Jonathan M. Eisenberg is an attorney with Manatt, Phelps & Phillips, LLP, in the Intellectual Property and Internet Practice Group. Tel: (310) 312-4385 or E-mail: jeisenberg@manatt.com

Introduction
The first national law concerning spam e-mail, The CAN-SPAM Act of 2003 (“CAN-SPAM”) went into effect on January 1, 2004. The new law begins with several findings by the US Congress: (1) that unsolicited commercial e-mail messages are estimated to account for more than one-half of all e-mail traffic, (2) that “most of these messages are fraudulent or deceptive in one or more respects,” and (3) that spam threatens the convenience and efficiency of e-mail and imposes various burdens and costs on recipients of such messages. CAN-SPAM further states that “[i]t is the sense of Congress that...[s]pam has become the method of choice for those who distribute pornography, perpetrate fraudulent schemes, and introduce viruses, worms, and Trojan horses into personal and business computer systems...”

Major Provisions
• CAN-SPAM does not per se outlaw the sending of unsolicited commercial e-mail messages.
• Likewise, the law will not proscribe the sending by a merchant of legitimate e-mail to a customer in the course of an ongoing commercial relationship.
• CAN-SPAM requires spammers to include “clear and conspicuous” indications that their messages are advertisements—but there is no prescribed standard (such as “ADV:” in the “subject line”) that must be followed.
• CAN-SPAM further bars entities from sending messages with false or misleading e-mail header information (e.g., “from” lines, “subject” lines, mail headers (indicating the digital paths that messages take to reach recipients)).
• A spam message must include a clear and conspicuous notice that lets the recipient “opt out” of receiving future messages from the sender via reply e-mail or another Internet-based mechanism. The opt-out mechanism must function for 30 days after the message is transmitted, and an opt-out request must be implemented within 10 days of being received. A spammer can comply by providing the recipient with a list or menu from which the recipient can choose which types of messages are desired and which are not, so long as the list or menu provides the recipient with an option to choose not to receive any messages.
• Additionally, spammers will be required to include in their transmissions “valid physical postal” addresses of the senders.
• CAN-SPAM prohibits the use of automated methods of harvesting e-mail addresses or randomly generating them via computers.
• CAN-SPAM authorizes the Federal Trade Commission (the “FTC”) to establish a national “Do-Not-E-Mail” registry nine months after the enactment of CAN-SPAM.

Enforcement
CAN-SPAM imposes criminal penalties, including prison terms up to five years and fines up to $6 million, for perpetrators of certain abusive and fraudulent acts in connection with transmitting spam messages. Attorney fee sanctions, forfeitures, and civil penalties are also established under this law.
The legislation is enforceable by the US Department of Justice, the FTC, various other federal agencies, and state attorneys general and other state officials and agencies, as well as “providers of Internet access service” (a.k.a. “ISPs”). However, there is no provision for individual private enforcement actions.

Pre-emption of State Anti-Spam Laws
CAN-SPAM pre-empts existing state laws expressly regulating spam—but will not affect state laws that are more general in nature, such as laws addressing computer trespassing or false advertising. Thus, CAN-SPAM pre-empts the arguably tougher law recently enacted in California that would have prohibited the sending of unsolicited commercial e-mail to users unless they expressly “opted in” to receive such messages.

(Not The) Conclusion
CAN-SPAM expressly concedes that it will not be the last word on, and probably not the complete cure for, the spam epidemic: “The problems associated with the rapid growth and abuse of unsolicited commercial electronic mail cannot be solved by Federal legislation alone. The development and adoption of technological approaches and the pursuit of cooperative efforts with other countries will be necessary as well.”