Slashdot Mirror

if you are 'innocent' why do you encrypt your data in the first place?

WTF are you doing on /.?!? You're obviously not getting much out of the experience. Idiot!

I don't think the law infringes on anybody's right to expression. The law is only related to falsifying e-mail transmission info. So if the guy bought a domain name and set up a smtp server and spammed from his domain and his server using a connection that he pays for, he wouldn't be breaking the law. It is reasonable to have laws like this to protect the defrauded service providers who were essentially duped into sending this guy's spam.

If they sue an ISP in the US, the ISP probably would show up. Linhardt only sues people he thinks will default. When he sued several NANAE participants, including me, he dismissed the case (a 2nd time) when the judge was about to rule on two motion to dismiss for lack of jurisidction. Mark Ferguson (www.whew.com) included documentation regarding Linhardt creating fake signup documents.

If an ISP was sued, both CAN-SPAM and the CDA gives immunity to the ISP for filtering and blocking. See White Buffalo Ventures, LLC v. University of Texas at Austin (5th Cir. 2005) http://www.spamlaws.com/cases/whitebuffalo2.shtml

I have also litigated a few spam cases, and have faced different reactions from different judges. One judge did appear intimidated because I had named some of the biggest banks in California (for buying mortgage spam leads) and she had attorneys from some of the biggest law firms in town defending their clients with exceptional zeal. She also did not appear to have even a limited understanding of the technical aspects of spam, so my allegations seemed seemed far fetched to her (despite pointing out for her the California legislature's findings regarding spam.

However, when she saw that I was not a nut job, I was not out to simply get nuisance settlements, and that my pleadings were actually very detailed, and met every element necessary to constitute a cause of action, she eventually ruled in my favor and allowed my case to go forward on the merits.

BTW - seen much mortgage spam lately?

Are bulletins considered emails? I would say no.

Given the way the law is written, the relevant question is not "are bulletins e-mail", but whether a bulletin is "an electronic message that is sent to an e-mail address and transmitted between two or more telecommunications devices, computers, or electronic devices capable of receiving electronic messages".

The interesting thing is that Myspace uses e-mail addresses as login ids. I suppose they will argue that any message to a Myspace user is therefore "sent to an e-mail address" even though it is not sent via SMTP.

Now that I know my speech is restricted to your definitions...

Admittedly there is always a risk of legitimate protests being labelled a nuisance by some as well, but with reasonable laws there are courts who should be able to tell one from the other: A wealth of documentation shows that it is possible.

(1) Why would spammers voluntarly reduce the size of the audience they reach out to when not legally enforced?

Because even though spamming is lower-cost advertising compared to traditional marketing channels, there is still a per-email cost associated; there is no point in advertising to someone who is not interested, if it is costing money. See also Targeted Marketing and One-to-one Marketing.

(2) The site is likely a dupe and serves the opposite purpose: to let spammers know about your e-mail and, more importantly, that it's being actively used.

Undoubtedly, there are total jerkwads who do this. If you check applicable law, this practice is probably illegal. The transfer of that information (your request that they and/or their affiliates/partners/whatever never ever mail you again) to any other party is illegal, "for any purpose other than compliance with this Act or other provision of law." Sure, a criminal is a criminal, and no law will stop that, but since CAN-SPAM passed, you're probably better off "opting out," than blocking or filtering. The flip side of that is that the Feds have given you a method of relief; assuming that this disreputable entity registered your request to be removed and transfered that information to another party (who, obviously, emailed you), you could seek damages from both parties.

For example, head over to SueASpammer, and you will see right off the bat he calls for people to

1. set a trap
2. sue

Reading a little further, he implies that people should falsify their identity when OPTING IN TO AN EMAIL LIST, and then later using that as leverage (e.g. say "Who the hell is Joe Blow? My name is John Public). I'd have to look into any applicable law, but in my dictionary, that constitutes fraud.

Number three, if you read Omega's suit, they allege that Mumma did not comply with the provided opt-out procedure, but instead called them and almost immediately started threatening them. Mumma allegedly would not provide his information so that they might comply with his "request" to be removed. Instead, he was belligerent, insulting, and threatening. This may not be illegal, but it is certainly in poor taste and is a mark against him. Lawyers and judges don't want to deal with fanatics, for the most part - they want to deal with reasonable people that have a legitimate claim.

Number four, since Mumma's request for removal was NOT VALID via his own stupid actions, and since he allegedly SIGNED UP for this "spam," via indirect admission at SueASpammer.com procedures, this is not a valid claim under CAN-SPAM. Furthermore, this also invalidates Mumma's claim under Oklahoma law, see 776.5.3 at SpamLaws OK.

I would not at all be surprised to see Omega et al. come out of this not only unscathed, but smelling like a rose.

The US is supposed to have a legal tool against spam, and yet it's the worst offender in the world.

I guess we CAN-SPAM and we're mighty proud of it...

He commited several crimes, AOL specifically chose to have him prosecuted under the CAN-SPAM Act of 2003. My guess is for two reasons. One because it carries the harshest sentencing potential (criminal, meaning not just fines but jail time as well) and second because convictions under this act make an example. This is new highly publicised legislation, passed as a deterent more than anything else. Spammers have to be afraid, of laws that legislation like this enacts. If not, the legislation is worthless and not a springboard for passing other acts, creating more law with stricter guidelines and heftier consequences. The problem they ran into is that the meat of the law is about fraud and deception. As in, not fully disclosing the nature or source of the good or service being presented in the email. It's alluded to in the story "The judge, ... said it was not clear that Smathers had deceived anyone -a requirement of the new law."

No doubt he violated the terms of employment in his contract, any NDA he signed as well as non-compete contracts he agreed to. None of that is criminal however, it falls under civil law and the best they could do is take him to court and ask for damages. As for if he stole something, every /. reader knows it is never that clear with intellectual property. He didn't steal anything from the users, because they signed away all rights to the data when they signed up, ie it was never there's in the first place they were just borrowing it from AOL, who can do with it pretty much whatever they choose, under the terms of the User Agreement. As for if he stole anything from AOL any attorney could easily make the argurment that he in fact did not steal anything -which is criminal- he simply used the information inappropirately and profited from it, which is not criminal in this case, but again falls under civil law.

As dumb as it sounds, it doesn't look like he violated the CAN-SPAM act.

(a) IN GENERAL- Whoever, in or affecting interstate or foreign commerce, knowingly--

`(1) accesses a protected computer without authorization, and intentionally initiates the transmission of multiple commercial electronic mail messages from or through such computer,

`(2) uses a protected computer to relay or retransmit multiple commercial electronic mail messages, with the intent to deceive or mislead recipients, or any Internet access service, as to the origin of such messages,

`(3) materially falsifies header information in multiple commercial electronic mail messages and intentionally initiates the transmission of such messages,

`(4) registers, using information that materially falsifies the identity of the actual registrant, for five or more electronic mail accounts or online user accounts or two or more domain names, and intentionally initiates the transmission of multiple commercial electronic mail messages from any combination of such accounts or domain names, or

`(5) falsely represents oneself to be the registrant or the legitimate successor in interest to the registrant of 5 or more Internet Protocol addresses, and intentionally initiates the transmission of multiple commercial electronic mail messages from such addresses,

or conspires to do so, shall be punished as provided in subsection (b).

I believe he broke the law, just not "law" so I would have to agree with the judge on that one. From the way I understand it, that was what the judge was trying to say.

We already have decent, solid legislation, but the law-breakers keep, well... breaking the law. The solution is not passing new laws, but figuring out how best to beat the spammers.

I agree that it's not in general a good idea for private entities to carry out vigilante justice, but it should also be legitimate to engage in self-defense. As long as there is adequate recourse in case a legit website is mistakenly targeted, the Lycos project sounds promising.

While I think it's great that yet another "identity thief" (sort of) has been busted, this does little to stem the flow of spam. What we truly need are more cases that are strictly based on the sending of unsolicited commercial e-mail. We've got some great and not so great legislation out there to protect us... why aren't we using it? Because it costs too much?

And yes, I know that there have been a few landmark cases recently, but a few big falls aren't going to convince spammers as a whole to stop spamming. An concerted effort to shut them down via thousands of small lawsuits from you and I would be much more likely to have an effect, in my humble opinion.

While I think it's great that yet another "identity thief" (sort of) has been busted, this does little to stem the flow of spam. What we truly need are more cases that are strictly based on the sending of unsolicited commercial e-mail. We've got some great and not so great legislation out there to protect us... why aren't we using it? Because it costs too much?

And yes, I know that there have been a few landmark cases recently, but a few big falls aren't going to convince spammers as a whole to stop spamming. An concerted effort to shut them down via thousands of small lawsuits from you and I would be much more likely to have an effect, in my humble opinion.

For those who don't happen to have the US Code memorized, here's what they are: (and corrections to the above number)

Sec 1030 (a)(2)(C) "Whoever intentionally accesses a computer without authorization or exceeds authorized access, and thereby obtains - information from any protected computer if the conduct involved an interstate or foreign communication..."

(c)(2)(A) "The punishment for an offense under subsection (a) or (b) of this section is...a fine under this title or imprisonment for not more than one year, or both"

Sec 1037 (Look! it's the CAN SPAM act doing something!) (a)(2) "Whoever, in or affecting interstate or foreign commerce, knowingly - uses a protected computer to relay or retransmit multiple commercial electronic mail messages, with the intent to deceive or mislead recipients, or any Internet access service, as to the origin of such messages"

(b)(2)(C) "The punishment for an offense under subsection (a) is-- a fine under this title, imprisonment for not more than 3 years, or both, if-- the volume of electronic mail messages transmitted in furtherance of the offense exceeded 2,500 during any 24-hour period, 25,000 during any 30-day period, or 250,000 during any 1-year period"

(b)(2)(E) "The punishment for an offense under subsection (a) is-- a fine under this title, imprisonment for not more than 3 years, or both, if--as a result of the offense any individual committing the offense obtained anything of value aggregating $5,000 or more during any 1-year period"

Sec. 2314 prohibits the interstate transportation of illegally obtained stuff

Sec 1037 doesn't seem to exist... maybe it's a typo in the filing or something

That's odd, toothless legislative spam fixes never got vetoed in the past just because they'd do nothing to stop the problem - or make it worse. Wonder what makes this one so special?

The USA is quite obviously the source of the spam. It is up to the USA to legislate in some way to stop the flood of spam that is hurting people all over the world. The real question is: how do you stop the spam when it is being sent from countries like China where the USA has no power to arrest spammers?

Hey, what a brilliant idea. We currently have only a hundred or more anti-spam laws across the world, most in the US. Let's pass a few more. I am certain that when we pass the 500 anti-spam law mark, spammers will suddenly start to cower in their boots and realize that 500 anti-spam laws that aren't being enforced or have no legal/civil/criminal teeth are a formidible obstacle to overcome!

What the article doesn't mention is that Carmack was also indicted and convicted on 14 counts of forgery and falsifying business records.

Again, it's important to note that the conviction had little to nothing to do with him spamming or his using any electronic form of communication at all but rather with his business practices (of course, that didn't stop both the court and the prosecution to use this case to send a clear message to other spammers).

Due to this act, the percent that originates in the US is going to be very small this year and in the future. More importantly, because of the criminalization of SPAM in the US, the US is unlikely to be a contributor to the unprecedented growth in SPAM we're seeing this year.

Because of the outrage of Americans over SPAM, you can bet that the few that continue to operate here will be caught.

Soldiers who abuse prisoners receive a maximum penalty of 1 year in prison.

If the law reflects community standards at all, it is obvious that spamming is considered to be significantly more noxious and intolerable. Although I'm not sure who the Americans would want to see locked away more. Spammers or abusers of human rights?

The text of CAN SPAM can be found here. In particular, I draw your attention to this:

(b) Aggravated Violations Relating to Commercial Electronic Mail-

(1) Address harvesting and dictionary attacks-

(A) IN GENERAL- It is unlawful for any person to initiate the transmission, to a protected computer, of a commercial electronic mail message that is unlawful under subsection (a), or to assist in the origination of such message through the provision or selection of addresses to which the message will be transmitted, if such person had actual knowledge, or knowledge fairly implied on the basis of objective circumstances, that--

(i) the electronic mail address of the recipient was obtained using an automated means from an Internet website or proprietary online service operated by another person, and such website or online service included, at the time the address was obtained, a notice stating that the operator of such website or online service will not give, sell, or otherwise transfer addresses maintained by such website or online service to any other party for the purposes of initiating, or enabling others to initiate, electronic mail messages; or

(ii) the electronic mail address of the recipient was obtained using an automated means that generates possible electronic mail addresses by combining names, letters, or numbers into numerous permutations.

That just begs for the creation of a honeypot containing a list of e-mail addresses created solely for the purpose of trapping spammers that specifically contains a notice that cites this clause of CAN SPAM.

Harvesting addresses for spam is a violation of the terms of service for whois.

And yet they are prosecuting somebody. It would seem to me that your tin-foil hat bullshit would have made sense before this announcement. And the name means:

"Controlling the Assault of Non-Solicited Pornography and Marketing"

That sounds tougher than just saying "clarfication".

Take a look at the law. It is questionable how enforceable it really is and whether it will have any real impact but it is not "just propaganda with spam promotion".

Wouldn't this make people accessories to the crime of sending email?

Spammers are not very hard to track down. The companies that use their 'services' are even easier to track down. Many if not most are in the US or EU.

I've done it myself a couple of times, and have explained the relevant legal code from spamlaws. I have yet to hear back from either the spammers or the authorities I have explained this to.

I would think if law enforcement would do what it is SUPPOSED to do, spamming would be vastly reduced.

I agree that the law looks flawed, and it's okay to protest. What I don't understand is, where were these guys when another flawed law passed congress?

That's a good point. If you read the text of the CAN-SPAM Act you will see that any reference to relaying mail states that it is illegal to relay through a protected computer or network. It also states it is illegal to relay through a computer to which you do not have access to. So the question is - how does that apply to open relays? Does the responsibility of abuse lie on the administrator who configures the security, or on the spammer who abuses the security mistakes of the administrator?
If you leave your keys in your open car, and someone else takes it, who is at fault?

Wrong, although you fell for that the Bush administration wanted you to fall for, so it is easy to see how that happened.

The actual law says:

(b) LIMITATION- Subsection (a) may not be construed to authorize the Commission to establish a requirement pursuant to section 5(a)(5)(A) to include any specific words, characters, marks, or labels in a commercial electronic mail message, or to include the identification required by section 5(a)(5)(A) in any particular part of such a mail message (such as the subject line or body).

Now, the FTC is required to report back in less than 18 months about the feasibility of requiring ADV: or other indicators, but does not authorize them to require it in the meantime.

Want to try again?

They are basically passing the buck off to whomever has to vote on it in 18 months. [You were right about one thing - it is the FTC, not my idiotic FCC]

This has only served to increase spam by preventing individuals from filing lawsuits on their own. Without this law in place California law would have allows residents to sue for $1000 per spam. That would have gotten rid of many spammers.

IIRC, the law does empower the FCC or FTC to set these standards. It requires spam to have a subject tag, and indicates that the F[TC]C should choose one within a certain number of months.

So it didn't say "all spam must start with [ADV]," but "all spam must start with a tag to be chosen by the FCC within x months of this law going into effect."

You don't quite have it right. All porn spam needs a standard identifier (to be set by "the Commission", not sure which one), not all spam. See the text of the CAN-SPAM act, in particular section 5 (d) (3). This has to be done within 120 days of Jan 7, 2004.

Is it possible for me to form and sue on behalf of a class, and name another class as the defendant?
No, you cannot name a "class" as defendants, no such animal. However, you can name a very large number of defendants (though they will not called a "class" no matter how many you name).

Although the rules for class actions differ from state to state, and from state to federal, I am quite certain that no jurisdiction entertain the possibility of a "class" of defendants.

I would like to sue on behalf of everyone who has received a penis-enlargement spam and did not respond to it.

When I get the time, I am seriously going to start a spamlaw practice, but until then I must refer you to federal law ("Controlling the Assault of Non-Solicited Pornography and Marketing Act of 2003") and California law - "Restrictions On Unsolicited Commercial E-mail Advertisers" - Business and Professions Code 17529 et. seq..

California consumers have the right to sue spammers directly and get their attorneys fees paid! See B&P code 17529.8(a)(1):
"In addition to any other remedies provided by this article or by any other provisions of law, a recipient of an unsolicited commercial e-mail advertisement transmitted in violation of this article, an electronic mail service provider, or the Attorney General may bring an action against an entity that violates any provision of this article to recover either or both of the following:
(A) Actual damages.
(B) Liquidated damages of one thousand dollars ($1,000) for each unsolicited commercial e-mail advertisement transmitted in violation of Section 17529.2, up to one million dollars ($1,000,000) per incident.
(2) The recipient, an electronic mail service provider, or the Attorney General, if the prevailing plaintiff, may also recover reasonable attorney's fees and costs."

I would seek damages against the class of individuals who received this spam and did respond to it.

You will have to read the statute to see if it will fit, but if I were to assign this a Fark tag, it would be "Unlikely."

Happy suing!

Is it possible for me to form and sue on behalf of a class, and name another class as the defendant?
No, you cannot name a "class" as defendants, no such animal. However, you can name a very large number of defendants (though they will not called a "class" no matter how many you name).

Although the rules for class actions differ from state to state, and from state to federal, I am quite certain that no jurisdiction entertain the possibility of a "class" of defendants.

I would like to sue on behalf of everyone who has received a penis-enlargement spam and did not respond to it.

When I get the time, I am seriously going to start a spamlaw practice, but until then I must refer you to federal law ("Controlling the Assault of Non-Solicited Pornography and Marketing Act of 2003") and California law - "Restrictions On Unsolicited Commercial E-mail Advertisers" - Business and Professions Code 17529 et. seq..

California consumers have the right to sue spammers directly and get their attorneys fees paid! See B&P code 17529.8(a)(1):
"In addition to any other remedies provided by this article or by any other provisions of law, a recipient of an unsolicited commercial e-mail advertisement transmitted in violation of this article, an electronic mail service provider, or the Attorney General may bring an action against an entity that violates any provision of this article to recover either or both of the following:
(A) Actual damages.
(B) Liquidated damages of one thousand dollars ($1,000) for each unsolicited commercial e-mail advertisement transmitted in violation of Section 17529.2, up to one million dollars ($1,000,000) per incident.
(2) The recipient, an electronic mail service provider, or the Attorney General, if the prevailing plaintiff, may also recover reasonable attorney's fees and costs."

I would seek damages against the class of individuals who received this spam and did respond to it.

You will have to read the statute to see if it will fit, but if I were to assign this a Fark tag, it would be "Unlikely."

Happy suing!

1. This virus makes a machine an open relay. Considering recent legislation and other anti-spam techniques I smell spammer bovine feces here.

2. More and more spammers used high jacked machines for DNS, web service as well as relaying their crap. spammers Check out the nanae news group for more examples

3. The open source community is coming up with various anti-spam measures. Don't you think the spammers would love painting their enemy as petulant child - as they have proven themselves to be?

MyDOOM isn't the open source community pissing on on SCO, it's spammers pissing on all of us.

AngryPeopleRule

Quoth the poster:

Too late. The spammers "CAN-SPAM" act has already taken away our individual rights to redress grievances through courts of law. Individual recipients of spam cannot sue spammers. The power is left in the hands of attorney generals.

(sigh) Yet another legal illiterate /. er. The sky is not falling, Chicken Little.

The "CAN-SPAM" act, while a shitty law, specifically exempts laws like Washington's that prohibit falsifying headers and subject lines. For those too lazy to RTFA, here's the relevant section:

(1) IN GENERAL- This Act supersedes any statute, regulation, or rule of a State or political subdivision of a State that expressly regulates the use of electronic mail to send commercial messages, except to the extent that any such statute, regulation, or rule prohibits falsity or deception in any portion of a commercial electronic mail message or information attached thereto. (emphasis added for blithering /. conspiracy buffs!)

What this means is, law's like Washington's are untouched by CAN-SPAM. So take off the tinfoil hat and join the real world.

Curiously though, the California anti-spam law is silent about false or deceptive content. So as long as the headers and subjects are not misleading, the contents can be as outrageous as the spammer likes.

But they did give their citizens the ability to fight it in court, just like Washington, Kansas, Virgina, and many others. Uncle Sam is taking away our right to private action with this bill. The FTC doesn't have time to sue on behalf of a single user for a single infraction of the law like we, the citizens, would. The FTC will only bring a minuscule number of suits when compared to what we the citizens can and are bringing against spammers. That makes this bill such a horrible joke. It's saying to the state's that they aren't capable of passing effective anti-spam legislation. It's saying the the citizens of those states that their elected state officials can't do the job so we, the feds, are going to do it for them.

I think the (in)effectiveness of labeling in making it easy to filter spam will depend heavily on the filter you're using. And the language courtesy of spamlaws.com does indicate that the labeling must be:

(i) clear and conspicuous identification that the message is an advertisement or solicitation;

(ii) clear and conspicuous notice of the opportunity under paragraph (3) to decline to receive further commercial electronic mail messages from the sender; and

(iii) a valid physical postal address of the sender.

There are a finite number of "clear and conspicuous" ways of identifying a message as an advertisement or solicitation, so even static filters shouldn't have too much trouble with that. POPFile has been very reliable in grabbing spam that has used quite a few tricks -- it'll snag these things with no problem at all.

This law clearly isn't a panacaea, and I have doubts about the enforceability of it, but it's a start. And it does require review of its effectiveness and whether it will need to be changed, and that's a good thing. I don't expect congresscritters to get this right the first time out of the box. It shouldn't take long for it to prove ineffective if it's going to be, and the popular hatred of spam will continue to provide political pressure to get something more effective (if change of law will do it).

clear and conspicuous identification that the message is an advertisement or solicitation

They are going to get sued. Many times. At $1000 per spam.

With proof in hand that the court does have jurisdiction you shouldn't have much trouble getting it pushed through. Anyhow IANAL but I drool over the ADA's assistants on TV. :-) Best of luck.

• Child Pornography Statute 18 U.S.C. 2252
  
• Electronic Communications Privacy Act 18 U.S.C. 2701-2711
  
• Economic Espionage and Protection of Trade Secrets Law Pub. L. No. 104-294
  
• Computer Fraud and Abuse Act 18 U.S.C. 1030
  
• Foreign Intelligence Surveillance Act 50 U.S.C. 1801-1811
  
• No Electronic Theft Act
  
• Transportation of Obscene Matter for Sale or Distribution 18 U.S.C. 1465
  
• Federal Wire Fraud Act 18 U.S.C. 1343
  

• Child Pornography Statute 18 U.S.C. 2252
  
• Electronic Communications Privacy Act 18 U.S.C. 2701-2711
  
• Economic Espionage and Protection of Trade Secrets Law Pub. L. No. 104-294
  
• Computer Fraud and Abuse Act 18 U.S.C. 1030
  
• Foreign Intelligence Surveillance Act 50 U.S.C. 1801-1811
  
• No Electronic Theft Act
  
• Transportation of Obscene Matter for Sale or Distribution 18 U.S.C. 1465
  
• Federal Wire Fraud Act 18 U.S.C. 1343
  

Stop apologizing for spam.

- The Supreme Court has made it blatantly apparent that no one should be forced to pay for someone else's commerical speech. See the Compuserve v Cyper Promotions ruling. In other words, your right to free speech ends at my door, I am in no way obliged to pay for you to advertise to me.

- SPEWS works exactly because it puts pressure on innocent third parties. Other methods have been tried and found not to work. The only way to stamp out spam is to make sure that ISPs will not tolerate spam in the slightest, and SPEWS is remarkably effective at this. As an analogy, if you lived in an apartment unit above a crackhouse in a bad part of town, you can't blame the Domino's driver for refusing to deliver there, given that he's been mugged at gunpoint before. Likewise, SPEWS represents the common emotions of the ISPs that choose to use it. By blocking mail brom SPEWS-listed netblocks they are saying, "This is our equipment and our rules, and we refuse to have anything to do with an ISP that supports spam." Remember, SPEWS doesn't block anything, they just publish a list of netblocks of people who spam or provide spam support. An added benefit is that truly innocent third parties are encouraged to either give their dirty landlord so much shit that they clean up, or they move to an ISP with a hat color that's not a few shades up from a black hole.

- Client side filtering (like your Bayes example) is effective but it will not do anything to solve the problem. Once the message has been accepted, that's it. The resouces are already wasted -- bandwidth spent, disk space used, user's modem BW occupied downloading it. Filtering is an automated means of "JHD" or "Just Hit Delete" which at its core is admitting defeat. Contrariwise, blacklists such as SPEWS that work -before- message delivery (ie at the connection level or during RCPT TO/MAIL FROM commands before the DATA phase) can cause those resources to not be wasted, and to cause some actual grief to the spammer. The spammer knows that most of his crap will be deleted but he doesn't care because it will always get through to a few. However, if all of his open-proxyies were suddenly rejected by every mailserver, he'd be unable to send anything and it would actually hurt his bottom line.

Spam is a big enough problem that no one should be apologizing for the spammers.

Yes.

Other states' laws are available at the same site.

Yes.

Other states' laws are available at the same site.

Actually, California's law is very permissive in regards to spam. It mainly just requires that the spammer use ADV in the subject line (which few do.) Unfortunately, it only allows ISP's to sue.

For a pretty good summary of laws for all states, see the spamlaws site.

They are taking note, but the only "legislation" they're proposing is being paid for by the Direct Marketing Association.

According to Spamhaus.org, all the proposed legislation basically legitimizes "opt-out" instead of requiring "opt-in" like the Europeans do.

All todays spammers applaud [Billy] Tauzin's [(R-LA), Chairman of the House Committee on Energy and Commerce] "Reduction in Distribution of Spam Act", as does the Direct Marketing Association. It's what spammers have always dreamed of. They would no longer need to hide their identities to thwart disconnection, on the contrary, once spamming is legal they would be able to sue any Internet Service Providers who disconnect them for 'spamming legally'. All of todays spammers will instantly increase their volumes ten-fold flooding the Internet in 'legal' spams, "ADV: Grow your Penis", "ADV: Want Some Viagra?", "ADV: Wanna spy of your Wife?", etc. With the "Reduction in Distribution of Spam Act" we'll wish for the 'little' spam problem we had today when spam was only 50% of all email on the Internet.

You're right. Existing laws aren't being enforced. So why complain when we get a law that allows end users, rather than resource-constrained prosecutors, to enforce justice against these scum?

You need a lawyer to take action. You have to subpeona records in order to even identify who the spammer is. It's a very time consuming process. Look at the situation where the MPAA tried to get the identity of the Verizon user who was doing the P2P violations... they had to take that case to the state supreme court before they could even get the records to identify who the perp was to sue him! They probably spent more than $100k in legal fees before they even knew who to sue.

I'm complaining because the law is misleading. It won't do anything to reduce spam. And realistically it does not give users any practical way to fight spammers. If anything, it's only likely to more closely regulate legitimate companies who are already engaging in responsible mailing tactics. It has no teeth. It would ultimately punish the wrong people.

This was already tried on a national level in 1999 and was hotly debated in the community and dismissed as ineffective. The Murkowski bill proposed the same punitive structure.

In addition to this, there are a plethora of bills that have this lame penalty for unsolicited telemarketing and faxes. They have proven to be ineffective even though it's exponentially easier to take action against these people. Still these perpetrators operate with no fear of legal action and have found ways to get around the laws by subcontracting their services among large groups of ever-mobile independent contractors. Spammers have elevated this evasive tactic to an art form, bouncing their junk e-mail across multiple continents/nations/jurisdictions that make it unbelievably difficult to track.

As a step for the state to recognize that UCE is something that needs to be dealt with, the effort is a good sign. As any sort of solution, it is not.

Given that most of the people involved in the writing and support of these bills are lawyers themselves, I'd bet good money not a single one of them would ever be inclined to pursue such civil action as dictated therein.

Just because some comments seem slightly in awe of the house of Lords, Lord Sainsbury is the owner of a large national supermarket (my local one enjoys gouging the prices under the auspices of being an 'express' store, but that's another matter).

Lord Sainsbury is a major benefactor or the current governing party (the Labour party) and as a result is the UK science minister, which I'm sure doesn't cause a conflict of interest for GMO food, which his shops don't sell.

He's also part of the government who's education secretary wants to cut funding of purely academic study whilst increasing reaserch into "baltic studies". Lucky he's already done his tour of two of the best universities in the country.[sorry, rant, being paid less than minimum wage for research sucks.]

Not to be a conspiracy theorist but a general election and possible euro referendum will be coming soon,the Labour party is in debt in fact and have passed exemptions based on donations in the past (some have been refunded and exemptions rescinded (sp?)) so watch for the donations..

Lord Mackie is the Liberal Democrat spokeperson for Scotland (a bit like Canada, cold), other than beind old and a career politican he seems ok.

On the subject of junk faxes, this was discusse in June 98, probably as a result of an EU directive (yay EU) 97/66/ec , as a result the telephone preference service TPS was created, which IIRC is a not a law-enforced scheme but is an advertising industry creation.

Anyway, it ain't over till the fat wallet sings, and I can see this being tacked on to the national I.D card scheme or privacy/piracy laws to pacify us.

42 eh. so that's what the human race was created for by the mice, to find the critical doubling speed of spam :)

BB

Virginia has had an anti-spam law since 1997, which is part of the Virginia Computer Crimes Act (VA Code 18.2-152). It makes spam with forged headers illegal: http://www.spamlaws.com/state/va.html

AOL, Verizon, and other large ISPs based in VA have been suing under this law for years (though they almost always go to federal court, pursuant to U.S.C. 85 1332). I have burninated a few spammers in small claims court under this law as well (I was actually in court today suing etracks.com). The law allows the recipient to seek civil relief for the lesser of $10/message or $25,000/day. For ISPs, it's the greater of the two.