INDUSTRY ANALYSIS

Laws, Bounties, International Cooperation Fighting Spam

Last Sunday, California Gov. Arnold Schwarzenegger, signed a bill that strengthens California’s antispam laws. Senate Bill 1457 amends the current laws by making it an offense to send advertising in a spam e-mail either from California or to a California e-mail address in the following circumstances:

  • Where the advertisement contains or is accompanied by a third-party’s domain name without that party’s permission.
  • Where the e-mail contains or is accompanied by falsified, misrepresented or forged header information.
  • Where the sender enters a subject line they know would likely mislead a recipient acting reasonably as to a material fact regarding the contents or subject-matter of the message.

    Penalties Authorized

    Before this bill was signed into law, state antispam statutes allowed either a recipient of spam, an e-mail service provider or the state attorney general to recover actual damages for the receipt of spam sent contrary to the rules, in addition to permitting a court to award reasonable attorney fees and costs to prevailing plaintiffs.

    Under the new law, either the state attorney general, an e-mail service provider or the recipient of a spam e-mail may bring an action for liquidated damages of US$1,000 per e-mail, up to $1 million per incident, but subject to a reduction by the courts. The law also prohibits bringing multiple actions through use of other e-mail-advertisement-damages provisions for the same violation.

    There are two exceptions:

  • First, where truthful header information is used by a third party lawfully authorized by the advertiser to use that information.
  • Second, where there are no consequences for an e-mail service provider that is only involved in the routine transmission of the e-mail advertisement across its computer network.

    Reduction of Award

    Also, if the court finds that the defendant established and implemented practices and procedures reasonably designed to effectively prevent spam with due care, then the court must reduce the liquidated damages it can award to a maximum of $100 for each unsolicited commercial e-mail advertisement or must reduce damages to a maximum of $100,000 per incident.

    On a related note, there have been a number of complaints against the U.S. federal antispam legislation, Can-Spam Act (the Act), since its coming into force on Jan. 1.

    For example, in May, the U.S. Senate Commerce Committee met to review the effects of the Act. It heard from a handful of witnesses, including a bulk e-mailer, who claimed that compliance with the Act has been disadvantageous for his business because Internet providers block his e-mails by focusing on his “From:” addresses, “Subject:” lines, company information, IP address and the disclaimer on the bottom of his e-mail.

    He testified that he might resort to illegal tactics, such as generating fake numerical addresses and grammatically correct text that look like personal written mail, if his legal e-mails continue to be blocked by major Internet service providers such as America Online and Microsoft Hotmail.

    Another complaint has come from the Direct Marketing Association, which has urged the Federal Trade Commission (FTC) to clarify the Act by recognizing the difference between purely sales-oriented e-mails (spam) and billing, transaction confirmation or other so-called relationship messages.

    First Can-Spam Act Cases

    As far as enforcement of the Act is concerned, the FTC recently took action against a number of parties, with the first two actions against companies that were engaged in sending both spam and spoofing.

    The first action was against Detroit-based Phoenix Avatar, and the second was against Global Web Promotions, a spam enterprise that operated out of Australia and New Zealand.

    Both operations had been identified by the antispam organization Spamhaus, as among the largest spammers in the world. These cases marked the first criminal prosecutions under the Act.

    Offering Bounties

    In addition to its legal proceedings against spammers, the FTC last Thursday issued a report assessing whether and how a system that rewards members of the public for tracking down spammers would or could help improve enforcement of the Act.

    Specifically, the Act required the FTC to conduct a study and provide a report to the U.S. Congress on a “bounty system” for the Act. According to the report released by the FTC, there are three hurdles for the FTC and other law enforcers in antispam investigations:

  • Identifying and locating the spammer.
  • Developing sufficient evidence to prove the spammer is legally responsible for sending the spam.
  • And obtaining a monetary award.

    Whistleblowers, Insiders

    Most notably, the report states that persons most likely to identify a spammer and provide evidence would be “whistleblowers” or “insiders,” not so-called “cybersleuths” (persons with above-average IT skills).

    The report goes on to conclude that it is unclear as to whether a bounty system would be effective, but it does state that any reward would need to be substantial (in the $100,000 to $250,000 range).

    This report comes on the heels of another recent announcement that trade agencies in the United States, United Kingdom and Australia have entered into a memorandum of understanding to provide for mutual enforcement assistance in fighting spam. Agencies will share evidence and coordinate investigations in order to work together to prosecute spammers.

    Whether through new laws, offering substantial rewards or through cross-jurisdictional cooperation, we might be finally getting somewhere in the fight against spam — or are we?


    Javad Heydary, an E-Commerce Times columnist, is a Toronto lawyer licensed to practice in both Ontario and New York and is the managing editor of Lawsof.com.


  • Leave a Comment

    Please sign in to post or reply to a comment. New users create a free account.

    Related Stories

    LinuxInsider Channels