*
Quick Links|Home|Worldwide
Microsoft*
Search Microsoft.com for:
Safety 
Enforcing Laws that Protect Customers

Legislation, Public Policy, and Enforcement

Ensuring Customers' Comfort with E-Mail and the Internet Is a Top Priority

Published: February 15, 2005 | Updated: April 14, 2006

At Microsoft, we believe that the development of new technologies and self-regulation requires the support of effective government policy and legal frameworks. Because spam does not respect jurisdictional boundaries, it is critical to develop laws that work worldwide to prohibit fraud and deceptive e-mail practices, protect individual privacy, empower consumers, and preserve the health and vitality of legitimate e-commerce.

The worldwide spam proliferation has spurred numerous legislative bodies to regulate commercial e-mail. Many countries now have spam-fighting laws in place. The United States has both federal and state laws governing spam, and this complementary approach is helping to curtail spam while enabling legitimate e-commerce to prosper. The CAN-SPAM Act significantly expands the tools available for curbing fraudulent and deceptive spam. It also targets the most invasive practices and contains strong civil and criminal penalties that add clout to legal actions that Microsoft and other Internet service providers (ISPs) have brought against deceptive spammers.

While legislation is important, it is only one part of a strategy to stop spam. Other tactics include developing improved spam-fighting technology, implementing industry best practices, educating e-mail users, and prosecuting illegal spammers. Worldwide legislation would help create an environment in which these elements could grow and develop. Because spam may travel across several jurisdictions before reaching someone's Inbox, consistent worldwide standards, broad rules, and cooperation among enforcement agencies are important for success.

Proportionate and deterrent penalties, including appropriate statutory damages and recovery of profits, are also needed to stop spammers and those that solicit and benefit from their services.

Laws Must Be Enforced

Laws have no effect unless enforced. Microsoft works closely with government and law enforcement agencies around the world to take action against illegal spammers. Enforcement actions are effective because they target and stop the worst spammers while deterring others. Our top priority is ensuring that our customers and service subscribers feel comfortable using e-mail to communicate, and we will continue to take action against illegal spammers that target our networks and customers.

Microsoft has identified hundreds of spammers responsible for millions of messages and has filed dozens of lawsuits against those who create and transmit spam. We also have filed suit against spammers in response to subscribers under the enforcement mechanisms that federal and state laws provide for ISPs. These cases target defendants accused of using deceptive and misleading information to disguise e-mail that contains pornographic images, adult content, and spyware.

To date, we have supported more than 120 enforcement actions worldwide against illegal spammers, including the filing of 89 civil lawsuits in the United States. We will continue to take and support aggressive legal action against these cybercriminals to help put them out of business.

Enforcement efforts must also focus not just on the sender but on all parties involved in the transmission of spam. Our enforcement team is committed to tracking all participants in an e-mail campaign by tracing the money trail back to the beginning, collecting all available data related to each message, and using litigation to identify additional related parties.

We're Going After Spammers, Phishers, and Creators of Malware

We continue to work closely with federal and state agencies to bring both civil and criminal enforcement actions against illegal spammers. These efforts include developing mechanisms to preserve electronic evidence of spamming activity, and coordinating among ISPs and industry members to effectively deploy enforcement efforts. We are committed to ensuring that global and effective legal actions will continue. In addition, working in cooperation with the FBI, Secret Service, and Interpol, we have put $5 million into a program designed to identify and prosecute distributors of malicious code.

In December 2004, we announced our participation in a new international enforcement coalition. Digital PhishNet brings together industry leaders from top U.S. financial, Internet service, digital commerce, and technology companies. These parties form a central line of communication between industry and law enforcement, so critical data to fight phishing can be reported in real time. While other industry groups have focused on identifying phishing Web sites and sharing best practices, Digital PhishNet is the first to focus on aiding law enforcement to apprehend and prosecute phishing frauds.


© 2006 Microsoft Corporation. All rights reserved. Terms of Use |Trademarks |Privacy Statement