Californian Court Fines Spammers $2 Million

afra242 writes "The BBC News has reported that a Californian court has fined a marketing firm $2m for spamming via email. This judgement was the first anti-spam ruling and the marketing firm were fines for sending out millions of unsolicited e-mails telling people how to spam. We're getting closer..." Other readers point to coverage of the judgement from the Associated Press (via SFGate) and from Reuters (via Yahoo!).

$2 Million

[r_glen]

Great! When do I get my share?

Let's take what we can get...

[Evil+Adrian]

I mean, hey, it's not ass-rape, but $2 million will do for starters.

People said...

[IversenX]

...it wouldn't work. That fines wouldn't help.

If rulings like this become everyday experiences, I honestly think the amount of spam will decrease.

It will not solve the problem, however. There are ALOT of ideas for this, one of which is POP-Before-SMTP, which seems somewhat sane. But then again, they (more or less) all do. I find it highly unlikely that any of these n solutions will find wide acceptance and use, before at most a handful standardized ways are selected.

Oh yes, and all your money are belong to us!

Re:Too leniant.

[eclectro]

First they need to make it a felony to spam. Spamming is no different from other forms of wire fraud (by using fraudulent headers, cracking into networks to send spam, theft of services, not to mention most of the time they are selling a scam).

Then spammers can be sent to prison where they can be stabbed in the showers.

From the article...

[asparagus]

The injunction also forbids Willis and Griffin from owning or managing any business that advertises over the internet for 10 years.

After 1 January, the state's anti-spam laws will get tougher and will also allow private individuals to sue spammers and collect damages of up to $1,000 per e-mail.

That's a nice pair of little clauses there.

The problem is that these guys were a perfect case: a pair of California spammers spamming people inside California using California computers. Methinks jurisdiction is going to be much more interesting when they try to go after out-of-state/country people. If they do so.

However, it does send a nice message to the bastards. And if just one of 'em decides to not hit that 'send 50 million emails' button, that's a little win for the Internet. We gotta be happy with that, 'cause the government (as usual) is gonna keep the money to itself.

Re:From the article...

[jfengel]

Because it's a perfect case, it will be a nice precedent if it is appealed. I'd hate to have one of these appealed to the Supreme Court (on, say, free speech grounds) only to have it knocked back on some sort of technicality due to juridication.

I do hope they appeal it, and that the Supreme Court affirms it. That will provide a basis for future laws testing out exactly what can and can't be banned.

I consider spam to be more a case of impoliteness taken to the point of being criminal. Sending one unsolicited email to one person (say, fan mail) is generally considered OK, if impolite; sending billions of commercial ones is not. The courts have a delicate balance to draw, and I think the best way may be to solidify the clear-cut cases before trying to tackle the hard problems.

Re:From the article...

[espo812]

allow private individuals to sue spammers and collect damages of up to $1,000 per e-mail.

That's a nice pair of little clauses there.

How do you figure a fine of $1,000 per e-mail is a nice clause? One of the biggest complaints I have with the american justice system these days is a broad divsion between crimes and consequences (and in punishing responsibility for harm.) There is no way a single e-mail could cause $1,000 worth of damage. Thats an absurd punishment for a virtually victimless crime. Don't get me wrong, I hate spam as much as the next guy. However, there are technical means to alleviate the problem, and a huge fine is not reflective of the damage done.

Re:From the article...

[DiveX]

What all other laws with statutory penalties?

Cut down a tree in your own yard in many jurisdictions and you'll be paying out thousands in fines. Who is the victim there. Shouldn't you be allowed to cut down your own 200 year old oak tree if you want?

Littering on the highway is victimless...right? That will get you a $500 minimum fine in some states.

Junk faxes my only cost you a few pennies, but you can collect $500 from a company that sends it. The law prohibiting it has been around for over a decade. Every SINGLE federal court district that has hear issues of 'free speech' and junk faxing have denied the complaints. Commercial speech does NOT have the same protections nor should it.

That fact is that such activity is not victimless. Admins have to constantly adjust and upgrade mail servers to try to stop the flow or manage the load. That costs time and money, and those costs are passed on to you and me.

The only way to stop this kind of behavior is to make it no longer viable for them to do this. The Government doesn't have the resources, so a private right of action is the key. If it wasn't for those of use that take on telemarketers and junk faxers, I guarantee that it would be a much larger problem.

Re:From the article...

[Stephen+Samuel]

Methinks jurisdiction is going to be much more interesting when they try to go after out-of-state/country people. If they do so.

Not likely to be a problem here. Jurisdiction requires a presence of some sort in California (in this case). Doing business (or attempting to do business) in california is enough to trigger local jurisdiction.

If you can prove that somebody (anybody Consider this: If I pay somebody to go down to your house and rip up all the trees in the yard, you still have jurisdiction against me even though I live in Canada. You might have a hard time collecting on the decision against me, but that's a different issue.

You can almost guarantee that these people accept payment by Visa/MasterCard, so I'm thinking it should, at least, be possible to collect by attaching to their Visa/MC merchant accounts.

2 million is a molecule in the bucket

[Futurepower(R)]

Wow! $2,000,000 is 1/10,000 of one penny for each spam email. That'll stop him!

Okay, that's an exaggeration. Maybe, because of this judgment, the spammer will become so poor he will have to stop having caviar flown in from Moscow.

Re:2 million is a molecule in the bucket

[aardvarkjoe]

Don't be ridiculous. These spammers aren't rolling in money -- they might be making a decent living, but they're not multimillionaires from spamming. $2 Million is plenty to deter someone from spamming.

Re:2 million is a molecule in the bucket

[isorox]

Whats $2 million to people who have buisness contacts in Nigeria, have hundereds of thousands of dollars in cash through the mail every day, have a 16" penis, get free prescription drugs, have computer patches delivered to their inbox, have free accounts at thousands of porn sites and have 17 mail order Russian brides.

Closer to what?

[muffen]

We're getting closer...

Hmm... I like them being fined, and california needs the money, that's for sure.
However, I wouldn't jump too high right now. I think we are just changing the game, not winning it. Here's an example of what spammers are doing now.

I believe whitelisting is one of the only way to go about stopping spam, but it has obvious problems associated.

Ah well, atleast the government is doing something... 5 years too late.

Yes we are getting closer to the real solution...

[Arcturax]

Which is to sue not just the spammers, but the companies who hire them and ban their imports to the Unites States (or whatever country you are in) to punish those overseas who may be beyond the reach of a lawsuit. The latter may be harder to enforce as I am sure there are ways around it and not enough customs agents to check everything. But it might at least have some impact on domestic companies who hire spammers. The more countries that join in, the more impact it has overseas. Companies will soon learn that using spammers costs more than it makes. Dry up the demand for spammers and the problem goes away.

$1000 per e-mail?

[DrEldarion]

According to the article, a law goes into effect in January stating that people can sue companies for $1000 per spam e-mail they get. As much as we all hate spam, isn't $1000 per e-mail a bit excessive?

Think about how we react when we hear about the record companies suing people for thousands of dollars per song that they share. The normal reaction is, "There's no way that these people caused that much damage to the RIAA! They should only be able to sue for how much damage they can prove they incurred over that person sharing the song."

Why doesn't that apply here? Just because we don't like spam? One spam e-mail doesn't cause $1000 worth of damages just like one shared song doesn't cause $10000 worth of damages. Isn't there a bit of a double standard here? The people in the story got punished in a different way as well - they can't advertise anything over the internet for the next 10 years, not even their own marketing company.

Now, I'm all for spammers getting shut down and punished, but $1000 per e-mail seems a bit excessive when the actual damage to your time/bandwidth is nowhere near that.

-- Dr. Eldarion --

Re:$1000 per e-mail?

[jfengel]

I assume that it's at least partly punitive, and to make up for the fact that you'll be nailed for only a tiny fraction of the spams you send. Whether that's valid legal reasoning I'll leave to the lawyers.

Re:$1000 per e-mail?

I come at this from an economics perspective. First, it would cost a fair bit in time to actually track down a spammer, but this really secondary. For the law to actually have a deterent effect, which is presumably what they are going for, there has to be a real economic consequence for breaking the law. Because the probability of an individual actually finding, suing and collecting from a spammer is so low, the fine has to be high to make the per spam cost high enough to be a deterent. The low probability of having to pay dilutes the actual monetary fine. The action of the RIAA (bastards) is similar. They don't want to spend the money to go after every shared file, so the damages they seek are high per song for that individual, but spread out over everyone they are just trying to make the risk of filesharing just high enough that most people won't do it. It screws some individuals, but makes the risk just high enough that I would rather use iTunes or buy a CD.
The basis for these comments is an emerging study called behavioral economics. Steven Levitt at the U of Chicago has a number of fascinating papers that show how economics principles describe people's behavior even when $ is not directly involved. Definately worth a Google.

One by One

[Schlemphfer]

Perhaps state governments will never be able to stop one man spamming operations that are being run on a shoestring. But there has to be a starting point in fighting spammers, and it makes sense to pick out the largest targets possible. In one stroke, it appears that California has ended PW Marketing's business. And very likely, the state will come out ahead after the fines are paid.

Perhaps the greatest asset that anti-spamming forces have going for them is that spammers don't have the foggiest idea where each of their spams are going to. Who knows whether joeblow@hotmail.com is an account based in California or Timbuktu? And that, I believe, will pose spammers with an insurmountable problem. They are going to have to make all their spams California-legal, because there's probably not a single spam list out there that doesn't target at least a few dozen people in California.

Now clearly there will be some people who will say, "This law is unenforceable against offshore spammers." That's fine. The question is, do you want spams coming from both domestic and offshore spamhauses? Getting rid of spam sent within the United States will wipe out a large part of the problem; and not just in terms of numbers of spams sent. It will also disproportionately harm spammers with the greatest financial resources and the greatest technical expertise to overcome spam filters.

On a side note, I've noticed that for the first time in memory, my daily spam load over the past couple of months hasn't gone up. There's blood in the water.

It is in this case.

[www.sorehands.com]

This takes out one spammer and shows some of the people who spam or thinking about spamming that they may get hit with fines and penalties.

The money does get put into the state coffers. This is not like the RIAA who keeps the money for themselfs.

Re:It is in this case.

[Gherald]

> The money does get put into the state coffers. This is not like the RIAA who keeps the money for themselfs.

You don't suppose the RIAA has coffers?

free speech my ass

[zakezuke]

I'm all for free speech, even in cases were I don't agree with the person's view point. The stormwatch neo-nazi group is one example of bozos and foofoo heads while I strongly disagree with them, I feel it's their right to make total asses out of them selves.

At the same time, I reserve the right to censer what i'm exposed to, as a consumer I have every right to do this. To allow adverts of viagra and penis enlargements on the net should be considered free speech and protected under the law. However, spam in my inbox is steping over personal boundries. I accept advertisments as a way to pay for content I view, however spam is getting a free ride and providing income to people who are not associated with providing me e-mail.

Re:Yes we are getting closer to the real solution.

[tessaiga]

sue not just the spammers, but the companies who hire them and ban their imports to the Unites States

Oh good! Then instead of hiring spammers to advertise their own products, companies will just hire'em to advertise their competitors' products. I wouldn't be surprised if that works out to be faster and cheaper than trying to push your own products.

Not to mention the fact that often spammers are resellers of no-name crap products which could easily be relabelled and sold under a different name. Banning products only works if your product name has some value.

Keep in mind they didn't get finded for spamming

[MadAnthony02]

They didn't get find for sending spam per se, they got fined for sending spam with specific characteristics - specifically spam with forged headers, no opt-out, and routed through a bunch of hacked computers.

Maybe this really doesn't make a difference, since most spam has those characteristics. While legitmate email addresses and not routing it through a ton of open relays would be nice, the opt-out part is useless, since almost everyone knows not to respond to op-out on spam, since it usually just results in more spam because they know it's an active address.

Always love the comment of...

[Ceadda]

They hacked other mail-servers to send mail for them so it couldnt be traced back to them... Ah... wait a minute... I thought they were selling a physical object... a book on spamming.. which means they would have to have some place to be billed, and also a way to actually mail the book... Hmmm... guess we cant trace credit card purchases, balance transfers.. or US mail anymore.. wow. Musta been real hard to track down?

It's already been appealed. The spammer lost.

[Animats]

California's anti-spam law has already been tested in the courts. In Ferguson vs. Friendfinder, the case was appealed on constitutionality grounds, and the California Court of Appeal for the First District ruled that the law was constitutional.

So there.

California open season on spammers starts Jan. 1

[Animats]

Unless Congress passes a pro-spam law that overrides it, open season on spammers starts January 1. This win was under the old law. The new law simply makes spam illegal:

• Business and Professions Code 17529.2.
  Notwithstanding any other provision of law, a person or entity may not do any of the following:

  (a) Initiate or advertise in an unsolicited commercial e-mail advertisement from California or advertise in an unsolicited commercial e-mail advertisement sent from California.

  (b) Initiate or advertise in an unsolicited commercial e-mail advertisement to a California electronic mail address, or advertise in an unsolicited commercial e-mail advertisement sent to a California electronic mail address.

The important part is in the details.

• Anybody in California can sue for $1000 per spam, up to $1,000,000 per incident. (Current law has a $50 limit. The new law makes it worthwhile to go to small claims court for a single spam.)
• You can sue in small claims court for up to $10,000.
• You can sue the advertiser, the "beneficiary" of the spam. So you find out where the money goes, and go after them.
• If the spammer, the advertiser, or the recipient is in Californa, you can sue.
• ISPs can sue.
• Class actions are allowed.
• There's a general provision in California law that anyone can "act as the attorney general" to enforce consumer laws in court, and that applies here.

The key here is that you can go after the advertiser, not the spammer. You can find the advertiser by following the money. If you put in a credit card number, where does the transaction come out?

Using an "internet billing service" like iBill won't help. They're actually the "merchant" in such cases. iBill is going to be involved in many spam lawsuits.

The Direct Marketing Association is frantically lobbying Congress to override this before it goes into effect. S.877, which just passed the Senate, would kill the California law and replace it with a weaker one. But the House hasn't acted. Watch for any last-minute action at the end of the session.

Similar Punishment For Junk Faxes

[BoyHowdyAAF]

The Federal Junk Fax Law provides for penalties of $500 for sending a junk fax. This punishment can be increased to as much as $1500, if the violation of the law was willful or knowing.

I know that there's more of a problem with externalizing costs with a single junk fax than there is with a single spam e-mail, but in both cases, the punishment is orders of magnitude above the actual damages. That's because you're encouraging the public to take action on this themselves, and there's a significant amount of time and work involved.

Market prices versus damages and fines

[mec]

The penalty for violating a law should be much larger than the cost of following the law. Otherwise, people just break the law for free, and only pay if they get caught.

It's a separate argument whether a law is a good law in the first place. But if you believe, as I do, that spam should be illegal, then it's okay for the penalties to be a lot larger than actual damages.

For example, go down to the grocery store and shoplift some bread, and then try to get out of the criminal penalties by offering to pay the $2 damages after you get caught.

Re:Market prices versus damages and fines

[mec]

How many orders of magnitude beyond the original damage do you want?

A very good question. I want 2 to 3 orders, roughly. I figure that about 1% of all crimes get brought to prosecution, and I want to make the average penalty higher than the cost of following the law.

As another poster said, the damage from spamming is usually more than 1 mail in 1 mailbox. If a spammer sends 1,000,000 messages, and they cause $0.01 of damage each (by assaulting other people's attention without permission), that's $10,000 in actual damage.

That's a serious crime.

But suppose I subscribe to some e-newsletter from Sony, and then I properly notify Sony that I don't want it any more, but they improperly keep sending it. How much damage am I suffering? $0.01 to $1, we agree. I'm willing to stipulate down close to $0.10. "2 to 3 orders of magnitude" means $10 to $100 for each offense, which seems reasonable to me if I have to actually take them to court.

Punishment should appropriately match the offense, that is all.

You know, this is why I like this discuession more than previous Slashdot discussions about spam laws. A lot of people are actually coming out and acknowledging that spammers are human beings; they have the same rights as other human beings; spamming is one crime among many; spamming should be treated in a coherent framework with other crimes.

Honestly, there were days on Slashdot when it seemd like people wanted to punish spammers more than they would punish Osama Bin Laden.