From the Nolo eCommerce Center

Learn what it is, how it works, and what you can do to stop it.

Spam is Internet slang for unsolicited email, primarily unsolicited commercial email (UCE). The use of the term “spam” (a trademarked Hormel meat product) is supposedly derived from a Monty Python sketch in which Spam is included in every dish offered at a restaurant. Recipients of spam often consider it to be an unwanted intrusion in their mailbox. Internet Service Providers (ISPs), such as America Online, consider spam to be a financial drain and an impediment to Internet access because it can clog an ISP’s available bandwidth. Spam has also been linked with fraudulent business schemes, chain letters, and offensive sexual and political messages.

Not all bulk email is spam. Some is permission-based, meaning that the recipient has asked to receive it. This occurs when a user at a website voluntarily agrees – for example, at the time of making a purchase – to receive email or a newsletter (known as “opt-in email”). Unlike spam, opt-in email usually provides a benefit such as free information or sale prices. Sending unsolicited email to online customers who have not elected to receive information is considered spam.

How Spam Works

Spam is rarely sent directly by an advertiser. It’s usually sent by a “spammer,” a company in the business of distributing unsolicited email. An advertiser enters into an agreement with a spammer who generates email advertisements to a group of unsuspecting recipients. The cost of spam is far less than postal bulk mailings. An advertiser could spam 10,000 recipients for under $100 versus several thousand dollars for a postal mailing.

How do spammers find you? Recipient addresses are often obtained by using software programs known as “harvesters” that pluck names from websites, newsgroups or other services in which users identify themselves by email address. For example, one spammer harvested thousands of email addresses from DejaNews, a searchable online database of postings from newsgroups.

To protect against harvesters of email addresses, some websites use software that “poisons” the harvester – for example, generating bogus email addresses or directing the harvester to a nonexistent site. The use of poisoners, filters and blocking software can be costly, and creates an escalating cat and mouse game as spammers attempt to circumvent each new round of anti-spam software.

The Problem With Spamming

Defenders of spam claim that it is little different from junk mail and can, in fact, be tossed more easily: simply hit the Delete key. While there is some truth to this position, receiving spam is actually more like receiving a junk fax or sales call on a cellular phone because the cost of distributing the advertisement is borne by the recipient (or the recipient’s ISP), not the sender. This means, unlike direct mailers, who eventually stop if few people respond, spammers who get even a tiny return are motivated to spam forever.

Every ISP pays for the right to operate on the Net by purchasing bandwidth, the “space” it uses to transmit over the Internet. As the volume of spam directed through an ISP increases, the bandwidth becomes crowded, often slowing down the user’s Internet access. To counter this, the ISP must pay for filtering software (which can also slow access) or pay to increase the amount of bandwidth. In both cases the expense is often passed along to subscribers. To get an idea of how much bandwidth is consumed by spam, America Online estimated that one-third of the 30 million daily email messages it transfers is spam.

Since most legitimate businesses recognize the public’s strong anti-spam sentiment, they avoid using it.

You’ve probably noticed that much of the spam you receive involves deceptive practices. For example, spam for X-rated sites may be disguised with a personal subject header (“How come you didn’t write back?” or “Here’s my new email address”) or even as anti-spam (“We Can Help Remove You From Spam Lists!”). And you’re surely aware that most of the spam that comes your way is attempting to perpetuate some sort of scam – pyramid schemes, bogus stock offerings, pirated software and quack health remedies. For example, while editing this article, we received spam for a weight loss system (“Easy Weight Loss… No Dieting, Hunger, or Exercise”).

Besides the annoyance and cost of spam, it makes the Web harder and less pleasant to use for all of us. For one, spam can affect access to legitimate email because it can overflow a user’s mailbox, especially in cases where email is not reviewed for a period of days. And for Internet newbies, unaware of the nuances of email, spam can be a confusing and off-putting hurdle in the struggle to communicate online.

The War Against Spam

Avoiding spam can be a time-consuming and sometimes futile battle. Some ISPs allow users to block incoming email from unknown sources, something that can, unfortunately, also block legitimate messages. Anti-spam groups sometimes suggest replying to spam with a stern message requesting removal from spam lists. This option proves futile if spammers, who often use a dummy return address or supply false information in registering its domain name, are not dissuaded. Sometimes dummy return addresses are even used to collect additional email addresses from disgruntled spam recipients. Often, you will have better luck opting out of commercial spam lists by reaching the sender via an email address or 800 number that is enclosed within the content, not the header, of the spam. That’s because the email header and return address are generated by a spammer who usually prefers to remain anonymous, while the content of the email is generated by an advertiser who wants to be contacted.

The most effective deterrent against spam has been slow in coming – anti-spam legislation. Despite the fact that there has long been law prohibiting junk faxes and unsolicited commercial calls to cell phones (the Federal Telephone Consumer Protection Act of 1991), there is currently no federal anti-spam act. Proposed legislation generally falls into two categories: tough anti-spam laws, favored by Internet privacy groups, that allow ISPs to sue spammers and provide criminal penalties for some deceptive practices; or “opt-out” legislation, favored by spammers, that allows recipients to elect to be removed from junk email lists. Opt-out legislation has been criticized because it permits a spammer to have a first unblocked mailing and requires the recipient to take affirmative action to avoid future mailings. If opt-out junk mail laws (for postal junk mail) are any example, similar requirements for spam may not be too effective.

Anti-spam legislation has also been proposed in 17 states, but so far only California and Washington have enacted tough anti-spam laws. California’s law (Cal. Bus. & Prof. Code ßß 17511.1 & 17538.45 and Cal. Penal Code ß 502) allows ISPs to sue spammers that violate an ISP’s anti-spam policy and requires that commercial spam include opt-out instructions and, in some cases, an “ADV” (short for advertisement) at the beginning of the subject line. Washington’s anti-spam law (Wash. Rev. Code ß 19.190) prohibits sending mail that uses a third party’s Internet domain name without permission, or email that has a false or invalid return address, or contains a false or misleading header. It also permits an ISP to block messages which it believes are in violation of the law. The law permits an individual to recover up to $500 for each email message in violation of the law. In July 1998, a Washington man became the first person to recover damages under the law when he accepted a $200 payment as settlement for an unsolicited commercial email. In April 2000, a state court declared Washington’s anti-spam law unconstitutional. The ruling is being appealed by Washington’s attorney general.

You can read the California and Washington anti-spam laws, as well as proposed federal and state legislation, by visiting the John Marshall Law School’s website at http://www.jmls.edu/cyber/statutes/email. For more about the war on spam, visit the Coalition Against Unsolicited Email (CAUCE) at http://www.cauce.org/ or “Death to Spam” athttp://www.mindworkshop.com/alchemy/nospam.html.

Click here for related information and products from Nolo

© 2002 Nolo