Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror
×
Spam Your Rights Online

Dutch Case Says Email Harvesting Illegal 46

leomekenkamp writes "According to the /. readers there is probably something good as well as something bad in what a Dutch judge had to say in the case of E-mailgids versus NTS: NTS was convicted of illegally harvesting e-mail addresses for spam purposes from the e-mailgids site. According to the judge NTS was guilty because they did not act according to the terms of usage that are on the e-mailgids site, but were bound to them, even though they did not specifically have to click an 'I agree'; the terms of use are clearly mentioned on the main index page, and that was enough for the judge. Unfortunately all links are in Dutch..."
This discussion has been archived. No new comments can be posted.

Dutch Case Says Email Harvesting Illegal

Comments Filter:
  • Dangerous Precedent (Score:5, Interesting)

    by Alethes ( 533985 ) on Monday December 16, 2002 @09:56AM (#4898532)
    but were bound to them, even though they did not specifically have to click an 'I agree'

    How many of you would like to be bound to an EULA even if you didn't click an 'I agree'?
    • by henrik ( 98 ) on Monday December 16, 2002 @10:08AM (#4898609)
      Depends on if that is how the legal system works in the Netherlands. I know in the USA you build your legal system on precedents, each case affecting all future cases. In Sweden, not so; everything not mentioned as illegal in the criminal code is legal. You also can't change the criminal code to affect current cases if you notice you missed something.

      Civil code is another matter of course, but still be careful not think of the dutch legal system as something exactly the same as the american one.

      Anyone know how the legal system in the Netherlands handles precedents?
      • by Wonda ( 457426 )
        it handles those the american way, however that's not the whole story. the court actually looks at what seems reasonable (to the dutch court) for the situation, so if you are going to use information on a website for commercial activities, you ask if you are allowed first (and would have found the EULA).

        where for those click through EULAs they might well rule that since everyone knows you get nowhere without clicking on i agree, so it is reasonable that you didn't actually read it! (hasn't been in court yey afaik)
    • by Martin S. ( 98249 ) on Monday December 16, 2002 @12:54PM (#4899607) Journal
      How many of you would like to be bound to an EULA even if you didn't click an 'I agree'?

      This comment is miss-representative, it is not comparable; If this was not moderated as interesting I would have labled it a troll and moved on. However; somebody using an email harvester has deliberately and wilfully circumventing typical and widely known terms of service.

      This would be the same as somebody using an automated script to accept a EULA for them; or installing from an image rather than the official installer programme and thereby circumvented an 'I agree' click-through. Then ignoring the terms of the EULA and stating then never saw or accepted them; and therefore are not bound by them. That is a ludicrous suggestion.
      • Although I understand the spirit in which you posted this, I don't understand why it's ludicrous to imagine that someone would not be bound by something they avoided agreeing to...
    • As long as the terms of use don't attempt to abridge my law/constitution-given rights in any way, and don't surreptitiously cost me money, I don't see what the problem is. E-mailgids provided a service, and in order to use that service, they require that you comply with certain provisions. NTS failed to comply with those provisions in the process of using the service.

      Of course, the end result of this *should be* that service by E-mailgids to NTS would be terminated; court action should focus on two things: whether NTS is enjoined by the court from making use of that service in the future, and whether NTS incurred any damages to E-mailgids (which, in this case, I would say they have, regardless of the terms of service, as the intent of the service was obviously not meant to be a repository for spammer-searchable e-mail, unsecure though it may be).

  • I don't understand Dutch, but...

    Only certain usage of the harvested emails may be bad. I did what can be called e-mail harvesting too and yet I haven't sent a single spam and I'm not going to send any -- I did it for statistical purpose. I don't like being called criminal. Unfortunately this world became legalistic and have lost the sense of good and bad. Intention doesn't matter. Only what's written on some WWW page with an Accept button.

    BTW, no one gathers the e-mails manually. When I write an e-mail harvesting bot, it not only doesn't click on any Accept buttons, but have no intention of accepting some conditions at all. And I, its author, don't know what agreements the sites the bot finds may contain. I can only make it obey Internet protocols, robots.txt and so on.

    So, is Google illegal too, when it crawls the Web without obeying conditions written on some WWW page with an Accept button?

    • Google & Harvesting (Score:3, Interesting)

      by Xner ( 96363 )
      So, is Google illegal too, when it crawls the Web without obeying conditions written on some WWW page with an Accept button?

      We have a well-established protocol that allows site operators to tell webspider operators that they would prefer them to stay away: the robots.txt.

      I imagine that if a dutch counterpart google had an indexbot that did not respect the contents of robots.txt and violated the conditions of a certain site, they could be successfully sued under this new ruling.
      On the other hand, if the indexbot "plays nice" and the site owners forgot to set up the robots.txt, the judge will probably rule in favour of the defendant.

      I do not like this ruling a bit, and being in the Netherlands i fear it might be cause for concern. But frankly, overreacting does no-one any good.

      • What law makes it illegal to ignore the robots.txt? I've never heard of any.
        • What law makes it illegal to ignore the robots.txt? I've never heard of any.

          That's not what i said.
          I was basically arguing a standard due-diligence case.

          If (and only if) the providers of a service make it known they do not want you to do certain things (spidering for email address harvesting) and if (and only if) they take suitable technological measures to make their wish known to unattended operation in which a human would otherwise not actually get to see the agreement (robots.txt) and if (and only if) the other conditions from contract law can be shown to be fulfilled (willing, bona fide etc.), then it can be argued that such an agreement is binding.

          On the other hand, if the service provider is lax in protecting their service and/or assets (and therefore does not excersise due diligence) by either stating improper conditions or not implementing standard protocols to prevent automated retrieval (robots.txt), it is very likely the judge will, after hearing a few expert witnesses, decide that the plaintiff did not excersise due diligence and rule in favour of the defendant.

          Is this any clearer?

    • Unfortunately this world became legalistic and have lost the sense of good and bad. Intention doesn't matter. Only what's written on some WWW page with an Accept button.

      That's one of the reasons why I like living in The Netherlands: if you were not sending out spam, not selling these addresses on spam-cds, not harassing the owners of the email addresses etc. etc. etc., the judge would not have found you in violation of the terms, as you were using them for personal reasons.

      How I like living in a country were judges and politicians can be open about the fact that once in a while they smoke pot, and almost everybody is cool with that.

  • Dutch? (Score:4, Funny)

    by one9nine ( 526521 ) on Monday December 16, 2002 @10:06AM (#4898597) Journal

    "Unfortunately all links are in Dutch..."

    The links are in Dutch. Ishint dat weird?

    My email address wasn't harvested because I lost it in a shmelting accident.
  • by Tom7 ( 102298 ) on Monday December 16, 2002 @10:09AM (#4898621) Homepage Journal

    I don't think there's anything good about this. What if the next they rule it's illegal to to download an entire site for off-line browsing, or to crawl a web site to create an index of it? What if you were harvesting e-mails for a scientific study? This kind of regulation of technology is negative, and I'm thankful it didn't happen in the US. I guess the primary issue in this case was a "breach of contract" rather than something fundamental about e-mail address harvesting, but it's scary to see that kind of enthusiasm in a slashdot headline. (Who else cares about on-line freedoms?)

    In this case I would have much rather seen e-mailgids just deploy technological solution to make it difficult for NTS to harvest e-mails. Seriously, as annoying as spam may be, it's not as annoying as losing my freedom on the internet. Be careful what you wish for!
    • I certainly understand your line of reasoning since you are a US citizen. Here in The Netherlands judges have a different way of looking at law than where you come from, especially regarding contracts (IANAL, but IHSFWSL (I have some friends who studied law). In this case for instance, the judge found it perfectly acceptable that e-mailgids put the 'do not abuse our email addresses, they are for personal use only' clause in. That same judge would have probably whiped the floor with a 'you are not allowed to copy anything of our site' clause. Why? Because it is rediculous, and a judge over here knows it.

    • When you download a site, you are making copies. When you make an unauthorized download, it is a copyright violation.

      When you place a website up, you give an implied permission to make copies. But, one must comply with terms of use. The robots.txt file which is both a standard and instructions saying what files can or cannot be downloaded via a bot.

      With a terms of use, you can argue that a user has agreed to this after reading the first page with the terms of use on it.

      Have you noticed the back of a movie ticket that says you can't videotape the movie when you go into the theatre?

      Of course an unreasonable terms of you will be laughed at in court.

      • Fortunately, the US Copyright Code (I can't say much for Holland) has exceptions to the exclusive rights of copyright holders ("Fair Use"). Fair use is not an implied permission given by the copyright holder, it's a limitation of the copyright holder's exclusive right. I don't think this is really a copyright issue, because harvesting e-mails (unless the original page was just a list of e-mail addresses) captures such a small fraction of the copyrighted content, is obviously transformative, and doesn't interfere with the copyright holder's ability to sell the original work. The only thing that is at issue here is the license that the crawler bots did not accept.

        Let's put this in a different light: Slashdot users were up-in-arms when fatwallet recently received legal threats (Copyright) from retailers like Wal-mart for posting price details on their site.

        Other than being something that annoys us rather than helps us, what's the difference?
  • conditions (Score:3, Insightful)

    by jo-do-cus ( 597235 ) <johocus@zonnet.nl> on Monday December 16, 2002 @10:22AM (#4898714)
    for your information: all links are in dutch, but on the site of the e-mailgids you can find the conditions for use in english. I guess that the judge made his decision because it is very evident that the service provided by this site is not meant for harvesting & spam, and what is more, this it mentioned in the conditions. Furthermore, it reads above the search box "Door in de gids te zoeken stemt u in met de voorwaarden", which translates to something like "by searching our database you agree with the conditions of use". So i guess the judge has a point here...
    • "by searching our database you agree with the conditions of use".
      So i guess the judge has a point here...

      I think the main crux of the case is not only related to how prominently the conditions are stated, but also to whether the terms & conditions are relevant to the subject. In this case demanding that the information obtained from the emailgids (i.e. email adresses) site is not to be used for spamming is relevant and directly related to the content of the site.

      On the other hand, more outlandish claims (By browsing this site you renounce the right to sue XXY inc, By viewing this logo you agree not to publish unfavourable reviews of the service, etc.) will have a harder time being upheld in court.

      Here's to hoping...

  • by bwt ( 68845 ) on Monday December 16, 2002 @10:23AM (#4898720)
    I'm always skeptical about 2nd hand interpretations of judicial decisions. At face value, this sounds bad, because it appears to find you are bound by the terms of a Clickwrap contract even if you don't explicitly agree to it.

    On the other hand, if this case basically held that abiding by robots.txt is mandatory for spiders, I think I would support that. If the judge held that the terms of use applies even if this site's robots.txt did not forbid crawling, then that is horrendous.
  • Just because they didn't click "I Agree" doesn't mean they don't have to follow the rules. It's like(I know people are going to beat this analogy with a stick) if you walk into a store, and your not suppose to steal, and if you don't tell then you agree with this policy, then they don't have the right(ot legaly) to steal. I think these "I Agree" things need to be looked at in context.
  • by duffbeer703 ( 177751 ) on Monday December 16, 2002 @10:27AM (#4898759)
    So now if I am in Holland, by going to a website I am considered to have entered into a contract, which may or may not be readable to me?

    If this law applied to car dealers, we'd be bound in a contract to purchase an automobile the second we stepped on the lot.
    • by leomekenkamp ( 566309 ) on Monday December 16, 2002 @10:51AM (#4898849)

      Just for the record, Holland != The Netherlands; 'Holland' is just a name for 2 provinces: North & South Holland. The Netherlands are made up of 12 provinces.

      Back on topic: yes, if you are in The Netherlands and you are using a Dutch website (thus implying that you know Dutch), you are bound by Dutch law, that's no surprise. If you used the site without knowing any Dutch (which is technically possible) the judge would have taken that into account also. Dutch judges are far from brain-dead;

      However (to abuse your example) if you were here in NL and visited a Dutch website for a Dutch car dealer which stated in it's click-through that by using that site you are bound in contract to buy a car there would not hold up in court. No court here in NL. No judge here would _ever_ find such a contract valid.

      And you know why? Because when you visit a site one might reasonally expect NOT to be forced into buying something just by visiting that site. That is simply rediculous, and the judge knows it. Disallowing harvesting email addresses and using them for non-personal purposes is ethically, morally and law-technically perfectly normal, and a judge here takes that into account.

      • by Xner ( 96363 ) on Monday December 16, 2002 @11:02AM (#4898910) Homepage
        Because when you visit a site one might reasonally expect NOT to be forced into buying something just by visiting that site. That is simply rediculous, and the judge knows it. Disallowing harvesting email addresses and using them for non-personal purposes is ethically, morally and law-technically perfectly normal, and a judge here takes that into account.

        This is a very important point, and one that warrants extra attention.
        Dutch contract law (much as contract law anywhere else in the world) requires contracts to be entered willingly and in good faith. This is something that the Dutch courts don't just pay lip service to.

        In the case of the hypothetical car dealer, a client that was somehow directed to the page would most likely not have entered in the contract willingly. Proving mala fide would also be a rather easy job for the defense.

        As people often say, It's not just common sense: it's THE LAW!

      • Thanks for the Holland != the Netherlands, I never knew that. In the histories of the formerly-dutch US city that I live in, Holland and the Netherlands are pretty much used interchangeably!

        I am not trying to insult any judge or any nation -- but the issue is that by simply visiting a website, I have entered into some sort of contract. This is absurd. The issue is reminiscent of "Content Providers" claims that deep-linking to content on a webpage is theft because of their website EULA. In fact, reinforcing the notion that an unacknowledged EULA is a legally binding document reinforces the anti-deeplinking cause and endangers the WWW and contract law as we know it.

        My example of the car dealer was a non-web example design to illustrate the absurdity of this ruling. If I can tuck a EULA somewhere in a website and bind people to conform to whatever that EULA says in other areas of the website, why can't I do that with real property?

        Using that logic, it is perfectly reasonable for a car dealership to require you to purchase something when you step on their property. After all, they are providing you with a service by allowing you to browse their inventory.

        In my opinion, computer software and alternate publishing techniques like the web should be legally treated like a book. If you choose to give access to your software or data away with stipulations, both parties must be mutually agreeable to the stipulations.
        • Thanks for the Holland != the Netherlands

          Glad to be of service. If you ever get to the Netherlands and 'accuse' a real Fries (inhabitant of Friesland province) of being a 'Hollander', he might give you a good punch in the face. It's about as bad as calling a Scotsman an Englishman, or a Dallas southerner a yankee :-p

          but the issue is that by simply visiting a website, I have entered into some sort of contract

          Well, it is more than actually visiting, it is actively retrieving info from that site. In that use a link to the usage terms is provided.

          If I can tuck a EULA somewhere in a website and bind people to conform to whatever that EULA says in other areas of the website, why can't I do that with real property?

          That would certainly s*ck, and fortunately this isn't the case here. The terms of use are publicly displayed and almost impossible to miss. Also, as I stated in my example, the judge would _never_ have allowed anything 'strange' in the terms, as for instance a you-must-buy clause.

          Using that logic, it is perfectly reasonable for a car dealership to require you to purchase something when you step on their property.

          But it is the other way round. When a restaurant has a no shirt, no service policy, a half-naked customer can be refused, even if there is no 'no-shirt-no-service' sign. A judge will consider proper attire (sp?) normal for a restaurant. When you use the service of a website, and the terms for using that service are clearly stated and reasonable, the judge will rule against someone going against these rules. The 'law' for the normal world is extended to the internet world, not the other way round.

  • by qwijibrumm ( 559350 ) on Monday December 16, 2002 @10:34AM (#4898805)
    If I put up a sign at the front of my store saying "No Shirt No Shoes No Service" It is understood that a term of using my store is wearing a shirt and shoes. If you don't abide by my terms, I can refuse you service. We didn't sign an agreement. I hardly see how this is different. (That is, in general principles for all you nitpickers out there.)
    • Irrelevant. "No Shirt No Shoes No Service" is not a statement of conditions for doing business. It is actually a statement of the law. It is illegal for public health and safety reasons to enter a store without shoes, due to the spreading of foot disease. "No shirt" is probably more a community standards thing, but it's still the law.

      We didn't sign an agreement because regardless of the agreement, the law still binds. Technically, the store owner doesn't have a choice, they must evict a bare-footed customer, even if they agree with the customer not to.

      Try again, perhaps this time without metaphors [jerf.org]... concentrate on the real differences.
      • No, the sign "No shirt, No shirt, No service" is not a law in all places. When was the last time you went to Daytona Beach?
        Sorry for the metaphor [m-w.com] but that was the best way to put into the perspective that sometimes one does not have to sign noterize and witness before God an agreement that can be settled by a notice such as a sign.

        By the way, if metaphors had no place in deciding law, then how would the legalities of new technologies be determined?
  • by capoccia ( 312092 ) on Monday December 16, 2002 @10:51AM (#4898846) Journal
    so can the spam king be arrested if he ever travels to the netherlands?
  • I believe the Internet will soon find itself on a path to "electron borders" for countries. Systems will be protected by protocols forcing legal agreements before proceeeding, such as "I agree that I speak Dutch and therefor can understand the legal agreements I am forced to comply with simply by loading a page." Of course, the Internet is a river that always finds a mountain to go around in its path and never goes where it is intended. So, it will be interesting to see how things progress.
  • First I make a website and get people to visit it.

    Then I make a EULA. It will have clauses in which the user agrees to give me all their money, property, and become my eternal servant. They will also agree to give me their computer! Everyone who visits the website owes me their soul! They didn't even agree to it!

    Heck, I could make a program and put clauses like that in the EULA and get people to click I agree. Nobody reads those things anyway.

    Um, PROFIT!!!! BIG BIG PROFIT!!!!

    Maybe Bill Gates will visit my site! Or maybe the Sultan of Brunai. Technically he owns a whole country.
  • Translation (Score:4, Informative)

    by suss ( 158993 ) on Monday December 16, 2002 @01:00PM (#4899640)
    I've translated some of the terms of use, see below.

    Door uw gegevens aan de E-mailgids toe te voegen, gaat
    u ermee akkoord dat deze via de E-mailgids te vinden zullen
    zijn.


    By adding your data to the E-mailguide, you agree this data
    will be searchable through E-Mailguide.

    De gegevens in de E-mailgids mogen uitsluitend worden
    gebruikt voor het verzenden van enkelvoudige berichten. Het
    gelijktijdig verzenden van al dan niet commerciële
    berichten aan meer dan een adres - mailingen - is expliciet
    niet toegestaan, zulks op straffe van een dwangsom van Hfl.
    1000,- per overtreding, waarbij elk bericht in een
    geconstateerde mailing als een individuele overtreding
    gezien zal worden.


    The data in the E-mailguide can exclusively be used for
    sending single messages. Sending multiple messages of
    either a commercial nature, or not, to more than one
    address (mailing), is explicitly forbidden, punishable by
    the sum of 1000 guilders per violation, where each message
    in an acknowledged mailing will be seen as an individual
    violation.

    Ook is het niet toegestaan om gegevens uit de
    E-mailgids over te nemen in andere gegevensverzamelingen,
    tenzij voor eigen gebruik. Middels een aantal
    controle-adressen in de E-mailgids zal toezicht worden
    gehouden op het naleven van deze voorwaarden. Overtreders
    zullen binnen en buiten rechte worden vervolgd.


    It is also forbibben to transfer data from E-mailguide into
    other databases, except for personal use. By use of a
    number of control-addresses in E-mailguide, adherence to
    these rules will be checked. Violators will be procecuted
    within and without the law.
    • I have not looked at the Spam-bait program you use to generate the fake email addresses, but it's it a bit irresponsible to string together random characters and assume that they constitute invalid email addresses? Especially in the .com domain suffix, since pretty much every three, four, five, and probably six letter domain name is registered to somebody, or at least it was before the bubble broke. And, a lot of domains will accept mail addressed to (anything)@domain, and store it in a catch-all account.

      All I'm saying is you should have an algorithm that's slightly smarter than a random number generator.
  • I assume a bot harvested the addresses. If there were meta tags saying "hey! we don't serve bots here" or something to that effect then I would think the terms of use would be enforceable.

Disclaimer: "These opinions are my own, though for a small fee they be yours too." -- Dave Haynie

Working...