1st Trial Under California Spam Law Slams Spammer 126
www.sorehands.com writes "In the first case brought by a spam recipient to actually go to trial in California, the Superior Court of California held that people who receive false and deceptive spam emails are entitled to liquidated damages of $1,000 per email under California Business & Professions Code Section 17529.5. In the California Superior Court ruling (PDF), Judge Marie S. Weiner made many references to the fact that Defendants used anonymous domain name registration and used unregistered business names in her ruling. This is different from the Gordon case, where one only had to perform a simple whois lookup to identify the sender; here, Defendants used 'from' lines of 'Paid Survey' and 'Your Promotion' with anonymously registered domain names. Judge Weiner's decision makes it clear that the California law is not preempted by the I CAN-SPAM Act. This has been determined in a few prior cases, including my own. (See http://www.barbieslapp.com/spam for some of those cases.)"
Re:It's Not Going To Make A Difference (Score:1, Informative)
In many states, fines that are a result of court judgements against you cannot be discharged in bankruptcy court. Otherwise, you could just rack up ungodly amounts of judgements against you, never pay them, go to bankruptcy court, wash, rinse, repeat as often as desired.
Re:Nice (Score:1, Informative)
Re:It's Not Going To Make A Difference (Score:5, Informative)
Federal student loans and, at least in my state (afaik), court judgments are exempt from bankruptcy declarations.
At least for judgments against you, that's actually good. You shouldn't get a fresh start if you have a court-ordered judgment against you.
Re:It's Not Going To Make A Difference (Score:5, Informative)
Indebtedness that is the result of certain criminal acts is not usually allowed to be discharged in bankruptcy. If you destroy someone else's property, then declare bankruptcy after being convicted of the crime, you will still owe THAT debt. The risk of not being paid back is supposed to be burdened only by those specifically choosing to do business with the party that might declare bankruptcy. However, this matter still has to be raised in the bankruptcy court. If you are owed money for a criminal act, and the debtor files bankruptcy, and you just sit and do nothing, it could be discharged, and it might not be possible to re-open the bankruptcy (if you knew about it).
Whether spamming falls under this is the big question. I believe there is no case law to test it.
For more information, see "Chapter 7 - Liquidation Under the Bankruptcy Code [uscourts.gov]". The relevant paragraphs are near the end, just above "NOTES".
Re:It's Not Going To Make A Difference (Score:5, Informative)
I run the network of a small business. Less than 15 people. Program too. Let me tell you *what* spam costs.
Three years ago, it became a problem that wasn't getting handled by the clients. The CEO was annoyed at having to delete 20 messages a day. He got to deleting things so fast he accidentally deleted a very important message in his hurry. More than once. Cost to the business: ~$50,000 in potential sales.
We bought a spam filtering firewall to handle it. Yes, there's lots of open source solutions--but we had no spare hardware for virtualization, our mailserver was an undocumented mess--and I needed an "on the wire just work" solution. Cost: three hours of research, $500 purchase, $200 a year for a 24x7 warranty.
In 2008 we had our first joe-job--we were running a business class DSL line in the office, 2 Megs, async. The backscatter *took us offline* for over two days. I had BATV installed within four hours, but almost nobody uses it. Oddly enough, postmaster didn't get any complaints that I found. We had to move our mailserver into a co-lo and purchase the bandwidth, as our ISP couldn't filter that out on the fly. And don't start on the poor little firewall appliance nearly bursting into flames as its load went up to 5-6 on a single CPU trying to scan the content.
Because of SPAM, I can't run an open relay, and my users have to connect either via VPN to a trusted open LAN submission service, or I have to install passwords in the outbound SMTP system. Both of these take configuration changes. Because of SPAM, users on aircards can't follow their ISPs email instructions--I've got domainkeys--they need to send mail from *my* mailsystems.
So yeah, SPAM costs our company alone a minimum of $200 a year just in subscription fees and maintenance. In practice, it's cost a lot more, and has taken us offline. What do you think it costs a company the size of IBM, or the state of California?
I'm just grateful I'm not in an industry where I'm required by law to archive all these things. And you are aware storage is *expensive* right? Yeah, I can get a cheap ass drive at home for $100 for 1 TB. But at work--high availability systems, high availability storage, tape archiving, backups, redundancy. Now--not everything needs this, but even the cheap cable attached SAS drives aren't coming in for less than $200, and those don't have much capacity and are like 7200 RPM. To actually benefit from those, I need at least direct attached storage, or a NAS device-- $4000 - $20,000+. Of course, I *could* build it myself and end up with no warranty or support contract...
Now, to capitalize on this and back it up, I'll need either a tape backup system, shipping, or a high speed fiber link to somewhere.
Lest you say all of this isn't caused by one spam--it's well established in the US that the "weak skull defense" is *not* valid. If it's the last spam that caused my firewall to crash, or forced me to invest in the firewall--they are liable for it.
Anybody who runs a megacorp network want to tell mr speedy exactly what spam actually costs their company? Don't forget the extra AV licenses you probably had to purchase for the distributed scanners...
$1000 damages, plus $1000 fine. (Score:3, Informative)
The article says its damages, presumably payable to the person spammed by the spamming company. Given that the CA law also says its a misdemeanor, that would imply that individuals can be fined or jailed. Cali might be able to start prosecuting these guys and generating some revenue. Or maybe they'll stick with the easier to prove and more lucrative dwi cases.
From 17529.5. http://codes.lp.findlaw.com/cacode/BPC/1/d7/3/1/1.8/s17529.5 [findlaw.com]
(a)It is unlawful for any person or entity to advertise in a commercial e-mail advertisement either sent from California or sent to a California electronic mail address under any of the following circumstances:
(1)The e-mail advertisement contains or is accompanied by a third-party's domain name without the permission of the third party.
(2)The e-mail advertisement contains or is accompanied by falsified, misrepresented, or forged header information. This paragraph does not apply to truthful information used by a third party who has been lawfully authorized by the advertiser to use that information.
(3)The e-mail advertisement has a subject line that a person knows would be likely to mislead a recipient, acting reasonably under the circumstances, about a material fact regarding the contents or subject matter of the message.
(b)(1)(A)In addition to any other remedies provided by any other provision of law, the following may bring an action against a person or entity that violates any provision of this section:
(i)The Attorney General.
(ii)An electronic mail service provider.
(iii)A recipient of an unsolicited commercial e-mail advertisement, as defined in Section 17529.1.
(B)A person or entity bringing an action pursuant to subparagraph (A) may recover either or both of the following:
(i)Actual damages.
(ii)Liquidated damages of one thousand dollars ($1,000) for each unsolicited commercial e-mail advertisement transmitted in violation of this section, up to one million dollars ($1,000,000) per incident.
(C)The recipient, an electronic mail service provider, or the Attorney General, if the prevailing plaintiff, may also recover reasonable attorney's fees and costs.
(D)However, there shall not be a cause of action under this section against an electronic mail service provider that is only involved in the routine transmission of the e-mail advertisement over its computer network.
(2)If the court finds that the defendant established and implemented, with due care, practices and procedures reasonably designed to effectively prevent unsolicited commercial e-mail advertisements that are in violation of this section, the court shall reduce the liquidated damages recoverable under paragraph (1) to a maximum of one hundred dollars ($100) for each unsolicited commercial e-mail advertisement, or a maximum of one hundred thousand dollars ($100,000) per incident.
(3)(A)A person who has brought an action against a party under this section shall not bring an action against that party under Section 17529.8 or 17538.45 for the same commercial e-mail advertisement, as defined in subdivision (c) of Section 17529.1.
(B)A person who has brought an action against a party under Section 17529.8 or 17538.45 shall not bring an action against that party under this section for the same commercial e-mail advertisement, as defined in subdivision (c) of Section 17529.1.
(c)A violation of this section is a misdemeanor, punishable by a fine of not more than one thousand dollars ($1,000), imprisonment in a county jail for not more than six months, or both that fine and imprisonment.
Re:It's Not Going To Make A Difference (Score:5, Informative)
Correct me if I'm wrong, but in filesharing cases, they're usually statutory damages, not punitive, no?
Well, correction.
Both copyright damages and these spam damages are statutory damages (i.e. specified by statute, as opposed to discretionary), and both are intended to have punitive value (i.e. you will only enforce the claim against a tiny minority of offenders and therefore it's the risk and cost of being caught that has deterrent value). Neither are punitive damages (i.e. additional damages beyond what is restitutionary or compensatory owing to specific misconduct by the defendant).
The GP's point is spot on for many people here (though there are also many who have no problem with the penalties and enforcement structure, and instead have issues [some legitimate; many not] with the substantive laws that give way to the penalties in the first place).
Re:Yes, it does. (Score:3, Informative)
Actually, the AC poster was wrong. It stand for Shoulder Pork and hAM. Or something like that, there have been multiple backronyms that have been applied to the word, even by Hormel.
The name came from a contest that was held in the 1940's on the behalf of Hormel by a Madison Avenue (their office was literally on Madison Avenue in NYC) marketing firm, and advertised on the weekly comedy radio show performed by George Burns and Gracie Allen. From several thousand entries submitted, the name SPAM was selected as suggested by a housewife who listened to the radio show and sent in an entry. I lost track of the exact name of this lady, but it wasn't even a Hormel employee that suggested the name in the first place.
As for how the e-mail variety of spam got its name, that should be rather famous too, but I'll leave that to others if you are ignorant of that history.
Re:Good luck with that... (Score:4, Informative)
File this one with all the others who think they will get money out for punitive damages from spammers. We all know in the end it won't work, the plaintiff won't see any money; hence don't hold your breath for your "share" either.
No, he's going to collect on this one. The other side showed up in court, represented by counsel, and lost. The spammer has business premises within Redwood City, CA, where the court is located.
Re:It's Not Going To Make A Difference (Score:3, Informative)
I used to work for Cisco in San Jose. I was part of the group that ran the Unix email systems for the entire company. Cisco is a company of 60,000 plus people around the world. All the email for Cisco goes through Sun Jose. In my group we had 9 system admins and 1 manager who were dedicated to handling spam. When I was there (2004 - 2005) we had a dozen top-of-the-line IronPort anti-spam servers. We were adding an additional one every couple of quarters. I don't really know but an educated guess would be that the spam consumed a very large part of the bandwidth the San Jose campus used, I'm sure it was more that 40%. Now think about what it cost to pay 9 very experienced system admin and 1 manager (salary, benefits, stock options, office equipment, etc) not to mention the equipment and bandwidth costs, just to deal with the spam.
If it was not for the spammers, Cisco and other large companies could be putting that money into new products. Instead the money is spent to deal with idiots who, were it not for our anti-spam group, would be wasting the productivity of the entire company.
Since spammers are, in fact stealing bandwidth, I have often thought that they should be charged, at the very least, with theft of service or grand theift.