Dear Chairman McCain and Ranking Member Hollings:
Thank you for holding this important and timely hearing on spam. I greatly appreciate the leadership of both you and your Commerce Committee colleagues. I regret that we are unable to participate directly, but would like to take the opportunity to share Microsoft’s perspective on this critical e-commerce and consumer issue.
The torrent of unwanted, unsolicited, often offensive and sometimes fraudulent email is eroding trust in technology, costing business billions of dollars a year, and decreasing our collective ability to realize technology’s full potential. According to some industry estimates, spam now makes up more than 50 percent of all email. To make matters worse, spam often preys on less sophisticated email users, such as our children, posing a genuine threat to personal security and privacy and threatening the very utility of email as a viable communication tool.
Microsoft firmly believes that spam can be dramatically reduced, and that the solution rests squarely on the shoulders of industry and government. There is no silver-bullet solution to the problem. Rather, we believe that fully addressing this problem for the long-run requires a coordinated, multi-faceted approach that includes technology, industry self-regulation, effective legislation, and targeted enforcement against the most egregious spammers.
In terms of technology, Microsoft is committed to providing customers with the best solutions available, and engaging on every level to find new and better technical means to stop spam. To date, Microsoft’s investments in anti-spam technologies have already paid off for businesses and consumers through innovations available in new versions of our products, such as MSN, Hotmail, Exchange and Outlook.
The industry is building better filters every day, and is investing heavily in research and development to open the door to greater innovation. We need filtering technologies that are easier for consumers to use, and more effective at determining which email messages are spam and which are desired communications. This differentiation will greatly reduce the risk of falsely misidentifying legitimate email as spam.
While we and others have made significant advances in anti-spam technology, we recognize there is still much work to be done. But technology is not the only answer. Effective and complementary self-regulation efforts by the industry are crucial.
Specifically, we support the establishment of an independent trust authority or authorities around the globe that could spearhead industry best practices, and then serve as an ongoing resource for email certification and customer dispute resolution. In short, these authorities could provide mechanisms to identify legitimate email, making it easier for consumers and businesses to distinguish wanted mail from unwanted mail. Of course, any technology designed to establish the identity of legitimate commercial firms and associate them with a trusted sender “seal” should be based on open standards and developed with broad input from affected industries.
But in order for the self-regulation and technology efforts to be successful, they need to be supported by strong federal legislation that prohibits fraudulent and deceptive spamming practices, and empowers consumers without threatening the vitality of legitimate e-commerce.
Specifically, federal legislation should create incentives for email marketers to adopt best practices, and to certify themselves as trusted senders who can be more easily identified by consumers and filters alike. One way to encourage marketers to adopt email best practices is to provide a Safe Harbor for those companies who are members of an FTC-approved self-regulatory organization. Under this approach, safe harbor participants would be entitled to avoid the burden of additional labeling requirements (such as “ADV:” to identify email advertisers) while enjoying other regulatory benefits based upon their compliance with specific sender guidelines.
Thus, federal legislation should identify the basic components that industry guidelines must address, such as notice and choice obligations, but permit the industry to take the lead in developing the specific guidelines within these parameters.
Microsoft believes other elements of federal legislation should include:
• Effective Internet service provider (ISP) enforcement that allows ISPs to prosecute spammers on behalf of their customers;
• Meaningful definitions to capture all bad actors involved in sending unlawful spam, including those who knowingly assist in the transmission of unlawful spam;
• Provisions that permit state Attorneys General to enforce violations of federal law, as well as existing state contract and trespass laws, in order to further increase the pressure on persistent spammers;
• Express language that preserves the right of ISPs to combat spam (i.e., provisions that make it clear that the federal anti-spam law does not impose an obligation on ISPs to block or carry certain types of email messages, and does not impair an ISP’s ability to enforce its anti-spam policies); and
• Federal preemption of state statutes that regulate the sending of commercial email messages provided the federal anti-spam law contains strong substantive requirements. Because ISPs rely heavily on state contract and trespass laws, as well as laws relating to computer fraud and theft, in their fight against spammers, federal preemption in any anti-spam law should include a carve-out for such state laws.
The recent increase in anti-spam legislative activity both domestically and internationally is encouraging, and we commend you for the important work you are doing in this area. Current U.S. state laws already make it possible for the industry to begin taking action against spammers who are illegally targeting customers. Enforcement efforts across the industry to date have been successful, and more will come. ISPs including Microsoft, AOL and Earthlink have already begun to file lawsuits, as have the Federal Trade Commission and many state Attorneys General, in an effort to increase the costs of sending spam, thereby reducing its volume.
As a leader in the industry, Microsoft is committed to using its resources to help address this problem from every perspective: technology, self-regulation, legislation and enforcement. We have started to see progress on all fronts, but much more work needs to be done.
We pledge our support to your legislative effort, and look forward to sharing our proposals and working with others toward a viable solution. When industry, government and technology come together to solve the spam problem, we will truly be able to offer consumers a trustworthy, safe and more productive email experience.
Chairman and Chief Software Architect