WASHINGTON, DC — The Federal Trade Commission has approved four new rule provisions under the Controlling the Assault of Non-Solicited Pornography and Marketing Act of 2003. The provisions are intended to clarify the act’s requirements, but some pundits are saying they make things more difficult for consumers while adding nothing to thwart the efforts of unsolicited email senders.The first of the new rules actually does help: “An email recipient cannot be required to pay a fee, provide information other than his or her email address and opt-out preferences, or take any steps other than sending a reply email message or visiting a single internet Web page to opt out of receiving future email from a sender.” That simplifies the process in cases where consumers have been required to jump through an inordinate number of hoops, call a telephone number bearing a per-minute connection charge or snail-mail their request to a physical address. (That previous argument that some spammers could figure out how to use email marketing to reach consumers but not devise a way to allow consumers to opt-out electronically was dodgy, at best. Most likely, it resulted from an oversight when the original CAN-SPAM rules were drafted.)

Another of the new rules, however, “takes the worst aspect of Can-Spam — the fact that we are all expected to opt out from every spamming list using the opt-out procedure designated by the spammer — and makes it even worse,” Ed Foster wrote in his Gripe Line blog at InfoWorld. “In ‘scenarios where multiple marketers use a single e-mail message’ to spam you, only one of the senders — the one in the From: field — need be designated the official sender who is responsible for honoring opt-outs. That means the other ‘marketers’ who used that spam message, not to mention the spamming service that actually provided the e-mail address list, don’t need to honor opt-outs. So try as you might to get yourself off a list, the real spammer can just keep changing the designated sender in the From: field and legally keep on spamming you.”

The other two rules allow a sender of commercial email to include an accurately-registered post office box or private mailbox established under United States Postal Service regulations to satisfy the act’s requirement that commercial email display a “valid physical postal address” and provide a definition of the term “person” in order to clarify that CAN-SPAM’s obligations are not limited to literal human beings.

“What’s really pathetic is that the public comments on which these rule changes are based were mostly submitted back in March of 2005,” Foster wrote. “So it took the FTC over three years of mulling it over to come up with these less-than-helpful changes to a law that was clearly not working even back then. You have to wonder how many of those who filed those comments in 2005 or earlier would even care now. Not many, I bet, because the battle has been lost for any who were actually trying to curb spam.”

The real flaw of CAN-SPAM, according to Foster and others who track the unsolicited email situation, lies not with the FTC but with Congress, which took a backwards approach to the problem in 2003. Instead of requiring consumers to opt out of spam lists, Congress should have required email marketers to obtain permission before sending anything to anyone.