If CAN-SPAM goes into effect, the most likely victims are going to be nonprofit organizations raising money.

Although it purports to do the opposite, the CAN-SPAM Act of 2003 leaves corporate and private e-mail boxes wide open to receiving unsolicited, bulk, commercial e-mail. The Controlling the Assault of Non-Solicited Pornography and Marketing Act of 2003 may instead erode legitimate free speech and will certainly create a flurry of confusion. But its unlikely to eliminate spam from our e-mail diets.

U.S. Sens. Ron Wyden, D-Ore., and Conrad Burns, R-Mont., introduced CAN-SPAM April 7. The bill says that if an e-mail recipient has had a relationship with the e-mail sender in the previous three years and that if the sender uses a functional return e-mail address, uses a subject line that truthfully describes the contents of the e-mail and provides a method for the recipient to unsubscribe to the mailing, its not spam.

While these sound like high barriers, a sampling of companies with a committed online presence found they already comply with these "tough" restrictions.

For example, the published privacy statement of my employer, Ziff Davis Media, already complies with the legislation. Most of our competitors, as well as retailer and financial enterprise Bank of America, have similar customer e-mail use provisions. And yet, I also know from e-mail I receive from time to time that some subscribers consider some ZDM e-mail to be spam.

The CAN-SPAM sponsors want to allow direct marketing by legitimate businesses, while eliminating the same direct marketing by such fly-by-night characters as financial scammers and sex charlatans. This intent is evident in the moralistic language used by the CAN-SPAM sponsors ("controlling" the "assault" of "pornography"). But thats so much hot air. The way the act reads, companies can peddle drugs, mortgages, credit cards, financial products and body enhancements as long as theres a way to unsubscribe.

The Internet is too big, the senders of spam are too clever and spam costs them too little for CAN-SPAMs impact to be much of anything besides confusing. If CAN-SPAM goes into effect, the most likely victims are not going to be herbal Viagra dealers, but nonprofit organizations raising money.

This is because the herbal Viagra dealers already know they were likely breaking a law by selling unlicensed drugs and will adapt to meet the conditions of CAN-SPAM. However, the civic or arts organization that sends out an invitation to a charity ball without offering a way to unsubscribe could unwittingly leave itself open to prosecution.

Consider what will happen when spam recipients try to unsubscribe. CAN-SPAM allows spammers to offer the spamees a list of unsubscribe options. Even if a low fraction of 1 percent of respondents reply that they want off the herbal Viagra list but that they want to keep getting news about body part enhancement, the mailing almost certainly paid off, thanks to the extremely low cost of sending spam.

Whats more, the recipient now meets the transaction threshold established by CAN-SPAM—and the spammer gets a more focused list of spamees. Further, it is almost guaranteed that by responding, the spamees have agreed to a "privacy" statement that allows the spammer to send all sorts of spam in the future.

The measures prescribed by CAN-SPAM cant overcome the exceedingly low cost of e-mail spam compared with any other cold-call method. The payoff is too great compared with the money invested. And even if CAN-SPAM makes a dent in less-well-capitalized e-mail advertisers, there are plenty of larger spammers that will remain unaffected.

If you combine whats "covered" by CAN-SPAM with the so-called privacy statements used by the majority of e-tailers, you end up with next to no protection. eWEEK Labs has started spending a lot of time looking at these privacy statements. Most can be summed up as follows: "We reserve the right to give, sell, trade or otherwise use your personal information." Of course, its dressed up in nicer language, usually with a preface that starts, "We respect the value of the personal information you provide us." Yep, its respected all the way to the bank.

Spam is a serious problem. But the CAN-SPAM Act of 2003 wont fix it.