Even the chairman of the Federal Trade Commission (FTC), Tim Muris, said the law is not strict enough and could end up being counter-productive.
Once the bill is signed by President Bush after the Thanksgiving holiday, the FTC will be given a specific time frame to implement a "Do Not Spam" registry that will enable email recipients to officially request a block on unwanted email. Although critics are saying that the FTC is under-staffed and under-budgeted for such a massive undertaking.
As described in the bill's language, email marketers and publishers, along with political and charitable organizations, will still be allowed to send unsolicited email to consumers as long as the messages contain an opt-out feature, a valid subject line indicating that the email is an advertisement, and a physical address in the body of the email.
The new law prohibits individuals from suing spammers, which certain state-enforced spam laws, in particular one in California, were about to enforce. The California law that would go into effect on Jan. 1 would have enabled recipients of spam to file lawsuits against individual spammers on a per email basis.
Another major voice in opposition of the federally-enforced spam law is Sophos, an anti-virus software maker, that claims the anti-spam law will create confusion and encourage even more companies to send unsolicited emails.
The company's senior technology consultant was quoted by F2 Networks as calling the legislation "muddy-headed," and that the U.S. had settled for an "enormous fudge" when it had a good chance to enact laws that would actually be effective in curbing spam.
Sophos is claiming that the U.S. missed its opportunity to put spammers out of business, and that under the terms of the new law, certain forms of spam would be legal, but that in general, spammers can still continue to send commercial mail messages as long as they are obvious advertisements containing a valid postal address and an unsubscribe link.
The law shifts the burden of "opting out" to the individual email users, instead of the email sender, said Sophos, rather than making email only legal if soliticitors can prove that the recipient "opted in."
And even though the new law would impose stiff fines in the millions of dollars against email marketers and spammers who do not abide by the law, Sophos added that the U.S. should have followed the precedents set by the international community and adopted tougher laws to crack down on spammers.
"This bill acts as a green light for any company that is thinking of sending unsolicited email to millions of innocent users," Sophos told F2 Networks. "Now they know they can go ahead, completely legally, as long as they include a message offering 'opt-out' at the end. This won't reduce the amount of spam people are likely to receive at all. If anything, it may make things worse."
The FTC's Muris was also full of ire when it comes to the new spam law. Muris delivered a strongly-worded commentary at the Progress and Freedom Foundation luncheon saying that the spam law will be even less effective than existing laws the FTC has been using to sue spammers.
"No one should expect any of (the proposals) to make a substantial difference," Muris was quoted as saying by ZDNetUK. "In fact, they could even be harmful."
According to reports, Muris said that a long-term answer to eradicating spam would probably mean rewriting the Simple Mail Transport Protocol (SMTP).
Muris said that any successful law would have to "identify the person sending the spam; confront how to punish spammers, who often have minimal assets at risk in a civil lawsuit; and regulate non-deceptive unsolicited commercial email.
He added that congress should enact suggestions proposed by the FTC in June that would grant the agency's investigators the power to serve secret requests to ISPs for subscriber details, provide access to FBI criminal databases, and swap sensitive information with foreign law enforcement agencies.