Is your Client a Spammer?

New Jersey Law Journal October 18, 2004

Copyright 2004 ALM Properties, Inc. All Rights Reserved.
New Jersey Law Journal


October 18, 2004


SECTION: FEATURE

LENGTH: 1083 words

HEADLINE: Is Your Client a Spammer?;
Advising clients on the lawful use of spam to promote a business

BYLINE: By Jonathan Bick; Bick is of counsel to WolfBlock Brach Eichler of Roseland and is an adjunct professor of Internet law at Pace Law School and Rutgers Law School. He is also the author of 101 Things You Need To Know About Internet Law [Random House 2000].

BODY:
By all accounts, unsolicited commercial e-mail advertisement, or spam, comprises the majority of all e-mail traffic in the United States.

Although an annoyance to most Internet users, spam persists because it is simple and cost-effective. There is no per-message charge to send e-mail. As a result, a spammer's transaction costs are normally confined to equipment costs, a monthly rental fee for an e-mail account, and the price of a mailing list. If a spammer can send an e-mail advertisement to one million people at a cost of only $100, he or she will make a ten percent profit if just 11 customers respond and pay 10 dollars each.

However, to avoid litigation-related costs, spammers must take care to operate within the law. The good new is that compliance with spam laws is fairly simple.

The CAN-SPAM Act

Controlling the Assault of Non-Solicited Pornography and Marketing Act of 2003 [CAN-SPAM Act of 2003, 15 USC 7701], went into effect January 1, 2004. The focus of the legislation is fraud - fraud in the e-mail routing information, e-mail subject line or content may constitute a violation. No labeling is required, but there must be an opt-out feature, some identifying information in the routing portion of the e-mail, and a physical address. In addition, warning labels are required under Federal Trade Commission [FTC] regulations for "sexually explicit content."

All state spam laws, including labeling and opt-in requirements, are pre-empted by the federal CAN-SPAM Act, with one general exception: fraud. Thus, only the antifraud sections of the state spam laws survived the Federal CAN-SPAM Act.

The act does not apply to political or charitable spam. For other unsolicited bulk e-mail, the CAN SPAM statute prohibits: 1] senders from falsifying or disguising their true identity or using misleading subject lines; 2] harvesting of e-mail addresses by either [a] automatic means from an Internet Web site or a proprietary online service maintained by a third party; or [b] an automated system that generates possible electronic addresses by combining names, letters and numbers in numerous permutations; and 3] businesses from knowingly promoting themselves through false or misleading e-mails.

Under the act, spammers must: 1] include a legitimate return e-mail and physical postal address for the sender; 2] activate a functioning opt-out mechanism which is associated with a clear and conspicuous notice of the opportunity to opt out; 3] honor any such opt-out request; 4] ensure the spam has a clear and conspicuous notice that the message is an advertisement or solicitation; and 5] ensure that messages with sexually oriented material be clearly identified.

The FTC and state attorney generals are charged with the enforcement of the law. Liability under the act is broad, not only for the spammers themselves, but for those who hire them. If a company knowingly hires a spammer who does not comply with the act, the company may be prosecuted in the same manner as the spammer. Criminal penalties for violation of the act include substantial fines and up to five years in prison. Civil penalties can be as much as $250 per e-mail. Repeated misconduct or aggravated violations can result in treble damages.

To avoid liability, employers should update their employee handbooks to ban employees from using company computer and Internet systems for the purpose of sending spam. Such action may be the basis of a substantial compliance defense if legal difficulties arise.

If there is a third-party sender, but the source knew or should have known the third party violated the act, there is potential liability. There is a right of action for Internet service providers [ISP] against the sending businesses, but not those businesses merely named in the e-mail.

In sum, spam is regulated, but lawful. Like its pre-Internet predecessor, junk mail and junk faxes, both state and federal statutes legalize its use.

Advice for Spammers

Attorneys should be prepared to advise clients on the cost and legality of sending spam.

Spam is a lawful and economically efficient program for marketing goods and services. The CAN-SPAM Act has removed the cost of legal difficulties associated with spam use. The CAN-SPAM Act also has removed the stigma from spam for businesses that comply.

It costs spammers between $100 and $500 to send a million e-mails, with roughly 100 "paying" responses expected from each transmission. One-person bulk e-mailers typically send 30 million unsolicited commercial e-mails a day.

According to one well reported story, an order log left exposed at an organ-enlarging product Web site showed that over a four-week period, some 6,000 people responded to e-mail ads and placed orders for the company's herbal supplement. Most customers ordered two bottles of the pills at a price of $50 per bottle. The Internet firm, which relied upon spam for business, grossed more than half a million dollars. Thus, if a client should ask about the potential wrath of spam recipients, Internet service providers and federal regulators, an attorney might advise them to do the math.

Among the most difficult compliance aspects of the CAN-SPAM Act is the duty a spammer has to stop sending spam to those who request that no more spam be sent to them. Software exists that can help high-volume e-mailers comply with the CAN-SPAM Act by inserting their postal address in the mail and by keeping track of recipients who ask to be removed from the sender's mailing list.

Even clients who comply with the CAN-SPAM Act should prepare for their day in court. To ward off fraudulent claims, clients should keep accurate records of spam activity, execute employee handbooks detailing proper spam behavior and keep samples of spam-related transactions. Also, just as clients budget for marketing and for lease payments, clients should budget for legal bills. Prosecutors have been heavy-handed in their recent cases against spammers.

When sending e-mail, everyone, not just spammers, should keep in mind the following points: 1] the act applies to all unsolicited e-mail; 2] the act requires each e-mail to contain valid contact information, an effective "opt-out" option and a honest subject line; 3] the act forbids shielding of identity via routing; and 4] spam must comply with the spammer's ISP requirements regarding e-mail for commercial purposes.