Congress is eager to stem the rising tide of unwanted commercial e-mail this year, and although several anti-spam bills are pending, the lawmakers first step will likely be to give the Federal Trade Commission more power to catch and punish spammers. The FTC has asked for a lotincluding some of the powers that historically have fallen exclusively to the Federal Communications Commission.
The FTC this month presented Congress with a list of expanded authorities that agency officials said they need to investigate the origins of fraudulent e-mail and enforce the laws that prohibit it. To line up potential witnesses for prosecutions and to more easily determine the scope of spam crimes, the FTC wants to be able to require ISPs to hand over data from spam complaints submitted by subscribers. Because spam recipients often contact their ISPs, FTC officials told Congress that access to such information would provide much-needed information in investigations and enforcement.
The agency also wants to be able to conduct secret investigations of spammers internationally because one of the greatest difficulties in tracking spam is the borderless nature of e-mail. According to the FTC, targets of fraud investigations often destroy documents or hide assets once they are notified of an investigation.
Many lawmakers are enthusiastic about getting tough on spam, but privacy advocates are wary of Congress turning over too much power to the FTC. According to Marc Rotenberg, executive director of the Electronic Privacy Information Center, in Washington, the FTCs proposal would reduce the chances that the target of any investigation would be notified. Not only would that set a bad precedent for domestic law enforcement, but it would also give the wrong signal to other governments about the conduct of investigations in a democracy, Rotenberg warned lawmakers earlier this month.
Corporate IT managers, who serve on the front line in the spam war, often side with those seeking tougher tools for enforcing laws against spam.
"Many people, including myself, experience spammers purely as illegal intruders and thieves. Stopping them isnt censorship, it is self-defense," said John Hughes-Caley, who recently retired from the U.S. Postal Services IT security office. "I naturally view as a felony any systematic, large-scale trespass, theft and harassmentI havent even touched on fraud schemes. We should look to the ISPs to take the lead now in pressing charges."
ISPs recently stepped up their own lobbying efforts to pre-empt anti-spam measures that would create unwanted regulatory burdens for them, and they have offered a range of alternatives. Microsoft Corp. last month suggested that Congress should authorize the FTC to approve an industry self-regulated organization that would certify commercial e-mailers as trusted senders. However, the idea of leaving the fight in the hands of the industry leaves some IT managers less than enthusiastic.
"Trustworthy spam? I cant see anything out there that is worth approving as trustworthy," said Jim Lambright, manager of IS at Roth Manufacturing Corp., in New London, Ohio.
The FTC is also seeking the right to oversee traditional telecommunications operatorsknown as common carriers in regulatory jargon. Common carriers today are exempt from FTC regulation because they fall under the authority of the FCC, and thats the way the carriers want to keep it.
The United States Telecom Association, the main lobbying group in Washington for the Regional Bell Operating Companies and other Incumbent Local Exchange Carriers, is fighting the FTCs efforts to expand its jurisdiction. The group argues that local carriers are more regulated than ever before, and adding FTC regulation on top of FCC rules could produce conflicts. USTA also contends that the FTCs requested authority would lead to confusion for carriers and users because nobody would know which agency to look to for standards to follow.
Key lawmakers, including Billy Tauzin, R-La., chairman of the House Energy and Commerce Committee, have spoken out against giving the FTC unbridled authority over common carriers. Tauzin said the authority is unnecessary, and the two agencies should coordinate enforcement efforts.