Spam's Big Bang!

(2 of 3)

Automated antispam software can only do so much, so the four e-mail giants have started to employ a new weapon: humans. People, it seems, learn the rules of this new battlefield faster than machines do. At AOL's new control facility in Gainesville, Va., home to its antispam special-forces unit, workers like Anna Ford scan screens that show blocks of mail entering the system. She's looking, Matrix-like, for suspicious patterns. "Here's someone sending 50 e-mails to 3,000 recipients," says Ford. "That stinks." With one click, the sender is identified as a China-based spammer; with another, he is banished from the system. Is there room for human error? Possibly but letting such high-volume users through, says AOL antispam manager Charles Stiles, "would be like a bank welcoming customers in ski masks."

Meanwhile, in Washington another group of humans is dealing with the spam threat at a rather more sedentary pace. Congress has debated e-mail-protection bills for five years without enacting anything. Antispam measures before it this session have a better chance of passing, but none is generating much enthusiasm among either consumer groups or e-mail providers. This is what Senator John McCain told TIME about the legislation expected to pass his Commerce Committee: "I'll support it, report it, vote for it, take credit for it, but will it make much difference? I don't think so."

That bill, called Can-Spam, is sponsored by Senators Conrad Burns and Ron Wyden, and more notably, it is endorsed by the Direct Marketing Association. Can-Spam would make spamming a federal offense punishable by jail time and fines of up to $1.5 million. But it would also require that complainants have actively attempted to avoid spam by placing themselves on an opt-out list. Critics say opting out could become as disruptive as deleting spam is now. If all 23 million businesses in America decided to send you just one message a year, that would give you 600 emails a day to opt out from. Worse still, unsolicited email would effectively be protected by law, provided it had the fig leaf of an opt-out clause. "This is a federal license to spam," complains Andrew Barrett, director of the consumer group SpamCon.

Like many other antispam advocates, Barrett prefers the model of the Telephone Consumer Protection Act of 1991, which effectively put an end to junk faxes by allowing consumers to sue senders at a rate of up to $500 for every unsolicited fax. California is expected to pass a bill that would do the same thing for unwanted e-mails sent to or from any computer in the state. It would also require spammers to use only opt-in lists for their targets. The problem? It's just one state, and 28 other states have entirely different antispam laws on the books. (The toughest belong to Virginia, which requires criminal penalties for major-league spammers.)

Some spam victims aren't waiting for the state laws to kick in. They have become spam vigilantes. Marketer Dan Balsam in Santa Monica, Calif., has waged a one-man legal campaign against spammers who refuse to remove him from their mailing lists. No judgment has netted him more than $1,000, but Balsam isn't in it for the money. "I'm trying to raise the cost of spammers doing business," he says. Los Angeles software engineer Bill Silverstein has taken an even more creative approach. When he wanted to sue a company that refused to stop sending him spam for a penis-enlargement kit but couldn't pin down its real-world address, he simply ordered the $90 kit. The address showed up on his next credit-card statement. "You can hide on the Internet," he says, "but you can't hide from American Express." The offending company eventually settled for $7,500.