Anti-Spam Legislation Setbacks

Article excerpt

I n the fall, I gave a report on email at a University of Pittsburgh faculty meeting. Among the statistics I reported was that in March 2008, the University of Pittsburgh email servers received 505 million email messages. Of that number, more than 410 million messages were spam. That's for just one modest email domain for 1 month.

Actually, that number is not too surprising. Current estimates are that 90% of all email traffic is unsolicited bulk email, or spam. Another report suggests that spam costs U.S. businesses up to $17 billion in lost productivity and anti-spam efforts, notwithstanding the widespread use of spam filters.

The law's response to the proliferation of spam has been checkered. As the problems of spam shifted from its origins in the USENET environment in the 1980s and early 1990s to the email environment by the late 1990s, courts and legislatures struggled to craft a response. Unfortunately, that struggle continues today.

Not All Spam Is Illegal

One threshold challenge is that not all unsolicited email is illegal. Courts have recognized that the First Amendment protects the right to advertise goods and services. While the protections on this form of "commercial free speech" are not as expansive as noncommercial speech, absolute bans on commercial email may not be legal.

This was recently demonstrated when the Virginia Supreme Court struck down that state's anti-spam statute because it was found to violate the First Amendment. Virginia made it a criminal offense to transmit unsolicited bulk electronic mail with intentionally false or forged transmission or routing information.

Protecting Anonymous Speech

The court noted that the First Amendment protects the right to anonymous speech. The court then observed that the only way to remain anonymous in an email transmission would be to enter a false IP address or domain name in the email. Although the intent of Virginia's statute may have been to prevent commercial emailers from using false information to mislead, it was not limited to commercial email. In the language of constitutional law, it was not "narrowly tailored" enough to meet Virginia's interest in controlling spam without having the potential to violate the constitutional rights of people wishing to send anonymous email. By making the use of false email information a crime in all circumstances, the statute was unconstitutional.

As noted, Virginia's statute covered commercial and noncommercial spam. The court noted that most of the statutes existing today, including the federal CANSPAM Act passed in 2004, are targeted toward commercial spam only. Those various acts allow bulk email to be used for commercial purposes, but they still impose restrictions. For example, the CANSPAM Act requires accurate subject lines, headers, and sender addresses, plus contact information for the sender and a means to be removed. However, they can't target noncommercial spam.

California recently attempted to tighten its restrictions on fraudulent commercial email through new legislation. This has been one of the more aggressive states in enacting anti-spam legislation, although its most aggressive action (a complete ban of email spam in California) was overturned by the federal CAN-SPAM Act. The state proposed to control deceptive email by expanding the categories of "header information" required to be accurate. The legislation also made it easier to pursue violations of California anti-spam laws by allowing not only the state attorney general but also district attorneys and city attorneys to pursue spammers. …