Massachusetts Atty. General Forces Spammer to Pay

Cildar writes "The Attorney General of Massachusetts has forced a Florida spammer to pay a $25,000 fine and enter into a cease and desist order. The original suit contained both state consumer protection theories as well as allegations of CAN-SPAM violations. Here is the Attorney General's press release.

Cost of doing business

I don't think these court "settlements" slow this guy down at all. He was also successfully sued and ordered to pay $104,104 this past April. You can read about that case here. [habeas.com] I am wondering if it is the case that he makes so much money sending spam that these fines and settlements are no more than the cost of doing business.

Re:Cost of doing business

He probably uses it as a tax writeoff!

Re:Cost of doing business

As well he should - it is a legitimate business expense.

Whether or not it's a legitimate business is another story, though.

Re:Cost of doing business

They are in Canada http://www.grantthornton.ca/taxtips/taxtips_templa te.asp?TipID=48 [grantthornton.ca]

Looks like they're not (anymore) in the United States - at least on the Federal level:http://grassley.senate.gov/index.cfm?FuseAct ion=PressReleases.View&PressRelease_id=59 [senate.gov]

A bit more looking

Penalties and fines paid to the IRS and any other governmental agencies are never tax-deductible, because this is deemed to be against public policy. Sorry, this includes parking tickets, too http://www.nolo.com/lawstore/products/product.cfm/ ObjectID/8B17922C-836F-4F71-A67225892035843E/sampl eChapter/6 [nolo.com]

That does look pretty cut and dried that they are not deductible.

Re:Cost of doing business

Well the settlement may not slow him down, but the fact that he "...must pay $25,000 and put an end to the practice..." could stop him from doing buisness as usual.

We shall see.

Re:Cost of doing business

If it is anything like most such companies I know, they'll either:

a) Try a somewhat different scam.
b) Try the same scam, but claim it is different while the actual results are much the same.

In most other cases, you can be barred from doing a particular business. It is kinda hard to bar a con man from doing cons.

Kjella

I'd Prefer Stoning

Its a small start, but public stoning would be a more rewarding payback for those of us who stayed many late hours updating our spam filters.

Re:I'd Prefer Stoning

one pebble per spam otta do it.

Re:I'd Prefer Stoning

> What's your excuse for getting spam?

The point isn't that WE aren't doing enough to protect ourselves from spam, but that we shouldn't HAVE to jump through hoops to avoid this shit.

Re:I'd Prefer Stoning

What's your excuse for getting spam?

Some people use the internet for more than just playtime, Threehead. Some of us have to maintain legitimate whois contact info for all the domains we're responsible for, and can't just go changing our email addresses every time another fuckload of spam rolls in.

Re:I'd Prefer Stoning

If you spam-armor your address whenever you make it available, you won't get spam.

Yes you will. Eventually, someone who has your address in their address book will be hit my a spam worm, which will send out spam both to and fronm your address, spreading it all over. Or a clueless friend will put it in a CC when sending a joke out to his friends. Or someone will dig it up in a list of addresses from your ISP. Etc, etc.

Re:I'd Prefer Stoning

They destroy legitimate sources of advertising income.

Yes please, won't someone think of the advertising.


-Colin [colingregorypalmer.net]

Lex Talionis is a morally bankrupt code

Why should we be happy when the spammers get spammed? Ponder this.

Lex Talionis, the principle of an eye for an eye, is a morally bankrupt code of law we've been moving away from for the past few thousand years, thankfully. It can't deal with the complexities of the modern legal order, and it ignores all proper justifications for systems of punishment: rehabilitation, prophylaxis, etc. It makes an assertion of rigid judgment in an attempt to avoid judgment itself. We can't live in a world without judgment.

Ask yourself this: should we rape the rapist? If not, why not? (Ignore for a moment that we essentially do rape rapists by committing them to so-called "maximum security" prisons where they get systematically brutalized and raped by guards and other inmates.) It's not a morally tenable position to lower ourselves to the level of brutes just so we can vindicate some idea of retribution.

Therefore, ask yourself why we should be happy when the spammer gets spammed? No one should have to endure the pain and annoyance of spam: it's the scurge of the online world. Not even the spammer, who may be in his business because of factors outside his control like debt or bills for an illness in the family, etc. We should be outraged when anyone is spammed, and we should put the full force of the state and the law against the perpetrator no matter who the victim! Picking and choosing among which victims to protect is something the legal order of former barbaric times did. I'd be disgusted if our government returned to those days.

Spam == bad. Victimization == bad. Why do people conflate the two? What kind of giddy moral superiority to you get from seeing anyone hurt?

Baloney

For the vast majority of human history, the penalty for pretty much anything was death. No questions asked. That's the default. If you can't live by the rules, you're out of the tribe... the hard way.

"An eye for an eye" is an advanced, progressive, touchy-feely principle made popular by Hammurabi about 6000 years ago.

Re:Lex Talionis is a morally bankrupt code

You are clearly trolling since nobody said anything about the spammer getting spammed or lex talionis.

I don't know why I'm bothering to respond to your out of context post, but the reason that we consider raping the rapist to be morally bankrupt is that rape is an awful violation of somebody's human rights, even if that person has themselves committed that crime. Spam, while an annoyance and a pain in the ass, is not a violation of human rights, just a negative externality (and one I certainly despise). So the point is that when a thief gets something stolen from him or a spammer gets spammed, it's not comparable to a rapist being raped. As to the effectiveness as a means of prophylaxis or rehabilitation, I'm not sure that ANY means of punishment have been shown to be effective in those ways.

How about....

...the penalty for distributing spyware be using a computer, only with Internet Explorer, NO access to Ad-Aware/Spybot/etc and forced to keep the "Cute Kitty" screensaver that somebody reffered to in the SETI story?

I think he can then do his thing. Well, maybe he can use Gator to remember his passwords.

Waste these assholes...

Why settle?

Why did he settle instead of going all the way?

Spammers spam because they think they have the freedom to spam, and the only way to stop this is to take away their freedom, ie some jail time.

Failing that, I thought the fine is a bit small, but sooner or later, people will find the "threshold" fine to impose, which basically make the whole spamming business unprofitable.

public results

Now if only they would seize all his computers and find all of the tools he used to send all this spam.

Most likely, he's used the benefit of spyware to send this bs out. It would be really nice to make those results public, so it would shed a better light as to why we should protect against that crap...

Looks like the crux is the opt-out link

Not providing an opt-out link is not allowed under CAN-SPAM, and if the link doesn't work, then they can be fined. Great. BUT when other spammers have the opt-out link generate an attack on your machine [slashdot.org], is the opting-out link something the lawmakers want to champion as real enforcement of the law--ostensibly making us better off?

What we need is a PROA

Intil consumers have a private right of action as one exists in the telemarketing laws (Telephone Consumer Protection Act of 1991 47 USC 227) then the CAN-SPAM or anything else will be toothless. The TCPA gives consumers the right to sue in small claims court for violations of the law and subsequent federal regulations. I have another hearing soon sgainst a local mortgage company that made a single, prerecorded call to my residential line. I have demanded a total of $5000 in damages (statutory damages of $500 per violation [with 6 violations] and trebled due to defendants willful or knowingly violation of the law) since that is my local court limit as well as will be demanding an injunction. This is just one person's action. If just a few more people knew their rights and enforced them, the mortgage could be taken out of business for even a single illegal telemarketing campaign or until they declare bankruptcy. Serves them right I feel, IMHO.

Running to the cameras

is all the Mass action is.

$25,000, from what has been reported as spammer income in other stories linked from here on slashdot is less than a day's profit. The Mass. AG did the same thing the NY AG did, grab headlines to promote himself for future office, and tuck away an action against a popular cause.

If the intention was to stop the spamming, the fine would have been higher, the AG would have forced the spammer to give up the mortgage brokers who are paying the spammer affiliate commissions for the leads, and the AG would have revoked the licenses of the mortgage brokers.

But the mortgage brokers have friends in high places, and well placed campaign donations.

Follow the money. Pull the licenses of the mortgage brokers. Pull the licenses of any other individual or company who pays a spammer affiliate money, commissions, or any other types of payments based on results of spamming. Delist public companies that pay spammers and fax.com in cash and stock to blast fax and spambomb advertisements to promote and raise awareness of their penny and dollar stocks.

$25,000? A mosquito bite. The spammers are laughing at the Mass AG right now.

Better than a fine...

Part of the Hackerdom's whipping boy's [wikipedia.org] sentance was not being able to user the Internet for many years.

I think this would be very fitting punishment for a spammer.

on the good side

This is good news. Although we can only hope that this is a start of things to come. With the high level of SPAM coming from the US (based on spamhaus stats http://www.spamhaus.org/ ) If more fines are to come for US based spam operators hopefully other countries will follow suit. (as seen with recent Australian legal developments).

The biggest issue here is this is only the tip of the ice berg. And a one off wont do enough to scare spammers. Its all about volume and consistancy.

Re:Good to see.

I'm sorry, but the CANSPAM act actually helps spammers. It over-rides much stronger laws at the state level, and the provision of "including an opt-out" and have a "legitimate description" and using a "valid email" address are trivial to circumvent.

Either purchase what is called a "pink contract" from your ISP, which allows you to spam, or simply use a series of throw-away sender accounts. Each is legitimate, but each is used to harvest the "opt-out" addresses and use them for the next spam for a slightly different product or for a distinct username with the same product. This kind of abuse is trivial, and already widely in practice.

What needs to be forbidden is the sending of unsolicited bulk communications: not "spam" as in "advertising", because that's too hard to decipher in court and gets into First Amendment issues. But outlaw unsolicited bulk communications of *any* sort: advertising, religious spew, political campaigning, etc. People can sign up to get email from you, but as soon as you start sending it unsolicited, face criminal penalties.

This kind of law has been in place for many years, successfully, for junk fax. The CANSPAM act is aimed at the wrong target: it's aimed at fraud, not at spam.