July 24, 2006 3:36 PM PDT

FTC wants beefed-up powers against Net scammers

WASHINGTON--Past and present Federal Trade Commission officials on Monday renewed their call for Congress to expand the agency's international Internet policing powers and its ability to slap fines on wrongdoers.

The suggestions came at a conference here organized by the Center for American Progress, which bills itself as a nonpartisan research institute that "challenges conservative thinking." The organization set up the event to outline issues expected to emerge at a four-day, FTC-sponsored series of hearings about the Internet and consumer protection this fall.

Those mostly public hearings, planned for Nov. 6 to 9, have been described as the first major endeavor of the sort by the FTC since 1996. However, the agency has held about 40 workshops and conferences on consumer protection issues since that date.

Much of the focus of the hearings will be on devising ways to combat a host of unanticipated menaces--most notably, spam, spyware and phishing schemes--that have emerged in the last decade, said Eileen Harrington, deputy director of the FTC's Bureau of Consumer Protection. Part of that work must occur on Capitol Hill, where politicians must adopt new legislation "to give us much-needed tools to do our jobs," particularly when investigating alleged violations that cross American borders, she said.

The federal regulators' push for authority on the international front is nothing new. In 2003, the FTC lobbied Congress for powers that would, among other things, allow them to serve secret requests for subscriber information on Internet service providers, peruse FBI criminal databases, and swap sensitive information with foreign law enforcement agencies.

"We have got to be able to work with our sister agencies in other countries...but an anomaly in the law prevents us from sharing confidential information with them," FTC Commissioner Jon Leibowitz said during an afternoon panel discussion. He pointed to unattributed statistics stating that 40 percent of spyware and 70 percent of spam originate outside the United States.

The U.S. Senate in March unanimously approved a bill called the Undertaking Spam, Spyware and Fraud Enforcement Beyond Borders Act of 2005, nicknamed the U.S. Safe Web Act. Leibowitz urged the House of Representatives, which has not yet weighed in, to adopt the legislation as well.

The approved Senate bill would allow the FTC and parallel foreign law enforcement agencies to share information while investigating allegations of "unfair and deceptive practices" that involve foreign commerce but could cause harm to people on U.S. soil. It was endorsed at Monday's event by the National Consumers League, the Center for Democracy and Technology, and a Microsoft representative. But the bill has drawn criticism from some privacy advocates because the FTC would not be required to make public any of the information it obtained through foreign sources.

The agency also needs broader enforcement powers on the domestic front, such as the ability to levy monetary penalties on those found to commit unfair and deceptive practices. Right now, the FTC's ability to fine wrongdoers is too limited, the commissioners in attendance said.

"Today, we see kids in their parents' basements who are being hired as affiliates for folks who want to engage in these practices (such as spyware, phishing and spamming)," said FTC Commissioner J. Thomas Rosch, who led the agency's consumer protection bureau during the 1970s. "A commission action against them without civil penalties is a little like telling those folks to go to their room and take a time-out."

See more CNET content tagged:
hearing, agency, commission, practice, phishing

6 comments

Join the conversation!
Add your comment
If the FTC had any intenstinal fortitude...
If I had a say in the matter I would try this...

Require all US based ISPs with international reach to sync routers to pull from IP lists hourly from a .gov site.

Spam us in bulk, the entire US router system blocks your entire country for an hour. Repeat offenses increase the time-to-block to 4 hours, even entire days. Perhaps Canada, the UK and others could join us and it would be even more effective.

Punishing the non-offender as well? Oh well, casualty of war. It would serve to light a fire under the ...'s of government officials perhaps.

But this would take a spine, something those calling the shots on these matters of net abuse don't seem to have.
Posted by extinctone (214 comments )
Reply Link Flag
Not a good idea
Considering that alot of the spam originates in the United States, you would effectively block yourself according to the plan you propose.

Back in the wild west of the United States, bounties were placed on those who broke the law. If the bounty reached a certain point, the criminal was wanted "dead or alive". I'd like to see bounties placed on spammers and phishers. So what if they aren't inside the country. There are some that would reach the "dead or alive" status rather quickly and that's fine by me. If you're going to stop spam and phishing, give those who do it something to think about to stop... like keeping their life. You can bet that it crosses the minds of criminals in Texas where we DO enforce the death penalty.
Posted by Seaspray0 (9714 comments )
Link Flag
Additional thoughts...
Here in the US and other countries we need to "get real" on cracking down on spammers, phishers, etc. Those with a tech clue know it doesn't take much to track these guys. Why does it take so long to bring cases against them? Is that more or less what the FTC is trying to remedy perhaps.

Besides that, a rather 'dark humour' type of thought re: China if we were to block IP address segments that originate spam. They would probably start executing spammers. Not so funny when you consider it would probably turn out to be reality. They execute people now expressing the free speech we enjoy in forums such as this CNet TalkBack.
Posted by extinctone (214 comments )
Reply Link Flag
slap on handcuffs along with the fines
The bigger problem is that the Bush administration refuses to
criminally prosecute these people even when they're reported
and caught.
Posted by Jackson Cracker (272 comments )
Reply Link Flag
Brain Dead
Another stupid comment from the looney left as shown by it's obligatory blaming of the Bush administration for every ill in the world.
Posted by aabcdefghij987654321 (1721 comments )
Link Flag
Much ado about the wrong method
>>>The federal regulators' push for authority on the international front is nothing new. In 2003, the FTC lobbied Congress for powers that would, among other things, allow them to serve secret requests for subscriber information on Internet service providers, peruse FBI criminal databases, and swap sensitive information with foreign law enforcement agencies.<<<

(* GRIN *)

All that has to be done is to block access to/from ISP's who harbor spammers.

It takes the problem to the root where it should be taken.

SPAM CANNOT get out onto the internet except through an ISP.

That said... hold the ISP responsible for thier subscribers... free or paid.

If they cannot secure their outgoing spoofed SPAM... and believe you me... ISP's know for sure who is spamming with spoofed headers and who is not.

If aol.com has an E-mail with the from specified as xyz.com, abc.com or any OTHER thing but aol.com... it's definately SPOOFED!

Which ever ISP is allowing such spoofing to occur should be held responsible. IF they aren't... then we're trying to close the barn door after the horses have been let out... (i.e. too late).

Spam needs to be nipped in the butt at it's source... and that's the initial sending ISP which the spammer resides.

Give them a warning first... if they don't comply and stop such spanning... block that ISP's IP entire block range such that nothing in or out of the US will be able to reach them! Their SPAM as well as their ligitimate E-mail and casual browsers will ALL be cut off. If they don't like it... then they need to take care of their own problem.

Many users might be pissed, many E-mails might be lost or underliverable... but hey... that's what an irresponsible ISP pays so one should look for a responsible ISP who does block spoofed spam.

That would be phase I. In phase II, the non-spoofed SPAM should be stompped on as well in a similar manner.

Irresponsible ISP's should also have their domain names and IP addresses frozen/taken-away. If/once they comply... then unfreeze/return their IP address range and domain names back to them.

Simple... take the problem to the root of the cause. Irresponsible ISP's. If they cannot be responsible... they shouldn't have a seat on the internet!!!

Other fancy legislation is unnecessary and probably a waste of everybody's time and tax payer dollars!

FWIW
Posted by wbenton (522 comments )
Reply Link Flag
 

Join the conversation

Add your comment

The posting of advertisements, profanity, or personal attacks is prohibited. Click here to review our Terms of Use.

What's Hot

Discussions

Shared

RSS Feeds

Add headlines from CNET News to your homepage or feedreader.