Pending U.S. Anti-spam Legislation: A Marketer's Guide

Transcription

1 Tactical Guidelines, W. Janowski Research Note 14 August 2003 Pending U.S. Anti-spam Legislation: A Marketer's Guide Nine anti-spam proposals are before the 108th U.S. Congress. Marketers must understand the potential impact of pending legislation on their marketing efforts. Core Topic Customer Relationship Management: Business Strategies, Technologies and Applications for Marketing Key Issue How will marketing communications evolve to craft optimal dialogues with consumers? Strategic Planning Assumption Some level of U.S. anti-spam legislation, composed of a combination of the actions drawn from bills pending before the U.S. Congress, will be passed into law by the end of 2003 (0.9 probability). Tactical Guidelines To be considered spam, must be both unsolicited and distributed in bulk. Current proposed anti-spam legislation does not attempt to reduce spam, but only to regulate it. Some proposed anti-spam legislation seeks to legitimize spam and will be beneficial to responsible marketers. Opt-in requirements are already gaining momentum at the state level, and marketers should begin proactive methods to convert their practices to optin. Of all the opportunities for abuse of personal contact information, spam is the most prevalent and the one that currently holds the attention of the general public. Spam, the notorious "junk ," is proliferating faster than paper or fax junk mail ever did. The proliferation of untargeted spam makes it difficult for legitimate companies trying to target their consenting customers with marketing campaigns. Although there are laws now in 20 states in the United States and in several other countries making it illegal to send spam, federal anti-spam initiatives are gaining momentum within the 108th U.S. Congress. As of 31 July 2003, nine bills are pending in the U.S. Senate and House of Representatives, each with its own perspective on how spam should be regulated within the United States. We review the key elements before Congress and how they could affect marketers using in their marketing campaigns. Defining Spam Derived from slang, the term "spam" is often casually used to describe a wide variety of unwanted . However, a more specific definition of spam would be that of unsolicited, bulk e- mail. The operative words here are "unsolicited" and "bulk." Unsolicited mail by itself, while sometimes unwelcome, is not necessarily spam. Legitimate examples of unsolicited mail include job applications or receipt of solicitation to apply for a position, letters to your congressman, and sales inquiries. Bulk e- mail is a legitimate use for newsletters, discussion lists and so on. None of the current proposed regulation is targeted to regulate these types of . It is only when the mailings are both unsolicited and in bulk that anti-spam legislation would come into play. Gartner Reproduction of this publication in any form without prior written permission is forbidden. The information contained herein has been obtained from sources believed to be reliable. Gartner disclaims all warranties as to the accuracy, completeness or adequacy of such information. Gartner shall have no liability for errors, omissions or inadequacies in the information contained herein or for interpretations thereof. The reader assumes sole responsibility for the selection of these materials to achieve its intended results. The opinions expressed herein are subject to change without notice.

2 "Spammers" vs. Marketers Within the context of this research, Gartner draws a distinction between marketers using unsolicited bulk combined with aggressive, deceptive and unethical practices (spammers) and those who use responsibly as a tool for targeted, outbound marketing ( marketers). Although, by the above definition, both technically deal in the distribution of spam, it is the irresponsible use of spam that generates the most customer distress. Some of these unacceptable business practices of spammers are defined later in this research. Regulation, Not Reduction Despite the hype surrounding it, most of the proposed legislation is not designed to directly eliminate or reduce the amount of spam being sent. Rather, the general direction is to discourage deceptive and unethical practices of spammers while clearing the path for more-legitimate marketers. However, it would be naive to assume that spammers will simply give up and go away when some of their more aggressive tools are taken away. In reality, they are more likely to either adapt and behave more responsively, or (more likely) seek additional methods to circumvent the regulation (for example, initiating mailing from an offshore location). None of the proposed legislation calls for an opt-in requirement (that is, no may be sent to an individual unless the individual has given explicit permission to do so). Instead, all proposed legislation assumes opt-out (that is, may be sent to anyone unless they explicitly request to not receive it). This has led several privacy advocacy groups to label all pending legislation as "pro-spam" in that the legislation seeks to regulate and legitimize spam, not to stop it. Although it is not on the national agenda in the United States, an opt-in requirement is mandated in Europe by the European Union Directive on Privacy and Electronic Communications, scheduled to go into effect in October Several U.S. states have opt-in requirements in place (North Dakota) or pending (California) at the state level for financial-services organizations (see "California Privacy Legislation Indicates National Trend"). Initiatives that would help to reduce overall spam volume include a "do-not-mail" registry and, within its limited application, the proposed U.S. Wireless Telephone Spam Protection Act. What the Proposed Regulations Mean to Marketers There is much overlap and commonality within the various bills before Congress. Although it is not our purpose here to endorse 14 August

3 or refute any particular bill, we will review the common elements and their relevance to marketers. Actions That Should Be Welcomed by Marketers Note 1 Summary of Key Points in Pending Antispam Legislation Before the 108th U.S. Congress (as of 31 July 2003): Senate Ban on Deceptive Unsolicited Bulk Electronic Mail Act of 2003 (S. 1052) (Bill Nelson): All commercial must be identified as such; must include opt-out mechanism and sender's physical street address; prohibits false or misleading headers or subject lines; prohibits automated dictionary attack. Controlling the Assault of Non-Solicited Pornography and Marketing (CAN-SPAM) Act of 2003 (S. 877) (Burns-Wyden): All commercial must be identified as such; must include opt-out mechanism and sender's physical street address; prohibits false or misleading headers or subject lines. Computer Owners' Bill of Rights (S. 563) (Dayton): Requires establishment of a donot-mail registry by the FTC; empowers the FTC to impose civil penalties on violators. Criminal Spam Act of 2003 (S. 1293) (Hatch): Prohibits unauthorized or deceptive use of a third party's computer for relaying bulk commercial messages; prohibits the use of false header information in bulk commercial messages; regulates the use of multiple accounts or domain names for purposes of sending such messages. Stop Pornography and Abusive Marketing (SPAM) Act (S. 1231) (Schumer): Establish a national "no-spam" registry administered by the FTC; all unsolicited commercial messages required to use a label ("ADV:") at the beginning of the subject line; illegal to send any commercial in violation of an Internet service provider's policies, or with a false or misleading subject line or message header, or to harvested addresses; all commercial messages required to include the sender's physical address. The irresponsible practices used by spammers poison the air for those marketers attempting to use legitimately. Ultimately, eliminating those bad practices will help minimize the bad reputation given to marketing and benefit those who use it responsibly. Actions within pending legislation (see Note 1 and Note 2) include: Prohibit false or misleading subject lines: Spammers often use deceptive subject lines to trick the recipient into opening the message. For example, the subject might say "Here's the information you requested" or "Your order status," while the body of the message is something completely different. Provide valid identification of sender: Companies that serve as spammers for third-party clients do their best to remain anonymous to prevent legal or vigilante redress. Proposals to regulate this include requiring a valid reply address along with the valid physical street address of the sender, while prohibiting the use of a third-party mail server as a blind mailer. Prohibit random or untargeted mailings: To grow their mailing lists, some spammers will "harvest" addresses from Web sites and news groups, while others will use "dictionary attacks" to generate random addresses. Require all messages to have a legitimate opt-out mechanism: This should already be a best practice for marketers. Spammers will usually not provide a method for the recipient to opt out, or will actually use a recipient's opt-out request as a confirmation of a valid address, leading to even more spam. Actions Potentially Challenging to Marketers The bottom-line result of any anti-spam legislation will be to make it easier for recipients to refuse unsolicited mail, and this will affect spammers and marketers alike. Actions within pending legislation include: Require subject line identification: This action would require that a specific identifier (for example, "ADV:") be included in the subject line of all unsolicited bulk . This would enable recipients to easily define mail-handling rules that would scan for unwanted identifiers and delete incoming mail identified as such. 14 August

4 Note 2 Summary of Key Points in Pending Antispam Legislation Before the 108th U.S. Congress (as of 31 July 2003): House of Representatives Reduction in Distribution of Spam Act of 2003 (H.R. 2214) (Burr): Allcommercial must be identified as such; must include opt-out mechanism and sender's physical street address; prohibits false or misleading headers or subject lines. Restrict and Eliminate the Delivery of Unsolicited Commercial Electronic Mail (REDUCE) Spam Act of 2003 (H.R. 1933) (Lofgren): Unsolicited bulk commercial e- mail messages would be required to include a valid reply address and opt-out instructions and a standardized label in the subject line (for example, "ADV:"); false or misleading headers and deceptive subject lines would be prohibited in all unsolicited commercial messages, whether or not sent in bulk. Anti-Spam Act of 2003 (H.R. 2515) (Wilson): Allcommercial mustbe identified as such; must include opt-out mechanism and sender's physical street address; prohibits false or misleading headers or subject lines; prohibits automated dictionary attack. Wireless Telephone Spam Protection Act (H.R. 122) (Holt): Prohibits the use of wireless messaging systems to send unsolicited advertisements. Establish a national do-not-mail registry: Similar to the "do-notcall" registry for telemarketing, this action would direct the U.S. Federal Trade Commission (FTC) to create a national opt-out list, and empower it to impose civil penalties on entities mailing to e- mail addresses on the list. What Should Marketers Do to Prepare? From one perspective, anti-spam legislation will make it more difficult to send to individuals who don't want to hear from you anyway, and this may not necessarily be a bad thing. Although the number of potential customers to be reached will be reduced, one could reasonably assume that individuals using spam filters or registering on do-not-call lists are those least likely to be responsive to marketing. The corollary to that statement would be that the remaining subset of potential customers to be reached would tend to a more highly qualified target, and response rates should be higher than they would be if mailing to the larger population. Taking this one step further, the best way to increase the response rate for an campaign is to target it to a list that has explicitly given permission to be contacted. To that end, coupled with a growing trend at the state level, marketers would be best-served by beginning now to move their outbound initiatives to an opt-in model that is, consider all potential customers off limits unless they have given explicit permission to be contacted. By definition, anti-spam legislation is targeted toward unsolicited contact, while receiving opt-in permission from a customer explicitly solicits contact. Although lists of potential customers will initially be greatly reduced, marketers will find that: 1) response rates from customers who have opted in are much greater than those for customers who have not; and 2) by carefully targeting and creating campaigns that deliver relevance and value to the customer, marketers will find success in converting and growing their base of opt-in customers. Successful enterprises will learn to develop marketing campaigns that encourage and reward customers who voluntarily opt in. They will also reconsider their goals as to the utility of as a marketing tool. They are likely to find that is more effective as a tool for delivering campaigns to existing customers than as a prospecting tool. Bottom Line: The U.S. legislative system is one of compromises, and it is unlikely that any of the proposed legislation will be approved without modification. However, some level of U.S. anti-spam legislation, composed of a combination of the actions drawn from bills pending before the U.S. Congress, 14 August

5 will be passed into law by the end of 2003 (0.9 probability). Enterprises involved in legitimate outbound marketing activities must be aware of the potential legislation, and they should begin to move immediately toward an opt-in model of targeting customers, which will increase the effectiveness of their campaigns regardless of legislation. In any event, marketers should consider that their overriding goal is to build a sense of customer trust that will be associated with their brand. Deceptive practices fail to do this, regardless of the passing of legislation. 14 August