As I’ve indicated before, I would LOVE to sue the spammers who deluge this site with thousands of fake comments. I’m still researching whether that kind of suit would be possible under the law.
Today, I was reminded of my own frustrations with spammers when I read a recent opinion by the 9th Circuit Court of Appeals, a case titled Gordon v. Virtumundo, Inc. L 2393433, 3 -4 (C.A.9 (C.A.9 (Wash.),2009), 2009 WL 2393433
In Gordon, a professional plaintiff tried to sue spammers based on the federal CAN-SPAM Act, which was enacted in 2004. The Court turned him down because A) he didn’t qualify as an Internet Access Service Provider, B) the Court did not consider him to be “adversely affected” by the statutory violations (the receipt of spam on his email accounts), and C) His state law claims failed because they were precluded by the Act’s express preemption clause
The “pro-marketing” forces, those who think that they should be allowed to trash my email accounts with special offers for penis enlargement techniques and a wide variety of drugs, are elated by this decision.
Here is how the Court sees the overall legal landscape:
This case addresses unsolicited commercial e-mail, more commonly referred to as “spam.” While ignored by most and reviled by some, spam is largely considered a nuisance and a source of frustration to e-mail users who, at times, must wade through inboxes clogged with messages peddling assorted, and often unwanted, products and services. The rising tide of spam poses an even greater problem to businesses, institutions, and other entities through network slowdowns, server crashes, and increased costs. At the same time, commercial enterprise has staked its claim within the online world. The Internet is a unique medium that offers legitimate businesses a low-cost means to promote themselves and their wares and in turn fosters competition in the marketplace. Both consumers and Congress have come to view e-mail, when fairly employed, as an established and worthwhile device in the toolbox of accepted marketing practices.
After individual states initially wrestled with properly balancing the benefits and burdens of commercial e-mail, Congress enacted legislation in an effort to curb the negative consequences of spam and spamming practices without stifling legitimate commerce. Through this opinion we review the federal statutory scheme of the Controlling the Assault of Non-Solicited Pornography and Marketing (“CAN-SPAM”) Act of 2003, 15 U.S.C. § 7701 et seq., and assume the formidable task of determining the statutory standing requirements and the scope of federal preemption intended by Congress.
Here is a description of the CAN-SPAM ACT, as described by the Court:
The CAN-SPAM Act became effective on January 1, 2004, and was enacted in response to mounting concerns associated with the rapid growth of spam e-mails. Congress determined:
(1) there is a substantial governmental interest in regulation of commercial electronic mail on a nationwide basis;
(2) senders of commercial electronic mail should not mislead recipients as to the source or content of such mail; and
(3) recipients of commercial electronic mail have a right to decline to receive additional commercial electronic mail from the same source.
15 U.S.C. § 7701(b).FN6 The Act does not ban spam outright, but rather provides a code of conduct to regulate commercial e-mail messaging practices. Stated in general terms, the CAN-SPAM Act prohibits such practices as transmitting messages with “deceptive subject headings” or “header information that is materially false or materially misleading.” See 15 U.S.C. § 7704(a)(1), (2). The Act also imposes requirements regarding content, format, and labeling. For instance, unsolicited e-mail messages must include the sender’s physical postal address, indicate they are advertisements or solicitations, and notify recipients of their ability to decline further mailings. 15 U.S.C. § 7704(a)(5). Moreover, in order to comply with the Act, each message must have either a functioning return e-mail address or a comparable mechanism that allows a recipient to “opt out” of future mailings. 15 U.S.C. § 7704(a)(3).FN7
The CAN-SPAM Act’s enforcement provision empowers the Federal Trade Commission, state attorneys general, and other state and federal agencies to pursue legal actions to enforce the Act’s provisions. 15 U.S.C. § 7706(a), (b), (f). Congress also provided a limited private right of action, which states: A “provider of Internet access service adversely affected by a violation of” § 7704(a)(1), (b), or (d), or “a pattern or practice that violates” § 7704(a)(2) through (5) of the Act “may bring a civil action in any district court” to enjoin further violation by a defendant or to recover either actual or statutory damages, whichever is greater. 15 U.S.C. § 7706(g)(1). Statutory damages under the CAN-SPAM Act are substantial and can equal as much as $300 per unlawful e-mail.FN8 15 U.S.C. § 7706(g)(3). The Act also authorizes an award of attorneys’ fees and costs against any party at the district court’s discretion. 15 U.S.C. § 7706(g)(4).
According to Anti-Spam activists, CAN-SPAM is essentially a joke. Consider this excerpt from Wikipedia:
The CAN-SPAM Act is commonly referred to by anti-spam activists as the YOU-CAN-SPAM Act because the bill does not require e-mailers to get permission before they send marketing messages.[3] It also prevents states from enacting stronger anti-spam protections, and prohibits individuals who receive spam from suing spammers. The Act has been largely unenforced,[4] despite a letter to the FTC from Senator Burns, who noted that “Enforcement is key regarding the CAN-SPAM legislation.” In 2004 less than 1% of spam complied with the CAN-SPAM Act of 2003.[5]
In Gordon v. Virtumundo, the Court of Appeals concluded that the Plaintiff did not suffer the kind of harm addressed by the statute. Here is a long excerpt from the 9th Circuit’s opinion:
We do not purport to enumerate each and every harm that might satisfy the CAN-SPAM Act’s standing provision. Nor do we suggest that the list is finite. At minimum, however, the harm must be both real and of the type experienced by ISPs. While the harm need not be significant in the sense that it is grave or serious, the harm must be of significance to a bona fide IAS provider-something beyond the mere annoyance of spam and greater than the negligible burdens typically borne by an IAS provider in the ordinary course of business. In most cases, evidence of some combination of operational or technical impairments and related financial costs attributable to unwanted commercial e-mail would suffice. See Hypertouch, 2006 WL 648688, at *4 (finding evidence of “decreased server response and crashes,” “higher bandwidth utilization,” and “expensive hardware and software upgrades” sufficient harm for statutory standing).
Courts must of course be careful to distinguish the ordinary costs and burdens associated with operating an Internet access service from actual harm. We expect a legitimate service provider to secure adequate bandwidth and storage capacity and take reasonable precautions, such as implementing spam filters, as part of its normal operations. Courts should take an especially hard look at the cited harm if it suspects at the outset that a plaintiff is not operating a bona fide Internet access service, as is the case here.
Defining the type of harm required for CAN-SPAM Act standing is, however, only one part of the equation. Section 7706(g)(1) also inquires whether the contemplated harm is attributable to the type of practices circumscribed by the Act-i.e., whether an IAS provider was adversely affected by misconduct. After all, network slowdowns, server crashes, increased bandwidth usage, and hardware and software upgrades bear no inherent relationship to spam or spamming practices. On the contrary, we expect these issues to arise as a matter of course and for legitimate reasons as technology, online media, and Internet services continue to advance and develop. Therefore, evidence of what could be routine business concerns and operating costs is not alone sufficient to unlock the treasure trove of the CAN-SPAM Act’s statutory damages.
To give the statutory text meaning there must be, at bare minimum, a demonstrated relationship between purported harms and the type of e-mail practices regulated by the Act-i.e., a showing that the identified concerns are linked in some meaningful way to unwanted spam and, in turn, represent actual harm. The e-mails at issue in a particular case must, at the very least, contribute to a larger, collective spam problem that caused ISP-type harms.FN12
We note, in passing, that the threshold of standing should not pose a high bar for the legitimate service operations contemplated by Congress. In some civil actions-where, for example, well-recognized ISPs or plainly legitimate Internet access service providers file suit-adequate harm might be presumed because any reasonable person would agree that such entities dedicate considerable resources to and incur significant financial costs in dealing with spam. See S.Rep. No. 108-102, at 2-3 (recounting reports by America Online, Microsoft, and Earthlink regarding the effects of increasing volumes of spam). Where, by comparison, a private plaintiff’s status as an IAS provider is questionable and reasonably contested, courts should not only inquire into the plaintiff’s purported Internet-related service operations but also closely examine the alleged harms attributable to spam. We have confidence in our district courts to review the individual characteristics of the plaintiffs on a case-by-case basis and make a reasoned decision whether a purported IAS provider is truly the type of bona fide IAS provider adversely affected by commercial e-mail messaging that Congress envisioned when it enacted the CAN-SPAM Act.
In opposition to Virtumundo’s summary judgment motion, Gordon argued that he had been adversely affected by spam because he and his “clients” had been “forced to wade through thousands of e-mails sent by” Virtumundo that “clogged” his service. Applying the proper interpretation of the CAN-SPAM Act’s standing provision, we conclude that Gordon also fails the “adversely affected by” component. It is readily apparent that Gordon, an individual who seeks out spam for the very purpose of filing lawsuits, is not the type of private plaintiff that Congress had in mind when it fashioned § 7706(g)(1)’s standing provision. While many anti-spam enthusiasts may applaud his zealous counter-attack against alleged spammers, Gordon’s passion for the cause does not displace the will of Congress in drafting a narrow private right of federal action.
Gordon has failed to argue, let alone come forth with evidence, that, even if he was an IAS provider, he has suffered any real harm contemplated by the CAN-SPAM Act. He has not hired additional personnel, nor has he experienced technical concerns or incurred costs that can be necessarily attributed to commercial e-mail. It is also compelling that Gordon purposefully refuses to implement spam filters in a typical manner or otherwise make any attempt to block allegedly unwanted spam or exclude such messages from users’ e-mail inboxes. In fact, Gordon acknowledges that he was able to “blacklist” domain names at the server level, so that the GoDaddy server would reject e-mails from online marketers such as Virtumundo. Still, even without taking even basic precautions, he has not “come close” to using the 500 gigabytes of bandwidth available to him through GoDaddy. He has presented nothing beyond the negligible burdens typically experienced by bona fide IAS providers. As the district court concluded, Gordon has “suffered no harm related to bandwidth, hardware, Internet connectivity, network integrity, overhead costs, fees, staffing, or equipment costs.” Gordon, 2007 WL 1459395, at *8. Indeed, given his heavy dependence on the services and hardware of third parties, it would be difficult, if not impossible, for him to incur many of these harms.