Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Spam The Courts The Internet

Court Rules WHOIS Privacy Illegal For Spammers 169

Unequivocal writes "Spammers hiding behind a WHOIS privacy service have been found in violation of CAN-SPAM. It probably won't stop other spammers from hiding (what can?), but at least it adds another arrow in the legal quiver for skewering the bottom feeders. Quoting from the article: 'A recent decision by the Court of Appeals for the 9th Circuit has determined that using WHOIS privacy on domains may be considered "material falsification" under federal law... Although the ruling does not make use of WHOIS privacy illegal, it does serve as a clear message from the court that coupling the use of privacy services with intentional spamming will likely result in a violation of the CAN-SPAM act. This is an important decision that members of the domain community should refer to prior to utilizing a privacy shield.'"
This discussion has been archived. No new comments can be posted.

Court Rules WHOIS Privacy Illegal For Spammers

Comments Filter:
  • by Orga ( 1720130 ) on Friday January 22, 2010 @12:42PM (#30861438)
    Ingredients for SPAM still can legally remain hidden
    • by Anonymous Coward on Friday January 22, 2010 @12:45PM (#30861470)

      Making SPAM:

      1) ???
      2) ???
      3) ???
      4) Profit

    • Meh, the whole article is irrelevant. Once it gets to the Supreme Court, they'll just say we're restricting spammers' freedom of speech.
      • Re: (Score:2, Informative)

        by cawpin ( 875453 )

        Meh, the whole article is irrelevant. Once it gets to the Supreme Court, they'll just say we're restricting spammers' freedom of speech.

        No. Your freedom of speech doesn't give you the right to harass other people. You can use use your rights so far as they don't violate anybody else's.

        • Woosh, baby, woooooosh.
        • No. Your freedom of speech doesn't give you the right to harass other people.

          Actually, it pretty specifically does. You are totally allowed to yell lots of harassing things on the street without fear of government action (in theory).

          • by Ihmhi ( 1206036 )

            Right, but you can't yell threats or potentially damaging things like "FIRE!" in a crowded theater.

            So really what it comes down to is whether the spam itself is constitutionally protected or not. It may fall under the harmful speech listed above.

            Now as far as marketing goes, they make a hell of a lot of false claims, and they are legally liable for that.

        • by Dunbal ( 464142 )

          Your freedom of speech doesn't give you the right to harass other people.

          See, this is where the trouble begins. What does harassment mean, exactly? Let's see, according to some dictionaries:

          1. to disturb persistently; torment, as with troubles or cares; bother continually; pester; persecute.
          2. to trouble by repeated attacks, incursions, etc., as in war or hostilities; harry; raid.

          But we've only changed one ambiguous word with several others. What does "dis

          • by BobMcD ( 601576 ) on Friday January 22, 2010 @02:32PM (#30862512)

            In fact, harassment is completely subjective. It's not good to put subjective words into law. If I punch you in the face and cause visible damage, that is objective. If I take something that you can prove is yours, that's objective. But what about "harassment"? Some people are completely intolerant and consider themselves "harassed" at the drop of a hat. Others are far more tolerant. Still others never feel "harassed".

            Thus the concepts of 'judge' and 'jury'. All human behavior will be open to interpretation, and context is vitally important to any judicious application of law. Also, the laws use their own guidelines for what given words mean, and due to their depth these are likely far less ambiguous than dictionary definitions wind up being.

            In short you're mixing up English language with legalese, and that is why you're confused.

          • by cromar ( 1103585 )
            Actually, the above poster is correct. You are confusing English definitions with legal definitions:

            the term "harassment" means a course of conduct directed at a specific person that causes substantial emotional distress in such person; and serves no legitimate purpose. United States Code Title 18 Subsection 1514(c)

            http://www4.law.cornell.edu/uscode/html/uscode18/usc_sec_18_00001514----000-.html

          • Good thing our court system has it's own legal definitions, and they don't have to resort to looking them up in a dictionary, huh?
        • Now if people could understand that one's freedom/liberties should naturally extend so as not to infringe on an other person's rights then we will be in a much better position.
      • Compuserve v Cyber Promotions (Samford Wallace) says otherwise.

      • Meh, the whole article is irrelevant. Once it gets to the Supreme Court, they'll just say we're restricting spammers' freedom of speech.

        That's unlikely. There's no such thing as unlimited free speech. You can't lie in a courtroom and claim free speech. That's perjury. You can't yell fire in a movie theater when there is no fire. That puts people's lives in danger. The speech of spammers is not covered by free speech laws because it is harrassment (constantly bombing someone with unsolicited messages they ca

      • by Dan541 ( 1032000 )

        Your freedom of speech does not allow you to harass others. You are perfectly entitled to say what you like on your own website be that does not mean you are allowed to shove it into everyone's mailbox.

  • by fatherjoecode ( 1725040 ) on Friday January 22, 2010 @12:46PM (#30861484) Homepage
    A spammer's entire business plan can be summed up a "material falsification", can't it?
    • Re: (Score:3, Insightful)

      by suso ( 153703 ) *

      A spammer's entire business plan can be summed up a "material falsification", can't it?

      Like I always say, marketing is the art of making something seem better than it really is.

    • Not really. Some Viagra ads are legit, though the fact that I recieved it through solicitation of my email makes it spam.

      • Think that's bad?

        My wife is a support specialist...

        specialist...

        specialist.

      • by ae1294 ( 1547521 )

        This is so true and in fact I'd like to take a moment here to offer you a whooping 50% discount on your next order of viagra, soma or xannax from our online [drugbuyers.com] pharmacy.

  • by JoshuaZ ( 1134087 ) on Friday January 22, 2010 @12:49PM (#30861516) Homepage
    Spam is ultimately an economic problem. As long as spam remains highly profitiable spamming will continue. To deal with the spam problem we need to take a multi-faceted approach that includes a variety of both economic and other attacks. Stricter punishments for spamming, punishment for ISPs that are particularly bad, better education of people who answer spam, better use of whitelists, blacklists and greylists are all techniques that can help. Every technique has problems. Hence the standard Slashdot response with the checkboxes. However, although each has flaws, together they can be very effective. In that regard, this is sort of like cancer. Cancer is a very complicated diseases. However, by careful application of multiple medical techniques (radiation, surgery and chemotherapy being big ones) we've substantially cut down on cancer deaths. Sure, cancer still kills. But many forms are far less deadly. Childhood leukemia was a death sentence 40 years ago and now has a high survival rate. We need the same sort of combined approach to spam. This won't eradicate spam. But it will reduce it to more manageable levels.
    • Spam is ultimately an economic problem. As long as spam remains highly profitiable spamming will continue.

      I won't assume this to mean a 'silent approval' for spamming, but it does sound you take this as a given. IMHO that is not true. There are other reasons why spam remains a problem:

      • Because e-mail (and "from:" field in particular) is easily faked. If public key authentication and strong encryption were the norm, it would be impossible to spam on the current scale with fake "from:" info and bullshit messages. Spam with valid security envelope would directly point back to the responsible perps, or a very recen
      • If public key authentication and strong encryption were the norm, ...

        Then the use of email would plummet as few people want to deal with all of that -- rather, few people want to KNOW how to deal with that. If my mother had to know about public keys and stuff in order to use email, she'd be offline.

        Let's put it this way. I deal with a state-wide emergency service outfit that uses radio-based email for emergency communications. You can't get more easily hackable than that. There is NO routing information

    • Take away their ability to use credit cards - problem goes away. Am I the only one who sees this?
    • You wrote:
      > As long as spam remains highly profitable spamming will continue.

      No, as long as spam is _perceived_ as effective by enough people it will continue. Spam need not be commercial: harassing spam is quite effective. Spam need not actually be profitable: as long as enough fools pay someone to send it, or don't realize that what they are being is actually spam services, it will continue splashing into our spam folders at an amazing pace.

      Spam is already being highly contained: given that well over 1

      • Spam need not actually be profitable: as long as enough fools pay someone to send it, or don't realize that what they are being is actually spam services, it will continue splashing into our spam folders at an amazing pace.

        Have you ever tried explaining to some company that "ConstantContact" uses that name not because it sounds good but because that is exactly what they do? One company I deal with alot decided to outsource their marketing lists through them, so I told them to unsubscribe me. I explained t

    • Spam is ultimately an economic problem

      Have you been reading my journal articles? Not to mock you for being late to the party, but I've been discussing that for a while [slashdot.org]; I brought it up a few months ago as well [slashdot.org].

      Unfortunately I think you miss the boat:

      Stricter punishments for spamming, punishment for ISPs that are particularly bad, better education of people who answer spam, better use of whitelists, blacklists and greylists are all techniques that can help. Every technique has problems. Hence the standard Slashdot response with the checkboxes. However, although each has flaws, together they can be very effective

      Because ultimately none of those approaches actually address the economic issue that you and I both acknowledge. Simply inconveniencing the spammer won't accomplish much of anything; they will just send more spam. You'd be just as well off to advocate for their execution.

      As I've said before

  • Hmmm... (Score:5, Interesting)

    by McGregorMortis ( 536146 ) on Friday January 22, 2010 @12:52PM (#30861554)

    WHOIS privacy was created in the first place to protect us from spammers (the WHOIS database being ripe for email address scraping). Then the spammers took advantage of it to protect themselves from justice.

    It seems like there's some kind of insightful point to be made here, but I'm not sure what it is.

    • by Nethead ( 1563 )

      where is the +1 not-quite-insightful button?

    • Re: (Score:3, Insightful)

      by Drethon ( 1445051 )
      It seems kind of like DRM (in an indirect way). Anything created to stop illegal activities will not slow down the crooks and instead end up making legitimate users pay more...
    • +0.5, Insightful

    • To complete the triangle, the justice department must use WHOIS privacy to protect itself from us.

    • by mackil ( 668039 )
      That is an excellent point. I use a proxy service for every domain I own just because of that reason. It gets expensive since it effectively doubles the cost, but it's kept my email clear for over a decade now.
      • I'm really surprised that people are getting spam sent to WHOIS contact addresses.

        I know that Network Solutions sold their list to spammers quite a while back, and I still get spam to the e-mail address I used when my domains were all registered with them, but I haven't gotten a single spam e-mail in the 5 years since I started using a new e-mail for recently registered domains.

        • by mackil ( 668039 )
          Really? Maybe all my fears are outdated... and I'm paying all that money for no reason!
        • by Bigbutt ( 65939 )

          I do get the occasional monthly spam to my whois address which includes the Chinese guy who wants to sell me their version of one of the domains I own (well, rent :) ) or the one time that someone wanted to buy one of my domains.

          [John]

      • Dreamhost don't charge for domain name privacy. (No affiliation beyond being a satisfied user)

    • from the evolution of animals and plants to the evolution of laws and ideologies and technologies governing modern societies, is:

      life is an arms race

    • Yes, the point is that we need to stop taking spammers to court and just shortcut the process by taking them out back and shooting them if their is even marginal evidence to prove they are doing it.

      When you're punishment for them still results in a large net gain, they aren't going to give a flying fuck if you punish them.

      The world has become filled with pussies who want to be nice rather than take action to fix problems.

  • So is Tim Burd [nsoco.org] breaking the law [meetsafer.com]? (warning: credit card scam site)
  • The Natural Right to Freedom of Speech is needed precisely for unpopular speech such as "spam" and even "kiddy porn" - a canary in the coal mine for more egregious government assaults on your freedoms!

    It is your responsibility to decide what means you use to communicate with other people, and if you choose to use a ridiculously poorly designed protocol like e-mail then it is your (or your e-mail hosting provider's) responsibility to control who connects to your mail servers and how messages are to be accept

    • Re: (Score:2, Insightful)

      You're more correct than your score suggests. If they're creating laws that say "Privacy mode is not legal FOR SPAM!" Then in less than a year, the "FOR SPAM" qualifier will be removed, because it's seen only as a precedent for some other case where someone claims their privacy matters. "No it doesn't. Not if you were doing something unpopular, like breaking laws. Just look at this CAN-SPAM case."
      • You're more correct than your score suggests. If they're creating laws that say "Privacy mode is not legal FOR SPAM!" Then in less than a year, the "FOR SPAM" qualifier will be removed, because it's seen only as a precedent for some other case where someone claims their privacy matters. "No it doesn't. Not if you were doing something unpopular, like breaking laws. Just look at this CAN-SPAM case."

        This is very true. I can only imagine next year it could include P2P users and eventually anyone doing something abnormal like running tor (because using tor or encrypting your disks is obviously suspicious activity). It should not be illegal for spammers to use the privacy services, courts should subpoena the true identities from the privacy services and be done with it.

        • Re: (Score:3, Interesting)

          by cromar ( 1103585 )
          To combat harassing, commercial, and many times fraudulent speech is a far cry from attacking private, non-commercial speech.

          I can only imagine next year it could include P2P users and eventually anyone doing something abnormal like running tor

          To put it lightly... if you really believe that you need to get out of the basement more :)

    • by JoshuaZ ( 1134087 ) on Friday January 22, 2010 @01:08PM (#30861710) Homepage
      It isn't censorship to restrict time, plane and manner of speech. Thus, for example, saying you can't scream your views at 2 AM in a residential neighborhood isn't censorship by any reasonable definition. Similarly, anti-spam laws are not creating any free speech problem as long as they focus on the unsolicited nature of the message rather than the content. Moreover, there's a classical philosophical distinction between commercial and non-commercial speech (otherwise we wouldn't be able to restrict people from false advertising for example). Claiming that spam should be protected under free speech might feel like a fine, pro-free speech absolutist position to take, but really it is just not having any understanding of what we mean when we talk about free speech rights.
      • > It isn't censorship to restrict time, plane and manner of speech. Thus, for example, saying you can't scream your views at 2 AM in a residential neighborhood isn't censorship by any reasonable definition.

        So... Free Speech Zones [wikipedia.org] are not censorship? Perhaps you are right, but only in the way they are implemented.

        That is, selectively.

    • by Anonymous Coward on Friday January 22, 2010 @01:22PM (#30861804)

      Censorship is a red herring here.
      Spam isn't "unpopular speech" merely because of what it says.
      Spam is an abuse of a communication channel.
      One more time: It's about consent, not content.

    • by spun ( 1352 ) <loverevolutionary&yahoo,com> on Friday January 22, 2010 @02:56PM (#30862750) Journal

      In libertarian la-la land, there is one freedom: to do whatever the hell I want without interference. But freedom isn't that cut and dried. My right to swing my fist ends at your face. Even on my property, I don't have the right to scream at the top of my lungs at 4 in the morning, because that impacts your freedoms.

      Freedom isn't a simple thing. It isn't defined by imaginary and arbitrary natural rights. It is agreed upon and upheld by civilized people. For every freedom gained, there is a corresponding freedom lost, and so it is up to the group to decide what freedoms they are willing to trade for other more important freedoms. I, for instance, am willing to trade the freedom to scream at the top of my lungs at 4am, for the freedom to get a peaceful nights sleep.

      And I don't give a rat's ass what YOU think your 'natural rights' entitle you to. Come into my neighborhood and start bellowing at 4am, and you will get a visit from the police, who will force you to stop, to protect my freedom. And THAT is as it should be, amongst civilized people.

      Libertarians are akin to preschoolers, in that their idea of freedom is 'yer not the boss of me!' Well, the fact is that if you want to live in civilization, you have to let other people be the boss of you. If you don't like it, there is plenty of desolate wilderness where you can go be as free as you like, by yourself. But you DO NOT get to insert yourself into other people's lives and impose on them, claiming that if they try to stop you they are limiting your freedom. No, YOU are limiting THEIR freedom, and there are more of them than of you, so what they say goes. If you don't like it, well, there's always that lovely wilderness where you can be as free as you like without imposing on others.

      • Unless, of course, your neighborhood is one of the ones where the local government is financially challenged (i.e. Illinois, California, et al) and the police doesn't have the funding to send someone out.

        And then, when the yelling turns to something worse, and the police are nowhere to be found (how does the saying go... "when seconds count, the police are only minutes away...") the proverbial "libertarian la-la land" will have other means of defending themselves, and enforcing their rights...

        • by spun ( 1352 )

          What utter bullshit. What a complete non-sequiter. Were we talking about police response times, and how nice it is that libertarians have the firepower to slaughter each other? No, we weren't. Great. You've got guns, so you can shoot loudmouths. Tell you what, how about all you libertarians go buy yourselves a country somewhere, and you fuck that up instead of trying to fuck up ours? You don't give a shit about anyone's freedom but your own.

      • Uhm, now that post was beyond puerile. You take one part of libertarian motto, cut it, then use the second half as your argument against the first half!.

        "Your right to swing your fist ends at my face." is exactly the point of libertarianism. So repeating it against them over and over for an entire page means that you're, quoting to your own words, akin to a preschooler. Otherwise, you would make an attempt to understand what you're criticising -- instead of calling people names.

        • by spun ( 1352 )

          Except most libertarians do not believe, in their heart of hearts, that the reverse applies to them. As evidence, I present Mr. "Kiddy porn is fine." above me.

    • The right to free speech does not include the right to impose that speech on someone else, its sad that so many people like yourself don't understand it.

      You have the right to free speech, but not everywhere and at any time or using any method you want.

      You do not have a right to impose your free speech on me.

      You do not have the right to stand in the middle of a residential neighborhood at 3 am shouting crap at the top of your lungs, waking everyone up.

      When you enter my home, business, or even public places y

  • by Thaelon ( 250687 ) on Friday January 22, 2010 @01:19PM (#30861780)

    Couldn't the WHOIS service, by hosting spammers, be held liable for criminal conspiracy or aiding and abetting?

    Or at least investigated to determine if they were knowingly protecting spammers under one or both of those charges?

    • by Animats ( 122034 )

      Couldn't the WHOIS service, by hosting spammers, be held liable for criminal conspiracy or aiding and abetting?

      That's come up. The owner of a domain is the name in the registrant field. If the name there is some "privacy service", they are the owner of the domain, and the nominal "owner" is just renting it under some contractual arrangement. As with renting, this usually works out OK, but when there's trouble, the real ownership matters.

      This was a big issue with RegisterFly [wikipedia.org], the troubled and now def

  • Problem (Score:3, Interesting)

    by girlintraining ( 1395911 ) on Friday January 22, 2010 @01:27PM (#30861838)

    So what we're doing is eschewing personal privacy in exchange for... corporate privacy? It used to be years ago, I could setup a web server on a xDSL line from home and run a small business off of that. Of course, few people want to post their cell phone number (often their only number) online, or any other method of direct contact. Amongst other things, that would invite spam. So along come these anonymization services so we can have an online presence without giving up our privacy -- and now that's been declared illegal? So domains owned by individuals or sole-proprietorships are screwed, but corporations have little to worry about: They can just assign some random techie to be the contact for their domain.

    • Re:Problem (Score:4, Informative)

      by gclef ( 96311 ) on Friday January 22, 2010 @01:44PM (#30862006)

      It's not that privacy is illegal...it's that privacy + spamming = violation. CAN-SPAM, for all its toothlessness, requires valid contact information for the domains involved in mass emails, so using anonymized WHOIS entries is right out if you're sending mass emails. This is, I think, perfectly fine. If you're going to be contacting millions of people, it's only fair that they should be able to contact you back.

      That says noting about your ability to run a small business with anonymized WHOIS off a small DSL line...as long as you're not sending mass emails around, your WHOIS anonymity will never run afoul of the spam laws.

    • Re: (Score:3, Informative)

      by Dunbal ( 464142 )

      So along come these anonymization services so we can have an online presence without giving up our privacy -- and now that's been declared illegal?

      From the header:

      Although the ruling does not make use of WHOIS privacy illegal, it does serve as a clear message from the court that coupling the use of privacy services with intentional spamming will likely result in a violation of the CAN-SPAM act.

      Cough. You were saying?

  • The court proposes a

    ( ) technical (X) legislative ( ) market-based ( ) vigilante

    approach to fighting spam. The idea will not work. Here is why it won't work. (One or more of the following may apply to this particular idea, and it may have other flaws which used to vary from state to state before a bad federal law was passed.)
    ( ) Spammers can easily use it to harvest email addresses
    ( ) Mailing lists and other legitimate email uses would be affected
    (X) No one will be able to find the guy or collect the money
    (

    • Make the punishment for spamming execution by public stoning, allow anyone who receives a spam to short cut the process and execute the offender without a court case, with the understanding that they must provide proof after the fact or suffer the same fate as the spammer.

      There are ways to stop this sort of thing, even if mine are over zealous to say the least. The reality of it is, too many people like yourself stand around and say 'it wont work' and saying that killing them won't work.

      I assure you, if yo

  • The court's decision:

    using WHOIS privacy on domains may be considered "material falsification" under federal law.

    The cited part of the law:

    registration information is materially falsified if it is altered or concealed in a manner that would impair the ability of a recipient of the message...to identify, locate, or respond to a person who initiated the electronic mail message..."

    I'm afraid, some day this may be applied to people, who have nothing to do with actual spam...

    Does not anybody see parallels with

    • by BobMcD ( 601576 )

      I'm amazed to be arguing with you about this. It almost feels like I have crossed over into the Twilight Zone. I love our freedoms, and fear the slippery slope of bad government. That being said, there's no substance to your concern.

      Weird, right?

      The text of the bill is here: http://frwebgate.access.gpo.gov/cgi-bin/getdoc.cgi?dbname=108_cong_public_laws&docid=f:publ187.108.pdf [gpo.gov]

      Here's a sample:

      ‘‘(a) IN GENERAL.—Whoever, in or affecting interstate or foreign
      commerce, knowingly—
      ‘‘(1) accesses a protected computer without authorization,
      and intentionally initiates the transmission of multiple commercial
      electronic mail messages from or through such computer,
      ‘‘(2) uses a protected computer to relay or retransmit multiple
      commercial electronic mail messages, with the intent to
      deceive or mislead recipients, or any Internet access service,
      as to the origin of such messages,
      ‘‘(3) materially falsifies header information in multiple
      commercial electronic mail messages and intentionally initiates
      the transmission of such messages,
      ‘‘(4) registers, using information that materially falsifies
      the identity of the actual registrant, for five or more electronic
      mail accounts or online user accounts or two or more domain
      names, and intentionally initiates the transmission of multiple
      commercial electronic mail messages from any combination of
      such accounts or domain names, or
      ‘‘(5) falsely represents oneself to be the registrant or the
      legitimate successor in interest to the registrant of 5 or more
      Internet Protocol addresses, and intentionally initiates the
      transmission of multiple commercial electronic mail messages
      from such addresses,
      or conspires to do so, shall be punished as provided in subsection
      (b).

      Every single stanza of that refers to electronic mail. I'm not certain how this law could be used to bootstrap

  • by weaponx71 ( 524109 ) on Friday January 22, 2010 @02:25PM (#30862438)
    I swear that whenever I take the time to back track any SPAM messages I get, and I don't mean all the Viagra ads, but the ones that I get from a subject that I might have interest in but I know I never did business with them or requested anything from them. They are hiding out at GoDaddy. Most don't have the unsubcribe link, most just don't work. I have only come across ONE company that did anything about an emailing I got and that was Google. Typical online marketing email saying you can make tens of thousands of dollars doing nothing per month. Just buy their $97 advertising "secrets" and you will have a mansion and a Ferrari in months. I complained to Google since the email didn't have an unsubsribe link or removal link. They must have done something or sent them something because I got another email asking me why I turned them in and that they weren't SPAM. I politely told them they were whack and have since blocked their domains and emails at my web hosting level. When I try this with GoDaddy. I either get nothing in reply or a canned email from GoDaddy stating they don't get inbetween a business and it's customers about money owed or services not renedered. WHAT? I tell them they have a violation of their own User Agreement and they spew back nonsense. Why would they want to do anything or cut off anything that is making them money? We need to have more control given back to the normal person, and heck I have a small company and even going through that I can't get ISP or Registrars to do anything worth while. If you aren't making THEM a lot of money, you just simply don't matter.
  • This is US vs. Kilbride [uscourts.gov], decided last October. It apparently took Sedo a few months to notice.

    It's actually a porno spam case left over from the Bush Administration. It's not like the Justice Department was doing anything effective about spam in general.

    • by BobMcD ( 601576 )

      Slashdot meta-score...

      "old news" = 0 points

      "Bush Administration" = 0 points

      "anti-spam ineffective" = 0 points

  • ... many spamvertised, spamvertising, and spamming-affiliated domains are registered through registrars overseas. And those overseas registrars (those who actually put something into the WHOIS fields) will either provide WHOIS obfuscation services to their customers, or it will be provided through another overseas company. In the end, we can legislate this all we want, it won't mean squat to the spammers in other countries.

    That said, there are likely other reasons why this is useless; this was just the

Every nonzero finite dimensional inner product space has an orthonormal basis. It makes sense, when you don't think about it.

Working...