(Magilla Marketing) Unspam claims the so-called child-protection do-not-e-mail registries it runs for Utah and Michigan don’t pose a threat to children’s e-mail addresses. But its contracts with the states show Unspam recognizes kids’ addresses on the registries may fall into the wrong hands and has absolved itself of liability if they do.

Moreover, the documents show Unspam is getting an unusually large percentage of the revenue these registries generate.

Unspam’s contract with Michigan says that the state “acknowledges and recognizes that senders comparing their e-mail lists against the registry, may extrapolate valid information on addresses that are listed on the registry and that the Vendor has no duty to ensure that senders will not misappropriate the data received.”

Unspam’s contract with Utah says “persons comparing their e-mail lists against the registry may extrapolate valid information on the addresses listed on the registry” and that “Unspam has no duty to ensure that [senders] will not misappropriate the data received.”

Michigan and Utah passed laws last summer that allow parents to register children’s e-mail addresses and other “contact points” as off limits to messages containing material or links to material it is illegal for minors to view or buy.

Critics of the registries say that no matter what steps Unspam takes to secure its database, it can’t guarantee senders who use its service won’t abuse the data.

Also, critics note, Unspam’s system has the potential to result in sub-lists of children’s e-mail addresses in every online pornographer’s database using the registry.

The Federal Trade Commission determined that the security threats of a registry of children’s addresses are too high to make the registry worthwhile.

“[T]he possibility that such a list could fall into the hands of the Internet’s most dangerous users, including pedophiles, is truly chilling,” said the FTC in a June 2004 report to congress rejecting the idea of a national do-not-e-mail registry.

The FTC reiterated its concerns in a letter last October to an Illinois legislator when that state was considering a child no-e-mail registry.

“[I]t is unlikely that the state would be able to perform background checks on every employee of all marketing firms that may potentially misuse their access to such a registry,” said the FTC. Moreover, the FTC’s letter said: “The technology does not exist to protect [the registry] against insiders.”

Illinois subsequently shelved the idea.

Unspam’s chief executive, Matthew Prince, said in an interview late last year that Unspam’s engineers had addressed all the issues in the FTC’s letter.

According to Trevor Hughes, executive director of the E-mail Sender and Provider Coalition, the contracts indicate Unspam’s executives know their scheme may not be as safe as they claim.

“Despite Unspam’s protestations regarding the security of the registries, they have been very careful to disclaim any liability for misappropriation of e-mail addresses from the registry, and in fact they recognize that such misappropriation is indeed possible if not likely,” he said. “What the FTC, and children’s advocates and consumer advocates and industry and technology experts are all saying is that this fundamental flaw in the registry solution makes it a solution that is not worth pursuing.”

Prince failed to respond by deadline to an e-mail sent Monday morning asking for comment.

As for the finances, the contracts also reveal that Unspam is getting $4 per thousand addresses checked in both states.

Marketers who want to include legal, adult-oriented material, such as a wine-of-the-month newsletter, are supposed to scrub their lists against the registries for $5 and $7 per thousand addresses checked per month in Utah and Michigan, respectively.

As a result, Unspam is getting an 80% cut in Utah and a 60% cut in Michigan, according to the contracts.

For comparison, e-mail service provider Skylist performs a similar service for its clients to help them comply with the Can-Spam Act for $25 per million addresses.

As of last week, Michigan’s registry had 3,984 contact points registered, 47 of which were entire domains, according to Michigan’s Public Service Commission. Also as of last week, Michigan’s registry had generated $60,520 since it went into effect in August, a commission representative said.

Utah’s registry reportedly has fewer than 2,000 addresses on it.

Unspam has been lobbying numerous states to pass so-called child-protection do-not e-mail laws. Its executives have also been helping the states’ legislators craft their bills.

Five states are known to be considering do-not e-mail bills: Georgia, Iowa, Connecticut, Hawaii and Wisconsin.

Unspam claims the so-called child-protection do-not-e-mail registries it runs for Utah and Michigan don