I would like to differentiate spam activites from the others. I don't see why protection of consumer data should be any different for ISPs than other companies. Don't give out your customer's private information and make sure that your servers are secure against intrusion. Packet preferencing, bandwidth caps and pricing may all help foster competition. Spam is a different creature. First is the age old (in internet time) question of how to define spam. Should you opt in or opt out? Is it any mass mailing? If you get the address from an email a friend of yours sent? Second is whether self regulation works. It appears that most companies, without needing a code of ethics or responsibility, are dealing with spam. AOL now filters spam rather well. Consumer pressure forced them to adopt changes (which may have saved them money) and now spam has decreased, at least with respect to a user's inbox. Today IBM released information about a product that will send spam back to the computer which sent it, not just the email address. Open source (and closed source) products exist for dealing with spam. There are whitelists and blacklists too. Spam is still a problem, but there is a lot of industry discussion going on about it and how to solve it. Now is not the time for the government to step in and try to "regulate" how ISPs should deal with spam. Spam is a problem but the industry is still trying to deal with it. Forcing ISPs to adopt a certain approach at this point will only stifle innovation.