Tim,
Presume that we've all met, decided a policy, figured out who it takes
to "officially" make it an Internet policy, and made it happen. Simply
amazing progress has occurred, and it's still morning on the Internet...
Now, let's talk about the hard part: enforcement.
Since the sender of a bulk, unsolicited advertisement may not even be
affiliated with the beneficiary of such mail, how do you intend catch
the culprit? There is nothing in an email message that provides hard
proof of identity, and there is nothing to stop me from sending all of
my advertising as "Tim Bass". Since any host connected to the Internet
can forge email with very little trail, relying on the purported sender
of the message is clearly not possible for enforcement.
Of course, one could always look towards the beneficiary of the message
(i.e. the firm which gains the business as the result of this "misuse")
but that's actually no better than relying on the sender. It doesn't
matter whether the enforcement method is loss of Internet service or
large fines, it will be very difficult for anyone to actually safely
invoke such methods without incurring immense liability. Since anyone
can send a bulk, unsolicited advertisement with "The Silk Road Group"
as the beneficiary, you've now created the ultimate denial of service
attack. Don't like a firm? Send out a massive forged advertisement for
their latest product and watch them get disconnected from the net... 
Despite postings to the contrary, this is an extremely difficult problem
to solve in the absence of authentication. While the current ad-hoc methods
of managing such bulk advertising are not perfect, they may be far better
than the quick fixes being proposed.
/John