Each separate email in violation of the CAN-SPAM Act may attract a penalty up to $16,000. This is besides any prison sentence the court may decide. The first lawsuit based on this act was filed against a company, Phoenix Avatar, and four associated individuals on charges of sending hundreds of thousands of spam emails advertising a diet patch and hormone products. The first conviction however occurred in November 2004 when Nicholas Tombros sentenced to three years probation, six months house arrest, and $10,000 fine for hijacking wi-fi connections and using it to send porn spam.
Laws however do little to reduce spam, for much of the spam originates from outside the USA. The European Union adopted a "Privacy and Electronic Communications" Directive in 2002 that specifically covered sending unsolicited commercial email, but not all member states have enacted local laws to bring this to effect. The bulk of spam anyway originates from Eastern Europe and parts of Asia where there are no anti-spam laws, and in fact spam may be legal! US courts have tried and convicted foreign nationals for spamming in the US, but nothing much have come out of that.
The recent battle against the Coreflood botnet expose the limitations of laws. In April 2011, the FBI took down the Coreflood servers located within the USA after obtaining permission from the United States District Court of Connecticut, but Coreflood continues to thrive globally.
CAN-SPAM and other legislation do not prevent spam, and many internet activists opine that the act actually gave federal approval to the practice. As of now, users have no option but to live with spam and try best to deflect it from their inbox.