Perspective: Can-Spam put to the test

By Venkat Balasubramani Published: May 22, 2007 4:00 AM PDT See all Perspectives

Tools

Related Stories: MySpace sues 'Spam King' Richter
January 22, 2007; Court sides with alleged 'vacation' spammer
November 28, 2006; Supreme Court won't hear spam appeal
January 9, 2006; FTC says federal spam law has worked
December 20, 2005; Get ready for 'Son of Can-Spam'
October 10, 2005; This spammer's stash could be yours
August 10, 2005

The last six months have not been particularly kind to the antispam community.

Late last year, the U.S. Court of Appeals for the Fourth Circuit limited the reach of both state and federal spam laws to e-mails that contain "material" falsity or deception. And last week, a federal district court dismissed a Can-Spam claim on the basis that the plaintiff, James Gordon--who was not a traditional ISP--did not suffer the type of injury envisioned by the law, and thus lacked legal standing to sue.

The court also signaled its intention to award attorney's fees. While the decision will likely have minimal effect on claims brought by traditional ISPs, it is sure to take the sails out of the cottage industry built around spam litigation.

Since its inception, Can-Spam has had a mixed reception. Still, it is tough to deny that it has spawned an entire cottage industry of litigation built around filing spam lawsuits. Antispam activist Mark Mumma presents one such example, as does spam fighter Robert Braver, and Gordon himself, the plaintiff in the ill-fated Virtumundo lawsuit decided last week.

These individuals pursued Can-Spam cases even though they did not run ISP-based businesses, or they only ran small, token ones. (Their spam lawsuits received more of their resources than their ISP businesses.) Many set up Web pages to showcase their lawsuits and encouraged others to pursue similar claims.

Without a doubt, this aspect of the decision will force similar plaintiffs to think twice before filing suit.

Can-Spam provides for enforcement by governmental entities such as the Federal Trade Commission, and in certain situations, states attorney general. The only private entities that can bring lawsuits under Can-Spam are providers of "Internet access services" which are "adversely affected." This was a critical issue in the Virtumundo case.

The plaintiffs (Gordon and his entity) alleged they received 13,800 improper e-mails and sought damages in excess of $20 million. The defendants challenged whether Gordon fell within the statutory definition of an Internet access service (IAS), and in particular, whether Gordon was "adversely affected."

While the court did not squarely resolve the IAS-definition issue (alluding that traditional ISPs were proper private plaintiffs under Can-Spam), it held that the plaintiffs were not "adversely affected" under Can-Spam and could not maintain the lawsuit. The court noted that the plaintiffs used a third party--Verizon--for Internet access, and pointed out that the plaintiffs did not suffer harm "beyond the consumer-specific burden of sorting through an in-box full of spam." The plaintiffs did not suffer harm "related to bandwidth, hardware, Internet connectivity, network integrity, overhead costs, fees, staffing or equipment costs."

After disposing of the Can-Spam claims based on lack of harm specific to Gordon, the court also dismissed the Washington state law claims. The court largely tracked the Mummagraphics ruling from last year which held that Can-Spam was intended to cover material deceptions in e-mails.

The plaintiffs argued that the "from lines" were misleading because they often referenced "a topic area or type of advertisement" (rather than a specific person) and because the domain names used by the defendants did not contain (identically) the sender's name. The court showed little tolerance for Gordon's hyper-technical arguments.

For Gordon, this decision will likely be devastating. The decision notes both that he is a party to 10 other cases in western Washington alone, and that he makes a living from spam lawsuit settlements. The viability of all of these cases is immediately called into question. More importantly, the court delivered Gordon a severe blow in the form of attorney's fees. Without a doubt, this aspect of the decision will force similar plaintiffs to think twice before filing suit.

Another question is how and whether this will affect claims brought by real ISPs. Smaller spammers may now argue that there was no "significant" harm felt by their e-mails alone. In most cases, this argument will not prevail--the ISPs retain experts who testify as to the incremental costs caused by each additional piece of spam. Of course, only time will tell.

Biography
Venkat Balasubramani practices Internet law and litigation at Balasubramani Law and frequently represents clients involved in Can-Spam disputes. He maintains the Spam Notes blog. As an outside counsel, VB did some work for 180 Solutions, Zango's predecessor.

More Perspectives

More from News.com on this story's topics: Lawsuits
Create an email alert | RSS feed; Spam and phishing
Create an email alert | RSS feed; Internet service providers
RSS feed; Fraud
RSS feed

See more CNET content tagged:
CAN-SPAM Act, plaintiff, court, entity, Internet Service Provider

10 comments (Page 1 of 1)

Lawyers Won't Protect Us!
by westrajc May 22, 2007 4:53 AM PDT: Find the vermin and terminate them with extreme predudice! If you're a spammer, phisher, porn peddler, etc, you should go through life living in fear that every breath might be your last.; Reply to this comment

Spammers
by SeizeCTRL May 22, 2007 6:34 AM PDT: Known spammer's home addresses should be made public... so when I can't opt out from receiving his spam, I can show up at his door to be a little more convincing.; Reply to this comment View reply
Processing

SPAMMERs do NOT have a right to send!
by thenet411 May 22, 2007 6:43 AM PDT: No matter what the SPAMMERs think, no matter what the clueless, old, technically inept, judges think, SPAMMERs do not have the right to send their crap. NO ONE WANTS SPAM. Yet, these idiots are allowed to continue sending this crap. Why? Because judges are idiots. Judges are far too old to understand the Intertubes (yes, that was a jab at other people that are too old to understand the Internet). Understanding of the Internet and its impacts is certainly an age-related issue. Studies show that the majority of people over 45 have no clue what the Internet really is or how it works. Just because some people over that age may use it, doesn't mean that they know anything about it. Once people with a clue about how the Internet works, what its impacts are, and what SPAM really does to it, consumers who must deal with SPAM are screwed.; Reply to this comment View reply
Processing

Congress acts, and the problem gets worse
by rcrusoe May 22, 2007 7:33 AM PDT: Since Congress passed the "You Can-Spam" act the amount of spam we receive at my company has more than doubled. I shudder to think what will happen if they pass any "immigration reform" legislation.; Reply to this comment

disturbing
by T38 May 22, 2007 8:19 AM PDT: I couldn't help but be disturbed by this line in the judges decision: "The court noted that the plaintiffs used a third party--Verizon--for Internet access..." Many legitimate ISP's use a third party for Internet access. The ISP I used to work for used Time-Warner Telecom as it's "upstream" provider, and the one I currently work for uses (among others) AT&T. You've got the really large ISP's (such as AT&T, SAVVIS, Level 3 and Verizon) who provide coast-to-coast, border-to-border connectivity, and then there are a whole host of smaller ISP's that purchase bandwidth from these larger networks for transport to the Internet at large. Throwing out a complainant's suit because he purchases bandwidth from an upstream provider is ludicrous.; Reply to this comment View reply
Processing

I sue spammers
by www.sorehands.com May 23, 2007 8:31 AM PDT: This 'cottage industry' as he puts it are people who ask companies to stop spamming and ignore the request. In Gordon's case, Virtumundo used from lines that said "Free IPOD" or "8 megapixel camera." A recipient of spam should not need to be an internet detective to identify the spammer. One should not have to open a spam, exposing their system a virus or trojan, only to identify the spammer. Gordon sent Virtumundo over 6000 e-mail requests to stop spamming -- but it continued. A porn spammer that Balasubramani represented ignored requests to stop spamming, but then claimed it was "an affilite did it." These spammers keep paying the affiliates, ignoring complaints because it makes them money. I had one company (it looks like from discovery) terminate a spamming affiliate only to re-signup the same spamming affiliate. This adversely affected ruling is wrong, the Court ruled that Gordon's ISP business was not adversely affected because it did not go over the bandwidth limit (Gordon used a leased server). Every spam that goes through an ISP affects it. The Court ruling implies that an ISP that properly plans its system requirement so that it does not get overloaded by spammers cannot recover under CAN-SPAM because it properly planned its system and had sufficient they capacity margins. I'd love it if spammers would stop spamming and I could get back to writing code full time. Especially because I need to time to rewrite my e-mail client to run faster (I can double the -- because of all the spam that I receive. I already customized the code of my mail server to deal with spammers. They will claim it was not their spam, but it was someone elses spam that caused the overload.; Reply to this comment