• by Wendy Davis , Staff Writer, October 17, 2006

When Utah passed a law establishing a do-not-e-mail registry, critics condemned the measure as short-sighted, not to mention unlawful.

The law, the Child Protection Registry Act, establishes a registry of children's e-mail addresses, compiled from information submitted by parents. The act bans marketers from sending e-mail promotions for material considered harmful or illegal for minors--including pornography, alcohol, cigarettes, or gambling--to addresses on that registry.

The Free Speech Coalition, a trade organization representing members of the adult entertainment industry, filed suit last November, claiming that the act violates the federal Can-Spam statute--which supersedes state laws regulating commercial e-mail, except for laws relating to fraud and computer crimes.

A coalition of ad groups and civil rights watchdogs--the American Advertising Federation, American Association of Advertising Agencies, Association of National Advertisers, Inc., Email Sender and Provider Coalition, Electronic Frontier Foundation, and Center for Democracy & Technology--also filed papers opposing the law.

Among other arguments, they warned that the very act of creating a registry of children's e-mail addresses potentially put kids at risk because once such a list exists, it can fall into the wrong hands.

That particular concern at least has proven prophetic. It's now come to light that several weeks ago, a state employee in Utah released the e-mail addresses of four minors to the Email Sender and Provider Coalition. That gaffe occurred even though Unspam--the private agency managing the list--said it was inconceivable that the list would ever be divulged. "Even if ordered by a court or held at gunpoint, there is no feasible way that I, any Unspam employee, or any state official could provide you even a single address that has been submitted for compliance by any sender," Prince reportedly said in an affidavit.

A federal court in Utah is slated to hold a hearing on the law Nov. 9. It should seriously consider whether compiling and storing sensitive information, like e-mail addresses, potentially does more harm than good when it comes to protecting consumers.