BITING INTO SPAM
Lawyers Say Junk E-Mail Laws Don’t Work
By CHRIS CZIBORR
Lawyers say the new federal law targeting unsolicited “junk” e-mail doesn’t have much bite.
Called the “Controlling the Assault of Non-Solicited Pornography and Marketing Act of 2003,” the law levies criminal and civil penalties for tactics used by so-called “spammers,” or senders of junk e-mail.
The act, which took effect Jan. 1, prohibits deceptive subject headings and the harvesting of e-mail addresses to be used for sending commercial e-mail. It also requires an opt-out link in any commercial message. But lawyers say definitions in the act are vague.
Penalties can be as severe as $2 million in fines and five years in jail. Spammers found guilty can have those penalties increased by punitive damages up to three times in certain cases. Under the law, lawsuits against spammers can be initiated by the Federal Trade Commission, Internet service providers and state attorney generals.
Meanwhile, California saw a new anti-spam law go into effect Jan. 1, though the federal act all but supplants it. Lawyers interviewed below say they liked some aspects of the California law more than the federal one.
Known as SB 186, California’s law would ban unwanted e-mail and block address collection for advertising purposes. It’s tougher than the federal ban because Web users would have to opt-in, or agree, to receive an e-mail pitch from a company or individual that they haven’t done business with before. The federal law only calls for an opt-out option for those wanting to get off a mailing list after receiving junk mail.
The Business Journal interviewed three local lawyers about the new legislation.
Kathleen Peterson
Partner
Preston Gates & Ellis LLP, Irvine
Is the federal law going to help much in the fight against spam?
I don’t think the new federal law is an improvement, given the difficulty enforcing any of these laws. It still leaves consumers without any weapons.
The difficulty is in finding spammers. Most are outside the U.S. and are very clever about disguising where their messages originate.
I’ve had situations where I represented ISPs who were eager to go after and try to get injunctions against people who were spamming customers, and you can spend weeks trying to find out where the spam is coming from without any success.
The federal law pre-empts the much toothier California law passed in the fall. There were portions of the California statute that were good. Anyone who was a target,you and me,could’ve gone after spammers. Now, under the federal law, it’s up to government agencies and ISPs to go after spammers, and those resources are stretched pretty thin already.
What does the federal law mean for companies that send legitimate e-mails?
Portions of the California law definitely would’ve been bad for legitimate businesses. The definition of unsolicited commercial mail was so broad. It would’ve brought a lot of people who use legitimate communications to a halt.
Federal law requires that people sending e-mails be incredibly honest and fully descriptive in terms of who is sending mail and how you can get in touch with them. For most legitimate businesses federal law doesn’t require a lot of new things that people wouldn’t already be doing.
How would you craft an anti-spam bill?
I would give the recipient of spam some avenue to go against the really offensive spam users,e-mail address harvesters and businesses that send multiple requests for offshore pharmaceuticals and other things people don’t want. Those are the people we really need to go against. We need to give individuals and businesses the ability to go after them.
Is technology the answer?
Ultimately it will be a combination of laws and technology that effectively tackle the problem.
* * *
David Segal
Partner
Gibson, Dunn & Crutcher LLP, Irvine
Is the federal law going to help much in the fight against spam?
The problem with spam is that the folks you are after aren’t easy to track down. And for the people operating overseas, stopping them is not easy under any law. Even with the California law, which was much more stringent, I had serious questions as to whether it would really stop the people causing the spam. And the federal law has similar problems as to whether it can be truly effective.
(For instance), you have an international party that can send an e-mail. I can be sitting in Nigeria,and we’ve all probably seen fraudulent messages from Nigeria,and I can send an e-mail that is false, misleading and disguises my address. Who are enforcement agencies going to go after? Tomorrow, you may not know who that entity is because they log in as someone else.
What does the federal law mean for companies that send legitimate e-mails?
Legitimate companies are going to have to have opt-out messages on any commercial message they send. They have to ensure that if someone opts out, then that individual gets removed from their e-mail lists.
I think it’s less of a problem with legitimate companies because the federal law’s provisions are relatively straightforward. I’m advising clients to make sure their policies and actions comply with the law. And the federal law was very different than what we were working toward in California, which also took effect Jan. 1 but now has been pre-empted by the federal law.
The California law required affirmative opt-in by anyone getting your message or an ongoing business relationship. There were interpretation questions as to whether things like electronic greeting cards would be illegal. Clicking on a Web site to e-mail something to a friend was a potential violation of California law.
Under California law there was a $1,000 bounty plus legal fees,companies that don’t spam were very concerned that a trip-up could cause problems.
How would you craft an anti-spam bill?
I think the federal law helps in that it prevents fraudulent use and gives at least some mechanism for going after spammers.
The problem with spam is that I’m not sure the legal system is capable of dealing with the true problem. It’s likely to require a technical change. Some filters out there work pretty well right now. Some spam still gets around them, but they’re a lot better than some of the early filters, and they keep improving over time.
Is technology the answer?
Ultimately there’s going to have to be some technological way to prevent spam. I don’t think the law is going to be the right mechanism to do it. The Internet service providers will likely play a larger role. Microsoft and the New York state attorney general teamed up to sue some spammers a few weeks ago.
* * *
Jennifer Trusso
Associate
Stradling, Yocca, Carlson & Rauth,
Newport Beach
Is the federal law going to help much in the fight against spam?
In some respects there were some good attributes of the pre-empted California statute because it seemed to deal with the situation. It had compliance language where a company could show it wasn’t their intention to spam. The federal law takes away the ability of private individuals to take action against spammers.
What does the federal law mean for companies that send legitimate e-mails?
Companies have to be cautious when sending something out. The problem is that the terms “advertisement” and “solicitation” can construe almost everything. If you send out a bunch of e-mails, someone responds and changes the subject heading, then that is a no-no.
With electronic greeting cards, you can get away with it if it’s a friend or relative, but it depends on what kind of information is contained in the e-mail.
The California statute on spam was meatier and more restrictive. I think that because it was so specific you knew if you were violating it. With federal law there are more gray areas, but they are enforcing it in a black and white way.
Most people have the misconception that simply sending out e-mail is a violation,it’s not. You can send out unsolicited advertising. The question is: Are you doing it the right way?
How would you craft an anti-spam bill?
I’d want specific language as to what constitutes advertising and solicitations. If someone e-mails people about a Tupperware party at their home, they’re going to be taking in money after all. I don’t think they’ve cleared up those issues yet.
Is technology the answer?
My experience with spam filter software packages is that they block legitimate e-mails. And spammers are so good at working around those technical packages. I’m not saying they can’t work. I just think legislation is the right way.
With technology, software companies have another way for them to sell their packages. I don’t like receiving e-mails with the subject heading, “Do you hate spam like I do?”
