ 15 U.S.C. Sec. 45(a). The Commission also has responsibilities 
under more than 45 additional statutes, e.g., the Fair Credit Reporting 
Act, 15 U.S.C. Sec. Sec. 1681 et seq., which establishes important 
privacy protections for consumers' sensitive financial information; the 
Truth in Lending Act, 15 U.S.C. Sec. Sec. 1601 et seq., which mandates 
disclosures of credit terms; and the Fair Credit Billing Act, 15 U.S.C. 
Sec. Sec. 1666 et seq., which provides for the correction of billing 
errors on credit accounts. The Commission also enforces over 35 rules 
governing specific industries and practices, e.g., the Used Car Rule, 
16 CFR Part 455, which requires used car dealers to disclose warranty 
terms via a window sticker; the Franchise Rule, 16 CFR Part 436, which 
requires the provision of information to prospective franchisees; and 
the Telemarketing Sales Rule, 16 CFR Part 310, which defines and 
prohibits deceptive telemarketing practices and other abusive 
telemarketing practices.
    \3\ The FTC has limited or no jurisdiction over specified types of 
entities and activities. These include banks, savings associations, and 
federal credit unions; regulated common carriers; air carriers; non-
retail sales of livestock and meat products under the Packers and 
Stockyards Act; certain activities of nonprofit corporations; and the 
business of insurance. See, e.g., 15 U.S.C. Sec. Sec. 44, 45, 46 (FTC 
Act); 15 U.S.C. Sec. 21 (Clayton Act); 7 U.S.C. Sec. 227 (Packers and 
Stockyards Act); 15 U.S.C. Sec. Sec. 1011 et seq. (McCarran-Ferguson 
Act).
    \4\ FTC v. Corzine, CIV-S-94-1446 (E.D. Cal. filed Sept. 12, 1994).
    \5\ Section 5 of the FTC Act, 15 U.S.C. Sec. 45, authorizes the 
Commission to prohibit unfair or deceptive acts or practices in 
commerce. The Commission may initiate administrative litigation, which 
may culminate in the issuance of a cease and desist order. It can also 
enforce Section 5 and other laws within its mandate by filing actions 
in United States District Courts under Section 13(b) of the FTC Act, 15 
U.S.C. Sec. 53(b), seeking injunctions, consumer redress, disgorgement, 
and other equitable relief. Section 18 of the FTC Act, 15 U.S.C. 
Sec. 57a, authorizes the Commission to promulgate trade regulation 
rules to prohibit deceptive or unfair practices that are prevalent in 
specific industries. Courts may impose civil penalties of up to $11,000 
per violation of Commission trade regulation rules.
    \6\ For example, the National Advertising Division of the Council 
of Better Business Bureaus, Inc., operates the advertising industry's 
self-regulatory mechanism.
    \7\ For example, the Rule Concerning Cooling-Off Period for Sales 
Made at Homes or at Certain Other Locations (the ``Cooling-Off Rule''), 
16 CFR Part 429; the Mail or Telephone Order Merchandise Rule, 16 CFR 
Part 435; the Trade Regulation Rule Pursuant to the Telephone 
Disclosure and Dispute Resolution Act of 1992 (``The 900-Number 
Rule''), 16 CFR Part 308; and the Telemarketing Sales Rule Pursuant to 
the Telemarketing and Consumer Fraud and Abuse Prevention Act, 16 CFR 
Part 310.
    \8\ The first of these was held in the fall of 1995, when the 
Commission held four days of hearings to explore the effect of new 
technologies on consumers in the global marketplace. Those hearings 
produced a staff report, Anticipating the 21st Century: Consumer 
Protection Policy in the New High-Tech, Global Marketplace (May 1996).
    \9\ This report is available at www.cdt.org/spam.
    \10\ ``Header'' information, at minimum, includes the names, 
addresses, or descriptions found in the ``TO:'', ``FROM:'', and 
``SUBJECT:'' lines of an e-mail. It also includes the technical 
description of the route an e-mail has traveled over the Internet 
between the sender and recipient.
    \11\ FTC v. Benoit, No. 3:99 CV 181 (W.D.N.C. filed May 11, 1999). 
This case was originally filed under the caption FTC v. One or More 
Unknown Parties Deceiving Consumers into Calling an International 
Audiotext Service Accessed Though Telephone Number (767) 445-1775. 
Through expedited discovery, the FTC learned the identities of the 
perpetrators of the alleged scam by following the money trail connected 
to the telephone number. Accordingly, the FTC amended its complaint to 
specify the defendants' names.
    \12\ A similar scheme that used spam was targeted in FTC v. Lubell, 
No. 3-96-CV-80200 (S.D. Ia. 1996). In that case, the spam urged 
consumers to call an expensive international number to hear a message 
that purportedly would inform them about discount airline tickets and 
how to enter a sweepstakes.
    \13\ See http://www.nanpa.com/home.
    \14\ The term ``audiotext services'' describes audio information 
and entertainment services offered over the telephone through any 
dialing pattern, including services accessed via 900-number, as well as 
international and other non-900-number, dialing patterns.
    \15\ FTC v. Martinelli, No. 399 CV 1272 (CFD) (D. Conn. filed July 
7, 1999). Other alleged pyramid schemes that utilized spam have been 
targets of FTC enforcement action. See, e.g., FTC v. Nia Cano, No. 97-
7947-IH-(AJWx) (C.D. Cal. filed Oct. 29, 1997); In re: Kalvin P. 
Schmidt, Docket No. C-3834 (final consent Nov. 16, 1998).
    \16\ FTC v. Consumer Credit Advocates, No. 96 Civ. 1990 (S.D.N.Y. 
filed Mar. 19, 1996); FTC v. Dixie Cooley, d/b/a DWC, No. CIV-98-0373-
PHX-RGS (D. Ariz. filed March 4, 1998).
    \17\ FTC v. Cliff Cross and d/b/a Build-It-Fast, Civ. No. M099CA018 
(W.D. Tex. filed Feb. 1, 1999); FTC v. Ralph Lewis Mitchell, Jr., No. 
CV 99-984 TJH (BQRx) (C.D. Cal. filed Jan. 29, 1999); FTC v. Frank 
Muniz, No. 4:99-CV-34-RD (N.D. Fla. filed Feb. 1, 1999); U.S. v. A. 
James Black, No. 99-113 (M.D. Fla. filed Feb. 2, 1999); FTC v. James 
Fite, d/b/a Internet Publications, No. CV 99-04706JSL (BQRx) (C.D. Cal. 
filed April 30, 1999); U.S. v. David Story, d/b/a Network Publications, 
3-99CV0968-L (N.D. Tex. filed April 29, 1999); and FTC v. West Coast 
Publications, LLC., CV 99-04705GHK (RZx) (C.D. Cal. filed April 30, 
1999).
    \18\ FTC v. Para-Link International, No. 8:00-CV-2114-T-27E (M.D. 
Fla. filed Oct. 16, 2000).
    \19\  FTC v. Internet Business Broadcasting, Inc., No. WMN-98-495 
(D. Md. filed Feb. 19, 1998); United States v. PVI, Inc., No. 98-6935 
(S.D. Fla. filed Sept. 1, 1998).
    \20\ TrendMark International, Inc., Docket No. C-3829 (final 
consent Oct. 6, 1998)
    \21\ The distribution and access numbers for these consumer 
education materials are accurate as of March 31, 2001.
    \22\ These schemes claim that one can make money sending one's own 
solicitations via bulk e-mail. They offer to sell one lists of e-mail 
addresses or software to allow one to make the mailings. What they 
don't mention is that the lists are of poor quality and that sending 
bulk e-mail violates the terms of service of most providers of Internet 
access service.
    \23\ See Unsolicited Commercial E-mail: Hearing Before the Subcomm. 
on Telecomm., Trade and Consumer Protection of the House Comm. on 
Commerce, 106th Cong. (Nov. 1999) (statements of various providers of 
Internet access service detailing costs and loss of goodwill caused by 
UCE); Serge Gauthronet & Etienne Drouard, Unsolicited Commercial 
Communications and Data Protection (Jan. 2001), p. 9. (finding, in this 
study undertaken by the Commission of European Communities, that the 
global cost to Internet users may be conservatively estimated at 10 
billion Euros ($8.943 billion) annually); See generally the 1998 Report 
to the Federal Trade Commission of the Ad-Hoc Working Group on 
Unsolicited Commercial E-Mail (citing several types of costs imposed on 
consumers and businesses by UCE--intrusion on consumers' privacy, lost 
opportunity costs, Internet infrastructure costs, access and storage 
fees, and reputational harms) (available at www.cdt.org/spam).
    \24\ An action seeking civil penalties for violation of a Trade 
Regulation Rule promulgated under Section 18 must be forwarded by the 
Commission to the Department of Justice for filing and litigating. If 
the Department of Justice declines to file the complaint within 45 
days, the Commission, through its own attorneys, may file and litigate 
the matter. 45 U.S.C. Sec. 56(a). Pursuant to Section 13(b) of the FTC 
Act, 45 U.S.C. Sec. 53(b), however, the Commission may file and 
litigate, through its own attorneys, any action seeking injunctive 
relief, consumer restitution, disgorgement of ill-gotten gains or other 
equitable remedies without first forwarding the matter to the 
Department of Justice.
    \25\ Successful plaintiff states or providers of Internet access 
service could recover an amount equal to actual damages or statutory 
damages of up to $10 for each separately addressed unlawful message 
received by the states' residents, with a maximum of $500,000, and in 
cases of willful and knowing violations, three times this amount. 
Recovery of costs and reasonable attorneys' fees would be authorized. 
Section 6(e) of S. 630 would establish an affirmative defense in cases 
brought by providers of Internet access service or the states where a 
defendant can show that it has established and implemented compliance 
policies and procedures, and that any violation occurred despite good 
faith efforts to follow those policies and procedures.
    \26\ 5 U.S.C. Sec. 6102(a)(3)(A).
    \27\ This bill was introduced on January 3, 2001 by Rep. Heather 
Wilson, and is titled the ``Unsolicited Commercial Electronic Mail Act 
of 2001.''
    \28\ Cliffdale Associates, Inc., 103 F.T.C. 110, 165, appeal 
dismissed sub nom., Koven v. F.T.C., No. 84-5337 (11th Cir. 1984).
    \29\ It is noteworthy that Section 5(m)(1) of the FTC Act, 15 
U.S.C. Sec. 45(m)(1), requires the Commission, in actions to recover 
civil penalties for violations of trade regulation rules, to prove that 
the defendant violated the rule ``with actual knowledge or knowledge 
fairly implied on the basis of objective circumstances that such act is 
unfair or deceptive and is prohibited by such rule.'' Moreover, this 
provision requires courts, in assessing civil penalties for rule 
violations, to ``take into account the degree of [the defendant's] 
culpability, any history of prior such conduct, ability to pay, effect 
on ability to continue to do business, and such other matters as 
justice may require.''
    \30\ In enforcement actions under Section 5 of the FTC Act the 
Commission can not seek civil penalties; instead it can seek 
administrative cease and desist orders, or, in the case of actions in 
district court under Sections 5 and 13(b) of the FTC Act, equitable 
remedies--injunctions, disgorgement, or restitution for consumer 
victims.
    \31\ In a related context, Congress ensured, in enacting the 
Telemarketing and Consumer Fraud and Abuse Prevention Act, that the 
Commission's ability to challenge deceptive telemarketing practices 
under the FTC Act would remain intact by including a broad savings 
clause: ``Nothing contained in this chapter shall be construed to limit 
the authority of the Commission under any other provision of law.'' 15 
U.S.C.Sec. 6105(c):
    \32\ See, http://www.ftc.gov/opa/1999/9912/oecdguide.htm.
    \33\ Telephone Disclosure and Dispute Resolution Act of 1992 
(codified in relevant part at 15 U.S.C. Sec. Sec. 5701 et seq.) and the 
Telemarketing and Consumer Fraud and Abuse Prevention Act (codified in 
relevant part at 15 U.S.C.Sec. Sec. 6101-6108).
    \34\ The House bill, H.R. 718, contains a provision substantially 
similar to the mandatory study provision of S. 630.

    Senator Burns. Thank you very much. We've enjoyed your 
testimony and I have some questions for you. We've been joined 
on the Committee by Senator Rockefeller. Do you have a 
statement?

           STATEMENT OF HON. JOHN D. ROCKEFELLER IV, 
                U.S. SENATOR FROM WEST VIRGINIA

    Senator Rockefeller. I'm going to put it in the record.
    [The prepared statement of Senator Rockefeller follows:]

          Prepared Statement of Hon. John D. Rockefeller IV, 
                    U.S. Senator from West Virginia

    Thank you Mr. Chairman for holding this hearing. As we all know 
from our constituents, junk e-mail is a serious problem. It is costly 
to consumers; it is costly to Internet service providers; and it often 
puts pornography or fraudulent material into our in-boxes.
    We should find a way to reduce the costs of junk e-mail, while 
respecting the First Amendment, and the rights of legitimate marketers.
    I applaud your efforts to bring this matter before the Committee 
again this year, and to reintroduce legislation. However, I feel that 
for legislation to be successful it must include several things that 
are not yet in the bill we are considering.
    First, we should give regular Americans and businesses the ability 
to protect themselves from junk e-mail. The bill includes a ``private 
right of action'' for Internet service providers, but leaves regular 
Americans and businesses without the ability to go to court if they are 
injured in violation of the bill.
    I agree that we should give Internet service providers the right to 
sue, but why leave the everyday people who have to suffer through junk 
e-mail everyday with no way to seek redress? That doesn't make sense.
    Second, we should listen hard to what Mr. Catlett on the second 
panel has to say about how effective the proposed bill would be in 
actually stopping illegitimate junk e-mail. This bill should be about 
consumers--Internet users--first and foremost. If we do not give 
consumers the tools to stop e-mails they don't want, then the bill will 
not work.
    I think that we should start by requiring that every commercial e-
mail contain the word ``advertisement'' in the subject line. That way 
consumers can use technology to filter for them if they wish. Mr. 
Catlett has several other ideas that we should pay close attention to.
    I am sorry that I cannot spend more time at the hearing today and I 
look forward to working with all of you on moving this bill forward.

    Senator Burns. You're going to put your statement in the 
record and I'm--Ms. Harrington, do we need legislation to 
enable you to do the things that should be done with regard to 
spamming?
    Ms. Harrington. I think that this proposed bill greatly 
enhances the FTC's current statutory authority. We don't need 
legislation to give the FTC the authority to bring enforcement 
action against deception. However, this legislation makes very 
specific that certain practices are deceptive so that lightens 
our prosecutorial burden, if you will, by establishing that as 
a matter of law it is a deceptive practice to fail to do 
certain things. And in addition, there are provisions in S. 
630, for example the requirement of opt-out, and the 
requirement that there be a valid return e-mail address and a 
physical address that probably--that certainly wouldn't be 
natural remedies that we could obtain in a lawsuit under the 
FTC Act, so yes, I think there is a need.
    Senator Burns. How close are you to being up to speed for 
enforcement of this Act?
    Ms. Harrington. We're ready.
    Senator Burns. You're ready. Any additional dollars you'll 
need?
    Ms. Harrington. I don't do dollars.
    [Laughter.]
    Ms. Harrington. Let me tell you that the FTC has been the 
leading federal enforcement agency in the area of Internet 
fraud both in terms of the dollar volume of fraud stopped, the 
numbers of actions taken. We've done that on a lean budget. Our 
people are well-trained and ready to go. We have, as I 
mentioned, an existing database of over 8 million pieces of 
spam. That is a searchable database and we can search that 
database to find spam that is not in compliance with certain 
provisions of this statute if it becomes law, and we're ready 
to go.
    Senator Burns. I found the Wall Street Journal article the 
other day very interesting and pretty eye-opening too. It seems 
like as soon as the ISPs and the consumers come up with ways to 
filter out spam, it doesn't take spammers very long to 
circumvent that other technology. Can you comment right now, 
the cat and mouse game, and if there's anything the FTC can do 
and again, do you have the tools to do it?
    Ms. Harrington. We have decades of experience with 
fraudsters using new technologies and they are very good at 
innovating to get around laws and other blocks to their bad 
practices. I cannot tell you that we can stay a step ahead of 
them.
    Senator Burns. We're also running into a lot of spamming in 
the wireless situation.
    Ms. Harrington. Right.
    Senator Burns. Are you equipped there?
    Ms. Harrington. I think that----
    Senator Burns. Is the spamming in the wirless a little bit 
different than in the wire lines.
    Ms. Harrington. It is. It's interesting you ask. I just 
came back from a meeting of an organization called the 
International Marketing Supervision Network which is a group of 
consumer protection authorities from over 30 OECD and related 
countries. I was talking to our colleagues in Scandinavia where 
wireless is a far more pervasive form of communication 
technology and I was talking to them specifically about this 
issue, about wireless spam.
    I think we have a steep learning curve to get up to speed. 
We're working on it. We had a workshop about 9 months ago on 
this issue at the FTC, where we invited industry and law 
enforcement and consumer groups to come in and talk with us 
about the technology, about business plans and business models 
that might use that technology for marketing. I would tell you 
that the legitimate businesses, both the communications 
companies and the innovators who are seeking to use the 
technology, have been very forthcoming and helpful in helping 
us understand this. But I think we've got a steep learning 
curve.
    We can always use more resources. When I say I don't do 
dollars, I run an enforcement program. We have done everything 
that we can do to stretch every person's time and every dollar 
that the Congress has provided to us. I think wireless poses a 
whole new set of issues again and I think that if there are 
additional resources to be had, we would make good use of them. 
And I can also tell you that with the resources we currently 
have, we are working very hard to understand and stay on top of 
the technology.
    Finally, I would say that one difference between our 
approach to the Internet and now wireless and to the fraudulent 
and deceptive applications of new technologies--one difference 
between our approach at the FTC and practically everyone else's 
approach, I think, is that our decision was to train the entire 
staff, all of the attorneys, all of the investigators, all of 
the paralegals on these technologies.
    So rather than having a unit that is only devoted to the 
Internet, everybody knows about the Internet, has access to our 
lab and our tools. And that means we can shift our people 
really quickly from telemarketing to Internet to wireless back 
to telemarketing because everybody's trained up.
    Senator Burns. You mentioned the fact that you had over 8 
million complaints on spamming and examples of spamming. Can 
you give me any kind of a figure on the number or the 
percentage of those complaints which were out and out 
fraudulent pieces of spam?
    Ms. Harrington. Whew, there are two ways of looking at it. 
Number one, what does the spam say. And I would say that the 
overwhelming majority of those 8 million pieces of spam make 
blatantly false statements about earnings, about product 
performance, something like that.
    On the other hand, and much to my gratification and ours, 
we find that the people who forward this spam to us generally 
don't fall for it. There are certainly exceptions where 
consumers have lost significant money relying on these spams 
but we also find that lots and lots and lots of people don't 
believe it. But they send it to us because we've asked--you 
know: give us your tired, your poor and your spam. We want 
this. We want to see what's coming into consumers' mailboxes. 
We want to organize it and search it, so that we can keep track 
of what's going on with this marketing medium.
    Senator Burns. Senator Rockefeller.
    Senator Rockefeller. Thank you Mr. Chairman.
    Senator Burns. You're welcome.
    Senator Rockefeller. We're very courteous to each other. 
We're good friends.
    I get a lot of these complaints too from my folks in West 
Virginia and actually it would be interesting to know the 
percentage of your folks versus my folks that have home 
computers, et cetera. We'll compare that at a later date. 
You're not responsible for that, Ms. Harrington.
    But one of the concepts which has been put forward is the 
idea of tagging, you know, labeling something in advertisements 
and I'm trying to think around in my mind what--you know, I 
turn on AOL and it sort of--do you have to say something's an 
advertisement or do people kind of inherently know it's an 
advertisement just by the way it looks?
    For example, when I put on AOL I cannot put on AOL without, 
you know, I hear the you've got mail thing only after I've 
gotten rid of what is clearly an advertisement for one reason, 
it's not AOL, which one obviously recognizes. Then second, it 
looks like an advertisement. If it walks like a duck, et 
cetera.
    So my question to you would be, and ISPs I would have to 
assume might be against that, either because they think it's 
inconvenient. They get revenue from it although, on the other 
hand, they also get swamped by it, or some people do, you know, 
trying to push all this stuff through.
    Do you think that tagging or labeling something in 
advertisement, the argument being that while--what is your view 
on that?
    Ms. Harrington. With respect to unsolicited commercial e-
mail, the proposed bill requires a label that would indicate 
that it is an advertisement or it is a commercial e-mail.
    Senator Rockefeller. It would say advertisement.
    Ms. Harrington. It doesn't specifically say that it has to 
say advertisement I don't believe.
    Senator Rockefeller. Well that's what I am trying to get 
from you. In other words, isn't--I mean there are all kinds of 
users. I mean it's like, one of the people that I work with and 
I were talking over here about people using cell phones, and we 
were trying to figure out how many unnecessary phone calls are 
made because there are things called cell phones in this world, 
and we came up with a mutual conclusion of about 50 percent of 
the phone calls that were made really don't have to be made, 
but they are there because everybody's got a phone. So, 
everybody's got an advertisement.
    My assumption is that they would recognize that. That may 
be only because I use the Internet and therefore am in a 
position to recognize it and others might not and might be 
subject to it, particularly the ones that pop up, you know, in 
the corner of your screen. They tend to have a special kind of 
a nature. Then you read them, you don't look for the tag, you 
just--you look for the body of information to the extent that 
your eye stays over there, and you know it's an advertisement. 
So, I just want to get a sense of whether you think it's 
necessary to label it as such, where those who don't use it as 
much might be less--or it's fine without it.
    Ms. Harrington. Well you raise the issue of blurring. And 
that's an issue that has been central to all media as it 
becomes used more and more for advertising. We have issues with 
newspapers in blurring, and you now see in print media 
typically, that text that looks like it could be editorial text 
is labeled, advertisement when it is such. We saw that issue 
with television in blurring----
    Senator Rockefeller. It's the same principle there 
actually, because it's like--I obviously did mean to interrupt 
you or else I wouldn't have done it. But for example, sometimes 
countries whose kings or prime ministers are coming over here, 
do sections. And you're right. In the newspaper, advertisement 
will be written across the top. But you don't need to see that 
to know that. It looks like that, because it's got a picture of 
the king or the prime minister or whatever it is and some 
beautiful ocean. So, you know it's an advertisement without 
looking. So I, again, I just want to hone in on the tagging 
thing.
    Ms. Harrington. But--one of the beauties of the Federal 
Trade Commission Act is that it focuses on the reasonable 
consumer, and what a consumer reasonably understands is 
something that changes with time, with experience. You posed 
the question from the standpoint of the consumer who is less 
familiar with the Internet. And when a medium is new, I think 
that we need to assume that most consumers are less familiar. 
So at one point in time, it is deceptive to fail, or it may be 
deceptive to fail to indicate that something is, in fact, an 
advertisement, when consumers are very unfamiliar with that.
    You raised the example, or point to the example of the pop 
up screen. And you know, I know that we've all seen pop up 
screens that are in the Microsoft Windows warning or error 
message format, that are actually advertisements. Are you 
familiar with that format? And so when you click on the red X 
to close it out, instead of closing it out, it may take you to 
an advertisement. Now my view is that, at this point in time, 
the reasonable consumer who sees a Microsoft Window warning 
message format in a pop up screen, the reasonable consumer 
thinks that that is an error or a warning message and doesn't 
think that it's an advertisement. Now 5 years from now, the 
reasonable consumer may know, ah-hah. You know, that could be 
anything. And so, the reasonable consumer is less likely to be 
misled or deceived.
    So it really--that is really one of the great strengths of 
the Federal Trade Commission Act. It's flexible because it 
focuses in part on what the reasonable consumer understands a 
representation or a situation to mean, and that changes, as 
media change, as circumstances change, as times change.
    Senator Rockefeller. Do you think that this legislation 
would benefit from sort of a pop up part?
    Ms. Harrington. Well this legislation is about unsolicited 
commercial e-mail, and I think that that's a different matter 
than pop up screens and windows and other----
    Senator Rockefeller. No, I'm talking about pop ups that are 
advertisements.
    Ms. Harrington. Right.
    Senator Rockefeller. Not that are something else, you know, 
or a chat room or anything of that sort. I'm talking about a 
real advertisement. And you know the way they place those, you 
go to Netscape and all of a sudden you have something that 
you're looking at and then you have this great--this 
perpendicular rectangle hits you in the face and you've got to 
get rid of it before you can go on. And that's an enormous 
inconvenience.
    Ms. Harrington. I think the pop up screens raise a lot of 
the same issues of deception that false header and router 
information raises. I think that the method of delivery is 
different. Spam is delivered one way and pop up screens are 
programmed really differently and they're programmed to appear 
on a particular website rather than to be sent out as e-mail. 
So, I think that the method of delivery is different, and I'm 
not sure that there is a logical way to marry those two methods 
of delivery in one bill. That's my, like off the top of my head 
answer.
    Senator Rockefeller. As a matter of philosophy are you an 
opt-in or an opt-out person?
    Ms. Harrington. Well the Commission's position here is that 
it supports the opt-out provision in S. 630.
    Senator Rockefeller. No, but that's not what I asked. I'm 
trying to get underneath that. I mean, I'm an opt-in person. I 
think that you have to specifically say I am willing to do 
this. I want this, as opposed to you're getting it and then, 
oh, by the way, I think I'll decide to opt-out if I happen to 
understand what it is. I mean I'm just trying to get it at----
    Ms. Harrington. I think that the ISPs offer consumers the 
choice of--that is depending on which ISP I select, if I'm an 
opt-in person, I can select an opt-in ISP. If I'm an opt-out 
person, I can select an opt-out ISP. I personally have selected 
an opt-in ISP.
    Senator Rockefeller. OK. Thank you. Now one more question. 
And that is, the obvious one. Regarding ISPs--fundamentally, 
computers and the use of them is about consumers. And it's like 
saying is a car about General Motors or is a car about somebody 
who drives it. And I tend to think a car is about somebody who 
drives it, buys it, because it's their property. So the General 
Motors consideration is there, but it's secondary, to me at 
least. So that gets you to the so-called, the right to sue 
thing. And I know that can be an overblown question, and a 
stereotypical question, but nevertheless it's an interesting 
one because--and I think that Senator Burns and Senator Wyden 
and others, Senator Breaux, when they introduced this bill, 
they introduced it as a platform, not as a final product, 
because that's the way they usually do things, to get a 
discussion going and then to try and look at a bill that would 
be useful. But, isn't that right reserved to ISPs. That is, the 
right to sue. Shouldn't that be available to consumers and if--
and I'm not asking, saying you have to agree with me, but I'd 
like to hear your kind of arguments on both sides. Some people 
say that you would be endlessly lost in litigation and all the 
rest of it, but I'd just be interested in your views.
    Ms. Harrington. Well on the one hand, I think that there is 
no group that has both a stronger interest and greater strength 
in protecting the interest against spam, unwanted spam, than 
the ISPs do. And so, unlike your General Motors analogy where 
there may be a divergence of interest between General Motors' 
interest and the product owner and driver's interest, I think 
that the ISP and its customers may have a unified interest here 
in keeping unwanted e-mails out of consumers' mailboxes. The 
basis of the unified interest may be different. With the ISP, 
it goes to the economics and efficiency and reputation of their 
company. For the consumer, it's the time and nuisance factor of 
getting all this stuff. But I think the interest is the same.
    And so on the pro side, you asked me to argue both sides. 
On the pro side, I would say that here, the ISPs have the same 
interest as consumers. It's rooted in something different, but 
the ISPs have more resources to take that interest to court and 
litigate it. I also think that there is greater efficiency in 
having the ISP bring the action, because then we have one 
lawsuit, not 10,000.
    Senator Rockefeller. And I understand that. But if one of 
the things about this problem is that it is so incredibly cheap 
for advertisers. I mean it's just the cheapest thing in the 
world. You push a button and millions of things go out across 
the world. Nevertheless, if you've gotten 8 million--I mean the 
aggregation of that begins to add up to quite a lot, and that 
implies therefore, revenue. And that revenue, even though it 
may be much smaller than television or radio or newspapers, 
nevertheless accrues to the ISPs. So is there anything to be 
said there?
    Ms. Harrington. I'm not sure that there is revenue that 
accrues to the ISPs from the sending of bulk spam. I don't know 
that. I think, though, to argue the other side of it, that is 
that there ought to be a right of action on the part of the 
individual, I would look at a couple of things first. The 
Telephone Consumer Protection Act of 1991 and 1992, which is 
enforced by the Federal Communications Commission gives 
individual consumers a cause of action in State Small Claims 
Court against telemarketers who call them after they have 
indicated to the telemarketer that they don't wish to receive 
calls.
    So I would take a look at what the experience has been with 
that statute. I think that that is one of the first or few 
federal statutes that provides individuals with a right of 
action to vindicate their rights as consumers in state court, 
and my belief is that there has not been a glut of lawsuits 
brought in small claims courts on the part of individual 
consumers to enforce their rights under that statute.
    You know, one concern is well, gee, we are opening the 
floodgates. The FTC does all of its law enforcement work in 
federal courts and so I have a selfish interest because we are 
all trying to get speedy resolution of our lawsuits to benefit 
consumers and get money back. I have a selfish interest in 
arguing against opening the federal courts to private rights of 
action by individual consumers because I think that that slows, 
that that would not be workable.
    But you know, in this instance, Senator, I think that, that 
the ISPs and the customers who don't want spam really have an 
identical interest, and for myself personally, Star Power is my 
ISP at home, and I'd rather have them go to court to keep spam 
out of my mailbox than me spending time going to court on my 
own.
    Senator Rockefeller. If they would do that, and you 
indicate you think they would? Yes. It doesn't--it still--if 
there is a precedent to do so, if there is a precedent by 
saying consumers can't.
    Ms. Harrington. Can or cannot? I am sorry.
    Senator Rockefeller. Cannot, in this bill, and one has to 
deal with that at some point. But I understand what you are 
saying, and I appreciate your answers. Thank you, Mr. Chairman.
    Senator Burns. Senator, the state's attorney generals can 
do it. And each of the states can do it. On behalf of the 
consumers--we have been joined by Senator Allen of Virginia. 
And it is nice to have you here today. Ms. Harrington--and 
Senator Wyden, where have you guys been all day?
    Senator Allen. I was at the Foreign Relations Committee 
meeting.
    Senator Burns. Good heavens. And we have been joined by 
Representative Goodlatte of Virginia, and who is working this 
legislation through the House side and if you would come 
forward and want to make a statement, why, we would sure 
entertain that.
    Senator Wyden, do you have questions for Ms. Harrington?
    Senator Wyden. Mr. Chairman, since I just walked in, we 
were negotiating on a variety of the other tech questions, let 
me catch up a little bit so I am not repetitive, and I'll have 
some in a moment.
    Senator Burns. OK. Thank you very much. Ms. Harrington, we 
look forward to working with you and thank you for bringing 
some specifics that you think are necessary to make the 
legislation a little bit better and as far as you are concerned 
and the FTC. We appreciate those suggestions and we look 
forward in working with you as we get the final, the final bill 
out of Committee and move it on. So thank you for coming today, 
and we look forward to working with you. Thank you.
    We are joined now by Representative Goodlatte of Virginia, 
who is working his will or the will of this legislation through 
the House of Representatives. We welcome you here today, 
Congressman, and we look forward to your comments.

               STATEMENT OF HON. BOB GOODLATTE, 
               U.S. REPRESENTATIVE FROM VIRGINIA

    Mr. Goodlatte. Thank you, Mr. Chairman. Would that that 
were so, directing my will. I do appreciate the opportunity to 
testify before the Committee. It is good to be back. You have 
been generous in inviting me to testify before, and I do have a 
statement to make a part of the record, and I would offer part 
of it.
    Senator Burns. Without objection, so ordered.
    Mr. Goodlatte. Unsolicited e-mail, especially commercial e-
mail such as advertisements, solicitations, or chain letters 
has become the junk mail of the information age. Jupiter 
Communications reported that in 1999 the average consumer 
received 40 pieces of spam. By 2005, that organization 
estimates that the total is likely to soar beyond 1,600 pieces 
to the average consumer. These numbers are astounding and while 
it costs the spammer almost nothing to send, it results in 
damage to a protected computer and would be punishable by a 
fine under Title 18 or by imprisonment for up to 1 year.
    I want to commend you, Mr. Chairman, on the introduction of 
your own spam legislation that takes a balanced approach to 
combatting spam by including strong monetary penalties, but 
does not include a private right of action, an area in which we 
should proceed with caution in that it could have the effect of 
discouraging the use of electronic commerce.
    Because of the complexity surrounding all e-commerce issues 
like spam, legislation must be carefully balanced to ensure 
that enforcement mechanisms address real harms without causing 
damage to the unique advantages provided by the Internet.
    S. 630 provides law enforcement with the tools they need to 
combat spam without opening the floodgates to frivolous 
litigation. Legislation addressing the problem of unsolicited 
commercial e-mail is greatly needed during this legislative 
session to protect consumers and Internet service providers 
from victimization by spam.
    I look forward to continuing to work with representative 
Heather Wilson, who has another important bill dealing with 
this issue in the House, as well as with you, Chairman Burns, 
and Senator Allen and Senator Wyden, who I know have a great 
interest in this legislation as well to achieve our common goal 
of reducing the burden of unwanted e-mail on consumers and 
Internet service providers, and I thank you for allowing me the 
opportunity to testify today.
    Senator Burns. Just, you know, not only I think are we 
interested in protecting the ability of legitimate commercial 
entities. I guess financial institutions come to mind that 
sometimes they use e-mail to inform their clients and customers 
of changes and updates in company policies. These are actually 
mandated by law. Would your bill affect their ability to do 
that in any way?
    Mr. Goodlatte. Absolutely not. This is designed to 
facilitate the ease with which businesses do that. Now, there 
are some concerns raised about other legislation and while I am 
very supportive of the efforts to push forward in that area 
with that legislation, I do think there is some fine tuning 
that needs to be done so that companies can effectively 
communicate with their customers, policyholders and so on 
without fear of violating the law.
    Senator Burns. Well, we thank you for your statement today. 
We appreciate that very much. I understand you have been 
spammed, and I think we all have or whatever. I was back in 
1955 in the United States Marine Corps, but--those, that is 
water under the bridge.
    Mr. Goodlatte. It is great.
    [The prepared statement of Mr. Goodlatte follows:]

               Prepared Statement of Hon. Bob Goodlatte, 
                   U.S. Representative from Virginia

    Thank you, Mr. Chairman, for holding this very important hearing. I 
appreciate the opportunity to appear before the Subcommittee to testify 
about the need for legislation to address the growing problem of mass 
unsolicited e-mail, also known as ``spam.''
    The Internet is a revolutionary tool that dramatically affects the 
way we communicate, conduct business, and access information. 
Electronic-mail has become a powerful medium for commerce and 
communication by offering an affordable way for people to reach one 
another with rapid speed and reliable delivery.
    Marketers have learned to take advantage of this new capability to 
reach consumers. Many consumers choose to communicate via e-mail with 
their financial institutions, favorite retailers and other companies 
with which they form relationships. Millions of individuals and 
businesses opt to receive communications and notices by e-mail. In 
order for the Internet to continue to thrive and grow as a medium for 
commerce, legitimate businesses must be able to responsibly communicate 
with their customers or consumers who wish to do so.
    However, unsolicited e-mail, especially commercial e-mail such as 
advertisements, solicitations or chain letters, has become the `junk 
mail' of the information age. Jupiter Communications reported that in 
1999 the average consumer received 40 pieces of spam. By 2005, Jupiter 
estimates that the total is likely to soar to 1,600 pieces of spam. 
These numbers are truly astounding. While it costs the spammer almost 
nothing to send, unsolicited e-mail messages burden consumers by 
slowing down their e-mail connections, and cause big problems for the 
small business owner who is trying to compete with larger companies and 
larger servers.
    Even more disturbing are the numerous examples that I receive from 
my own constituents of the increasing amount of spam that is 
pornographic in nature. This pornographic spam, opened innocently by 
the recipient, often disguises the subject of the e-mail and includes a 
link that takes the recipient to a pornographic web site. E-commerce 
will never reach its full potential if consumers and their children 
cannot utilize e-mail without the fear of being unwillingly transported 
into the seamier side of the Internet.
    Consumers are not the only ones victimized by spam. In recent 
instances, unsolicited e-mail transmissions have paralyzed small 
Internet Service Providers (ISPs) by flooding their servers with 
unwanted e-mail. Excessive e-mail tie up network bandwidth and 
monopolize staff resources. This has the potential to do great damage 
to small ISP companies and the communities they serve.
    Currently, ISPs are developing programs that require the individual 
sending the unsolicited message to include a valid e-mail address, 
which can then be replied to in order to request that no further 
transmissions be sent. Under these programs, once the individual 
sending the original e-mail receives a request to remove an address 
from their distribution list, they are required to do so. However, 
offending spammers get around this requirement by using the e-mail 
address of an unsuspecting user to spam others.
    To address the problem of fraudulent unsolicited e-mail, I have 
introduced legislation in the House to give law enforcement the tools 
they need to prosecute individuals who send unsolicited e-mail that 
clog up consumers' in-boxes: H.R. 1017, the Anti-Spamming Act of 2001.
    The Anti-Spamming Act would amend the criminal code to address 
fraudulent unsolicited electronic mail. It would add to the substantive 
conduct already prohibited under the law, by prohibiting both the 
intentional and unauthorized sending of unsolicited e-mail that is 
known by the sender to contain information that falsely identifies the 
source or routing information of the e-mail.
    This legislation would subject those who commit such prohibited 
conduct to a criminal fine equal to $15,000 per violation or $10 per 
message per violation, whichever is greater, plus the actual monetary 
loss suffered by victims of the conduct. In addition, prohibited 
conduct that results in damage to a ``protected computer'' would be 
punishable by a fine under Title 18 or by imprisonment for up to one 
year.
    I commend you, Chairman Burns, on the introduction of your own spam 
legislation which takes a balanced approach to combating spam by 
including strong monetary penalties, but does not include a private 
right of action, an area in which we should proceed with caution in 
that it could have the effect of discouraging the use of electronic 
commerce.
    Because of the complexity surrounding all e-commerce issues like 
spam, legislation must be carefully balanced to ensure that enforcement 
mechanisms address real harms without causing damage to the unique 
advantages provided by the Internet. S. 630 provides law enforcement 
with the tools they need to combat spam without opening the floodgates 
to frivolous litigation.
    Legislation addressing the problem of unsolicited commercial e-mail 
is greatly needed during this legislative session to protect consumers 
and Internet Service Providers from victimization by spam. I look 
forward to continuing to work with Representative Heather Wilson and 
others in the House as well as with you, Chairman Burns, here in the 
Senate to achieve our common goal of reducing the burden of unwanted e-
mail on consumers and Internet Service Providers.
    Again, I thank you Mr. Chairman for allowing me the opportunity to 
testify today and for your continuing efforts to curb spam.

    Senator Burns. Senator Wyden.

                 STATEMENT OF HON. RON WYDEN, 
                    U.S. SENATOR FROM OREGON

    Senator Wyden. Thank you, Mr. Chairman. It is good to have 
our friend Bob Goodlatte, who I have had a chance to work with 
often over the years and I think you know Senator Burns and I 
have been prosecuting this cause, like you have, for a number 
of years, and that our bill really tracks your thinking, I 
think, very closely. I thought we were going to get it passed 
last session. We didn't quite get it there.
    I am curious in terms of the House, what is taking place in 
terms of trying to reconcile the approach that Senator Burns 
and I have, which you are also very interested in with the 
Wilson bill and what is the progress of discussions in the 
House to get that done?
    Mr. Goodlatte. Well, I think there is a lot of open-
mindedness on the part of Congresswoman Wilson, and myself and 
others on the two Committees, the Commerce Committee and the 
Judiciary Committee, which have jurisdiction over this issue. 
The Commerce Committee has passed her bill out of the 
Committee. The Judiciary Committee is on a 60-day secondary 
referral of her bill, and it also has my bill before it because 
my bill is primarily focused on Title 18, which is the 
jurisdiction of the Judiciary Committee.
    So it is my hope that in the very near future, we are going 
to come up with a bill that is agreeable to all sides because I 
think the differences that divide us are not that great. The 
private right of action is certainly the biggest thing that we 
have got to work out.
    Senator Wyden. We will be working closely with you. It just 
seems to me what CAN-Spam has been trying to get done, what you 
have been trying to do is to set out some rules that if you 
want to send unsolicited marketing e-mail, you have got to play 
by a set of principles, rules that allow consumers to see where 
the messages are coming from and to tell the sender to stop.
    So this is ultimately about consumer empowerment and 
Senator Burns and I have made that point again and again. We 
are not interested in interfering with the legitimate e-
commerce, the core business activities that are so important in 
the digital economy, so we will be working with you.
    Good luck with negotiations because those are essentially 
the same sort of talks we are having here, and hopefully, we 
can all hit pay dirt quickly and get this bill on the way to 
the President.
    Mr. Goodlatte. Well, I appreciate that, Senator. We look 
forward to working with you as well, and you are right, 
commercial e-mails have great potential value to people who 
want to receive them and we don't want to interfere with that 
but we do want to have the abusers live by the rules of the 
road, and that is basically what this is about and giving law 
enforcement some more tools and Internet service providers some 
more tools to combat that I think are important.
    Senator Burns. Senator Allen.

                STATEMENT OF HON. GEORGE ALLEN, 
                   U.S. SENATOR FROM VIRGINIA

    Senator Allen. Thank you, Mr. Chairman, and let me commend 
you, Mr. Chairman, for your leadership on this matter. I am 
very pleased to be a co-sponsor of S. 630 and I associate 
myself with the bill and the comments from the Senator from 
Oregon, Mr. Wyden, and it is good to see my good friend from 
Virginia, Congressman Bob Goodlatte, who is a leader on 
technology in matters on the House side, and it is important 
that we all work together on this, and I think this House 
Resolution 1017 is the closest House companion to your measure 
in my brief review of the key provisions in the various 
measures in the House versus your measure.
    Now, unsolicited commercial e-mail or spam has been a 
consumer issue for a long time. I thought it only was around 
since the 1980's, but since you were getting spammed you said 
in 1950's, I guess you might have----
    Mr. Goodlatte. I think his had pineapple on it, though.
    Senator Allen. Pineapple with some bread around it, or 
maybe he invented the Internet.
    Senator Burns. The first CAN-Spam.
    Senator Allen. They probably didn't bother to take it out 
of the can if they were throwing it at you because otherwise it 
wouldn't have any great effect, but nevertheless, the modern 
term of spamming is an aggravation. I think anybody who has the 
Internet has been spammed to one extent or another, and it is 
so aggravating. You log on to your e-mail account and it says 
you have got mail and of course what you have gotten mail from 
is some person or entity you have no idea who they are trying 
to sell you something that you don't want.
    And then you, of course, have done that after wasting time 
opening up this irrelevant attachment and also usually, not 
usually, but a great number of times they say you have Hot 
Mail, they are saying your account size is too large, and if 
you do not delete things, they are going, do they give you a 
list of all the things that you are going to delete? Usually 
things that you would actually want to have kept in there. Some 
of them you would almost wish they would delete some of these 
others.
    There is always e-mail from your brother or a friend that 
you would like to keep just for your archives but at any rate, 
apart from the annoyance of having to delete the piles of 
unwanted solicitation, Spamming can and does create a lot of 
problems, cause problems for servers and networks throughout 
the country. It is also a waste of time. It is a waste of our 
time at home and it is a waste of time in our offices.
    The nation--in our nation, our capacity for electronic mail 
is not unlimited. It is not limitless. That is why you say your 
account sizes are too large and why it does slow down certain 
networks.
    The best example or the worst example from my experience is 
right here in the U.S. Senate, where e-mail is often delivered 
late or maybe not at all due to heavy e-mail traffic and its 
impact on the Senate server, so right here that is the 
situation. Now, I know the Senate is not unique. And maybe not 
quite as up to date as some law firms and folks in the private 
sector, but that happens in the private sector as well where 
because of these unsolicited, unwanted commercial e-mails it is 
slowing down productivity in the office, in the businesses, 
especially a pain for small businesses, and obviously what you 
have is people wasting time which is wasting lost productivity 
and you are wasting the capacity, the capacity with these 
unsolicited junk mails.
    Now, for these reasons, these are the reasons and I think 
it is a very balanced approach that the Chairman has taken here 
on this measure. I chose to co-sponsor what you call the CAN-
Spam Act and our esteemed Chairman is obviously fighting a good 
battle, and here are the key things that that Act will do if we 
pass it in the Senate and in the House.
    It will force spammers to act honestly. Now, who could be 
against that? If you send an unsolicited commercial e-mail you 
must include true and accurate contact information so consumers 
can opt-out and stay out. One of the frustrating aspects of 
this as I said, well, if you don't want any more e-mails or any 
more solicitations, please click such and such and fill out 
your information and we won't send it to you any longer. Well, 
in researching this, that is exactly what they want you to do 
so then they know hey, this is a live e-mail address so now we 
can continue pestering that person so it is very aggravating to 
even have to fill all that stuff out in the first place, and it 
is particularly annoying if it is actually counterproductive.
    Second, this CAN-Spam Act will stop the practice of 
collecting e-mails for the sole purpose of spamming or so-
called spotter programs. It will also add enforcement to these 
provisions to help ensure that an effective deterrent includes 
severe penalties under the law and I think the legal approaches 
you are taking is the right approach and very balanced and 
really, that is the point.
    This CAN-Spam Bill seeks to balance the interest of 
Internet consumers with the interests of legitimate e-commerce 
businesses seeking to utilize online opportunities. I am one 
who very much likes people to be completely without a lot of 
regulations, a lot of limits. I very much dislike limits. 
Nevertheless, you should have honesty. You do need to have 
consumers informed and people in their own homes ought to be 
able to control to the best they can what is coming in and 
clogging up and pestering them on their Internet.
    And indeed by way of analogy in 1991, the Telephone 
Consumer Protection Act by law stopped unsolicited junk fax 
advertising, so in my view by analogy if we can protect fax 
machines, why not computers as well?
    So again, Mr. Chairman, I am very happy that you are having 
this, this hearing. I think you will have a lot of support from 
people all across America, and I look forward to working with 
you, Mr. Chairman and other Members, Senator Wyden and others 
to effectuate a good common sense approach with good balances 
on privacy, on commerce, but also make sure there is honesty 
and recourse for people who don't care to be pestered, annoyed 
or have their e-mail mailbox clogged up. Thank you.
    Senator Burns. Thank you, Senator. Any more statements? We 
are going to have our next panel come forward if we could.
    Mr. Jerry Cerasale, Senior Vice President of Government 
Affairs, Direct Marketing Association. Mr. Jeremiah S. Buckley, 
General Counsel, Electronic Financial Services Council here in 
town. David Moore, President and CEO of 24/7 Media. And Jason 
Catlett, President and founder, Junkbusters and Harris Pogust 
of Sherman, Silverstein, Kohl, Rose and Podolsky from New 
Jersey and David McClure. All make their way to the table and 
we'll start this discussion.
    It should be a lively one, and if you could keep your 
statements to 5 minutes or so or less, if you possibly can, I 
know you can't limit these Senators. I'll guarantee you that. 
They get started and then we'll have a few questions. Mr. 
Cerasale. Thank you for coming today.

STATEMENT OF JERRY CERASALE, SENIOR VICE PRESIDENT, GOVERNMENT 
                 AFFAIRS, THE DIRECT MARKETING 
                        ASSOCIATION INC.

    Mr. Cerasale. Thank you very much, Senator Burns, and I 
appreciate the opportunity to be here. I am Jerry Cerasale from 
the Direct Marketing Association and I ask that my written 
statement be included in the record.
    Senator Burns. All of your full statements will be made 
part of the record today.
    Mr. Cerasale. Thank you very much. I want to first start 
out by thanking you and Senator Wyden and your staffs for 
putting together this bill, S. 630. We think you put a lot of 
thought into it, and we think that it is an excellent starting 
point.
    Let me start with what the DMA is. It has been around since 
1917. How we look at the Internet. The Internet is basically 
another medium, another way to try and reach customers and 
reach potential customers, so as we look at it, let's, I want 
to raise where the DMA guidelines have been for all marketing 
that our members must use.
    The first thing that you have to do is you don't lie. You 
tell people who you are. And I think your bill does that.
    You tell people that you are trying to sell them something, 
and that is also in your bill. If consumers tell you I don't 
want to hear any more from you, you have to honor that. That is 
also in S. 630.
    And we have gone a little farther at the DMA way back 
starting in 1972. We had a mail preference service for people 
who didn't want to receive mail. In 1985, we began a telephone 
preference service for people who don't want to receive 
telephone calls and in 2000, we began an e-mail preference 
service for people who do not want to receive unsolicited e-
mail. Our members must use those three services if they happen 
to use those medium or those media to reach consumers.
    And so we have a situation where the Direct Marketing 
Association members believe and use an opportunity for 
individuals to say I don't want to receive further 
solicitation. So we think that the basic premises, we think. We 
know the basic premise in S. 630 is right along the lines of 
where the DMA has been for a long, long time and we applaud you 
for that.
    We specifically also believe in a strong federal standard. 
This is a borderless communications medium, and we think that a 
strong federal standard is what makes sense and having the FTC 
enforce that is an excellent idea, along with allowing the 
state's attorneys general a role to support in either federal 
or state court to enforce this bill as well. We think that the 
strong penalties for fraud are very important.
    One of the things that happens, especially in an emerging 
medium, as Eileen Harrington said, is that get rich quick 
schemes are probably the first to try and reach and use the 
medium, and we think that anti-fraud devices are very, very 
important to try and protect confidence in the medium, so we 
support that.
    We think that in looking at enforcement, the idea of an 
opt-out in every commercial e-mail message makes sense. The 
idea of saying who you are, the idea of not lying in the 
headers or in the subject line is very, very important.
    We believe that your bill also protects permission-based 
marketing, which we think is an emerging response to consumer 
needs and desires on the Internet. We do have some areas where 
we think we can tweak that a little bit and we'll gladly be 
working with your staffs on that to keep permission-based 
marketing open and free to consumers. The Internet is 
important. It is a new medium. It is not the answer. It is not 
going to eliminate other forms of marketing. It has to be 
integrated within the American economy and system. It can help 
strengthen the economy. We think marketers have to learn to use 
it and keep their practices and the principles the same 
regardless of medium. We think this bill goes along in that 
way, and we appreciate all your efforts in this endeavor, and I 
am happy to answer any questions you may have.
    [The prepared statement of Mr. Cerasale follows:]

Prepared Statement of Jerry Cerasale, Senior Vice President, Government 
             Affairs, The Direct Marketing Association Inc.

I. Introduction
    Good afternoon, Mr. Chairman, and thank you for the opportunity to 
appear before your Subcommittee as it examines unsolicited commercial 
electronic mail. I am Jerry Cerasale, Senior Vice President of 
Government Affairs for The Direct Marketing Association, Inc. (``The 
DMA'').
    The DMA is the largest trade association for businesses interested 
in direct, database, and interactive marketing and electronic commerce. 
The DMA represents more than 4,500 companies in the United States and 
54 foreign nations. Founded in 1917, its members include direct 
marketers from 50 different industry segments, as well as the non-
profit sector. Included are catalogers, financial services, book and 
magazine publishers, retail stores, industrial manufacturers, Internet-
based businesses, and a host of other segments, as well as the service 
industries that support them. The DMA's leadership also extends into 
the Internet and electronic commerce areas through the companies that 
are members of The DMA's Internet Alliance and the Association for 
Interactive Media.
    The DMA member companies, given their track record in delivering 
high quality goods and services to consumers, have a major stake in the 
success of electronic commerce, and are among those most likely to 
benefit immediately from its growth. The healthy development of 
electronic commerce depends on consumer trust. It is imperative that 
the e-mail communications medium earns that trust.
    The DMA commends the drafters for this legislation. While it is not 
clear that legislation is imperative at this juncture, we support the 
efforts of Senators Burns and Wyden. We think that S. 630 takes the 
appropriate approach for legislation regarding UCE. S. 630 contains 
many of the elements of what successful legislation in this area should 
look like. We believe that the requirement that senders of unsolicited 
commercial electronic mail identify themselves truthfully and provide 
individuals the ability to opt-out of unsolicited commercial electronic 
mail messages is essential. Likewise, The DMA is very supportive of 
maintaining the ability for businesses to send messages to those 
individuals who have provided affirmative consent and those individuals 
with which a business has a pre-existing business relationship without 
such messages being treated as unsolicited commercial electronic mail. 
We also believe that providing criminal penalties for sending 
unsolicited commercial electronic mail that contains fraudulent routing 
information should prove very useful in limiting egregious unsolicited 
messages. We continue to have some concerns with the definitions of 
``initiator'' and ``affirmative consent'' and look forward to working 
with the members and staff on these issues.
    There are several topics I wish to focus on in more detail in my 
testimony today. These are:

   The DMA's self-regulatory program the e-Mail Preference 
        Service;

   The need for strong penalties against entities that send 
        fraudulent messages;

   Federal Trade Commission enforcement of a uniform federal 
        standard; and

   Permission-based communications.

    The DMA welcomes this congressional inquiry into these important 
matters.

II. The DMA's e-Mail Preference Service Empowers Consumers With Choice 
        Concerning Receipt Of Unsolicited Commercial E-Mail
    Mr. Chairman, The DMA is a long time leader in self-regulation and 
peer regulation. We believe that in the borderless world of electronic 
commerce self-regulation with effective choice to consumers is the best 
means of empowering consumers regarding receipt of unsolicited 
commercial electronic mail, creating and maintaining opportunity for 
the many exciting new benefits of legitimate marketing in the 
interactive economy.
    For this reason, since publishing our electronic commerce 
guidelines almost 5 years ago, we have supported an industry standard 
of notice and opt-out for electronic mail marketing communications. 
More recently, last year we created and launched the e-Mail Preference 
Service (``e-MPS''). The e-MPS allows individuals to remove their e-
mail addresses from Internet marketing lists. This ambitious 
undertaking is aimed at empowering consumers to exercise choice 
regarding receipt of UCE, while creating opportunity for the many 
exciting new benefits of legitimate marketing in the interactive 
economy.
    The e-MPS is based on The DMA's very successful Mail Preference 
Service (``MPS'') and Telephone Preference Service (``TPS'') self-
regulatory initiatives. Both of these initiatives represent The DMA's 
response to consumers' request for choice in the amount of mail and 
telephone solicitations that they receive. In developing responsible 
marketing practices for the Internet age, we have adapted this 
important concept of consumer choice to the Internet medium through the 
development of e-MPS.
    As of January 2000, consumers have been able to register for the e-
MPS at a special DMA web site. Consumers can use this service, at no 
cost, to place their e-mail addresses on a list indicating that they do 
not wish to receive UCE. This service affords consumers with 
flexibility to determine the types of solicitations they receive. 
Through this service, individuals can opt-out of business-to-consumer 
UCE, business-to-business UCE, or all UCE.
    The e-MPS is part of The DMA's ``Privacy Promise to American 
Consumers,'' which became effective July 1, 1999. The Privacy Promise 
requires as a condition of membership in The DMA, that companies, 
including online businesses, follow a set of privacy protection 
practices. As part of this promise, all DMA members who wish to send 
UCE to consumers are required to remove the e-mail addresses of those 
consumers who have registered with the e-MPS from their lists of 
consumers to whom they send e-mail solicitations. Those consumers on 
the e-MPS list will receive no e-mail from DMA members unless they have 
an established online business relationship with that company. This 
service also is available to companies that are not members of The DMA 
so that they too may take advantage of this innovative service and 
respect the choice of those consumers who choose not to receive UCE.

III. Strong Penalties Should Exist To Combat Fraudulent Messages
    The DMA is particularly sensitive to the practice of sending 
fraudulent electronic mail messages in which some individuals are 
engaged, and fully supports a prohibition on this practice. This 
practice includes the sending of messages with false or fictitious 
header information. The use of such fraudulent e-mail has no place in a 
healthy and robust Internet. The sending of bulk fraudulent messages 
has crashed the networks of Internet service providers.
    In addition to deceiving consumers, fraudulent e-mail diminishes 
the reputation of the entire medium, particularly messages sent from 
the responsible marketers that make up our membership. Ultimately, we 
believe the sending of fraudulent messages is an area in which 
legislation is critical, as it is more difficult to prevent fraudulent 
messages.

IV. Sending Of Commercial Messages When Consumer Permission From The 
        Consumer Exists Should Be Outside The Scope Of Any Legislation
    Consumers often give permission to a company, or request that it 
pass along their e-mail address to receive information and offers from 
other service providers in a given category, such as financial 
services. These consumers have requested information and granted 
permission, but it may not be specific to a particular initiator. For 
example, I might indicate that I would like to receive mailings on 
sales of men's clothing. A variety of different businesses could then 
send me messages when they have sales at their stores. Such marketing 
is very beneficial to consumers and to the free flow of commerce. Any 
legislation should allow such communications. It would burden the free 
flow of information to such consumers to require that they give 
specific permission to each ``initiator.''

V. Any Legislation Should Provide Enforcement Of A Uniform Federal 
        Standard
    The DMA supports the approach taken in the legislation that 
preempts state law by providing a uniform federal standard. Strong 
preemption is the appropriate approach in the electronic environment. 
Differing state regulatory standards for communicating via electronic 
mail could have the effect of eliminating the inherently global 
characteristics of the communications, which are in large part 
responsible for its extraordinary success. It would be impossible for 
businesses to comply simultaneously with different and potentially 
inconsistent laws in multiple jurisdictions where individuals to whom 
they send messages may be located. Often, the business is unaware of 
the location of the recipient of the message. If businesses were 
required to comply with the different laws of the 50 states, it would 
be a tremendous burden on the Internet and could have the result of 
limiting business offerings. Moreover, a patchwork of state laws, 
particularly as they affect interstate communications, may ultimately 
be found unconstitutional.
    Likewise, we are heartened by the decision not to create a private 
right of action. Creating a private cause of action would impose 
substantial burdens on ISPs, resulting in the expenditure of resources 
both in terms of time and money to defend litigation. Such an approach 
is unnecessary in light of the fact that the FTC would be empowered to 
protect consumer rights. Inclusion of a consumer cause of action would 
create a very substantial bounty for class action lawyers that would 
produce very substantial damage awards wholly unrelated to the costs 
imposed by UCE. The legislation must foreclose the possibility of class 
actions.

VI. Conclusion
    We thank the Members of Congress who have introduced legislation in 
this area for their thoughtful consideration of such an important 
issue. We also thank the Chairman and the Subcommittee for the 
opportunity to express the views of The DMA. We know that Congress and 
this Subcommittee will continue to monitor this issue closely and we 
look forward to working with you.

    Senator Burns. Thank you very much. Jeremiah Buckley, 
General Counsel, Electronic Financial Services Council. Thank 
you for coming today.

    STATEMENT OF JEREMIAH S. BUCKLEY, JR., GENERAL COUNSEL, 
             ELECTRONIC FINANCIAL SERVICES COUNCIL

    Mr. Buckley. Thank you very much, Mr. Chairman. My name is 
Jeremiah Buckley, and I am a partner in the Washington office 
of Goodwin, Procter. I serve as general counsel of the 
Electronic Financial Services Council, which is an association 
of technology companies and financial services firms interested 
in promoting the electronic delivery of financial services. We 
are pleased to be here and have an opportunity to comment on S. 
630.
    Thinking back to the passage of the E-Sign Act last year, 
we know this Committee and its staff appreciates the importance 
of federal legislation in promoting e-commerce.
    We have enjoyed working with you, Senator Burns, and with 
you, Senator Wyden, in the past, and we look forward to working 
with you to make this an excellent piece of legislation. We 
support the fundamental premise of S. 630, that is that 
offensive, fraudulent or otherwise harmful UCEs should be 
prohibited and that consumers should have the ability to 
control the flow of their e-mail traffic. Achieving these goals 
is an important step toward assuring that consumers feel 
comfortable doing business in the electronic medium, a goal 
that we all share.
    We believe that the UCE legislation should fit into the 
framework created by previous e-commerce legislation. Congress 
has repeatedly endorsed the vision of e-commerce as a national 
resource. The E-Sign Act recognizes that the Internet is a 
borderless medium for which it is desirable to have uniform 
federal rules. S. 630 recognizes that legal uniformity is an 
important part of e-commerce. It includes a provision in 
Section 7(b) preempting inconsistent state law.
    This preemption provision, however, does contain a number 
of exceptions. In particular, it does not apply to any state 
trespass, contract or tort law. These types of exceptions, we 
would caution the Committee, do run the risk of swallowing up 
the preemption itself. If S. 630 is to fashion a uniform 
national standard for dealing with spam, it should occupy the 
field. It should not leave room for the development of a 
patchwork of legislative and judicial pronouncements at the 
state level creating a compliance jigsaw puzzle which only the 
most sophisticated players can solve.
    Having established that uniform standard, we believe it is 
appropriate that federal agencies be the ones assigned the 
responsibility for enforcement policy, and it seems to us this 
is best because in the course of enforcement, the policies that 
Congress has articulated will be fleshed out, and we think it 
is best that agencies which are under the jurisdiction and 
direction of the Congress have the responsibility for 
establishing that enforcement policy. States would, of course, 
continue to have the authority to adopt uniform unfair 
deceptive acts and practices legislation, as they do now, and 
under those statutes, they could declare that violations of the 
provisions of S. 630 constitute violations of state law. If 
they do, they could also assign to their state attorney 
general, to private parties, or to other agencies within the 
state the responsibility for enforcement of their state law.
    But we think it is wise to keep a demarcation between 
federal law and state law, between federal enforcement and 
state enforcement, and we think it is respectful of the 
legislatures in the states to allow them to establish who will 
enforce the law within their states.
    Now let me turn to an issue that legislation does not 
address, but which we think is vital, preserving the 
reliability of e-mail communications. Last year's E-Sign Act 
was a vote of confidence by the Congress in the predictability 
and reliability of electronic communications. E-Sign would 
envision that individuals and businesses would be able to 
contract and conduct their ongoing business electronically.
    In the nonelectronic world, a third party cannot 
arbitrarily disrupt contractual arrangements between parties, 
and E-Sign envisions that this would not happen in the e-
commerce world either. However, we are concerned about reports 
that ISPs in their eagerness to help their subscribers avoid 
receiving unwanted UCEs may block, in fact, there is evidence 
that they are blocking, e-mails that subscribers not only want 
but have specifically contracted to receive as a part of the 
electronic business relationship created pursuant to E-Sign or 
prior legislation.
    This will have a significant negative impact on the 
potential growth of electronic delivery of financial services 
and other relationships with e-commerce. S. 630 currently does 
nothing to prevent this from happening. It is in the interest 
of all who seek to promote e-commerce to preserve the sanctity 
of electronic contracts. If the electronic message, which is 
not a UCE, and is not going to be delivered, at a minimum both 
the sender and the recipient should be notified by the ISP. We 
hope to work with the ISPs and with your Committee as 
appropriate to develop standards to assure reliable delivery of 
permission-based electronic communications, and we believe this 
is a goal that is complementary to and as important as getting 
rid of spam.
    Certain provisions of your legislation could, as we say in 
our written testimony, benefit from clarification. If time 
permitted, I would go into those, and I would be happy to 
answer questions. We are very pleased to have had the 
opportunity to comment on this legislation and look forward to 
working as we have in the past with the Committee staff and 
with you Senators to perfect this bill.
    Senator Burns. We are looking forward to working with you 
also. And we like the idea of bringing specifics to the table, 
because that is the way we solve some of the problems as this 
legislation moves along.
    [The prepared statement of Mr. Buckley follows:]

   Prepared Statement of Jeremiah S. Buckley, Jr., General Counsel, 
                 Electronic Financial Services Council

    My name is Jeremiah S. Buckley. I am a partner in the Washington 
office of the law firm of Goodwin Procter, and I serve as general 
counsel to the Electronic Financial Services Council. The EFSC is an 
association of technology companies and financial service providers 
dedicated to promoting the availability and delivery of financial 
services through electronic commerce. Given this mission, the EFSC is 
intensely interested in federal legislative developments that could 
have an effect on e-commerce. For this reason, we are pleased to have 
the opportunity to comment this afternoon on S. 630, the CAN-spam Act 
of 2001.
    The EFSC recognizes that federal legislation is not merely helpful, 
but sometimes necessary to resolve legal uncertainties and unleash the 
economic potential inherent in our new e-commerce environment. Thinking 
back to the passage last year of the Electronic Signatures in Global 
and National Commerce Act (``E-Sign''), we know that this Committee 
shares our belief in the benefits of appropriate legislation. We have 
enjoyed working with Senators Burns and Wyden in the past, and we look 
forward to working with the Committee and its staff once again in 
dealing with the very significant issue of unsolicited commercial 
electronic mail (``UCE'').
    We agree with the fundamental premise underlying S. 630--that 
consumers should be protected from misleading, offensive, fraudulent or 
otherwise harmful UCEs, and that the ability of consumers to control 
the flow of their e-mail traffic should be respected. Achieving these 
goals is an important step in assuring that consumers feel comfortable 
using the electronic medium as a preferred way of doing business, a 
goal we all share.

UCE Legislation Should Fit Into the Framework Created by Previous 
        E-Commerce Legislation
    Congress has repeatedly endorsed a vision of e-commerce as a 
national resource. Last year's passage of E-Sign legislation 
established the parity of electronic and non-electronic communications 
under federal law. E-Sign recognized that the Internet is a borderless 
medium, for which federal regulation and uniform federal standards are 
appropriate. Our specific comments reflect our strong support for this 
vision of e-commerce as a national resource appropriately subject to a 
set of uniform national rules designed to encourage the development of 
e-commerce to its fullest potential.
    S. 630 recognizes that legal uniformity is important to e-commerce, 
and for that reason it includes a provision--Section 7(b)--preempting 
inconsistent state laws. The preemption provision, however, has a 
number of exceptions: in particular, it does not apply to any state 
trespass, contract or tort law. This type of exception, we would 
caution the Committee, runs the risk of swallowing the preemption 
provision itself. If S. 630 is to fashion a uniform national standard 
for dealing with spam, it should occupy the field. S. 630 should not 
leave room for the development of a patchwork of state legislative or 
judicial pronouncements using tort or trespass theories to create a 
compliance jigsaw puzzle which only the most sophisticated players can 
solve.
    Having established a uniform federal standard, we believe that the 
appropriate course is to assign to federal agencies the responsibility 
for enforcing that standard. To the extent that enforcement policy 
shapes or clarifies the meaning of the provisions of S. 630, it seems 
to us best to leave that power with agencies which are subject to the 
jurisdiction and direction of Congress. State attorneys general and 
private parties should not be assigned enforcement responsibilities in 
this area as a matter of federal law.
    While the authority of a state to enact legislation inconsistent 
with S. 630 would be preempted, states would, of course, continue to 
have the power to enact unfair and deceptive acts and practices 
(``UDAP'') statutes, or interpret their current UDAP statutes, so as to 
define violations of S. 630 as unfair and deceptive practices under 
state law. In this context, the states would be free to assign 
enforcement responsibilities for their UDAP statutes to their state 
attorneys general or such other agencies or private parties as they 
deem appropriate. It seems to us that this course of action has the 
advantage of providing a clear line of demarcation between state and 
federal law and is more respectful of the right of state legislatures 
to determine how state law will be enforced within a state's 
boundaries.

Need for Clear Definitions
    Section 5(a)(5)(A) of S. 630 requires that a UCE contain a ``clear 
and conspicuous . . . identification that the message is an 
advertisement or solicitation.'' Because of the centrality of this 
requirement to the purposes of S. 630, we believe that the Committee 
should consider a more precise definition of what constitutes clear and 
conspicuous identification. It might be worthwhile for the Committee to 
consider creating a standard indentifier to appear in the e-mail 
subject line, to serve as a universal signal that the e-mail is an 
advertisement. This requirement could then be included in the 
legislation itself, or provided as an example in the Committee's 
report. In the absence of such clear guidance, senders of UCEs will be 
left uncertain as to the efficacy of their compliance efforts.
    Likewise, we would counsel against the use of undefined terms, such 
as ``primarily'' to determine the amount of advertising content that 
defines a ``commercial electronic mail message.'' If, in a 
communication relating to a transaction with its customers, a firm 
includes an electronic ``statement stuffer'' alerting the customer to 
other products or features available to the customer, S. 630 does not 
establish how much such material will render the communication 
``primarily'' advertising. We would recommend that, to avoid this 
problem, any communication related to a transaction or relationship 
with an existing customer be excluded from the definition of a 
``commercial electronic mail message.''

Preserving the Reliability of E-Mail Communications
    Last year's E-Sign Act was a vote of confidence by the Congress in 
the predictability and reliability of electronic communications. E-Sign 
envisions that individuals and businesses will be able to contract 
freely through electronic media, without having to worry about the 
enforceability of contracts that they enter into electronically. It 
also envisions that business will continue to be conducted 
electronically after the initial contracts have been signed, with 
records being freely transmitted in fully electronic relationships if 
the parties so desire. In the non-electronic world a third party cannot 
arbitrarily disrupt a contractual arrangement between two parties, and 
E-Sign envisions that this should not be able to happen in e-commerce 
either. However, we are concerned about reports that ISPs, in their 
eagerness to help their subscribers avoid receiving unwanted UCEs, may 
block e-mails that the subscribers not only want, but have specifically 
contracted to receive as part of an electronic business relationship. 
This result would have a significant negative impact on the potential 
growth of electronic delivery of financial services. S. 630 does 
nothing to prevent this from happening, and does not even require ISPs 
to give notice to consumers they intend to block, or that they have 
blocked, the transmission of e-mail either in general or from 
particular senders.
    It is in the interest of all who seek to promote e-commerce to 
preserve the sanctity of electronic contracts. If an electronic message 
which is not a UCE is not going to be delivered, at a minimum both the 
sender and the recipient should be notified by the ISP. We hope to work 
with ISPs and with your Committee, as appropriate, to develop standards 
that assure reliable delivery of permission-based electronic 
communications.
    We appreciate the opportunity to share our views on S. 630 and the 
willingness of the sponsors of this legislation and their staffs to 
work with us and others to assure that the CAN-spam legislation will 
create clear and workable standards to regulate the transmission of 
UCEs.

    Senator Burns. Mr. David Moore, President and CEO of 24/7 
Media. New York.

                   STATEMENT OF DAVID MOORE, 
                   PRESIDENT/CEO, 24/7 MEDIA

    Mr. Moore. Good afternoon. I am David Moore. I am the CEO 
of 24/7 Media, and I'd like to thank Chairman Burns, the 
Ranking Member, Senator Hollings, Senator Wyden, and Members of 
the Committee for inviting 24/7 Media to participate today.
    I would like to begin by commending Senators Burns and 
Wyden for their leadership in crafting the Unsolicited 
Commercial E-mail Act of 2001. This bill represents a 
responsible, common-sense approach to establishing standards 
for commercial e-mail practices and is an important first step 
in helping to protect consumers and legitimate marketers from 
the abuses of spammers.
    As a leading provider of online marketing and advertising 
solutions and services, 24/7 Media's clients have included such 
notable businesses as Reuters, The Economist, USA Today, 
American Express, Law.com, MSNBC, General Motors, Verizon, 
AT&T, and The Financial Times, to name a view. We provide a 
valuable service to consumers by delivering content that they 
have requested, such as news, newsletters, real-time stock 
quotes, and other information.
    The success of the interactive industry lies in the 
confidence of the relationship among content publishers, 
service providers, marketers, advertisers, and consumers. We 
support permission-based communications that empower consumers 
with notice and choice.
    The interactive marketing industry has been tainted by the 
actions of disreputable marketers who use deceptive practices 
in sending unsolicited commercial electronic e-mail. These 
marketers, or spammers, should not be allowed to infringe upon 
or negatively influence the need for legitimate commerce to 
prosper in the online world. The Committee and Congress should 
focus on legislation this year that specifically addresses the 
problem of fraudulent, misleading, forged, and inaccurate e-
mail communications. These practices are an encroachment on the 
rights and privacy of consumers.
    24/7 Media, along with other companies, has worked 
diligently over the past year to establish and to put into 
effect guidelines and practices that will enable the Internet 
to prosper as the world's leading communication, educational, 
and information tool.
    24/7 Media has an interest in minimizing spam. We maintain 
one of the largest, permission-based e-mail databases and 
generate a significant portion of our revenue from list 
management and brokerage, as well as from our e-mail service 
bureau, 24/7 Exactis. We recognize that respecting the privacy 
rights of consumers will help us sustain our long-term business 
model.
    Let me tell you more specifically how we conduct our 
business. We don't spam. We don't allow our clients to spam. We 
include a functioning return e-mail address in all e-mail 
deliveries. We don't use deceptive subject headings. We always 
provide clear and conspicuous notice for consumers to opt-out. 
We don't do business with any business that distributes 
pornography.
    I am proud to say that 24/7 Media's level of accuracy in 
delivering the appropriate content to the consumer is 
exceptional. During a 6-month period last year, 24/7 Exactis 
received 1 complaint for every 16,000 e-mails delivered. That 
is .000625 percent. Most client lists in fact generated no 
complaints at all. We also found that in most instances, if 
there was a complaint, the complaint was resolved soon after 
the subscriber was reminded of how the marketer obtained their 
e-mail address.
    From 24/7 Media's point of view, the Burns-Wyden bill 
appropriately focuses on e-mail abuse. These spammers devalue 
our own efforts and weaken the consumer confidence that is so 
important for all online businesses to succeed and flourish. We 
also believe that enforcement mechanisms should deter spammers 
from encroaching on the privacy of consumers and not penalize 
legitimate markets who are adhering to the standards.
    In announcing the introduction of this bill on March 27th, 
Chairman Burns said, for many people, spam is ruining their 
online experience and their ability to use e-mail. It is high 
time for Congress to act to protect consumers from overzealous 
marketers. I agree with that sentiment, and I invite the rest 
of our industry to stand behind this effort to support 
responsible practices and continue to provide value to the 
consumer. Mr. Chairman and the Committee, I thank you again for 
the opportunity to participate in today's hearing. This is a 
complex policy challenge that must accommodate evolving 
technologies and business models. We look forward to working 
with you to fine tune this legislation. 24/7 Media remains 
committed to engaging lawmakers on key policy issues and 
recognizes that regulation of commercial e-mail practices is 
only one of many key decisions this Committee will have to sort 
through in the future.
    We look forward to continuing to work with you and to be a 
resource to you as you consider Internet-related policy and 
work toward our common objective of protecting the rights and 
privacy of all consumers while at the same time ensuring the 
long-term viability of the Internet and legitimate web-related 
businesses. Again, thank you for your time and I look forward 
to your questions.
    Senator Burns. Thank you very much. We appreciate your 
testimony here today, Mr. Moore. What is it 24/7 Media covers 
24 hours a day, 7 days a week?
    Mr. Moore. We are always in business.
    Senator Burns. Always in business. You know, up in Montana, 
you know, on the shield of the state patrol is 3-7-77, 3-day, 
7-day, 77. We don't know what that stands for. But I will tell 
you this. It is not a bad idea. That was the number the 
vigilantes used years ago before we were a state. We were a 
territory, vigilantes made the law and if you came home and 
that number was written on your door, you had 24 hours to 
shuffle along. You know. And they weren't kidding either. They 
were pretty serious about it. Thank you for coming today.
    [The prepared statement of Mr. Moore follows:]

      Prepared Statement of David Moore, President/CEO, 24/7 Media

    Good Afternoon, I am David Moore, CEO of 24/7 Media.
    I'd like to thank Chairman Burns and the Ranking Member, Senator 
Hollings and Members of the Committee for inviting 24/7 Media to 
participate today and would like to begin by commending Senators Burns 
and Wyden for their leadership in crafting the ``Unsolicited Commercial 
E-mail Act of 2001''. This bill represents a responsible, common-sense 
approach to establishing standards for commercial e-mail practices and 
is an important first step in helping to protect consumers and 
legitimate marketers from the abuses of spammers.
    As a leading provider of online marketing and advertising solutions 
and services, 24/7 Media's clients have included such notable 
businesses as Reuters, The Economist, USA Today, American Express, 
Law.com, MSNBC, General Motors, Verizon, AT&T, The Financial Times, and 
Disney to name a few. We provide a valuable service to consumers by 
delivering content they have requested such as news, real-time stock 
quotes, and other information.
    The success of the interactive industry lies in the confidence of 
the relationship among content publishers, service providers, 
marketers, advertisers, and consumers. We support ``permission-based'' 
communications that empower consumers with notice and choice.
    The interactive marketing industry has been tainted by the actions 
of disreputable marketers who use deceptive practices in sending 
unsolicited commercial electronic mail. These marketers, or spammers, 
should not be allowed to infringe upon or negatively influence the need 
for legitimate commerce to prosper in the online world. The Committee 
and Congress should focus on legislation this year that especially 
addresses the problem of fraudulent, misleading, forged and inaccurate 
e-mail communications. These practices are an encroachment on the 
rights and privacy of consumers.
    24/7 Media, along with other companies, has worked diligently over 
the past year to establish and put into effect guidelines and practices 
that will enable the Internet to prosper as the world's leading 
communication, educational and information tool.
    24/7 Media has an interest in minimizing spam. We maintain one of 
the largest, permission-based e-mail databases and generate a 
significant portion of our revenue from list management and brokerage 
as well as from our e-mail service bureau, 24/7 Exactis. We recognize 
that respecting the privacy rights of consumers will help sustain our 
long-term business model.
    Let me tell you more specifically how we conduct our business:

        We don't spam.
        We don't allow our clients to spam.
        We include a functioning return e-mail address in all e-mail 
        deliveries.
        We don't use deceptive subject headings.
        We always provide clear and conspicuous notice for consumers to 
        opt-out.
        We don't do business with any business that distributes 
        pornography.

    I am proud to say that 24/7 Media's level of accuracy in delivering 
the appropriate content to the consumer is exceptional. During a 6 
month period last year, 24/7 Exactis received 1 complaint for every 
16,000 e-mails delivered. Most client lists, in fact, generated no 
complaints at all. We also found that in most instances, if there was a 
complaint, the complaint was resolved soon after the subscriber was 
reminded of how the marketer obtained their e-mail address.
    From 24/7 Media's point-of-view, the Burns-Wyden bill appropriately 
focuses on e-mail abuse. These spammers devalue our own efforts and 
weaken the consumer confidence that is so important for all online 
businesses to succeed and flourish. We also believe that enforcement 
mechanisms should deter spammers from encroaching on the privacy of 
consumers and not penalize legitimate marketers who are adhering to the 
standards.
    In announcing the introduction of this bill on March 27, Senator 
Wyden said: ``. . . Spam could have a significant negative impact on 
how consumers use Internet Services and e-commerce. This legislation 
strikes at unscrupulous individuals who use e-mail to annoy and 
mislead''. I agree with that sentiment and I invite the rest of our 
industry to stand behind this effort to ``strike out at the 
unscrupulous'', support best industry practices and continue to provide 
value to the consumer.
    Mr. Chairman and the Committee, I thank you again for the 
opportunity to participate in today's hearing. This is a complex policy 
challenge that must accommodate evolving technologies and business 
models. We look forward to working with you to fine-tune this 
legislation.
    24/7 Media remains committed to engaging lawmakers on key policy 
issues and recognizes that regulation of commercial e-mail practices is 
only one of many key decisions this Committee will have to sort through 
in the future. We look forward to continuing to work with you and to be 
a resource to you as you consider Internet-related policy and work 
toward our common objective of protecting the rights and privacy of all 
consumers while at the same time ensuring the long-term viability of 
the Internet and legitimate web-related businesses.
    Again, thank you for the time and I look forward to your questions.
    Thank you.

    Senator Burns. Mr. Jason Catlett, President and CEO of 
Junkbusters. Yes, Junkbusters. There you go. Thank you for 
coming today.

                  STATEMENT OF JASON CATLETT, 
                PRESIDENT/CEO, JUNKBUSTERS CORP.

    Mr. Catlett. Thank you, Senator. And it is a pleasure to be 
back before you and Senator Wyden again. I'd like to begin with 
two issues that you raised.
    First, the technology arms race that is going on between 
spammers and largely ISPs who are using technological means to 
try to abate the amount of spam from their networks before it 
reaches the spammer's intended recipients. That is a silent 
battle that goes on continuously and if it were stopped as we 
have heard earlier testimony suggesting a measure that might do 
it, this would cause an enormously greater amount of spam to 
reach the end consumers, so technological means for 
automatically spam filtering are tremendously important and do 
a lot of good.
    However, you are absolutely correct that this is not a 
solution to the problem. And that ultimately it is essential to 
have laws to stop the attempts of the spam to be inserted into 
the network.
    We heard from Senator Rockefeller about the question of 
labeling. Is it sufficient to label the material? Well, I can 
tell you as someone who has written scientific papers on 
automatic text classification that those methods are always 
imperfect and even if the spammers were perfectly honest in 
their labeling of the material, it would still impose an 
unacceptable burden on the network to try and reject each 
article after checking the appropriate label.
    The second point I would like to raise is the issue of 
wireless spam which indeed has been a problem, particularly in 
Europe where the technology is at a later stage of adoption, 
but also in states such as Arizona, where a class action suit 
on that is underway.
    I would like to note that trade associations with the 
wireless industry have come out strongly in favor of an opt-in 
criteria that you should never receive commercial solicitations 
to your cell phone unless you have deliberately requested them, 
and I think that is an admirable position for them to take.
    I'd like to commend you on the hard work that you have done 
on spam over a long period of time, and I am sorry to say that 
in its present form, I don't think that the bill will achieve 
the goals that it sets out to do. I don't think it will 
significantly reduce the amount of junk e-mail that is sent, 
and that two modifications would be necessary in order to have 
a spam bill that really deserves the name of CAN-spam, and 
those two were issues raised by Senator Rockefeller.
    The first is opt-in. The appropriate criterion for e-mail 
solicitation is opt-in. You should only get e-mail, commercial 
e-mail if you ask for it, and that is what the majority of 
people online believe are appropriate. It is also what a large 
number of consumer groups believe to be appropriate, and it is 
also the practice as we have heard from David Moore from 24/7 
Media is the common industry practice only to send e-mail to 
people who have asked for it.
    Almost no legitimate established marketer sends unsolicited 
commercial e-mail because it is despised by consumers and it is 
actually against the terms of services of most ISPs. So the 
first suggestion I would have to you is to make the criterion 
opt-in. This has worked very well with the Telephone Consumer 
Protection Act as we have heard discussed for junk faxes and I 
think that the success of that bill should be an example to us, 
particularly the provision to do with my second point, which is 
a private right of action for consumers. The idea of a 
waterfall of frivolous litigation simply isn't borne out in 
practice under the Telephone Consumer Protection Act. There is 
very little litigation on junk faxes. But it is a sufficient 
amount to discourage businesses systematically violating the 
law.
    The idea of not allowing consumers the opportunity to 
protect their interests and hoping that the ISPs, some of whom 
are going bankrupt, will spend additional money to go to court 
for their individual consumers, I think it is very naive.
    The appropriate thing to do is to give individuals the 
means to protect their own interests, and that is being done 
with the junk faxes because of the same situation. This is 
postage due marketing.
    Senator Burns. You believe in the vigilantes, too, huh?
    Mr. Catlett. The consumers should be able to act with the 
authority of law in an appropriate manner. Some spams do make 
me want to go to the vigilante state. In fact, I would like to 
read you a particular spam that I picked out almost at random 
under a specific criterion. It is a little bit like at a 
hearing on locust plagues to bring along a single grasshopper 
and hold it up for the Committee and say this is the problem, 
but imagine multiplied a million times the problem. It is in 
the, my prepared statement, but I'll read you briefly this 
spam. Sex sells really works. ``Why pay to belong to an adult 
website? When you can own your own for less than the cost of a 
membership. Anyone with an Internet connection can own an adult 
website for less than the cost of the next dinner. No 
experience required. Anyone can sell sex on-line in just 
minutes.''
    I'll spare you the details of how to sign up for this 
offer, but I'd like to draw your attention to the footer of 
this e-mail, which is very common. This message is sent in 
compliance of the new e-mail bill, section 301 paragraph 
(a)(2)(C) of Senate 1618. It again gives a URL for the website 
of your colleague, Senator Mikulski.
    I would like you to imagine perhaps with your folks back at 
home in Montana when a mother discovers that her teenage son 
has received this solicitation to establish a pornographic 
website from the comfort of his own bedroom and then they, this 
person clicks through to Senator Mikulski's site and sees, this 
is the legislation, this is in fact Mikulski's bill. It did not 
pass but spammers still use it and if you pass a junk e-mail 
bill along the lines of an opt-out, you will get exactly the 
same situation.
    You will get the mother saying is it the policy of the 
United States that spammers may spam? They are going to click 
through to your website, then click on contact us, and you are 
going to get questions and letters from your constituents and I 
wonder how you are going to answer them.
    With the current form of the Senate bill, would you have 
to, when the mother asks you, is it true, is what this spammer 
says true, that it is Okay for him to send this e-mail, would 
you have to answer something like yes, the spammer can send you 
as much e-mail as he wants until you tell him to stop, and if 
they don't stop, if they keep on doing it, then you can't do 
anything about it yourself. You have to either get your ISP to 
do something or you have to get the Federal Government 
department to do something.
    Now, I don't think that is an answer that your constituents 
would want to hear. The answer that I think you would want to 
be able to give to them is something like this. The spammer is 
lying. My bill made spamming illegal. And it gives you the 
right to sue people who spam you if they break the law.
    So the correct policy, I think, and I have made the two key 
points, is to have an opt-in policy and to have a private right 
of action for consumers. So the question of opt-in versus opt-
out and the private right of action really comes down to if 
your name goes on this bill and it becomes law, do you want it 
associated in the spams that are sent out in this case with so 
much spamming?
    Senator Burns. Thank you very much. And your full statement 
will be made part of the record.
    Mr. Catlett. Thank you, sir.
    [The prepared statement of Mr. Catlett follows:]

 Prepared Statement of Jason Catlett, President/CEO, Junkbusters Corp.

    My name is Jason Catlett, and I am President and CEO of Junkbusters 
Corp. I'm grateful for this opportunity to speak with you again.
    Junkbusters is a for-profit company whose mission is to free people 
from unwanted commercial solicitations through media such as e-mail, 
physical mail, telephone, and faxes. Since our web site launched in 
1996, millions of people have turned to us for information, services 
and software for stopping junk messages, particularly e-mail. I have 
worked advising government departments and legislators on e-mail and 
other privacy issues since 1997.
    As a technologist--my Ph.D. was in Computer Science--my initial 
inclination years ago was towards solutions based on technology and 
administrative processes. But years of practical experience with large 
numbers of consumers have led me to believe that the essential 
requirement for the collective protection of privacy is strong rights 
for the individual. Thanks to the private right of action in the 
Telephone Consumer Protection Act of 1991, junk faxes are today rare 
compared to junk e-mail, a result achieved without any vast government 
bureaucracy, and with little frivolous litigation. In contrast, 
billions of unwanted e-mail solicitations are sent each day, vexing 
hundreds of millions of people who feel unable to stop it. This reduces 
participation in online commerce and erodes the considerable benefits 
that responsible e-mail marketing offers to consumers and businesses. 
What is needed to reverse this harm to consumer confidence in the 
medium is a law establishing an opt-in standard for commercial e-mail, 
and a private right of action for recipients and network operators. S. 
630 would establish an opt-out standard and lacks a private right of 
action, and in my opinion would not improve the situation it addresses.
    Before focusing on the specifics of spam, I would like to briefly 
review the unhappy recent history of online privacy more generally. In 
the 11 months since I appeared before you in May, the prevailing level 
of privacy on the Internet appears to have lowered. (Space allows only 
a few brief examples, for greater detail see http://
www.junkbusters.com/testimony.html on the Web.)

   Ever more intrusive collection technologies are being rolled 
        out. Profiling companies are continuing development of their 
        Consumer Profile Exchange technology without any committment to 
        observe fair information practices in their use of it.

   Most ``privacy policies'' offered by companies still offer 
        little privacy, and appear to be getting even worse, according 
        to one longitudinal study by Enonymous.

   In September Amazon.com substantially weakened its privacy 
        policy.

   The standards proposed by DoubleClick and a few other online 
        advertising companies and sanctioned by the FTC in July are 
        deplorably low.

   P3P, which has been billed by some as the pot of privacy 
        gold at the end of the technological rainbow, is now being used 
        by Microsoft as an excuse not to fix the default settings on 
        its next browser that allows tens of millions of web bugs to 
        gather click streams in volumes of billions of clicks per day.

   At a public workshop run by the Federal Trade Commission in 
        March, the major profiling companies refused to allow people 
        access to their own profiles, or even to provide example 
        profiles.

    With this background, and with spam as a regular reminder to 
consumers of the ease with which personal information can be misused 
and the difficulty of individual redress, few would be surprised by the 
conclusion that privacy concerns have severely dampened the growth of 
e-commerce (certainly not any Member of this Committee). Over the past 
year, its spectacular triple digit growth has dropped to such 
disappointing levels that many online merchants are struggling to break 
even, finding difficulty attracting investment, or filing for 
bankruptcy. Yesterday's Wall Street Journal reported that most U.S. 
households have never made a purchase online. Of consumers who place 
items in online shopping carts, the majority are still abandoning the 
transaction before checkout. Online merchants have known for years that 
the number one concern here is fear for privacy. Furthermore, Forrester 
Research has found in extensive polling that concerns about privacy are 
not being assuaged as people gain more years of experience online. In 
my own discussions with online marketers whom I know from consulting 
engagements or from industry conferences, spam is despised as the major 
cause of damage to consumer confidence and participation.
    The failure to control spam is the greatest economic tragedy of the 
Internet age. E-mail marketing conducted in a fair, consensual manner 
offers enormous benefits to consumers and businesses alike, 
particularly to small businesses who could not afford the expense of 
traditional media. As e-mail marketing becomes synonymous with spam--a 
tragedy because this is unnecessary and avoidable--many consumers are 
deciding simply not to participate. The right public policy for spam, 
as with all privacy law, is to give people who participate rights to 
ensure their personal information is not used unfairly. This promotes 
both greater participation and better business practices.
    Almost no reputable marketer routinely sends e-mail on an opt-out 
basis. (A few have occasionally done so in error; this is perhaps the 
reason some companies oppose a private right of action, which would 
hold them accountable for such mistakes.) It is deplorable that certain 
trade associations such as the Direct Marketing Association are trying 
to hold the door open for spamming. H. Robert Wientzen, President and 
CEO of the DMA addressed members at the organization's 1998 conference 
with the following words: ``Let me begin by recognizing that bulk 
unsolicited commercial e-mail is not real popular with consumers. And 
to date, very few of you are employing it. However, we also feel that 
most of those who push for an opt-in-only regime have very little 
understanding of the incredibly negative impact it would have on the 
future use of e-mail as a marketing tool.'' The DMA continues to 
indulge in its fantasy of cyberspace as a world of free paper, free 
printing and postage-due delivery of solicitations, failing to realize 
that if it had its way, consumers would rebel or flee.
    Opt-in is the right policy for marketing by e-mail, and is 
consistent with successful legislation on marketing by fax. As in the 
TCPA, the definition of a commercial message should of course be 
carefully limited to avoid any impact on non-commercial speech, such as 
speech about religion or politics. The opt-in approach taken in the 
TCPA for faxes, cellphones and 800 numbers has as its basis the fact 
that the recipient may incur costs for receiving the unsolicited 
message. This is also the case for spam, so the opt-in criterion is 
therefore equally appropriate. The fact that in some situations 
recipients appear to incur negligible incremental costs from a specific 
spam does not change the fundamental fact that spam is postage-due 
marketing.
    The TCPA's prohibition against telemarketing calls to cellular 
telephones is not qualified any exemption for situations such as when 
the carrier offers the first incoming minute free or where the 
subscriber has excess minutes available for the particular month. That 
would be as silly as a spam law that said that people whose Internet 
service plans include unlimited hours are disqualified from monetary 
damages. Nor is there any exemption in the TCPA for fax-modems where no 
paper is consumed, a situation closely resembling junk e-mail. Despite 
the fact that a spam recipient often cannot produce a specific line 
item from a bill relating to the spam, costs are being incurred by 
individuals, as well as being diffused among consumers. Of course in 
many situations the cost can be quantified, such as on certain usage-
based tariffs, or when dialing up from a hotel room. In some cases 
these direct costs exceed the cost of paper for a junk fax or 15 
seconds on an 800 number.
    Furthermore, spam imposes a hidden tax on all Internet users by 
increasing network capacity requirements and requiring additional 
administrative costs at ISPs. I estimate this cost at around one dollar 
per month for the average subscriber, and billions of dollars per year 
including institutional buyers of network services. Because ISPs absorb 
this as a cost of doing business, this expense is not visible to 
individual consumers, but it is certainly passed on to them. An opt-in 
policy would reduce this spam-subsidizing tax, lower the cost of 
Internet access, and stimulate demand for Internet services and e-
commerce.
    A opt-out policy that allows each spammers one free spam is like 
permitting shoplifters to steal items until each store requests that 
they cease thieving. It imposes unfair burdens: in both cases, even 
people who are not directly victimized incur costs through higher 
prices. More than a million businesses have Internet access; if even 10 
percent of them sent a single message to half of online U.S. households 
over a period of 5 years, the American homes would receive an average 
of 27 spams per day. The opt-out model is simply inappropriate and 
unsustainable for the Internet. If opt-out spam were to prevail, e-
mail, the killer application of the Internet, would become the 
application that killed the Internet.
    Consider an excerpt from an actual spam and imagine the reaction of 
a constituent in Alaska reading after downloading it via a toll call. 
(Of course, it's also important to remember that billions like it may 
have been sent to millions of people, so focusing on a single specimen 
is rather like examining a single dead grasshopper at a Senate hearing 
on locust plagues, but imagine your reaction multiplied to an 
appropriate scale.) Here is the spam:
SEX SELLS!!! REALLY WORKS!!!
    ``Why Pay To Belong To An Adult Web Site When You Can Own Your Own 
For Less Than The Cost Of The Membership?''
    ``Anyone With An Internet Connection Can Own An Adult Web Site For 
Less Than The Cost Of Their Next Dinner!''
    ``No Experience Required! Anyone Can Sell Sex Online In Just 
Minutes!''
    [extraneous detail deleted]
    This message is sent in compliance of the new e-mail bill: Section 
301. Per Section 301, Paragraph (a)(2)(C) of S. 1618, http://
www.senate.gov/\murkowski/commercialemail/
    Claims of compliance such as the one at the end of this spam have 
become all to familiar to Internet users, and have been examined in the 
Wall Street Journal. A key goal of spammers is to gain an appearance of 
legitimacy, and many have turned to boasting their compliance even with 
bills that never became law. Some bills from the current congress may 
already have been used in this manner. The sponsors of these bills may 
want to consider how they will respond to irate voters who click 
through to their congressional web sites. When you receive a letter 
from a constituent angered by the solicitation sent to her teenage son 
to become a pornographer from the comfort of his own bedroom, how will 
you answer her question ``Is this junk e-mail really obeying your 
law?'' The answer will depend on the kind of bill you pass. As S. 630 
stands, you would have to answer something like this: ``Yes. Every 
spammer can send you at least one spam, and it's up to you to tell each 
separate spammer to stop. If they don't, you can't do anything about it 
yourself, you have to hope that a government agency will do something 
for you.'' Is that answer likely to please your constituents? A better 
answer, which you could give if you pass an amended or different bill, 
would be ``The spammer is lying. My bill made spamming illegal, and it 
gives you the right to sue the spammer if they break the law.''
    Of course spammers are less likely to draw the attention of their 
victims to such a law. But if you pass a weak spam bill, the bill 
number and your name will surely be cited in vast numbers of junk e-
mails for years to come. So when you consider the key questions of opt-
in vs opt-out and whether to include a private right of action, think 
of these two alternatives: Do you want your name to be remembered as 
the lawmaker who said ``spamming is wrong''? Or do you want it to 
become the name that launched a trillion spams?
    I appreciate the opportunity to speak before you today. Now I would 
be pleased to answer your questions.

    Senator Burns. Mr. Harris Pogust. Looks like a law firm to 
me.
    Mr. Pogust. That's correct, Mr. Chairman.
    Senator Burns. From New Jersey. Thank you for coming today. 
Thank you for joining us.

    STATEMENT OF HARRIS L. POGUST, ESQ., PARTNER, SHERMAN, 
              SILVERSTEIN, KOHL, ROSE AND PODOLSKY

    Mr. Pogust. I am an attorney from Pennsauken, New Jersey. I 
work in a small firm which represents over 2000 small 
businesses in the Philadelphia and southern New Jersey area. 
Over the last several years, my practice has focused on 
technology-related issues. It is only because of the disturbing 
rise in spamming which has begun to cost my clients valuable 
time and expense that I have become involved with this issue.
    I am here today, Senators, representing those small 
business men and women who had suffered commercial loss and 
other economic damages as a result of the conduct of entities 
that transmit thousands upon thousands of junk e-mails on a 
daily basis. This junk mail clogs the Internet and takes up 
valuable space on my clients' computer systems. Takes up 
valuable employee time and costs my clients hundreds and in 
some instances thousands of dollars a year in unnecessary and 
unwanted expenses.
    As the Internet has grown, the problem of unsolicited e-
mail has increased to the point of where it has become an 
intolerable burden on my clients, as well as myself. I commend 
you for identifying this issue as an important concern for the 
Subcommittee's oversight agenda, yet this is not the first time 
that Congress has had to address the problem associated with 
the introduction of new technologies in the workplace. Ten 
years ago when fax machines first became increasingly prevalent 
in the offices across the country and on Capitol Hill, Congress 
enacted the Telephone Consumer Protection Act in response to 
the overwhelming volume of unsolicited faxes being sent. The 
TCPA prohibits any person from using any telephone, fax 
machine, computer or other device to send an unsolicited 
advertisement to a telephone fax machine.
    Among other provisions, the law provides a private right of 
action and there is a broad consensus that the TCPA has 
certainly curtailed the volume of junk faxes received in this 
country.
    In spite of some predictions to the contrary, when this 
piece of legislation became law, it did not result in a 
proliferation of litigation. What did occur was that millions 
of unwanted junk faxes were no longer being sent as the 
deterrent effect of a private right of action took hold. The 
concerns addressed in the TCPA are the identical concerns that 
S. 630 is seeking to address. The TCPA has saved businesses 
millions of dollars in unwanted overhead expenses and has been 
a valuable tool in fighting unwanted faxes by allowing a 
private right of action for damages, as well as injunctive 
relief.
    The threat of possible litigation in and of itself has 
clearly been a deterrent to those whom have thought about 
violating the junk fax law. While I applaud this Subcommittee's 
effort to attempt to curb this latest abuse of technology, 
spam, there is one aspect of the bill that I, along with 
others, would like to see changed.
    I am concerned that this bill does not provide a private 
right of action for many small businesses and individuals who 
have faced lost time or money due to these unsolicited e-mails 
filling their in boxes.
    While I believe Congress must approach this issue in a 
balanced fashion and I support the comprehensive enforcement 
measures already proposed in S. 630, I also believe that there 
will be some cases in which an individual or business must 
directly seek recovery to address the economic harm they have 
suffered.
    The largest Internet service provider, AOL, has estimated 
that 30 percent of its e-mail is spam. What is the effect of 
this abuse on the Internet? One result is the system-wide drag 
on the entire information highway costing the users the most 
valuable asset they have, their time. Another result is the 
millions of dollars citizens are collectively paying to their 
Internet service provider for the increased usage time that is 
required to read and delete these unwanted e-mails.
    Unfortunately, under the proposed legislation, there is no 
way for these businesses and individuals to recoup the money 
that they have lost and continue to lose related to spam. It is 
my hope that with further consideration the Subcommittee will 
provide such a remedy as was done in the case of the TCPA.
    It may be that on first impression one might surmise that 
the ISPs are the ones that are most damaged by junk e-mails. 
They suffer the increased expense in trying to filter out these 
unwanted e-mails and are required to spend money to provide 
additional bandwidth to provide optimal service to their end 
users.
    But these ISPs already have a way to recoup these 
additional expenses. They charge their end users. This is 
exactly what many of the ISPs have done. Netcom Online 
communications services, a mid-sized Internet service provider, 
has stated that a conservative estimate of the cost to our 
customers to support spam is approximately 10 percent of their 
monthly bill.
    Customers also pay fees to the ISPs for the additional 
connect time, as Senator Burns stated in his statement. It is a 
long distance phone call and the additional time costs the 
consumer money.
    Pursuant to S. 630, the ISPs are not only permitted to 
recoup their additional expenses from the end users, but they 
are also entitled to sue the entity which sent the unwanted e-
mails. Yet what incentive would the ISP have to spend 
potentially hundreds of thousands of dollars in legal expenses 
to go after the spammer when they can just charge the end users 
for this additional cost of doing business?
    Who is left holding the bag and paying for the millions of 
dollars in damages which spamming causes? My business clients 
and the millions of other citizens throughout the country who 
use the Internet. What recourse did they have for footing this 
bill? I think the answer is none. The question I have is why? 
If the concern is that every Internet user will race to the 
courthouse and file suit against a spammer, such a concern is 
misplaced. As noted above, the TCPA resulted in a significant 
reduction in the number of junk e-mails sent without a rush to 
the courts. Moreover, the Act only provides for recovery of 
actual damages suffered unless egregious conduct is involved.
    In May of last year, Senator Lieberman stated spam 
undermines the viability of the Internet by burdening service 
providers who are forced to pass on the cost of funding spam to 
consumers. Our objective is not to strangle the Internet with 
government regulation or ban spam outright. Rather, we simply 
set out to give individuals control of their own e-mail 
accounts and to address the cost shifting problem brought by 
the proliferation of spam.
    In this situation, it is critical that consumers be allowed 
to recover their full actual damages, whether that is the cost 
to replace a computer, a computer program that has been damaged 
as a result of excessive spamming or lost earnings resulting 
from clogged e-mail systems. These are concrete improvable 
damages. They are not speculative in the least.
    Since it is impossible for Congress to predict the full 
range of possible damages suffered by consumers and small 
businesses, these damages should not be limited and just as in 
the TCPA to deter egregious behavior, the bill should also 
include some type of financial penalty for violations of this 
anti-spam bill. Without such a penalty, the entity sending 
these unsolicited e-mails might determine that it is 
financially worthwhile it continue to violate the law so long 
as they do not reach a volume likely to damage most computers 
or software.
    Mr. Chairman, Senator Wyden, thank you again for allowing 
me to testify here today. I salute your consideration of this 
important issue and hope it will be possible to ensure that 
businesses and individual users of the Internet are not made to 
suffer economic harm without fair and balanced redress. I would 
be happy to answer any questions you may have.
    Senator Burns. Thank you and we appreciate your testimony 
today.
    [The prepared statement of Mr. Pogust follows:]

    Prepared Statement of Harris L. Pogust, ESQ., Partner, Sherman, 
                  Silverstein, Kohl, Rose and Podolsky

    Chairman Burns, Senator Hollings and distinguished Senators, it is 
an honor to appear before you here today.
    My name is Harris Pogust, and I am an attorney from Pennsauken, New 
Jersey. I work at a small firm which represents over 2,000 small 
businesses in the Philadelphia and Southern New Jersey areas. Over the 
last several years my practice has focused on technology-related 
issues. It is only because of the disturbing rise in spamming, which 
has begun to cost my clients valuable time and expense, that I have 
become involved with this issue.
    I am here today, Senators, representing those small businessmen and 
women who have suffered commercial loss and other economic damages as a 
result of the conduct of entities that transmit thousands upon 
thousands of junk e-mails on a daily basis. This junk mail clogs the 
Internet and takes up valuable space on my clients' computer systems, 
takes up valuable employee time, and costs my clients hundreds, and in 
some instances thousands of dollars a year in unnecessary and unwanted 
expenses. As the Internet has grown, the problem of unsolicited e-mails 
has increased to the point of where it has become an intolerable burden 
on my clients as well as myself. I commend you for identifying this 
issue as an important concern for this Subcommittee's oversight agenda.
    This is not the first time Congress has had to address the problems 
associated with the introduction of new technologies in the workplace. 
Ten years ago, when fax machines first became increasingly prevalent in 
offices across the country, and on Capitol Hill, Congress enacted the 
Telephone Consumer Protection Act (``TCPA'') (47 U.S.C. Sec. 227) in 
response to the overwhelming volume of unsolicited faxes being sent. At 
that time, Congress decided to draw the line and let the senders of 
these unwanted faxes (in the form of solicitations and other 
questionable promotions) know that they could not continue their 
intrusive practices, which were clogging fax lines and wasting costly 
paper and employee time at small and large businesses alike.
    The TCPA prohibits any person from using any telephone fax machine, 
computer or other device to send an unsolicited advertisement to a 
telephone fax machine. Among other provisions, the law provides a 
private right of action and there is broad consensus that the TCPA has 
certainly curtailed the volume of junk faxes received in this country. 
In spite of some predictions to the contrary, when this piece of 
legislation became law, it did not result in a proliferation of 
litigation. What did occur was that millions of unwanted junk faxes 
were no longer being sent as the deterrence effect of a private right 
of action took hold. The concerns addressed in the TCPA are the 
identical concerns that this legislation is seeking to address. The 
TCPA has saved businesses millions of dollars in unwanted overhead 
expenses and has been a valuable tool in fighting unwanted faxes by 
allowing a private right of action for damages and injunctive relief. 
The threat of possible litigation in and of itself has clearly been a 
deterrent to those who may have thought about violating the junk fax 
law.
    The TCPA allows any person to bring suit in state court to enjoin a 
violation of the Act and to recover their actual monetary losses from 
such violations or they may seek a $500.00 penalty for each violation, 
whichever is greater. Additionally, the courts are authorized to award 
treble damages for egregious conduct--that is, where there are willful 
or knowing violations. Unfortunately, the pending legislation provides 
no such remedy to small businesses and individuals that suffer actual 
commercial consequences from junk e-mails filling their online 
mailboxes.
    While I applaud this Subcommittee's efforts to attempt to curb this 
latest abuse of technology--spam--there is one aspect of this bill that 
I, along with others, would like to see changed. I am concerned that 
this bill does not provide a private right of action for the many small 
businesses and individuals who have faced lost time or money due to 
these unsolicited e-mails filling their inboxes. While I believe 
Congress must approach this issue in a balanced fashion--and I support 
the comprehensive enforcement measures already proposed in S. 630--I 
also believe that there will be some cases in which an individual or 
business must directly seek recovery to address the economic harm they 
have suffered.
    The largest Internet service provider, America Online, has 
estimated that 30 percent of its e-mail is spam. America Online has 
stated that it was receiving 1.8 million spams per day from one company 
called Cyber Promotions. This continued until AOL obtained an 
injunction to stop this practice. Assuming that it takes the normal 
user 10 seconds to identify and discard a message, the end user was 
required to pay for 5,000 hours per day of connect time. What is the 
effect of this abuse of the Internet? One result is the system-wide 
drag on the entire information highway costing users the most valuable 
asset they have--their time. Another result is the millions of dollars 
citizens are collectively paying to their Internet service providers 
for the increased usage time that is required to read and delete these 
unwanted e-mails.
    Unfortunately, under the proposed legislation, there is no way for 
these businesses and individuals to recoup the money they have lost and 
continue to lose related to spam. My hope is that, with further 
consideration, the Subcommittee will provide such a remedy, as was done 
in the case of the TCPA.
    It may be that, on first impression, one might surmise that the 
JSPs are the ones that are most damaged by junk e-mails. They suffer 
the increased expense in trying to filter out these unwanted e-mails, 
and are required to spend money to provide additional bandwidth to 
ensure optimal service to their end users. But, these ISPs already have 
a way to recoup these additional expenses: charge their end users. This 
is exactly what many of the ISPs have done. Netcom On-Line 
Communication Services, a mid-sized Internet service provider, has 
stated that: ``A conservative estimate of the cost to our customers to 
support spam is approximately 10 percent of their monthly bill.''
    Pursuant to 8.630, the ISPs are not only permitted to recoup their 
additional expenses from the end user, but they will also be able to 
sue the entity which sent the unwanted e-mails. Yet, what incentive 
will the ISPs have to spend potentially hundreds of thousands of 
dollars in legal expenses to go after the spammer when they can just 
charge their end users for this additional cost of doing business? Who 
is left holding the bag and paying for the millions of dollars in 
damages which spamming causes? My business clients and the millions of 
other citizens throughout the country who use the Internet. What 
recourse do they have for footing this bill? None. The one question I 
have is: ``Why''? If the concern is that every Internet user will race 
to the courthouse and file suit against spammers, such a concern is 
misplaced. As noted above, the TCPA resulted in a significant reduction 
in the number of junk e-mails sent, without a rush to the courts. 
Moreover, that Act only provides for recovery of actual damages 
suffered unless egregious conduct is involved.
    In May of last year, Senator Lieberman stated that: ``Spam 
undermines the viability of the Internet by burdening service providers 
who are forced to pass on the costs of fighting spam to consumers. Our 
objective is not to strangle the Internet with government regulation or 
to ban spam outright. Rather, we simply set out to give individuals 
control of their own e-mail accounts and to address the cost-shifting 
problems wrought by the proliferation of spam.''
    In this situation, as well, it is critical that consumers be 
allowed to recover their full actual damages--whether that is the costs 
to replace a computer or computer program that has been damaged as a 
result of excessive spamming, or lost earnings resulting from a clogged 
e-mail system. These are ``concrete'' and ``provable'' damages--and not 
speculative in the least. Since it is impossible for Congress to 
predict the full range of possible damages suffered by consumers and 
small businesses, these damages should not be limited. And just as in 
the TCPA, to deter this egregious behavior, this bill should also 
continue to include some type of financial penalty for violations of 
this anti-spam bill. Without such a penalty, the entities sending these 
unsolicited e-mails might determine it is financially worthwhile to 
continue to violate the law, so long as they do not reach a volume 
likely to damage most computers or software.
    Mr. Chairman and Senator Hollings, thank you again for allowing me 
to testify here today. I salute your consideration of this important 
issue and hope it will be possible to ensure that business and 
individual users of the Internet are not made to suffer economic harm 
without fair and balanced redress. I would be happy to answer any 
questions that you may have.

    Senator Burns. And now we will hear from Mr. David McClure, 
President and CEO of U.S. Internet Industry Association here in 
town.

  STATEMENT OF DAVID P. McCLURE, PRESIDENT/CEO, U.S. INTERNET 
                      INDUSTRY ASSOCIATION

    Mr. McClure. Chairman Burns, Senator Wyden, it is a 
pleasure to be here to discuss with you the subject of 
unsolicited commercial e-mail and to express the support of our 
members for S. 630, the CAN-spam Act. I am especially pleased 
to note that this legislation is the product of two of the most 
respected technology legislators in the Senate today, yourself 
and Senator Wyden. We know from our work with you in previous 
issues that this has always resulted in the creation of well 
crafted and sensible Internet policy.
    My name is David McClure. I am President of the U.S. 
Internet Industry Association, and we are the largest and 
oldest trade association representing Internet commerce, 
content and connectivity.
    For the past 3 years, much of our effort has been taken up 
with the subject of UCE. In a white paper authored by Jim 
Butler and Andrew Flake, we outlined the problems that we 
encountered when we attempted to craft a legislative solution 
to spam and also the type of legislation that we believe is 
going to help bring relief to the situation.
    I don't need to tell you how serious the problem of spam 
is. Congress already knows this. The Congressional Management 
Foundation this month released a report that said last year, 
Congress received 80 million pieces of e-mail, most of it 
unsolicited bulk e-mail. That is double the previous year.
    Nonetheless, while I don't need to tell you how serious the 
problem is, I think we do need to discuss the problems inherent 
in a legislative solution, and there are really two that we 
need to address up front. The first is that in terms of sending 
a single piece of unsolicited commerce e-mail, there is nothing 
really illegal in the Act, and we may well have some 
constitutional considerations in attempting to flatly ban it.
    The second is more interesting in that we really can't 
define what it is that we are talking about when we say 
unsolicited commercial e-mail. We think we know what the term 
``e-mail'' means, based on today's technology. It will change. 
I am not certain that we can satisfactorily define what 
``unsolicited'' means or even what ``commercial'' means.
    And a couple of quick examples. Does it mean that Girl 
Scouts who send out notices to their friends and neighbors of 
cookies for sale should be sent to jail? Does it mean perhaps 
that when the Red Cross sends an emergency notice of a need for 
O positive blood that they are in violation of the law? These 
are very difficult, difficult questions to answer, and we have 
struggled with them for 3 years.
    Nonetheless, in the absence of a legislative solution, 
without the guidance of the law, we are left in a very 
difficult situation in which abuses do take place in which 
trade associations have their electronic newsletters to members 
routinely blocked, in which members who provide services--and 
this was referred to in the financial services industry--that 
they are required under contract and under law to provide, can 
find those communications blocked in the absence of any 
guidance.
    More problematical from our standpoint are the actions of 
some black listers whose policies have in the past been 
somewhat arbitrary and have resulted in people being literally 
blocked from any kind of e-commerce. Good legislation is going 
to resolve that.
    In our white paper, we identified what we considered to be 
four important things the legislation must do. First, it has to 
let the marketplace do its job. The greatest problem with UCE 
from our perspective is that it damages the network through its 
sheer bulk and its timing, but these are mechanical problems 
that can be resolved. And we believe that these are economic 
situations that can be resolved, and the market will eventually 
move to the kind of fee-based process that will resolve the 
damage to the networks. Once that happens, we expect to see--
when e-mail is no longer free for bulk mailers--we will expect 
to see the volume decline.
    Second, let's crack down on fraud. It is estimated that 
over 90 percent of spam is fraudulent. There is no excuse for 
this. We have laws and we'll have now a stronger national bill 
that requires people to identify who they are, where they come 
from, to use real header information and real subject 
information.
    There are always going to be people who will not obey the 
law. Let's turn the cold light of daylight on every commercial 
message and woe be to the wicked. I believe that those people 
who do not obey this law should be punished without mercy. 
Third, support the acceptable use policies of ISPs. These are 
well crafted policies. They are contracts that need to be 
supported, and when that happens, we believe that you'll see 
ISPs segregate themselves. Some will aggressively filter out 
all bulk e-mail and their terms of use, their acceptable use 
policies will notify consumers that that is what they wish to 
do. Consumers then will have the choice of whether they wish to 
use this or another ISP.
    Finally, help marketers understand the word no. One of the 
problems with direct marketing is that in spite of the very 
best and well intentioned of legitimate marketers, there is 
always somebody who doesn't know the meaning of the word no. 
Opt-out should be simple, pervasive, and permanent.
    Mr. Chairman, Senator Wyden, we are delighted to see that 
you have crafted legislation that meets all four of these 
points, and we believe that it is very important for the 
Committee now to pass this legislation on to the floor of the 
Senate to get it passed and move on to the House and put this 
legislation into effect. We don't believe that it needs 
extensive rewriting. It doesn't require good-faith exemptions 
or private rights of action or other major amendments. It needs 
only the support of this Committee and of the Senate. Thank 
you.
    [The prepared statement of Mr. McClure follows:]

 Prepared Statement of David P. McClure, President/CEO, U.S. Internet 
                          Industry Association

    Chairman Burns, and Members of the Communications Subcommittee,
    It is my great honor to be invited to testify before you on the 
subject of Unsolicited Commercial Electronic Mail, and to express the 
support of our members for S. 630, the ``CAN-spam Act.'' I am 
particularly pleased to note that this legislation is the product of 
two of the most respected technology legislators in the United States 
today, Senator Conrad Burns and Senator Ron Wyden. Our work with these 
distinguished Members of the Senate on other issues has always resulted 
in the creation of well crafted and effective Internet legislation.
    My name is David McClure, and I am President of the U.S. Internet 
Industry Association, the oldest and largest trade association 
representing stakeholders in the Internet industry. USIIA was founded 
by leading companies in the online services industry to represent the 
interests of individuals and companies that do business on the 
Internet.
    Our diversified membership includes Internet service providers from 
global and national ISPs to small providers serving remote areas 
nationwide; Internet backbone companies, telephone companies; hardware 
and software vendors involved in the technologies of the Internet; 
electronic commerce sites, and service providers to those sites. Our 
charter is to promote the growth of electronic commerce, content and 
connectivity through sound public policy and business support.
The issue of SPAM
    For the past 3 years, much of our effort in public policy has 
focused on the issue of unsolicited commercial electronic mail. In a 
white paper authored by Jim Butler and Andrew Flake, we outlined the 
problems encountered in efforts to stop Spam with a legislative 
solution, and the scope of legislation that we believe will help bring 
relief.
    I do not need to tell you how serious the problem of Spam is today. 
According to a report by the Congressional Management Foundation, the 
Congress itself suffered from more than 80 million pieces of electronic 
mail last year, the majority of those being unsolicited bulk mailings 
that interfered with the operations of Congressional offices and caused 
real damage to the communications capabilities of this body.
    A Gartner survey released last week found that on average an 
employee spends 49 minutes of each work day simply managing e-mail. 
That is 10 percent of the workday for every employee in every office in 
America.
    In spite of this, and in spite of our personal experiences, and the 
outcry from consumers and their advocates here today, efforts to 
legislation against unsolicited commercial e-mail suffer from two 
problems.

    1. There is nothing illegal about sending UCE, and it may in fact 
be largely protected by the First Amendment; and
    2. We don't know exactly what the term ``unsolicited commercial e-
mail'' means. Certainly, we think we know what ``e-mail'' is--though 
advancing technology may render even our belief obsolete. I can assure 
you that we are unable to determine exactly what ``commercial'' should 
mean in this context, or ``unsolicited,'' either.

    Does it mean that girl scouts who send notices to their neighbors 
at cookie time should face jail time? Should the American Red Cross be 
punished for soliciting emergency donations of O-positive blood? We in 
this room would all agree that these are not the intent of the law. We, 
after all, only wish to stop the ``bad spam.''
    But I can assure this Committee that even in the absence of such 
laws, anti-spam efforts are abused every day, causing irreparable 
damage to legitimate businesses. These include trade associations whose 
newsletters to their own members are routinely blocked by Spam filters. 
They include one of our member companies that gives more than one 
million consumers advance warning of viruses and security threats--but 
find themselves open to liability suits because those warnings are 
blocked in the name of preventing Spam.
    Self-appointed spam blacklisters do not even wait until Spam is 
sent--they will blacklist your domain, and all of its customers, if 
they believe that at some future point your service might possibly be 
used to send Spam. It is vigilante law at its worst.
Solutions
    What then, can this Committee do?
    Must we abandon all efforts to stop unsolicited commercial e-mail 
in order to protect the First Amendment? Or must we accept the 
inefficiency and abuses inherent in efforts to stop any message that 
any person doesn't wish to read? In short, do we see efforts at a 
legislative solution fail, as they have for the past 3 years, because 
we cannot agree on a solution?
    No.
    In our white paper of 3 years ago, our association outlined the 
steps that would provide legislative relief without stumbling over the 
legitimate rights of communicators or corporations. There are four 
steps that I would re-state today:

   Let the marketplace do its job. The greatest problem with 
        UCE from an infrastructure standpoint is that it damages the 
        network through its sheer bulk and poor timing. These are both, 
        though, economic issues. Marketers who want to send their 
        messages through an ISP's servers should pay for the privilege. 
        This is a contractual issue that the market is quite capable of 
        managing. And frankly, once e-mail is no longer free and easy 
        to send, its volume will decrease substantially.

   Crack down on fraud. It is estimated that over 90 percent of 
        SPAM today is fraudulent. There is no excuse for this. We 
        should have laws that force mailers to identify themselves, 
        using real e-mail addresses, real header information and real 
        contact information whenever they send a solicitation. Shine 
        the daylight on every commercial message, and woe be to the 
        wicked. Punish the lawbreakers without mercy.

   Support the acceptable-use policies of ISPs. Some ISPs will 
        aggressively filter commercial messages as a service to their 
        subscribers, and those subscribers who desire this service will 
        flock to those ISPs. Others may choose not to block the 
        information, and subscribers will receive what they wish. That 
        is how an open, competitive market works, and the desires of 
        all consumers can be met in this manner.

   Help marketers understand the word, ``No.'' One of the 
        problems with direct marketing is that in spite of the very 
        best and well-intentioned efforts of legitimate marketers, 
        there is always someone who can't understand the word. Opt-out 
        should be simple, pervasive and permanent.
Conclusion
    Mr. Chairman, and Members of the Subcommittee, I could ask you to 
craft the kind of legislation that would cover these four points. But 
that work is already done. In S. 630, we have a very good piece of 
legislation that will reduce unwanted commercial e-mail and resolve the 
outstanding legal issues, while still supporting consumer choice and 
the rights of service providers to run their businesses.
    We are here today to ask that you give your support to S. 630 as it 
is today. It does not require re-writing--the industry has had ample 
time to give input to its authors. It does not require ``good faith'' 
exemptions, or private rights of action, or any other major amendment. 
It needs only your support.
    Mr. Chairman, on behalf of USIIA and its members, and of the 
Internet community at large, thank you for the opportunity to express 
our views on this issue. I would be honored to answer any questions you 
might have at this time.
                                 ______
                                 
         The Effective Control of Unsolicited Commercial E-mail
                     An Internet Policy White Paper
                By James W. Butler, III and Andrew Flake

Introduction
    As commonly used, the pejorative ``spam'' refers to bulk electronic 
mailings of a commercial character, and the practice of ``spamming'' is 
positioned squarely at the center of contemporary debate over the 
Internet's commercial development, Internet etiquette and individual 
privacy.
    For Internet service providers (``ISPs'') especially, the bandwidth 
commandeered by spamming and the resultant slowdowns in service 
represent an infrastructure expense of increasing dimensions. At the 
same time, the law of the Internet remains in some disarray, although 
courts and even some states have taken initial stabs at regulating 
spam.
    This White Paper presents a discussion of the problems inherent in 
direct electronic marketing from the perspective of both consumers and 
of the online community and concludes with modest recommendations for 
salient legislative initiatives.

Historical Overview
    Spam is only one of a host of new legal issues that have arisen 
around electronic mail, and the term itself has had several 
incarnations in the online and Internet communities.
    During the Internet's pre-commercial days, amid the perception of 
the need to minimize utilization of servers and message traffic to 
conserve acaUCEic and research resources, ``spamming'' referred to the 
act of posting an individual message to numerous UseNet Newsgroups. The 
exact path by which it did so is not known, but at some point the 
earlier, rather clean definition of ``spam'' evolved to encompass 
commercial or marketing messages as well.
    One of the more critical events in the term's migration came with 
the infamous postings of an attorney who initiated a massive e-mailing 
in the hopes of soliciting green-card business among immigrants. His 
multi-posting efforts gained him the permanent enmity of Internet and 
UseNet users, as did his unwillingness to cease the effort once 
informed of his breach of Internet manners, or ``Netiquette.'' That 
violation occurred simultaneously with explosive growth of Internet use 
among consumers: as they poured onto the Internet in 1994-1996, the 
sheer number of new users overwhelmed the online community and made the 
maintenance of the tightly-integrated Internet culture virtually 
impossible.
    Despite very strong efforts by experienced Internet users to 
maintain their traditions and definitions, the communication became 
garbled, and two Internet conventions (one barring messages with 
commercial content, the other barring multi-posting of messages) were 
generally commingled into the general heading ``spam.''

The Terminology of Electronic Messaging
    Whatever its traditional definitions and usage, the term ``spam'' 
may today be taken or mistakenly referred to as any one of the 
following sorts of messages: a message with commercial or marketing 
content; one that the recipient does not wish to receive, or which is 
unsolicited; one that the recipient has not specifically authorized in 
advance of its transmission; or, a message posted multiple times to a 
single or multiple newsgroups.
    Accepting the Internet's transition into a commercial entity in 
which some forms of marketing and sales messages will be accepted and 
essential, imprecise definitions are counterproductive and serve to 
limit the development of electronic commerce. Although it is not the 
intent of this White Paper to alter Internet culture or common usage of 
terminology, the confusion and imprecision associated with the word 
``spam,'' suggest that a more precise labeling would be beneficial.
    This White Paper will use the term Unsolicited Commercial 
Electronic mail (``UCE'') to describe the process of directing a 
commercial message via electronic mail to a selected group of 
recipients.

Scope of the Problem
    Measured by volume of use, electronic mail is fast approaching more 
traditional means of communication, including letter-writing and 
telephone communications. Though abuse of the UseNet messaging system 
on the Internet is both rampant and detrimental, the current 
controversy over electronic communication more frequently centers on 
unsolicited commercial e-mail. UCE is a problem for the Internet, for 
five reasons:

   It is inefficient. Presently, with no controls or costs 
        attached to UCE, it is as cost-effective to drop one million 
        pieces of UCE onto an ISP as it is to drop one--though the 
        costs to the ISP are substantial. No production cost is 
        involved in the creation of e-mail intended for UCE 
        distribution--no brochures, artwork, printing or other 
        mechanical costs. In effect, unchecked UCE is a ``free ride'' 
        for marketers and provides them with a disincentive to 
        research, focus or target the list of recipients to insure 
        interest in the products or services presented.

   It disrupts service. A major mechanical drawback with UCE is 
        that it arrives on the Internet without notice. It slows 
        service for other users, often during peak use hours. In some 
        cases, it has caused wholesale failures of Internet networks. 
        This disruption is frequently aggravated by the fraudulent use 
        of incorrect or non-existent return addresses, which causes the 
        outraged responses of recipients to bounce across the network 
        multiple times as the system attempts to deliver messages that 
        cannot be delivered.

   It is frequently fraudulent. An Internet culture protective 
        of user anonymity has the unfortunate side effect of creating 
        an environment in which unscrupulous purveyors of UCE can 
        operate. Messages are sent directly to an electronic mailbox, 
        and marketers need not provide information, e.g., business 
        name, physical address, telephone and fax numbers, that would 
        enable consumers to assess the validity of companies. Without 
        greater certainty about company legitimacy, Internet consumers 
        quite rationally become wary of even legitimate marketers. 
        These concerns have contributed to decisions by ISPs to seek 
        judicial protection.

   There is no effective ``opt-out'' procedure. In the offline 
        world, marketers operate a system that enables consumers to 
        remove themselves from direct marketing lists. While the system 
        is not completely effective, it does exist. In the online 
        world, no such system exists, although numerous efforts to 
        create one have been undertaken.

   There is no compensation for service. In the offline world, 
        direct marketing subsidizes the U.S. Postal Service and/or 
        telephone companies, effectively paying for itself. In the 
        online world, UCE currently benefits only the originator of the 
        message and does not pay for the burdens it places on the 
        system. UCE provides very little value, e.g., convenient 
        shopping, entertainment value, or consumer information, and 
        Internet service providers bear the brunt of the resource 
        outlay for the infrastructure that enables UCE. Realistically, 
        a mechanism that shares the economic burdens of UCE will more 
        closely mirror the offline world, and will produce stronger 
        efficiencies in the way UCE is handled on the networks. A ``pay 
        as you go'' system would compensate the ISP's who provide the 
        on-and-off ramps for the UCE traffic.

Combating the Growth of UCE
    In recent years, significant progress has been made toward 
understanding and dealing with the problems associated with UCE. 
Sanford Wallace, the self-proclaimed ``king'' of the UCE business, 
stepped down and joined the ranks of those opposing unchecked direct 
electronic marketing. Major Internet providers such as Earthlink and 
AOL successfully secured court orders against perpetrators of unwanted 
UCE. Nonetheless, the current legal situation remains far from clear, 
and debate rages on among those impacted by and involved with Internet 
service provision.
    On one side are individual consumers who do not wish to have their 
time wasted by having to open and read the first few lines of countless 
messages in which they have no interest. ISP customers who fall into 
this group are supported by consumer advocacy groups, as well as by 
those whose loyalty to the old Internet culture of non-commercialism 
eschews marketing of any sort. On the other side are the marketers, who 
believe that they have a clear right to communicate with current and 
potential customers, regardless of legal trends to the contrary. These 
marketers are supported by customers who wish to have product and 
service information, as well as by the Direct Marketing Association and 
its legion progeny, who fought for similar rights in the use of the 
mails and in direct telephone solicitation.
    Individual ISPs straddle the line and await some clear resolution 
while attempting to cope with UCE's associated costs--these are the 
online and Internet services that suffer both the wear on their systems 
from dumping of UCE messages, along with the wrath of the subscribers 
incensed over wasted time and service slow-downs. These service 
providers seek additional sources of revenue to keep costs competitive 
as their business grows, but fear the network damage and other 
consequences of opening their systems to unwanted UCE.

Unsuccessful Initiatives
    While the two camps (and the companies and individuals stuck in the 
middle) have generated significant public dialogue, attempts to deal 
with the very real and escalating problems of UCE have been only 
partially successful, and generally only in the event that the 
originator of the UCE can be identified. Initiatives that have proven 
unsuccessful include:

   Attempts to claim ownership of the electronic mailbox. 
        Unlike the offline world, where the U.S. Postal Service rather 
        than the consumer owns the mail box, the online industry 
        assumes that each individual owns his or her e-mail box. 
        Although such ownership has not been legally established, the 
        constitutionality of so-called ``receiver restrictions,'' in 
        which consumers are given the right to refuse certain mailings, 
        has been upheld.

   ``Right to privacy'' claims. There is a perceived ``right'' 
        of consumers to not have to view anything they elect not to 
        view, although no case law substantiates this position. By the 
        same token, however, constitutional free speech does not mean 
        that an individual is obligated to view particular subject 
        matter.

   Extension of laws prohibiting marketing via facsimile. See, 
        e.g., ``Netizens Protection Act of 1997,'' H.R. 1748, 105th 
        Cong., 1st Sess. (1997). Although the laws that were used to 
        prohibit direct marketing via fax automatically are sometimes 
        believed to extend to electronic mail, this concept overlooks 
        some very fundamental differences in the two systems. For one, 
        fax machines use expensive resources, where electronic mail 
        normally does not, and efforts to build a case based on the 
        time wasted in reading unwanted e-mail have largely been 
        countered by advances in message preview technology and by the 
        move to flat-rate rather than per-minute pricing for Internet 
        and online services.

   An ``opt-in'' solution, no matter how desirable, may be 
        impractical. Much of the discussion of consumer rights to date 
        has focused on whether UCE should be sent only to those who 
        have specifically requested communications--an ``opt-in only'' 
        solution. This approach, however, would severely limit 
        communication with persons who have not given advance written 
        consent.

   An ``opt-out'' solution needs strong enforcement mechanisms. 
        The ability of consumers to quickly and easily ``opt-out'' of 
        receiving UCE, will only work if there is a sufficient 
        incentive to keep the opt-out list well-maintained, well-
        promoted and easily accessible by consumers.

   Efforts to delineate UCE based on the content of the 
        messages has proven impractical. For example, even the most 
        liberal definitions of ``commercial'' e-mail would prevent 
        announcement to parents of what an elementary school is serving 
        for lunch, since this would clearly be an advertisement of a 
        product for sale.

   Use of mandatory ``header'' information is counter-
        productive. Many suggestions have been made regarding an 
        identifying mark or phrase that could be placed in the subject 
        line or at the head of any commercial message, thus allowing e-
        mail filters to more easily identify and eliminate UCE. While 
        this idea is appealing, it suffers from the definitional 
        problems because filtering systems, at their current level of 
        sophistication, cannot differentiate between UCE and otherwise 
        valid customer mailings. Attempting to have any body, 
        organization or regulation define exceptions to the rule would 
        be unwieldy, and use of extensive identifying information in 
        the first lines of the message would render useless the preview 
        screen technology used by many consumers to rapidly screen 
        messages and their content.

   Use of a ``pre-existing relationship'' test may not be 
        sufficient. It has been assumed by many in the online community 
        that such a test may be implemented in the near future, under 
        which electronic mailings would be permitted to those customers 
        and other groups with whom the mailer has a ``pre-existing 
        relationship.'' This assumption, however, has led virtually 
        every business that has a web site or advertises via electronic 
        mail to scramble to collect personal information about users as 
        a hedge to show such a relationship. The rampant collection of 
        data in order to prove the relationship has created another 
        crisis in the area of privacy, as was noted by the Federal 
        Trade Commission in its efforts to enforce Internet privacy 
        guidelines.

Developing A Framework
    To merely legislate or regulate UCE out of existence is neither 
Constitutional nor necessary. Though not yet tested, even unsolicited 
commercial messages would be subject to constitutional protections if 
Congress acted to prohibit their dissemination.
    Such restrictions are better left to Internet service providers, 
which as private actors may ban distribution of UCE messages on their 
networks. Still, the industry's efforts with respect to UCE have so far 
proved only moderately successful. From these efforts, however, has 
emerged a sense of a viable framework to address its inherent problems.

   Fraud Prevention Legislation. The extension of regulations 
        and legislation related to fraud to UCE. The trend at the state 
        level is clearly toward regulating the practice of UCE. State 
        legislation, however, must be carefully drafted to avoid 
        constitutional challenge, as the experience of Georgia's UCE 
        fraud statute indicates.

   Measured Common Law Development. Recognition by the courts 
        that UCE as presently practiced creates a strong adverse impact 
        on the Internet. Specifically, the channeling of hundreds of 
        thousands of pieces of electronic mail through an Internet 
        system at a single time significantly degrades the performance 
        of the network and interferes with other forms of Internet 
        access and communications.

   Continued Industry Initiatives. The growth of filtering 
        technology for electronic mail. While still crude and 
        relatively ineffective for the larger body of electronic 
        messages, filtering technology has assisted ISPs in taking the 
        first steps toward empowering consumers to automatically reject 
        unwanted solicitations.

    Any proposed framework will at best be preliminary, with additional 
time and consideration required for its full effectiveness, but 
reasoning from the current experience of the online industry, it is 
certain that the following will be factors in any consistent 
legislative approach to UCE:

   The first step is to eliminate fraudulent mailings. The most 
        critical elements of a framework for control of UCE will be 
        unsuccessful if unscrupulous operators are able to flaunt the 
        rules with impunity. At a minimum, electronic mailers should be 
        required to divulge their real identities and return addresses, 
        as well as compliance with other consumer protections laws as 
        appropriate. Although a number of ISPs have imposed guidelines 
        prohibiting the use of their services for the sending of UCE 
        messages, such efforts are far from universal, and the 
        individual policies of an ISP provide no protection against 
        external sources of UCE.

   The solution must include relief for stress on the networks. 
        Consumer irritation aside, the damage done to the Internet by 
        UCE is very real, and its elimination of this damage must be a 
        central consideration in proposed legislation. At the minimum, 
        a requirement for contractual notification of the Internet 
        service or provider prior to transmission of UCE should be put 
        in place; the market would be best served, however, by an 
        industry-wide financial arrangement, similar to the postage 
        system, to compensate all carriers of the message traffic. A 
        compensation system would have the additional benefit of 
        providing a barrier to entry for unscrupulous spammers.

   The right of the states to impose more stringent consumer 
        protections should be preserved. State and local laws have 
        provided some of the strongest protections against abusive UCE 
        to date, in part because they have more extensive protections 
        available against business interference and detrimental 
        business practices. The framework for the future should include 
        some assurance that state and local considerations on behalf of 
        Internet services and consumers not be preempted, to the extent 
        that they are more solicitous of consumer interests than any 
        federal statutory cause of action. Federal initiatives should 
        provide a base level of protection for consumers and ISPs, to 
        circumvent the possibility of inconsistent regulation of an 
        entity, the Internet, that is not bounded by geography.

Conclusion
    The continuing popularity of electronic mail (``e-mail'') as a 
medium of personal and business communication has brought in its wake a 
host of novel legal issues, among them the extent to which the practice 
of unsolicited commercial e-mail (``UCE'') may be limited.
    A compelling need to protect Internet users from unwanted, 
unnecessary and fraudulent commercial message traffic, as well to 
protect the infrastructure of the Internet from the problems created by 
massive postings of messages, either commercial or otherwise, has 
already seen some courts and state legislatures move to prohibit the 
practice in its various forms.
    This White Paper has set forth in summary fashion the historical 
and legal underpinnings of the debate over UCE, and its conclusion is 
that federal legislation should be enacted that would (1) provide a 
minimum of protection for consumers against fraudulent electronic 
mailings by marketers; and (2) promote a more reasonable allocation of 
the costs of legitimate UCE toward the direct marketers that are its 
source.

Appendix A: USIIA Policies
    The U.S. Internet Industry Association opposes any action, program, 
system or endeavor that corrupts the legitimate use or integrity of the 
channels of electronic communication. This policy is explicitly stated 
in paragraph 7 the USIIA Code of Standards, which reads as follows:
    ``Members shall not knowingly create, acquire, distribute or allow 
intentional distribution of materials that violate the legitimate use 
or integrity of the channels of electronic communication, online 
services, computer systems or their contents.''
    Consistent with this policy, USIIA does not support the practices 
of Multiposting of Messages or Off-Topic Posting of Messages. It is the 
belief of the Association that persons who deliberately engage in these 
practices should have their access to the UseNet and other online 
lists, discussion groups or message bases terminated. This policy is 
not intended to affect the legitimate act of Cross-Posting of Messages. 
Similarly, USIIA does not support or condone the communication of 
information that is deliberately misleading or fraudulent. This is 
stated in the USIIA Code:
    ``Members shall not knowingly disseminate false or misleading 
information and shall act promptly to correct erroneous communications 
for which he or she is responsible, or which originated from or resides 
on his or her system.'' USIIA Code of Professional Standards, #8.
    This section of the Code is interpreted to include messages in 
which an attempt is made to disguise the commercial nature of the 
message, those which are fraudulent, those which misrepresent the 
origination of the sender, and those which are violations of the law at 
the point of origination. Nothing within the Code, the Bylaws of the 
Association, its Mission Statement or the will of its members 
specifically prohibits or discourages the legitimate commercial uses of 
electronic mail or messaging.

    Senator Burns. Thank you, Mr. McClure.
    Senator Wyden. Thank you.
    Mr. Chairman, I think it is striking now. You and I have 
put an enormous amount of time into this issue now over the 
last Congress and this Congress and we thought we were going to 
get there at the end of the last session, and suffice it to 
say, I have got a number of questions I want to ask, but my 
biggest concern here is that we need to act, because people are 
tired of this. And to just go round and round the mulberry bush 
with everybody having their own difference just doesn't seem to 
me to be very constructive.
    I mean, I would say to Mr. Pogust you know since my days as 
director of the Gray Panthers, my background has been consumer 
law and consumer rights.
    I find it pretty hard to see a private right of action here 
for a handful of unsolicited e-mails, but to tell you the 
truth, I could see how you would differ. In other words, 
something reasonable people can differ on. The problem is that 
if we just go round and round on all of these, we are never 
going to get anything done in this Congress so what I want to 
do is ask just a couple of questions in hopes that we can get a 
bill here and actually signed into law.
    Do any of you think that the Burns-Wyden bill is not better 
than the status quo? Mr. Moore? Do you think that Burns-Wyden 
is better than the status quo?
    Mr. Moore. Absolutely. No question about it.
    Senator Wyden. Mr. Buckley?
    Mr. Buckley. Yes.
    Senator Wyden. Mr. Pogust?
    Mr. Pogust. Yes, but I believe it needs a little work.
    Senator Wyden. I am going to still just take the yes.
    Mr. Catlett. I think there is a risk it will worsen the 
problem rather than improve it, so I am sorry to say.
    Mr. Cerasale. Senator, yes.
    Senator Wyden. OK., so we got almost everybody saying that 
Burns-Wyden, even though we all have differences----
    Senator Burns. One-and-one. That is better than all in one.
    Senator Wyden. All right. That is encouraging. Anybody 
think that you ought to be able to falsify headers? I can't 
believe that anybody is in favor of that? I will take that as a 
United Nations opinion.
    Everybody here, even though there are differences on the 
role of opt-out/opt-in thinks that opt-out is a useful pro-
consumers principle? Mr. Catlett, you can take the floor. We 
recognize you are for opt-in and I understand that, but opt-out 
is better than nothing for the consumer, isn't it?
    Mr. Catlett. It is better than nothing in an individual 
case. However, if you apply broadly an opt-out policy, 
particularly if you preempt state law on this, you will 
actually increase the number of unwanted solicitations, most 
likely, so applied broadly, an opt-out policy with preemption 
may well make the problem worse.
    Senator Wyden. I am not going to belabor it. I think that 
is pretty far-fetched. To me, any way you slice it, when people 
are opting out, they are going to get fewer of those 
communications, but again, reasonable people can differ and let 
me just kind of keep going on this.
    For the DMA folks and Mr. McClure, any sense on what the 
Burns-Wyden bill would cost to comply with? I mean, we think 
that these are pretty modest costs, and they would be 
consistent with free enterprise, you know, principles. Do you 
all disagree with that?
    Mr. Cerasale. Not at all. As a matter of fact, our members, 
if someone says do not send me any more solicitations, they 
have to follow it already, so that I would say that this fits 
pretty tight within what our members already have to do.
    Mr. McClure. We are in agreement, sir. We don't see 
significant costs. We do, if I may quickly, address the issue 
that has been raised here repeatedly, and that is that somehow 
ISPs would not aggressively go after spammers because it costs 
too much money for them to sue. Certainly if it is going to 
cost them hundreds of thousands of dollars to sue, it would not 
cost much less for individual consumers to do so.
    We believe that ISPs have a very strong record of suing 
spammers when they have the law on their side. And therefore, 
we believe that this is a good bill for ISPs and it needs to be 
passed. We have gone 3 years, sir. It is time to get a bill 
passed.
    Senator Wyden. You are singing from my hymnal. Question for 
the financial services folks. I think you know, I think you all 
have raised legitimate concerns and to some extent they are not 
unlike what happened with the electronic signatures bill at the 
end because this is all new.
    I mean, if you sat around the Senate Commerce Committee 20 
years ago, you never debated this kind of stuff. You were 
talking about an economy where people in Montana and Oregon 
were doing the physical movement of goods and you got up in 
Missoula at 5 o'clock in the morning you ate about 20,000 
calories at 5 o'clock in the morning and you did physical labor 
so this is all new stuff, so we are trying to be sensitive to 
your concerns.
    You have indicated you have got some concerns about the 
enforcement issue, and we are going to try to address those, 
the role of the Federal Trade Commission and the states and I 
think we can, we can do that and as you know, some of those 
issues came up in the electronic signatures bill as well, the 
role of the Federal Government and the states, but the one that 
I would like to see if we can make progress on is on the 
definitions. I want to find out if we are talking about some 
technical stuff or are we talking about things where there is 
really a philosophical question.
    You suggest, for example, that being clear may require, for 
example, a universal signal that the e-mail is an 
advertisement, a kind of universal signal. The reason we have 
taken the approach that we have, Senator Burns and I, Chairman 
Burns and I, is we are trying to give business a lot of 
flexibility because we thought that is what business folks were 
interested in is trying not to have this one-size-fits-all and 
everybody in Washington, DC running around saying we have got 
all of the wisdom.
    Mr. Buckley. I understand your frustration, Senator, as you 
say----
    Senator Wyden. We are trying to be responsive.
    Mr. Buckley. You say ``let's try to give people 
flexibility'' and that is something people often want, but in 
compliance statutes we find clear definition of responsibility 
is important. I practice law and defend lawsuits and try to 
advise clients on how to remain compliant. It is a good idea to 
try to give people a model. It doesn't necessarily eliminate 
flexibility--you could both retain flexibility and give a model 
saying ``do it this way and you can be sure to have complied.'' 
You still have flexibility to comply otherwise, but in an area 
like this, using standards like ``clear and conspicuous,'' 
without further definition of what you are talking about.
    This notice is something that is going to be fairly 
universal and I hope fairly simple, but you know when you get 
into what is clear and conspicuous, what's the size of type, 
where does it have to be located, maybe we ought to have some 
discussion about that. You know, I don't want to pin people in 
other industries down where they feel that they need 
flexibility, but it is awfully helpful to know exactly what 
Congress has in mind. There is a class action bar lurking out 
there, and if we don't get some of the changes we have asked 
with respect to enforcement, we may have challenges to whether 
something is ``clear and conspicuous'' or not. Even the FTC may 
conclude we don't agree with your understanding of what clear 
and conspicuous is.
    So we think tightening down on the meaning of ``clear and 
conspicious'' would be helpful. I know precision is not what 
people are always asking for, but that seems best in this case 
in our judgment.
    Senator Wyden. Well, we will work with you and I know 
Senator Burns has some questions, but I think we ought to get 
this, get this bill to the White House for signing, for a 
signing ceremony. I think I have met with almost all of you 
individually, the financial services folks here recently, 
Senator Burns has done exactly the same thing, and you know, 
look, I think the American people say getting spam in their in 
box is like getting that unidentified stuff in your lunch box, 
and you didn't order it. You don't know where it comes from, 
and you are really ticked off.
    So work with us here to try to resolve these remaining 
issues because even at this table there is a whole lot more 
common ground here than there are reasons to go off in your 
respective corners and come out swinging, which was why I asked 
that question about the status quo, and we will do our best to 
be responsive to your concerns and Senator Burns, like a pen 
from President Bush when this bill gets signed into law, and I 
would, too, and I thank you, Mr. Chairman.
    Senator Burns. All I need is one more pen. You bet. All I 
have is one more question, and I am going to throw it out on 
the table and let everybody take a shot at it. I referenced the 
article in the Wall Street Journal on Monday. And it had to do 
with mass harvesting.
    Spammers can't survive without a plentiful supply of e-mail 
addresses, and as I understand it, businesses have sprung up to 
fulfill that need. They have technology that intrudes on 
popular websites and gathers thousands and thousands of e-mail 
addresses to spammers. And they sell and rent those addresses 
to spammers. The result is that someone who has posted a 
comment in a chat room or made a winning bid on an online 
auction, and I am an auctioneer, and I want to sell spurs so 
they don't send me much, they get on a spam list and they are 
flooded, absolutely flooded with unwanted messages. And I will 
tell you, I did sell a pair of spurs on eBay and boy, as soon 
as that happened, I'll tell you, I just threw my old computer 
away. I changed my name and everything.
    That individual's privacy has been invaded and they don't 
know how it happened. It sours them on the entire business of 
e-commerce. Do we need to do something about this business of 
harvesting and do we, and is there a way to amend or how would 
you recommend that we deal with this situation of harvesting? 
Mr. Catlett?
    Mr. Catlett. Thank you, sir. Unfortunately, to ban 
harvesting would not be effective for the following reason. 
There is a technology employed now called dictionary spamming 
which is based on the age-old sales method of guessing so a 
spammer, for example, has an e-mail address [email protected] so 
they try sending a spam to [email protected] and the mail server 
tells them no such address or yes, that is a live one, then 
they go into John45 and so on and so forth. They also try 
[email protected] and because people tend to use e-mail 
addresses which are easy to remember for their friends, they 
hit on a large number of deliverable addresses. So as 
deplorable as the practice of scavenging e-mail addresses is, 
to ban it, even if completely effective, would not solve the 
core problem.
    Senator Burns. Any other comments? How do we, how do we 
deal with these folks who break into commercial organizations 
and take their list?
    Mr. Catlett. Well, the Computer Fraud and Abuse Act would 
already make that illegal, I believe, sir. I am not a lawyer, 
but----
    Senator Burns. Is that correct? Well, that is about all the 
questions and Senator Wyden and the way you covered this thing, 
we will, we want to work with you and to move this thing out 
and find a way that we can find some similar ground on this 
thing.
    Senator Allen had some questions, and I am going to allow 
him to submit those in writing and you can respond either to 
the Senator or to the Committee. We would appreciate that. And 
then I have a couple more, but it is getting close to 4:30 and 
I never work past 4 o'clock. And we have already gone overtime.
    But I want to thank you for your testimony today. We 
invited AOL and Yahoo today and they declined to come and 
before we can, before we can solve some of these problems, we 
are going to, we have got to have a good, strong representation 
of the giants of the industry, and I am disappointed in that 
but nonetheless, we'll be meeting with those folks and continue 
our communications with you as we work it through the Senate. 
But I am like Senator Wyden. It is time to move this thing and 
we plan to do just that as soon as we can. Thank you for coming 
today. We appreciate it. These proceedings are closed.
    [Whereupon, at 4:35 p.m., the hearing was adjourned.]

                            A P P E N D I X

            Prepared Statement of Hon. Ernest F. Hollings, 
                    U.S. Senator from South Carolina

    Today's hearing examines a bothersome consumer issue--that 
of unsolicited commercial e-mail, also referred to as junk e-
mail or spam. With the growth of commerce over the Internet, 
consumers are being bombarded with junk e-mail advertising 
various products and services, including get-rich-quick 
schemes, phone sex lines, and pornographic websites. In light 
of the bothersome and at times costly nature of junk e-mail, I 
believe it is appropriate for Congress to address this issue.
    Since junk e-mail imposes real costs on recipients, it is 
important that we act to resolve this issue and not simply 
balance the concerns of competing business interests. For 
example, an ISP or a business has to expend money and resources 
when its network crashes because it cannot handle the volume of 
junk e-mail. Consumers have to expend time and money to delete 
junk e-mail from their accounts or inform the sender that they 
do not want to receive future junk e-mails.
    An opt-out approach in which the recipient has to respond 
to every junk e-mail and ask the sender not to send any 
additional junk e-mail is riddled with loopholes. This approach 
is problematic because in the online world, spammers often do 
not provide correct addresses and header information. An opt-
out system also requires electronic marketers to keep a well-
maintained list for all consumers who have opted-out, provide 
clear information to consumers about what they need to do to 
opt-out, and ensure that consumers know that they can opt-out 
of receiving junk e-mail. An opt-out approach also presents 
difficult questions such as if a consumer opts-out of receiving 
information from the Gap does that mean that Old Navy, a store 
owned by the same parent company, can send the consumer junk 
mail? Also, where a consumer has multiple e-mail addresses, 
must the consumer opt-out for each e-mail address?
    I also believe it is important that all consumers have some 
legal recourse when they are harmed. This means that when a 
business or consumer suffers damages from having their computer 
and Internet systems go down because of the volume of junk e-
mail, they are able to recover damages. The threat of a lawsuit 
will help to ensure that senders of junk e-mail take the 
requisite care when they send junk e-mail.
    This is an important issue and Congress should take the 
time to get it right. I welcome the witnesses and look forward 
to hearing their testimony.

                                  
