Feeds

US appeals court cans CAN-SPAM suit

A farewell to litigation factories

Protecting against web application threats using SSL

In a decision that could make it harder for internet users to take spammers to court, a federal appeals court has upheld the dismissal of a lawsuit against a company that sent a man more than 13,000 unsolicited emails.

A three-judge panel from the Ninth US Circuit Court of Appeals agreed with a lower-court judge that under a federal law that went into effect in 2004, plaintiff James S. Gordon Jr. lacked standing to sue online marketing business Virtumundo. The panel ruled that under the Controlling the Assault of Non-Solicited Pornography and Marketing, or CAN-SPAM, act, lawsuits can only be brought by select law-enforcement agencies and providers of an IAS, or "internet access service."

The judges went on to dismiss claims Gordon brought under a separate Washington-state law forbidding deceptive commercial emails, holding that that CAN-SPAM preempted the law. The state statute allowed private individuals to sue people who send them deceptive marketing emails that were unsolicited. The net effect, legal experts said, is that internet users will have fewer options for taking legal action against spammers.

"It is going to be harder for individuals to sue companies that send them spam because trying to shoehorn a claim under statutes prohibiting deception will be looked on by courts with skepticism," said Dave Kramer, an attorney at Wilson Sonsini Goodrich & Rosati who helped draft the Washington law.

Critics have long complained that CAN-SPAM was full of so many loopholes that it had little effect on the torrent of spam that lands in inboxes everyday. The Ninth Circuit's decision is only likely to strengthen those claims. It will set a higher bar for individuals who want to invoke it in lawsuits. Specifically, they will have to show they are an IAS and will then have to show they faced significant harm as a result of receiving spam.

When Gordon brought the suit in 2006, he was already a fixture in state in federal courts, which he peppered with lawsuits against spammers. He made it a habit to send spammers responses demanding they cease their junkmail campaign and demanding $500 for any repeat offenses. He also set up multiple email accounts on behalf of friends and family members and monitored them for unsolicited messages.

Gordon told the court he had collected more than 13,800 junk messages.

This has led to criticism that Gordon is a "professional plaintiff" who opportunistically milks anti-spam laws for his own personal gain. Those points weren't lost on US Appeals Court Judge Ronald M. Gould.

"For a person seeking to operate a litigation factory, the purported harm is illusory and more in the nature of manufactured circumstances in an attempt to enable a claim," he wrote in a concurring opinion. "In my view, manufactured claims should not be tolerated absent a clear endorsement from Congress."

A PDF of the decision is available here. ®

Reducing the cost and complexity of web vulnerability management

More from The Register

next story
Infosec geniuses hack a Canon PRINTER and install DOOM
Internet of Stuff securo-cockups strike yet again
Apple Pay is a tidy payday for Apple with 0.15% cut, sources say
Cupertino slurps 15 cents from every $100 purchase
Spies would need SUPER POWERS to tap undersea cables
Why mess with armoured 10kV cables when land-based, and legal, snoop tools are easier?
Israeli spies rebel over mass-snooping on innocent Palestinians
'Disciplinary treatment will be sharp and clear' vow spy-chiefs
YouTube, Amazon and Yahoo! caught in malvertising mess
Cisco says 'Kyle and Stan' attack is spreading through compromised ad networks
Hackers pop Brazil newspaper to root home routers
Step One: try default passwords. Step Two: Repeat Step One until success
Greater dev access to iOS 8 will put us AT RISK from HACKERS
Knocking holes in Apple's walled garden could backfire, says securo-chap
Microsoft to patch ASP.NET mess even if you don't
We know what's good for you, because we made the mess says Redmond
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Security and trust: The backbone of doing business over the internet
Explores the current state of website security and the contributions Symantec is making to help organizations protect critical data and build trust with customers.