Massachusetts Atty. General Forces Spammer to Pay

Cildar writes "The Attorney General of Massachusetts has forced a Florida spammer to pay a $25,000 fine and enter into a cease and desist order. The original suit contained both state consumer protection theories as well as allegations of CAN-SPAM violations. Here is the Attorney General's press release.

Cost of doing business

[erick99]

I don't think these court "settlements" slow this guy down at all. He was also successfully sued and ordered to pay $104,104 this past April. You can read about that case here. I am wondering if it is the case that he makes so much money sending spam that these fines and settlements are no more than the cost of doing business.

Re:Cost of doing business

[DiscoNick]

He probably uses it as a tax writeoff!

Re:Cost of doing business

[Brynath]

Well the settlement may not slow him down, but the fact that he "...must pay $25,000 and put an end to the practice..." could stop him from doing buisness as usual.

We shall see.

Re:Cost of doing business

[TykeClone]

As well he should - it is a legitimate business expense.

Whether or not it's a legitimate business is another story, though.

Re:Cost of doing business

[TykeClone]

They are in Canada http://www.grantthornton.ca/taxtips/taxtips_templa te.asp?TipID=48

Looks like they're not (anymore) in the United States - at least on the Federal level:http://grassley.senate.gov/index.cfm?FuseAct ion=PressReleases.View&PressRelease_id=59

Re:Cost of doing business

[Kjella]

If it is anything like most such companies I know, they'll either:

a) Try a somewhat different scam.
b) Try the same scam, but claim it is different while the actual results are much the same.

In most other cases, you can be barred from doing a particular business. It is kinda hard to bar a con man from doing cons.

Kjella

I'd Prefer Stoning

[DiscoNick]

Its a small start, but public stoning would be a more rewarding payback for those of us who stayed many late hours updating our spam filters.

Re:I'd Prefer Stoning

[Deliveranc3]

one pebble per spam otta do it.

Re:I'd Prefer Stoning

[Atrax]

> What's your excuse for getting spam?

The point isn't that WE aren't doing enough to protect ourselves from spam, but that we shouldn't HAVE to jump through hoops to avoid this shit.

Re:I'd Prefer Stoning

[1u3hr]

If you spam-armor your address whenever you make it available, you won't get spam.

Yes you will. Eventually, someone who has your address in their address book will be hit my a spam worm, which will send out spam both to and fronm your address, spreading it all over. Or a clueless friend will put it in a CC when sending a joke out to his friends. Or someone will dig it up in a list of addresses from your ISP. Etc, etc.

Re:I'd Prefer Stoning

What's your excuse for getting spam?

Some people use the internet for more than just playtime, Threehead. Some of us have to maintain legitimate whois contact info for all the domains we're responsible for, and can't just go changing our email addresses every time another fuckload of spam rolls in.

Re:I'd Prefer Stoning

[CGP314]

They destroy legitimate sources of advertising income.

Yes please, won't someone think of the advertising.


-Colin

Re:I'd Prefer Stoning

[misleb]

Gee, aren't you special. Not everyone wants to change their email address every time they get on some list.. and it will happen. I know plenty of people who've bragged about not getting spam and then, WHAM!, it all comes flooding in one day. I'm sorry, but you haven't found a solution to the spam problem. You're just lucky and probably more careful than one should have to be.

Also, you might find you have a problem when sender verification starts becoming standard practice. Soon, servers will not accept mail from user myname@gmail.com coming from server mail.myisp.com. We already implement this sort of thing for hotmail.com and yahoo.com sourced email. If the sender claims to be a hotmail user, the SMTP server better be a hotmail server.

-matthew

Lex Talionis is a morally bankrupt code

Why should we be happy when the spammers get spammed? Ponder this.

Lex Talionis, the principle of an eye for an eye, is a morally bankrupt code of law we've been moving away from for the past few thousand years, thankfully. It can't deal with the complexities of the modern legal order, and it ignores all proper justifications for systems of punishment: rehabilitation, prophylaxis, etc. It makes an assertion of rigid judgment in an attempt to avoid judgment itself. We can't live in a world without judgment.

Ask yourself this: should we rape the rapist? If not, why not? (Ignore for a moment that we essentially do rape rapists by committing them to so-called "maximum security" prisons where they get systematically brutalized and raped by guards and other inmates.) It's not a morally tenable position to lower ourselves to the level of brutes just so we can vindicate some idea of retribution.

Therefore, ask yourself why we should be happy when the spammer gets spammed? No one should have to endure the pain and annoyance of spam: it's the scurge of the online world. Not even the spammer, who may be in his business because of factors outside his control like debt or bills for an illness in the family, etc. We should be outraged when anyone is spammed, and we should put the full force of the state and the law against the perpetrator no matter who the victim! Picking and choosing among which victims to protect is something the legal order of former barbaric times did. I'd be disgusted if our government returned to those days.

Spam == bad. Victimization == bad. Why do people conflate the two? What kind of giddy moral superiority to you get from seeing anyone hurt?

Re:Lex Talionis is a morally bankrupt code

[Fnkmaster]

You are clearly trolling since nobody said anything about the spammer getting spammed or lex talionis.

I don't know why I'm bothering to respond to your out of context post, but the reason that we consider raping the rapist to be morally bankrupt is that rape is an awful violation of somebody's human rights, even if that person has themselves committed that crime. Spam, while an annoyance and a pain in the ass, is not a violation of human rights, just a negative externality (and one I certainly despise). So the point is that when a thief gets something stolen from him or a spammer gets spammed, it's not comparable to a rapist being raped. As to the effectiveness as a means of prophylaxis or rehabilitation, I'm not sure that ANY means of punishment have been shown to be effective in those ways.

How about....

[rathehun]

...the penalty for distributing spyware be using a computer, only with Internet Explorer, NO access to Ad-Aware/Spybot/etc and forced to keep the "Cute Kitty" screensaver that somebody reffered to in the SETI story?

I think he can then do his thing. Well, maybe he can use Gator to remember his passwords.

Waste these assholes...

Why settle?

[powerpuffgirls]

Why did he settle instead of going all the way?

Spammers spam because they think they have the freedom to spam, and the only way to stop this is to take away their freedom, ie some jail time.

Failing that, I thought the fine is a bit small, but sooner or later, people will find the "threshold" fine to impose, which basically make the whole spamming business unprofitable.

Re:Good to see.

[Antique+Geekmeister]

I'm sorry, but the CANSPAM act actually helps spammers. It over-rides much stronger laws at the state level, and the provision of "including an opt-out" and have a "legitimate description" and using a "valid email" address are trivial to circumvent.

Either purchase what is called a "pink contract" from your ISP, which allows you to spam, or simply use a series of throw-away sender accounts. Each is legitimate, but each is used to harvest the "opt-out" addresses and use them for the next spam for a slightly different product or for a distinct username with the same product. This kind of abuse is trivial, and already widely in practice.

What needs to be forbidden is the sending of unsolicited bulk communications: not "spam" as in "advertising", because that's too hard to decipher in court and gets into First Amendment issues. But outlaw unsolicited bulk communications of *any* sort: advertising, religious spew, political campaigning, etc. People can sign up to get email from you, but as soon as you start sending it unsolicited, face criminal penalties.

This kind of law has been in place for many years, successfully, for junk fax. The CANSPAM act is aimed at the wrong target: it's aimed at fraud, not at spam.

public results

[cybergrunt69]

Now if only they would seize all his computers and find all of the tools he used to send all this spam.

Most likely, he's used the benefit of spyware to send this bs out. It would be really nice to make those results public, so it would shed a better light as to why we should protect against that crap...

Looks like the crux is the opt-out link

[soapbox]

Not providing an opt-out link is not allowed under CAN-SPAM, and if the link doesn't work, then they can be fined. Great. BUT when other spammers have the opt-out link generate an attack on your machine, is the opting-out link something the lawmakers want to champion as real enforcement of the law--ostensibly making us better off?

What we need is a PROA

[DiveX]

Intil consumers have a private right of action as one exists in the telemarketing laws (Telephone Consumer Protection Act of 1991 47 USC 227) then the CAN-SPAM or anything else will be toothless. The TCPA gives consumers the right to sue in small claims court for violations of the law and subsequent federal regulations. I have another hearing soon sgainst a local mortgage company that made a single, prerecorded call to my residential line. I have demanded a total of $5000 in damages (statutory damages of $500 per violation [with 6 violations] and trebled due to defendants willful or knowingly violation of the law) since that is my local court limit as well as will be demanding an injunction. This is just one person's action. If just a few more people knew their rights and enforced them, the mortgage could be taken out of business for even a single illegal telemarketing campaign or until they declare bankruptcy. Serves them right I feel, IMHO.

Baloney

[XanC]

For the vast majority of human history, the penalty for pretty much anything was death. No questions asked. That's the default. If you can't live by the rules, you're out of the tribe... the hard way.

"An eye for an eye" is an advanced, progressive, touchy-feely principle made popular by Hammurabi about 6000 years ago.

Reilly rocks.

[SuperBanana]

No, not O'reilly. Tom Reilly, the MA Attorney General.

He's been on a virtual warpath against corporations. He didn't back off like all the other states did in the case against Microsoft. He took on the Catholic Church, and sent them running for cover. He's been a non-stop machine against corporate greed and corruption, and it's about damn time. We need a lot more state AG's like him.

I have a feeling he has aspirations for being federal attorney general. Long as he keeps up his current record of corporate ball-busting, I'm all for it. Yet another reason to vote for Kerry, I see it- Bush is quite happy with Ashcroft, and I doubt Ashcroft would last very long under Kerry. Somehow, I don't see Ridge lasting long either.

Pretty sad when you loose an election to a dead person and get slotted right into a high ranking, federal executive position you're not even remotely qualified for.

Re:Reilly rocks.

[MBCook]

"Pretty sad when you loose an election to a dead person and get slotted right into a high ranking, federal executive position you're not even remotely qualified for."

I've seen this many times before, here on /. too, and it makes me sick. It's not like he was an incumbent that was so bad he lost to a dead guy (which would be one thing). He was the challenger. He lost to a very popular man who died VERY shortly before the election. They couldn't change the ballot. Some (many?) people saw voting for him as a way to honor his memory.

Now I'm not going to pretend to know whether Mel Carnahand, a.k.a. "the dead guy", was good or not. I won't pretend to know whether his wife (who got the seat he won) is any good. I don't live in Missouri so it doesn't effect me personally. But if you are going to pick on someone you don't like for political reasons... GROW UP and do it in a more mature way (like with real, relevant facts). "He must be dum and abizmul at his job 'cause he lost to a dead guy! Ha ha ha". Grow up. Have a little respect.

And it wouldn't matter if Ashcroft was a good AG (I'm not saying he is or isn't). Chances are he would be replaced with the change of administration anyway.

Re:Reilly rocks.

Well, the republicans actually pulled legal strings to keep Carnahand on the ballot after he died! Ashcroft happily supported keeping his dead opponent on the ballot, instead of actually running against a live human being. It was obviously sleezy, Ashcroft showed absolutely no respect for the guy's death, and demanded that the ballot remain unchanged.

Missouri voters still chose not to elect Ashcroft, and there was even the idea floated of Carnahand's wife taking the position. Basically Missouri voters chose ANYBODY over Ashcroft. Obviuosly they're not pulling a weekend-at-Bernie's kind of thing, but they didn't care who the democratic challenger would be, they wanted ANY democrat over Ashcroft.

It still says alot about the Bush administration that they take a hugely unpopular radically-religious extremist and place him so high up in the government.

Running to the cameras

is all the Mass action is.

$25,000, from what has been reported as spammer income in other stories linked from here on slashdot is less than a day's profit. The Mass. AG did the same thing the NY AG did, grab headlines to promote himself for future office, and tuck away an action against a popular cause.

If the intention was to stop the spamming, the fine would have been higher, the AG would have forced the spammer to give up the mortgage brokers who are paying the spammer affiliate commissions for the leads, and the AG would have revoked the licenses of the mortgage brokers.

But the mortgage brokers have friends in high places, and well placed campaign donations.

Follow the money. Pull the licenses of the mortgage brokers. Pull the licenses of any other individual or company who pays a spammer affiliate money, commissions, or any other types of payments based on results of spamming. Delist public companies that pay spammers and fax.com in cash and stock to blast fax and spambomb advertisements to promote and raise awareness of their penny and dollar stocks.

$25,000? A mosquito bite. The spammers are laughing at the Mass AG right now.

A bit more looking

[TykeClone]

Penalties and fines paid to the IRS and any other governmental agencies are never tax-deductible, because this is deemed to be against public policy. Sorry, this includes parking tickets, too http://www.nolo.com/lawstore/products/product.cfm/ ObjectID/8B17922C-836F-4F71-A67225892035843E/sampl eChapter/6

That does look pretty cut and dried that they are not deductible.

Better than a fine...

[Johnny+Fusion]

Part of the Hackerdom's whipping boy's sentance was not being able to user the Internet for many years.

I think this would be very fitting punishment for a spammer.

Assisted by Microsoft

[Craig+Ringer]

The credit to Microsoft for assistance is interesting. They're clearly taking more than one approach to attempt make good on their "stamp out spam" promise.

This particular tack is one that MS is uniquely positioned for, given their rather strong contacts in government (hmm) and impressive financial and personell strengths.

Hell, I wish 'em luck. It'd be nice if they'd stop with the "gain control of eMail" angle, but this approach is useful. Even if it's not overly effective or efficient, it'll be one more thing that makes spamming less worthwhile, and that can only be good.

As I always do when a spam article comes along...

[The+Ultimate+Fartkno]

...please allow me to pimp two of my favorite anti-spam projects. First is the Unsolicited Commando squadron. UC is a happy little Java app that sits on your desktop and spends its days merrily filling out forms on spamvertised sites with perfectly real-looking (and yet completely bogus) data. Run one on your machine and help drive another mortgage spammer out of business! The second place I'd like to point you to is a spam vampire site. This is a webpage (IE only for now, but source is available and hopefully being ported to MozFireOperaSafariFox soon) that attacks spamvertised sites and reloads their graphics over and over and over and *over* again all day long. Basically it's the Slashdot effect put to good use. Burn up a spammer's bandwidth and... well, hopefully you'll have their children out on the street and doing vile things for money before long. Enjoy!!

You know the government is screwed ...

[camooT]

When the RIAA is doing a better job of enforcing the law. Chances are, if we ever see any spammer get seriously boned, it'll be because he forgot to disable file sharing on Kazaa.

$25,000 to this guy is as remarkable as your first time was to you.

on the good side

[Exter-C]

This is good news. Although we can only hope that this is a start of things to come. With the high level of SPAM coming from the US (based on spamhaus stats http://www.spamhaus.org/ ) If more fines are to come for US based spam operators hopefully other countries will follow suit. (as seen with recent Australian legal developments).

The biggest issue here is this is only the tip of the ice berg. And a one off wont do enough to scare spammers. Its all about volume and consistancy.