First CAN-SPAM Lawsuit Filed in California

rocketjam writes "Foster City, California-based ISP Hypertouch, Inc. has filed the first lawsuit alleging violations of the new Federal CAN-SPAM Act of 2003. The lawsuit was filed against BobVila.com and the spammer they hired, Bluestream Media, for sending Hypertouch customers unwanted, unsolicited email advertisements for Vila's "Home Again Newsletter." The suit alleges the defendents sent spam email ads with fraudulent headers and no physical address. It also alleges the emails were sent to randomly generated and harvested addresses as well as addresses that had replied to opt-out links in other spams. Hypertouch's attorney, John L. Fallat, said the CAN-SPAM Act offers little protection to the public, but they would use the few protections it offers to punish spammers." Reader Clemence links to Wired's coverage of the suit.

California's tougher law still has some effect

[anonymous+cowfart]

California's tough spam law is mostly preempted by the new Federal law. But not entirely. The preemption clause reads

This Act supersedes any statute, regulation, or rule of a State or political subdivision of a State that expressly regulates the use of electronic mail to send commercial messages, except to the extent that any such statute, regulation, or rule prohibits falsity or deception in any portion of a commercial electronic mail message or information attached thereto.

So for any spam that has a forged header or a misleading subject, California's new law, with the $1000 per spam penalty, will still apply. California allows private suits in small claims court by any party. So you can haul the bozos into court. Maybe even across state lines.

A year or two from now, we'll be rid of the chickenboners, but we'll be getting even more spam from "legitimate businesses".

Re:Hmm

[Joe+Wagner]

Well, we were in contact with them for a bit before we filled the suit. Even after we told them a number of their spam were sent to addresses that were submitted to the opt-out links of other spam, they still refused to promise to never use BlueStream Media again. Shortly before we filed the suit, one of our users recieved another BobVila UCE, this time from a spammer in Florida.

One of the most compelling aspects in deciding to file this case was that among the various emails messages in their spam run they managed violate nearly every ISP-actionable part of CAN-SPAM. Specifically various email of the spam run had one or more of the following violations:

1) No street address
2) False headers, including

a) SMTP HELO's with names whose IP addresses don't match the originating IP

b) Domain names used in the headers that were registered with false names...

3) Addresses that had been submitted to the opt-out mechanisms of other spam
4) Random and harvested addresses, include domain registration contact addresses.

FYI: lawsuit homepage...

[Joe+Wagner]

Hi All, Just FYI, We will be posting updates to the case as they happen at http://legal.hypertouch.com. We think the CAN-SPAM Act is an open license to spam with very little protection for the public, but we are attempting to use what few protections are available to punish some unrepentant spammers.

One of the biggest problems with CAN-SPAM Act that we are hoping to educate the press so they can inform the public is that the Act says end users _must_ contact each spammer and opt-out. This is of course exactly the opposite of what ISPs have been tell their customers to do. "Opting out" merely gives the spammer have a live address. Some of the email addresses defendants sent spam to were unique addresses submitted to a "virus software 90 % off" spam. In no uncertain terms, "opting out" of spam signs you up for more spam.

We were surprised when even after we told BobVila.com about the quality of the lists their hired spammer was using, they still refused even just to promise they'd never use BlueStream Media again... Right before we filed the action, one of our users received a new BobVila spam, this time sent through a Florida based spammer.