An Overview of the Law on Spam Anti-Spam Research Group San Francisco, CA March 20, 2003 Jon Praed...
Transcript of An Overview of the Law on Spam Anti-Spam Research Group San Francisco, CA March 20, 2003 Jon Praed...
An Overview of the Law on Spam
Anti-Spam Research GroupSan Francisco, CA
March 20, 2003
Jon Praed Internet Law Group
Spam is Unsolicited Bulk Commercial Electronic Messages
• Electronic messages – anticipate convergence
• Commercial – not inherently illegal
• Bulk – substantially similar messages
• Unsolicited – intent of recipient is key
Spam Fighting Tools
• Shield -- Internet Architecture & Filters
• Sword -- Legal Enforcement
To Evade Filters, Spam = Fraud
• Source and hypertext links are anonymous, transient or falsified– Free email accounts; anonymous credit cards; mail relays;
obfuscated URLs; encrypted source code; DNS servers turned on/off; false domain name registrations (ICANN 9/02 action Verisign)
• Third Party Conspirators Provide Cover– Spam Houses make $10,000/month to host webpages and hide
identities of spammers (“I terminated him and deleted his info”)
– Affiliate Program Operators – in search of plausible deniability
Law’s Purposes
• General & Specific Deterrence
• Compensation of Victims
• Retribution
• Education
Legal Weapons
• Injunctions
• Money Judgments– non-dischargeable in bankruptcy– disgorge profits from spammers– fund anti-spam fight
• Imprisonment
A Hierarchy of Anti-Spam Rules• AUPs – setting expectations to protect private property• Common Law – trespass to chattels recognized in all 50 states• State Statutes – 26 states and counting (www.spamlaws.com)
– codifying trespass with statutory damages– labeling requirements– outlawing fraudulent spam or requiring respect for do not email lists
• Federal Statutes – – Computer Fraud & Abuse Act, 18 USC 1030– Analogs: 47 USC 227 (unsolicited fax law); 18 USC 2257 (Adult Model Statute)– Pending Legislation (www.thomas.loc.gov)
• Burns-Wyden CAN SPAM Act, SB 630 & others
• International Law – none? – How will this affect the impact of anticipated Federal fixes?
Goals of Federal Proposals
• Discourage use of fraud
• Encourage transparency in identity
• Ban spam, regardless of fraud
• Regulate spam through labeling
• Minimize impact on solicited marketers
A “Sunshine” Proposal for Federal Legislation
• Modeled after Custodian of Records Law requiring Proof of Age of Adult-Movie Performers (18 USC 2257)
• All commercial email (including solicited) must disclose a “custodian of records” (US resident, address, phone, email)
• Failure to disclose = presumption of spam and high civil penalties (dollars per email)
• False disclosures = criminal penalties• Disclosures subject to reasonable due diligence• Truthful disclosures, but inadequate records = reduced
statutory damages (fraction of penny per email)
What the Law Needs From Internet Architecture
• IDENTITY– accurate records reflecting status of Internet structure
(domain names, IP addresses)
– details of email transaction
– intelligent record preservation
• GEOGRAPHY– provides notice to spammers of applicable laws
– empowers Netizens to avoid lawless-parts of the Internet
Limits of the Law
• Dependence on technical information for identification
• Slow and Costly
• Legal Jurisdictions are Geographic-Based
Why We Will Defeat Spam
• Victory Doesn’t Require 100% Spam-Free– Banks survive bank robberies
• Spammers Struggle on Small Margins• Email is Incredibly Resilient
– Email thrives despite 40% spam rate
• Spam is the Parasite, Email is the Host– If spam kills email, spam dies too
• Filters + Lawsuits Work, and Spammers Know It
Questions?
An Overview of the Law on Spam
Anti-Spam Research GroupSan Francisco, CA March 20, 2003
Jon Praed Internet Law Group