Slashdot Mirror

← Back to Stories (view on slashdot.org)

First Test of Utah Anti-Spam Law Dismissed

Posted by michael on from the thanks-for-playing dept.

fwoomer writes "Apparently, Utah feels that once you've 'opted-in' you can't opt back out as fast as you've opted in. From the story: 'Gillman requested removal on May 14, 2002, from the e-mailing lists his visit to Audio Galaxy a month earlier had linked him to. Two days later, he received a Sprint ad, and on May 28 he filed suit. The court found his attempt to have himself removed from the lists was insufficient to void the pre-existing business relationship.' If he was receiving spam in May after 'opting in' in April, I don't see how it could be unreasonable to expect to be removed from lists as fast as he was added. Unfortunately there's not much detail in this story. A good read, nonetheless." I don't see how signing up with Audiogalaxy establishes a business relationship with Sprint, but, whatever. Presumably some of the other lawsuits filed are against people that have no possible claim to the receiver opting-in.

33 of 193 comments (clear)

  1. collusion by simpl3x · · Score: 3, Insightful

    so businesses could group together, making the receipt of "email notifications" part of the terms of service... poof, no more opting out.

    1. Re:collusion by wjvdt · · Score: 3, Interesting

      I, for one, am surprised to hear that the company actually has an "opt-out" policy. I thought that was just a link they put in SPAM to send you to another site where you'll be added to another mailing list???

      --
      "If I were punished for every pun I shed, there would not be left a puny shed of my punnish head." - Samuel Johnson
  2. As to be expected by unterderbrucke · · Score: 3, Interesting

    If you opt-in, it's quite easy to put an entry to the data entry department. If you opt-out, you need someone who's trained to delete (which believe it or not, is a big deal in the data entry industry).

    1. Re:As to be expected by maddh · · Score: 3, Insightful
      If you opt-out, you need someone who's trained to delete

      very true, but i'd expect a well designed system just to use a boolean Y or N in the database as to whether the customer wants to receive mail, rather than deleting the whole record. Just because they can't mail to a customer doesn't mean they can't use the info in other ways.

      matt

  3. Not a very good case by kawika · · Score: 5, Insightful

    Do you think that AudioGalaxy connects to all its partners in real time when it comes to sharing email addresses? If they generate a list for their partners every week, for example, wouldn't it make sense that it also takes at least a week to get off the list? I'm against spam but I'm also for common sense. Which this guy didn't seem to have when he gave permission to be emailed in the first place.

    1. Re:Not a very good case by iplayfast · · Score: 5, Insightful

      However AudioGalaxy does it, isn't really our worry. They may have a central database, that others use, or they may make a list and send it out world wide. The point is, if you've opted out, from a list, then you have opted out from the list. Perhaps the spammer, should send their emails though AudioGalaxy to be sure that the addresses are still optin.

      I don't know the particulars of the case, but it seems to me, that if a company is providing an opt out service, it should work. The details are the companies problems. (but the judge didn't see it that way :(

  4. what?!?! by garcia · · Score: 3, Insightful

    Unfortunately there's not much detail in this story. A good read, nonetheless.

    A "good read" has lots of details, not media bullshit. Remember that submitters and staff before posting a story please.

  5. Audiogalaxy/Sprint Relationship by Anonymous Coward · · Score: 5, Funny

    This was clearly outlined in paragraph 7 of page 83 of the AudioGalaxy Terms of Service. It's right below the paragraph outlining the rights to your lungs in case of death by bear mauling. I don't know you could miss it, it was in huge 1pt print.

  6. Does it really matter? by poofmeisterp · · Score: 5, Insightful

    What does it matter if you opt-out of a mail list?
    Once you've opted in, the third party can then sell your address again and you then have NO way of tracking it around.
    Unless a system identical to the national "Do-Not-Call Registry" can be established for email addresses, there's not a damn thing you can do about spam in relation to opt-in/opt-out lists.

    1. Re:Does it really matter? by scottm52 · · Score: 5, Insightful

      Not far off the mark.... However, if one state does establish a no-spam list (like the no-call lists) a HUGE impact against spammers would be felt.

      For example...

      1) State has "no-spam" act...
      2) You get spam
      3) You report spam
      4) State gets enough complaints to act (not many really)
      5) State AG office actually buys something, traces the $$$, gets the bank acct data.
      6) State AG gets Court Order freezing the $$Bank Accts$$ until trial concludes.
      7) Trial occurs or spammer settles

      Result? Just a couple of these from a single state and since spammers don't know where they're sending email, they're gonna get real scared, real fast.

      I only hope the Missouri No-Spam act (pending) will end up implementing an approach like this one.

  7. Linked Advertisements? by Metallic+Matty · · Score: 3, Interesting

    I agree with the comment; how does opting in for Audiogalaxy ammount to a Sprint ad?

    I may be a member of the ASPCA; but I don't expect to receive credit cards in the mail as a result..

  8. Dangers of "Opting Out" by TrollBridge · · Score: 5, Informative
    I don't get a whole lot of spam, and I suspect it's because when I DO get spam, I NEVER click on the "Click here to remove yourself from our mailing list" link.

    For those who don't know this already, all that does is validate that there is a user who actively checks/reads that email account. A list of valid email addresses is VERY valuable to other spammers, who eagerly shell out the $$$ so they can send you MORE spam.

    So in reality "Opting out" often will only bring you MORE spam, not less.

    --
    There's a Mercedes gap too. I want one and can't afford one, but it's not government's job to do anything about it.
    1. Re:Dangers of "Opting Out" by slamb · · Score: 3, Insightful
      So in reality "Opting out" often will only bring you MORE spam, not less.

      Yes, when I get random emails claiming to be opt-out lists or that I opted in, I also don't opt out for this reason.

      But this is a different situation. He opted in to a list with Audiogalaxy. A relatively reputable place, and they already knew his email address was valid because he opted in. It was a reasonable thing to do, and the spam should stop afteward. But judge apparently felt it was not practical for them to have distributed that notification to all their partners in two days, so he threw out the lawsuit. Presumably it takes them that long to distribute opt-ins also.

  9. when?!?!?!?! by Gizzmonic · · Score: 4, Funny

    And what does a "good post" have?

    --
    (-1, Raw and Uncut is the only way to read)
    1. Re:when?!?!?!?! by asparagus · · Score: 4, Funny

      I'm fan of hedge, but railroad ties also make good corners. Just remember to put some dry concrete in the hole so that it will 'set' properly. You don't want the thing getting loose once you start pulling the wire.

      While we're on the subject, what's your opinion on barbed wire? I'm a member of the five-strand club, but a lot of people prefer the cheaper four-strand variation.

      -Brett

  10. Partners bullshit... by Fnkmaster · · Score: 5, Interesting
    All the opt-out list systems are just encouraging businesses to set up "partnerships" solely for the purposes of exchanging direct marketing data. I don't want calls from AT&T's "exclusive partner" in marketing baubles, trinkets and bullshit. I set up a business relationship with AT&T to provide me with phone service, period. If they call me to offer a new phone plan, fine, I can tolerate that, it's within the bounds of our business relationship. If their "exclusive partner" calls to offer me baubles, trinkets and bullshit ("exclusive promotional offer to sign up with suckourballs.com"), they can blow me.


    I plan on taking a stand against this personally by breaking off business relationships with companies that insist on sharing my data with their "exclusive marketing partners" and crap like that. I signed up for the Massachusetts State Opt-Out list for a reason.

    1. Re:Partners bullshit... by poofmeisterp · · Score: 3, Insightful

      My father tried this already. He's found it impossible to do business with anyone because somewhere in EVERY company's paperwork, there's a caluse that allows them to share your information. Even if there's a separate entry that states they will not share it, it's overridden by another section (or whatever.)
      My father and I, through extensive testing, have discovered that the only lists that you can effectively opt-out of are the ones that drones gather as points of sale in stores (phone, email, address, etc.) Everything else is free game.
      Even then (as was the case with Radio Shack before they changed their info gathering techniques) some companies will refuse to proceed with a sale unless you provide them with this information.

  11. Spam is a GOOD thing by Hayzeus · · Score: 4, Funny

    ... because in no other era could my penis have had this much correspondence dedicated to its well-being. We're living in a Golden Age, people, but none of you appreciate it...

    --

    Roving Web-Teleoperated Robot
    1. Re:Spam is a GOOD thing by eclectro · · Score: 3, Funny


      Not to mention all the breast ehancements to go along with your penis improvements.

      She-hes never had it so good.

      --
      Take the cheese to sickbay, the doctor should see it as soon as possible - B'Elanna Torres, "Learning Curve"
  12. Two points of note by eaolson · · Score: 4, Interesting
    The Sprint lawyer quoted in the article says, "The purported purpose of all these statutes is mainly to stop unsolicited pornography and scams." Funny, I thought the point of the anti-spam law was to stop spam, not porn.

    Secondly, without using tagged addresses, how are we, as end users, supposed to know if we've "opted in" to receiving an email? (This assumes the email in question in this article was not sent by AudioGalaxy on behalf of Sprint, but by Sprint itself to a list it bought from AudioGalaxy.) For example, if I sign up for AudioGalaxy on Monday, they sell their list of addresses to Sprint on Tuesday, and Wednesday I get emails from both Sprint and MCI. The Sprint one is "legit," the MCI one is not, but there's no way to differentiate between them.

    1. Re:Two points of note by BWJones · · Score: 3, Informative

      My bullcrap-meter is pegging. I'd like to know how you can make that claim, especially considering how secretive the companies are about their adult entertainment revenues.

      There was a big legal case where a local video store was accused of distributing porn and this was part of the findings. See this link for details.

      --
      Visit Jonesblog and say hello.
  13. the article is lacking in details by Gunzour · · Score: 4, Insightful

    From the article, it seems that this is what happened:

    - User signs up on website run by company A (Audio Galaxy)
    - company A sells User's email address to company B (Sprint)
    - User opts-out on company A's web site
    - User gets spam from company B

    I hate spam as much as everyone else, but I don't see how this can violate any law. If the User opted-in, which it appears he did, and then later opted-out, Audio Galaxy can't be expected to go around to everyone they sold his email address to and say "Hey, that email we sold to you before? Stop using it!" Audio Galaxy should stop selling his email address at that point, but that would have no effect on the apparent sequence of events here.

    If anyone is able to find the actual court ruling I'd be interested in reading it. I don't see where the "existing business relationship" exists (for all we know he may be a Sprint customer), but if the events happened as I listed, I don't think it's relevant.

  14. a way to get proof by standsolid · · Score: 4, Insightful

    buy a domain name (or get a free subdomain from someone -- whatever). I have all my email directed to one account.

    so for signing up with any service i use this address

    joebob-audiogalaxy@junk.foofoofoobar.com
    or
    jo ebob-slashdot@junk.foofoofoobar.com

    and that redirects to my real email address

    joebob@foofoofoobar.com

    any email with To "junk.foofoofoobar.com" i direct to a spam folder. If i find a site that vlaims it won't sell my information, but magically sprint is emailing my audiogalaxy address... it tends to perk my ears up. Proof.

    --
    WTPOUAWYHTTOTWPA
    What's the point of using acronyms when you have to type out the whole phrase anyways?
  15. Telemarketers by stratjakt · · Score: 5, Insightful

    You have to give telemarketers 30 days to remove you from their lists when you ask. I dont see how online spam should be different.

    If you opt in, and then later opt-out, and get an e-mail 2 days later, I don't see it as some great evil. You shouldnt have opted in in the first place.

    You all need to chill pushing for all these spam laws, regulating the internet is a bad thing in the end. Do you really want your real name and SSN tied to your e-mail account for the sake of ending spam? (Because thats about the only solution the government will come up with).

    Beef up your filters and accept it.

    --
    I don't need no instructions to know how to rock!!!!
    1. Re:Telemarketers by oliphaunt · · Score: 3, Informative

      Really, this is ON-topic... just not till the last point i guess :-/ This filter suggestion you have:

      Beef up your filters and accept it.

      is good. Your logic about the marketers needing 30 days is also reasonable. But since this is a board for nerds, I think it warrants something more involved... you want maintain control over your mailing addresses, and whether or not you recieve mail sent to them. The solutions are out there- you just need to take a few minutes to put the pieces together.

      I just started using a new account for my main email address, and I'm taking this opportunity to try to break the chain of spam that I developed over 6 or 7 years of using my last address at a .edu domain. What steps am I taking? (note- of course, this is a linux-centric view. If you're using hotmail/outlook/AOL, and you're really concerned about the spam you get, my only suggestion is "find something else.")

      1. Set up Procmail. If you're root, it's a little more involved... if you're not root, odds are procmail is already running somewhere on your system. "man procmail", "man .procmailrc", "man procmailex" should be enough to get you going.

      2. Use Spamassassin. Once again, if you're the only user on your domain, it's more work because you have to dl/install/configure the SA program. Lucky for me, i don't have root on my mail domain, and my friendly new sysadmin had it running already- so all I had to do was set up a new procmail recipe like this one. In fact, i think i used that one, exactly.

      3. Use sneakemail to generate new email addresses for any public post/contact information. Point the sneakemail account you set up to your real address. Don't ever list your actual REAL address ANYWEHRE that a bot can pick it up off the web. Don't give it out to anyone on the phone. Don't use it to send email to anyone at hotmail. Don't list it in the text on your resume or write it out in your .signature. Don't fill it in on warranty registration postecards.

      #3 is the really important one- which is why i brought it up in an earlier post in this thread. You probably have another account that is getting a lot of spam right now, which is why you've read this far. So you .forward that address to your new address, where everything that comes in gets run thru procmail and SA just like any new mail. Procmail lets you set up separate delivery folders for mailing lists, so if you use Sneakemail every time you join a new mailing list, or give your address to another company online, you can direct mail coming to that address into its own folder, because sneakemail tags the "From:" headers with information as to which address someone is sending mail to. SO- to take this particular case in point, you make an "audiogalaxy" sneakemail address, and when you get spam from Sprint on the audiogalaxy address, you know that audiogalaxy sold you out. So you call them up, complain, AND THEN YOU LOG INTO SNEAKEMAIL AND TURN THEM OFF.

      --




      Humpty Dumpty was pushed.
  16. Re:False Assumptions by cindik · · Score: 4, Funny

    Judging from how much spam I got within a day of posting on slashdot with my special slashdot email address, I'll bet Mister Drecksel will get plenty of spam at his pcd@pwlaw.com address very soon.

    --
    Terrycloth Lobster
  17. Common Sense by Apple+Acolyte · · Score: 4, Insightful
    For the love of God, please don't bring the government in to regulate the Internet! That's a can of worms I wrongly assumed slashdotters would decry. Common sense dictates that one company cannot be automatically beholden to another's privacy policy. Each company dictates its own terms concerning information collection and privacy. And each firm has its own opt out policy. If AudioGalaxy shares your address with Sprint, and Sprint shares information with spammer C, AudioGalaxy shouldn't be held responsible for the spam that you receive from spammer C, D, E etc. . . AudioGalaxy and Sprint could have been acting in good faith.

    The majority of the responsibility here belongs to the individual. If a firm handles addresses improperly, it's the user's choice whether or not to continue using the service. No company is forcing any user to subscribe to their services. Use some common sense - protect your main address by only giving it out to those you trust, and give everyone else a separate address. That's how I keep myself spam free.

    --
    Part of the hardcore faithful who believed in Apple long before it was cool again to do so
  18. Return it Right Back by ShwAsasin · · Score: 3, Interesting

    If the courts have decided that you've got a business relationship, could you send sprint employees mail as well with the message at the bottom which reads "This email is permitted under the terms of the court identying that Spring and ____ person have a business relationship."? Although it sounds very childish, is possible to throw it back in their faces?

    1. Re:Return it Right Back by adzoox · · Score: 4, Interesting
      Very interesting LA Law style tactic. Good suggestion. A local to me tried something similar. He said that our local paper was invading his private space and trespassing. He claimed that the local paper delivery boy was doing nothing more than scouting the place out for late night heists of our condo property when delivering the weekly free sampler paper.

      I believe the local court ruled similarly saying that, one person gets the paper and OTHERs at my place enjoy getting the weekly sampler so EVERYONE should have the benefit of the free paper and delivery to your door. The plaintiff, after losing delivers 50 weekly samplers to the door steps of the court house EVERY week now. About two weeks ago, the city filed a lawsuit for littering. He is claiming that a few people like the repository and actually pick up the paper to read and that a few people inside get regular delivery of the paper. The weekly sampler also includes the arrests listings for Greenville County, he's claiming "informational association" - it's been entertaining to watch.

      --
      Yell & scream & rant & rave... it's no use... you need a shaaaave ~ Bugs Bunny
  19. No way of tracking-- unless by oliphaunt · · Score: 5, Informative

    Unless you use sneakemail. Whenever I encounter a webform where it seems like I need to provide a valid email address, e.g. to recieve a tracking number or an initial PIN code or some such thing, I just pull up sneakemail, create a new address, label it with the date and the party who is getting the initial address (March 14 03, audiogalaxy).

    That way, if audiogalaxy sells that address to someone else, not only do I know where that someone else got my address from and (approximately) when it must have happened, but (and this is the important part)

    I CAN CUT THEM OFF
    Sprint can send as many emails as they want to the address from audiogalaxy... that address is no longer valid, because sneakemail let me kill it.

    yes, i'm a paying subscriber, and i've been using it for about 2 years now.

    --




    Humpty Dumpty was pushed.
  20. Here is the scoop by ..... · · Score: 5, Interesting

    The basic facts in the article are right: Gillman opted-in to GroupLotto's list to receive stuff, then some time later opted out. A day after he had opted-out, a received an email from Sprint, an GroupLotto "partner". Gillman sued.

    Sprint moved for summary judgment on four grounds:
    1. Sprint itself did not send the email
    2. The email was sent unitentionally
    3. Gillman had consented to receive the email
    4. Gillman had a preexisting relationship with Audiogalaxy that made the email not "unsolicited."

    The court decided as follows:
    1. The law defines the spammer as either the sender, or the one who causes email to be sent. So Sprint is still a spammer.

    2. This argument calls for a factual judgment, so it isn't appropriate to rule on as a matter of law.
    Sprint basically said that it was GroupLotto's fault that it was sent -- Sprint only wanted to send to opted-in people. Thus the sending was unintentional. However, there are several issues about what the different parties obligations are, so this claim was rejected.

    3. Sprints third argument was also not suitable for summary judgment. Sprint argued that at the time Sprint contracted with GroupLotto to send the email, Gillman was opted-in, and had therefore consented to receive the spam. This argument was partially based on a "two-to-three day" unsubscription time that Sprint claimed was standard -- Gillman could not have expected that he had opted-out until several days had passed. However, there was no such temporal disclaimer from GroupLotto, and it was granted that Gillman had unsubscribed by the time the email was actually sent. This issue of fact was unsuitable for summary judgment. Therefore, it is explicitly undecided if the fact that the email was "in the pipeline" when Gillman opted-out makes it spam or not.

    4. For this argument, Sprint argued that Gillman had a preexisting business relationship that made the spam not "unsolicited." Unfortunately, they were right. The Utah law reads as follows:

    "commercial email is not 'unsolicited' if the sender has a preexisting business or personal relationship with the sender."

    The law makes no provision for discontinuing a business relationship. Thus, you have a "preexisting business relationship" with *anyone* you have ever done business with under the Utah law.

    The judge noted that this is probably not what the legislature meant, but still, she was constrained to follow what they actually passed into law, not what she thought they meant.

    There were a few other problems with the case, but that one flaw was enough to grant summary judgment.

  21. Something to try: by interstellar_donkey · · Score: 3, Insightful

    Not that it's worth anything, but who knows. When I get spam from a reputable company, I typically try to find their customer service email address and send them this little form letter. I doubt that it does any good, but if enough people showed the larger corporations that we don't want spam, perhaps the meat and potatoes of the spam mailing list scumbags would be dropped just a little.

    Dear: Company

    Today I received an unwanted, unsolicited email from your company (spam). I always believed that your corporation was honest and forthright, and it is beyond my comprehension why you would decide to set yourself alongside pornographers and scam artists by using unsolicited spam email.

    Regardless of what your spam mailing company has told you, I have never consciously 'opted in' to receive email from them, you, or any of their partners. They have either gained my 'approval' using deception or trickery, or they have simply lied and found the email address somewhere on the Internet. In either event, I have never, nor will ever want to receive unsolicited spam email. In other words, I don't want to get this type of mail. Ever. And I have never actively asked to receive it.

    Spam mailing companies such as the one you use are corrupt and crooked. These are not honest businesses. And I cannot with good conscious do business with any company that chooses to partner with near criminals to conduct marketing. As such, I will not do business with you until you stop associating with these shady organizations.

    Please do not forward this to your spam mailing list provider in a show of 'good faith' to 'opt me out'. All this will do is inform them that this is a valid email address, and place me on numerous other mailing lists. Like I said, these are not honest business people. If you doubt this, ask them exactly where and where I 'opted in' to get this junk. Ask them why they often use different and misleading domains to get around my 'block sender list'. They will be unable to provide you with an answer, because I have never actively 'opted-in', and they will try every trick in the book to get their junk through. Again, this is because they are dishonest.

    If you decide to stop using this sort of unethical marketing, please inform me. I would be more then happy to continue doing business with you.

    --
    The Internet is generally stupid
  22. I bet someone else had this idea before... by perlchild · · Score: 4, Funny

    But doesn't that "SCREAM" that selling "email-based permission" lists illegal?
    After all, if business A sells your email address for 2.95, and business B sells it to C for 5.95 and business C does something illegal with it, how would business A sue business C for illegal use? It can't, and that places the burden on the customer. But since you can't limit WHO they sell your "permission to" (obstruction of commerce) that means you're writing them a blank check, with little to zero chance of ever having your rights respected. (the amount of spam makes prosecution for a single spam unlikely in the extreme) YET each spam is an individual crime, that must be investigated seperately.
    There is also the question of just how "valid" the permission you gave to A for purpose X be translated to C for any purposes other than X... And with X usually being "promotions related to a product I bought" X is of little sale value to C... purpose Y is however, very valuable... Hence C wants to buy address "blue" from business A, for purpose Y, now if purpose Y wasn't known at the time permission was given, how can permission be considered to have been given(say permission to advertise an invention that didn't exist when blue gave permission to A)?
    Doesn't the burden it places on the victim(the person whose rights have been abused, by receiving mail whom in most other contexts would be considered illegal) signify to legislators that

    1) to properly track when a permission is given, when most spammers close up shop within a few days and just reappear with the same list, under a different company, require an independant registry of permissions?
    2) to be able to correlate permission with origins of spam, you require to be able to track the origin of any single email message. By that reasoning wouldn't sending a message with forged header be considered illegal until proven otherwise(a bit like how a radar detector or any other device that allows one to bypass enforcement of a law illegal)?
    3) Since permission would have to be tracked by purpose and by sender, shouldn't access to that single registry be paid for to cover administration costs? And once headers are fully considered thrustworthy again, shouldn't it be possible to bill per spam sent?

    I think those are all valid questions, that the legislators should consider