In an article published by the Technology Liberation Front, Cato Institute adjunct scholar Tim Lee dissects a recent argument by the American Civil Liberties Union regarding free speech & anti-spam laws.

It's been interesting to watch the ACLU wrestle with anti-spam legislation. Their entire purpose is to work through the legal system to protect our civil rights, as defined in the First Amendment -- which is why I've been a card-carrying member since before I was old enough to vote -- so of course they're going to push back against any perceived abridgment of the right to free speech, including anonymous speech. Yet as Tim Lee argues, the amount of speech afforded to spammers before they run afoul of the Virginia statue is enormous: "someone may (a) send out an unlimited number of emails using a real email address, (b) send out 9999 emails per day (99,999 per month, 999,999 per year) while falsifying email headers, or (c) send out an unlimited number of emails with falsified addresses to people who have previously consented to receive them."

In order to violate this Virginia statute, you have to be very bad. In order to violate CAN-SPAM & get even more federal attention, you have to be even worse. Anyone with a real need for free, anonymous speech will have a myriad of other, simpler, and very likely cheaper avenues available to them -- including, unfortunately, sending 9999 forged, unsolicited emails each & every day.

The Washington Post reports that the U.S. Senate has passed legislation that would allow law enforcement to go after a much larger percentage of modern online crime. Specifically, it will:

• remove the requirement that each affected individual must have suffered at least $5,000 in damages
  
• "make it a felony to install spyware or keystroke-monitoring programs on 10 or more computers regardless of the amount of damage caused"
  
• give identity theft victims the ability to seek restitution
  
• criminalize attempts to extort companies by threatening to publish stolen information
  

These provisions were added to an unrelated bill, the Former Vice President Protection Act, which must next be voted on by the House of Representatives before it becomes law.

CAUCE is very pleased that the Senate has taken this action to protect people living within the United States, and particularly support the provisions adding a private right of action against the criminals who prey upon all of us daily.

They say (whoever "they" are) that good things come in threes, and that certainly seems true for law enforcement against spammers this week.

In New York, Adam Vitale was sentenced to 30 months in prison and ordered to pay $183,000 in restitution for a week of spamming AOL back in 2005. He's also allegedly linked to advertisements for prostitution on craigslist, and is already in jail for even worse crimes.

In Illinois, an FTC settlement requires Spear Systems and company executives Bruce Parker and Lisa Kimsey to give up $29,000, stop making "false or unsubstantiated claims about health benefits" of their products, and bars them from violating CAN-SPAM ever again. Related litigation continues against defendants in Quebec and Australia; you may remember this gang as the hoodia spammers.

And finally, in Seattle, the Robert Soloway case continues. He pled guilty back in March to wire fraud, CAN SPAM fraud, and tax evasion, but not identity theft -- which was dismissed. Even so, he could be sentenced to up to 20 years, though that's reportedly unlikely. The difficulty for the judge appears to be that there isn't a lot of precedent for how long spammers should spend in jail. CAUCE would encourage Judge Marsha Pechman to look for precedents from other, non-internet-related fraud cases, multiply by the number of victims, and throw away the key.

But what makes the Soloway case particularly interesting is what else is being revealed. Soloway's business model was to sell advertising services, promising that all of his recipients had opted in -- even though none of them had, so it was 100% spam. This reportedly earned him over $1 million in a 3-year period, along with many extremely unhappy customers and nearly $18 million in judgements thus far.

So that's three more down, but many more to go.

(Note on the Soloway case: CAUCE President John Levine testified for the prosecution during both the trial and the sentencing.)

It is with regret that we note that CAUCE founder Scott Hazen Mueller has resigned his position as President of CAUCE North America. We are happy to note Scott will maintain his position on the iCAUCE (international CAUCE) board, as well as the CAUCE North America board in the position of Founder and Director, emeritus.

As well, while John Levine plans to move to England in the early fall, he has agreed to remain on the executive board and he will become President effective immediately.

Lastly, Dennis Dayman has graciously accepted the position of Secretary-Treasurer and was confirmed as such by unanimous vote.

Congratulations, Dennis, and thank you Scott for your years of service.

"Plaintiff e360Insight, LLC is a marketer. It refers to itself as an Internet marketing company. Some, perhaps even a majority of people in this country, would call it a spammer. e360 sends e-mail solicitations and advertisements, for a fee, to millions of e-mail users. More than a few of those users are subscribers to Comcast, an Internet service provider. Many e-mail users do not want to see (or delete unread) the messages sent by e360. Even if every user wanted these e-mails, Comcast might well have its network overloaded by the mailings."

-- Judge James B. Zagel, e360Insight, LLC vs. Comcast Corporation,

Memorandum Opinion and Order filed April 10, 2008

We've been wondering what e360 hoped to gain with their recent lawsuits against Spamhaus and others. If they were trying to clarify the right of ISPs to protect their users from spam, then they've certainly done a good job -- especially in this particular case.



If it wasn't clear before, Judge Zagel's explanation should satisfy even the most pedantic of filtering opponents:

1. ISPs acting in good faith to protect their customers are not liable for blocking messages that some spammer claims are not spam
   
2. "...compliance with CAN-SPAM...does not evict the right of the provider to make its own good faith judgement to block mailings."
   
3. an ISP rejecting messages, during the SMTP session, that a spammer knowingly sent to them, does not constitute a "denial of service" attack against the spammer
   
4. saying "hey, you let those other spams through, why not me?" is just dumb (that's my interpretation, of course; the judge used more polite language)
   

It's statement #2 above -- the one about CAN-SPAM -- which will have the most direct and immediate effect on companies who try to walk the edge between spam and legitimacy. Complying with CAN-SPAM is the bare minimum required by law; as the courts have stated before any sender has to do a lot more to get their mail delivered into other peoples' inboxes.



Unfortunately, this case won't affect most spam. The near-unbelievable volume of messages sent every day are sent by individuals who don't even pretend to comply with any law, and who know that if they ever tried to file suit against Spamhaus or Comcast or anyone else they'd be laughed out of court -- and most likely arrested.



Even so, CAUCE thanks e360, Comcast, and Judge Zagel for providing us with a good laugh and a small ray of hope in the fight against spam.



Stay tuned for the results of Comcast's counter-suit against e360.