Please ensure Javascript is enabled for purposes of website accessibility

Surge of new cases could give teeth to anti-spam laws

Bernard Solnik worries that a recent decision out of Washington, D.C., could 'encourage people to become professional plaintiffs.'

Imagine seeing a television commercial promising a free iPad if you call the phone number on the screen. If you call the number and do not receive your gift, your next phone call will probably be to file a consumer complaint.

Similar messages bombard your inbox every day in the form of unsolicited commercial email — more popularly known as spam. But lawyers involved in this growing area of cyber law say a legal remedy is not as readily available as it is for other types of unwanted or deceptive advertising.

“The Internet is so decentralized, I think companies think they can put anything on the Web, hide their identity and not be held responsible,” said Mike Rothman, a Rockville lawyer whose expertise is in cyber law.

Maryland, Washington, D.C., and almost every state have spam deterrence laws that supplement a federal law known by its acronym, CAN-SPAM. Yet spam still accounts for more than 90 percent of all email and remains a billion-dollar business for senders, many of whom are difficult to identify.

“Spam is the golden egg that keeps on giving,” said Tony Onorato, a New York lawyer also in the field. “It’s virtually cost-free to send a million pieces of mail, and if you get a 0.001 percent response rate, you’ll probably make some money.”

Whether the laws will ever be effective in slowing down spam is something Rothman and others have been litigating to find out.

“Unsolicited commercial emailers are never held to task,” he said. “No one has had the desire, expertise or frankly the gumption to take on these bulk emailers.”

‘Glomming up the networks’

Rothman and Gaithersburg lawyer Steve Ring are three years into a federal lawsuit filed on behalf of Internet service provider Beyond Systems Inc. against a variety of known and unknown commercial emailers. The lawsuit seeks millions of dollars for approximately 70,000 unsolicited emails sent to the company’s servers between April 2004 and the end of 2006.

Rothman and Ring are also working with Onorato on another federal lawsuit filed by Bethesda-based Beyond Systems against Kraft Food Inc. over at least 10,000 unsolicited emails received between February 2005 and May 2008 related to Kraft’s Gevalia brand. Both cases are in U.S. District Court in Greenbelt. The Kraft case remains on hold until some preliminary issues in the other case are addressed in August.

Beyond Systems has spent “thousands of hours” documenting spam, Rothman said, which was sent to its users via the Internet service provider.

“The whole thing started off as a bit of a lark,” he said. “They wanted to know who was glomming up their networks.”

Their lawsuits were filed under the Maryland Commercial Electronic Mail Act of 2002. The law prohibits a person from “initiating,” “conspiring to” or “assisting in” the sending of commercial email from a computer in Maryland or to an email address “the sender knows or should have known” is held by a Maryland resident if the email contains false or misleading information about its origin or in its subject line. Individuals who file suit under the law can receive at least $500 per email from a violator, while an Internet service provider can receive at least $1,000 per message.

The statutory damages, plus the presumption that the sender knows the email recipient is a Maryland resident, meant the General Assembly thought the law would be a “big boon” for private citizens, Rothman said. Yet state case law in the area remains sparse; Rothman has received one of the only appellate opinions on the subject, a 2006 Court of Special Appeals decision upholding the law’s constitutionality.

“[W]e observe that MCEMA was passed largely because the financial and social burden of [unsolicited commercial email] on Maryland consumers is great,” then-Court of Special Appeals Judge Sally D. Adkins wrote. “Maryland certainly has an interest in protecting its consumers, not only from the costs associated with UCE proliferation, but also from becoming the victims of fraud and schemes initiated by false and misleading email.”

Little impact on email flow

In 2003, Congress passed CAN-SPAM, the Controlling the Assault of Non-Solicited Pornography and Marketing Act. The law does not make unsolicited commercial email illegal but regulates it, requiring messages to have places where consumers can unsubscribe or opt out of receiving future emails, for example. The federal law pre-empts state anti-spam laws unless the state laws, like Maryland’s, target falsity. Onorato compared the state statutes to consumer protection laws.

Yet the impact of the federal legislation has been minimal. Alex Kigerl analyzed millions of spam emails sent before and after CAN-SPAM for his master’s thesis and found the law made no significant impact on email flow.

“It’s generally pretty easy to get away with,” said Kigerl, now working on his doctorate in criminal justice at Washington State University.

Kigerl said his findings, published in 2009 in the International Journal of Cyber Criminology, were not surprising in part because the law was passed just as the volume of spam emails exploded. Spam filters have gotten better, but preventative measures will only help so much, he said, particularly for spammers whose aim is more than just selling a product.

“As technology improves, cyber-criminals will improve as well,” he said. “The more technical the system, the more vulnerable it is.”

Onorato, of counsel to Steptoe & Johnson LLP, agreed. Internet service providers still accept all emails and then filter them, he said.

“There’s a greater downside to rejecting a legitimate email accidentally,” he said.

And most people will still scan what their spam filters catch to make sure nothing they need got caught.

“Even though you have a filter, there is a general sense of obligation” to look through all your email, he said.

Kigerl is skeptical of state and federal laws because spam is a global problem requiring international cooperation.

Then there is the challenge of actually bringing a case to trial.

“Prosecutors don’t like going after cyber criminals,” he said. “Often they have a lot of evidence, but it’s not easy to understand or explain to a judge.”

Spam suits outside Maryland

One of the first cases to apply Washington, D.C.’s spam law involved emails with subject lines such as “Stop Wasting Time With Westlaw!” “Scalia Tackles Sharpie Sniffing!” and “A MURDER IN MICHIGAN.” The body of the email was an advertisement sent by TheLaw.Net, a legal research business based in San Diego. The judge in the case ruled in March that determining whether the subject lines were deceiving was a question of fact, not law.

Bernard Solnik, who represented the website and owner Mark Whitney, said the decision could “encourage people to become professional plaintiffs.”

“People can take very legitimate personal emails and bring a lawsuit against these companies,” said Solnik, of Solnik & Walsh LLC in Rockville. “Anything short of an explicit label in the subject line subjects you to significant exposure under the D.C. statute.”

The D.C. Superior Court jury in the case found the subject lines were not deceiving after a three-day trial.

The lawsuit was brought by CyberLaw PC, the Washington law firm of Eric Menhart, who also brought the case in Maryland that led to the Court of Special Appeals decision on Maryland’s spam statute. (Menhart declined to comment on the TheLaw.Net case.)

“Just because one or some people were misled by the email doesn’t make the email misleading,” Solnik said.

Bradley S. Shear, who advises clients on how to comply with spam regulations, agreed.

“What’s one person’s spam is another person’s market message,” he said.

Solnik said his client “gets positive returns” from the emails and will continue to send them.

“You’re inundated with ads on TV or radio you don’t request to see,” he said. “That is the burden of a free, capitalistic society.”

Shear, a Bethesda solo practitioner, said spam is to email what traffic and potholes are to driving.

“It’s more of an accepted thing, part and parcel of being online,” he said.

Rothman and his colleagues want to change that.

“My hope is that a few, very big verdicts against these large media companies will change what is false and misleading,” he said.

More case law in the area will help, he added.

“Once the road signs are marked, I think you’ll see more suits,” Rothman said.

The 9th U.S. Circuit Court of Appeals ruled in March that unsolicited messages sent through Facebook are subject to CAN-SPAM, a decision Shear said could have “tremendous implications” on marketing through social media.

A California appellate court ruled in January, in a case in which Onorato is involved, that the state’s law imposes strict liability on all parties connected to the spam, from the spammer to the advertisers.

“[I]mposing strict liability for advertising in commercial e-mails that contain materially deceptive content does not alter the type of content that might subject a defendant to liability,” the court held. “Instead, it broadens the class of persons who may be held responsible for such content.”

The same logic applies to Maryland’s law, Onorato said, and forcing accountability among all parties involved with spam will help plaintiffs, who can struggle to find the often-anonymous spammers. It will also prevent defendants from using a “hear no evil, see no evil defense,” he added.

Court rulings might not halt spam entirely, Onorato acknowledged, but they might make senders think twice before clicking “Send.”

“The risk has to outweigh the profit,” he said.