CyberLaw P.C. - Internet Lawyer, Intellectual Property Law Firm

A recent decision by the District of Columbia Court of Appeals addressed whether a private right of action under the Telephone Consumer Protection Act (TCPA) required a separate act of enabling legislation. The Court found that private causes of action may be brought in the Washington D.C. Superior Court under the Act without the need for enabling legislation. CyberLaw PC attorney Eric Menhart was on the brief for the prevailing appellant. Read the full text of the opinion: Portuguese American Leadership Council of the United States, Inc. v. Investors’ Alert, Inc. No. 04-CV-1187 (D.C. 2008).

In its decision, the Court finds that the TCPA provides that a “person or entity may, if otherwise permitted by the laws or rules of court of a State, bring in an appropriate court of that State . . . an action based on a violation” of the Act. The trial court interpreted the “if otherwise permitted” language in the TCPA to mean that before a private right of action can be exercised, a state must “opt in” through enabling legislation that allows the lawsuits to proceed.

The opinion notes that the language “if otherwise permitted by the laws or rules of court of a state” in the TCPA appears to refer to the neutral general jurisdictional and procedural laws and rules governing each state’s court system. Second, the Court notes that rulings by the Federal Communications Commission support the view that no enabling legislation is necessary. Third, the D.C. Court of Appeals finds that a majority of state courts hold that enabling legislation is unnecessary to make the TCPA’s private action provision enforceable in state courts. Finally, the court refers to the legislative history of the TCPA to further support its ruling.

The ruling brings D.C. to the same result that all other reviewing states have reached: allowing a private right of action under the Telephone Consumer Protection Act.

Saturday, May 3, 2008 was the 30^th anniversary of bulk e-mailing, popularly known as spamming. On May 3, 1978 an employee of Digital Equipment Company mass-mailed some of his colleagues an advertisement for a computer for sale over ARPANET (Advanced Research Projects Agency Network), which was a technological precursor to the Internet. Unsurprisingly, many of the recipients found the unsolicited communication method for commercial purposes unsavory. Little has changed in thirty years as to that point.

CyberLaw Attorney Eric Menhart recently testified as an expert guest before the Council of the District of Columbia on the Council’s proposed Spam Deterrence Act of 2007. A copy of his testimony is available here.

Menhart recommended that the proposed bill calculate damages on a per message basis, eliminating exceptions for “an established business relationship,” and including liability for “rogue” ISPs that enable spammers to operate on their networks. Finally, Menhart recommended statutory authority allowing limited jurisdictional discovery for any plaintiff that offered a well-pled complaint.

While the measure has not yet passed, at least one Councilmember expressed optimism that it would become law in 2008.

The new front in the war on spam: text messaging to mobile phones.

While the “classic” spamming techniques via e-mail are as strong as ever, the wireless phone and the ever-increasing fascination with text messaging is accelerating the use of text spam. According to this article, consumers in the United States are expected to receive about 1.5 billion spam text messages this year, up from 1.1 billion last year and 800 million in 2006, according to Ferris Research, a San Francisco market research firm. Many estimates are much higher.

What to do about the increase? Legally, state and federal spam deterrence laws would likely allow consumers and service providers to sue for damages. The Telephone Consumer Protection Act might also be useful in combating spam via phone. On the technical side, we can expect to see similar tactics to those currently employed as to e-mail spam, including filters, blacklists, and more.

Another trend to expect: as wireless phone Internet access becomes more full-featured, you will see an increase in the type of messages sent. Many spammers rely on a small percentage of people purchasing products, many fraudulent, after receiving various spam messages. As more people access the Internet via their phone, particularly to make purchases, we’ll see more and more attempts to take advantage of that commerce by spammers.

Updating a previous post in CyberLawg, the U.S. House of Representatives has easily passed a bill that would make phone numbers on the FTC’s Do Not Call list permanent. The list is available at donotcall.gov.

The Do Not Call list has been very consumer-friendly and continues to be popular among Americans. A recent poll showed that 94% percent of Americans had heard of the national list, and 76% had added their phone numbers. The bill enjoyed bipartisan support in the House and prospects are strong for passage in the Senate.

A new bill has been introduced in the United States House of Representatives that would amend the "Do-Not-Call" Implementation Act to eliminate the automatic removal of telephone numbers registered on the registry. The bill remains in the early stages of the legislation process.

Approximately 132 million home and mobile telephone numbers have been added to the database since its inception in June 2003.

The bill, H.R.3541, is a simple modification of the previous rules, which allowed for phone numbers registered on the list to expire after a certain amount of time, presently five years. The bill would prevent the FTC from promulgating rules that would limit anything less than a permanent removal for any number submitted to the list.

Bottom Line: While a very pro-consumer move, this bill will be heavily opposed by marketers and business interests. Their opposition has merit. Allowing the list to live on in perpetuity would lead to numbers remaining on the list through numerous transfers of ownership, eventually leading to every number in the nation being on the list. The burden on consumers updating their numbers every five years is very low, taking less than five minutes. The potential infringement on the free market is greater than the very small burden on consumers. Accordingly, this bill is not the best policy for the “do-not-call” list.

The nation of France is leading the way in providing new methods for combating spam e-mail. The French government is sponsoring the development of an open-source toolbar for Microsfot Outlook and Mozilla Firefox that makes it easier for users to report to ISPs that spam is coming from their networks. The project, called Signal Spam, also takes into account legitimate mailing practices. If a message comes from a legitimate marketer, the system can send an automated response to the person who reported it, telling them how to unsubscribe to the mailing list. Marketers are encouraged to register with Signal Spam.

The leadership of the French government on this matter is welcome. The United States has been wholly ineffective in regulating the spamming industry, passing ineffective laws that do little to prevent the problem, and limiting the liability of ISPs that profit from the industry, to the detriment of ISPs that operate lawfully. Consumers are equally affected. What consumer hasn't had an important e-mail lost due to inefficient spam filters or barely dodged a virus sent via spam e-mail?

Bottom Line: The leadership of the French government, only the 10th worst spam source, should be emulated by other nations, including the United States, easily the greatest source of spam in the world. If the program is successful, the US and other nations should seriously consider implementing similar programs.

MySpace recently settled an anti-spam lawsuit brought against TheGlobe.com for $2.55 million. TheGlobe appears to have used the mass marketing as a last gasp attempt to survive bankruptcy, according to its recent corporate reports.

Bulk marketing practices are often seen as last ditch attempts by failing companies to right the ship. Another circumstance that tends to breed bulk marketing campaigns are IPOs when the newly public company hopes to inflate the IPO offering by showing a surge in sales. One recent example of this practice was Vonage, which launched a huge bulk fax campaign just before its IPO. Vonage has since been hit by numerous TCPA suits in addition to its patent litigation woes.

Bottom Line: TheGlobe appears to have hurt itself more than help itself by incurring a $2.55 million loss for illegal marketing practices. One can only hope that the company will be able to right itself without incurring additional liability for such practices.

Robert Alan Soloway, allegedly one of the world’s most prolific spammers, was arrested this week on a variety of charges including mail fraud, wire fraud, e-mail fraud, aggravated identity theft and money laundering. The potential jail time for all of the charges could be 20 years or more. The arrest of Soloway is good news for legitimate marketers, Internet Service Providers and other law-abiding e-mail users. However, no one should expect that the deluge of spam will be reduced by the arrest.

The arrest does have its benefits. First, this arrest provides positive news that authorities are taking the problems of unsolicited e-mail seriously. Second, arrests such as these often provide insight into the resources and connections that alleged spammers use to conduct their affairs. This can often lead to new arrests of conspirators. Finally, such news provides notice to other wrongdoers that authorities are capable of enforcing the laws on the books.

Bottom Line: Such arrests are unlikely to lead to reductions in the sheer volume of unsolicited e-mails for the average e-mail user. However, it is good news that law enforcement authorities are taking the problem of electronic torts seriously and using the legislative tools at their disposal to make arrests such as these.

Recently, the United States District Court for the District of Maryland heard arguments in the matter of Beyond Systems v. Keynetics. The Plaintiff, Beyond Sysytems, a Maryland Internet service provider, alleged that Keynetics, based in Idaho, is liable for the bulk e-mailing practices of its affiliates, thus conferring personal jurisdiction over Keynetics in Maryland. Keynetics maintains the “Clickbank Marketplace,” described as a “virtual mall” where individual affiliates can choose electronic products and services to market on their websites, mailing lists, or other marketing methods.

Beyond Systems provided materials showing Keynetic’s ability to control and influence its affiliates, who were based in locations all over the world, including Maryland. Affiliates were required to sign an agreement allowing Keynetics to terminate the affiliate memberships at any time. Affiliates were further subject to numerous restrictions as to payments, marketing practices, and other requirements. Beyond Systems also provided archived copies of the Clickbank website that showed Keynetics “featuring” products promising to “e-mail millions without spamming” and similar products available to promote in the Clickbank Marketplace .

Keynetics defended itself by aligning itself as a separate entity whose affiliates were simply independent contractors. Keynetics maintained that it was solely a clearinghouse where producers and marketers could meet. While all of the products sold in the Clickbank Marketplace were required to use Keynetics’ patented payment processing system, hosted on Keynetics web servers, Keynetics attempted to show that it had no control over the process via which affiliates marketed products found in the marketplace. Keynetics also noted that it occasionally suspended or terminated affiliates who were found to be spamming.

Beyond Sysytems alleged that Keynetics was subject to both general and specific jurisdiction in Maryland.

The Court found that Keynetics’ control over its affiliates was more substantial than an independent contractor relationship based on the control exerted via the agreements and the terminations. The fact that Keynetics “encouraged” certain products was also relevant to the decision, because it showed Keynetic's ability to direct, formally or not, the marketing behavior of its affiliates. This was sufficient to find personal jurisdiction over Keynetics based on an agency-principal relationship. Given that the various affiliates had sent hundreds of thousands of e-mails promoting the Clickbank marketplace into Maryland, Keynetics could be hailed into court in Maryland.

Because Keynetics was already subject to jurisdiction based on the specific jurisdiction analysis, the Court did not reach the question of general jurisdiction.

Bottom Line: The Court’s decision to maintain jurisdiction over Keynetics was correct. Failing to do so would have meant that anyone inundated with spam from Keynetics affiliates would have had to bear the burden of traveling to Idaho to maintain a claim against Keyentics. While personal jurisdiction was deemed proper, the Plaintinff still has a long way to go to prove Keynetics’ liability in one of the most defendant friendly circuits in the nation.

A new suit is expected to be filed in the U.S. District Court for the Eastern District of Virginia. The suit, in the name of “Project Honey Pot,” an entity owned by Unspam Technologies, seeks to discover the identity of the organizations that “harvest” e-mail addresses from the web in order to resell them to marketers, typically unsolicited bulk e-mailers.

A “honey pot” in the information technology world is a virtual trap which is set to track or realign malicious attempts to access protected computer systems. Thus, the attackers believe that the information or resources that they are accessing are valid, but instead the information is tainted in some way. A common example is the “paint pack” that is placed in suitcases of money when bank thieves attempt to rob brick and mortar banks.

Project Honey Pot works similarly by “installing” e-mail addresses on websites that are intended to be traps for the collectors. The e-mail addresses allow Project Honey Pot to tag the e-mail addresses to the time and IP address of a visitor to your site. Once one of the addresses starts to receive spam, Project Honey Pot can detect that the message is spam and the IP address that gathered it. By consolidating the data, Project Honey Pot can find the primary harvesting computers and domains, and assumably the identity of the people collecting the addresses.

The suit, however, is being filed with the Defendants named as “John Does” because the plaintiffs do not yet know the identity of the harvesters. Filing allows the plaintiffs to obtain subpoena power to determine the identity of the harvesters.

The Fourth Circuit, consisting of federal courts in Maryland, Virginia, West Virginia, North Carolina, and South Carolina, has been a hotbed of anti-spam activity. Prosecutors and larger civil plaintiffs, such as AOL, have had success there. On the other hand, smaller plaintiffs such as Mummagraphics and others have not had as much success.

Another factor is the question of the class action. The purported action is on behalf of a class, where thousands of people seek to recover for the same legal claim. A former editor of a class action journal has referred to the Fourth Circuit as the place “where class actions go to die,” because of the Fourth Circuit’s general distaste for civil class actions.

Bottom Line: This relatively new method of anti-spam legal action, combined with the class-action subplot, will be particularly interesting to watch over the course of the litigation. While there are likely many roadblocks ahead of the plaintiffs, the novelty of the cause of action provides interesting theater that will be well worth tuning in.

New technological methods of retarding spamming efforts are currently being implemented by a Canadian ISP. The system works by retarding the communications between incoming mail servers and incoming messages. While most mail servers accept messages almost instantaneously, the technology, dubbed “Traffic Control,” artificially extends the time between the time the incoming mail message seeks to be delivered, and the time the incoming mail server will actually accept the message.

A real world analogy, for example, might be witnessed on the dating scene. A young woman who insists on being courted and coddled before even a first kiss will prove to be too much trouble for those who have only transient interests in her. Traffic Control subscribes to this theory in your inbox. Those who really “love” you, i.e. legitimate senders, will make longer and more persistent attempts to reach you. Those who do not, including most bulk-mailers, will not.

While the technology is temporarily promising, it suffers from the same concerns that most other spam-fighting technology faces: it can be technologically rebuffed by those who would seek to do so. Spammers may initially look for greener pastures to avoid this method. However, if this practice is widely adopted it will lead to slower communications between legitimate users, which include those who use appropriate permission based e-mail marketing. Furthermore, the adoption of this technique will eventually lead to, simply stated, more patient spammers.

Bottom Line: While technological advances may lead to short-term benefits, the long term solution to the problems of spam depend on shutting down major operators, or a macro-level technological change adopted by every mail server in the world. Until those solutions come to fruition, most anti-spam processes will be temporary bandages to the problem.