Comments:

To the Commissioners, I applaud your efforts to curb the problem of unsolicited commercial email with the CAN-SPAM Act. However, I am concerned about the proposed requirement for merchants to maintain suppression lists. There are so many problems and costs associated with this idea, and so much possible damage done to consumers and businesses alike, that I feel I must urge you to consider this matter most carefully. When people unsubscribe from email lists, they do so for the following reasons (there are others, but these are the most common): -- The content no longer interests them. -- They get too much mail from that specific list. -- They get too much mail in general. -- Something in that specific email rubbed them the wrong way. -- They mistook the email for something it wasn't. (Spam or another publication are the most common.) -- They want to get that publication at a different address. -- They're unsubscribing temporarily because of an extended vacation or other absence, and wish to lower their email load while away. I have used most of the above reasons for removing myself from mailing lists. Talking to other business associates, friends and family, I find this is true for them, also. Requiring the use of suppression lists will seriously damage many of the legitimate publications available on the net. My specific concern is for harm to publishers who require permission from the consumer prior to adding them to any list. They're not who CAN-SPAM was designed to put out of business, but this requirement will very likely have that effect. Many of the industry and hobbyist newsletters I currently subscribe to would likely be severely curtailed or driven out of business by the use of suppression lists. There's also the potential for significant harm to consumers. There is a definite problem of properly knowing their intent when they unsubscribe from a list. On top of that, these suppression lists could easily fall into the hands of spammers, leading to more spam instead of less. If a database is web-based, there is a possibility that it can be hacked no matter what level of security is installed. As a web developer, one tries to minimize the number of databases you create that are web-enabled. All possible security contigencies are examined when developing dynamic, database-driven websites. But besides spammers; hackers and crackers are two malicious groups who try their darnedest to circumvent any database or website security to attain email addresses and other personal information. I was surprised to learn of the many potential problems this ruling could involve, and urge you in the strongest possible terms to reconsider its implementation in light of these problems. There are other ways to attack the problem of spam and provide relief from spam to the consumer that don't require more legislation or FTC rulings. The solution to spam won't be through only legislation, but a combination of technical solutions through ISPs, IPPs and software providers. The real breakthrough to solving the spam problem will come when _true authentication of the sender_ is the norm on the Internet. Otherwise, the spammers will just find another way to run an end-around any partial technology, legislative, or bureaucratic solution. I thank you for your valuable time. I hope your final solution helps curtail the 90% of my daily email load that is spam without hurting the many useful technology, marketing and personal interest email newsletters I receive. Respectfully submitted, Donald Kinney Earth Solutions, LLC *REDACTED PERSONAL INFORMATION*