Law.com Subscribers SAVE 30%

Call 855-808-4530 or email [email protected] to receive your discount on a new subscription.

Is Your Client A Spammer?

By Jonathan Bick
November 01, 2004

[Editor's note: We've covered the CAN SPAM Act fairly extensively from a "what is it" type of perspective. In this article, Board of Editors member Jonathan Bick provides some practical advice on how to advise those clients who want to send marketing e-mails lawfully (it just doesn't seem right to say "spam lawfully.")]

By all accounts, unsolicited commercial e-mail advertisement, or spam, comprises the majority of all e-mail traffic in the United States.

Although an annoyance to most Internet users, spam persists because it is simple and cost-effective. There is no per message charge to send e-mail. As a result, a spammer's transaction costs are normally confined to equipment costs, a monthly rental fee for an e-mail account, and the price of a mailing list. If a spammer can send an e-mail advertisement to one million people at a cost of only $100, he or she will make a 10% profit if just 11 customers respond and pay $10 each.

However, to avoid litigation-related costs, spammers must take care to operate within the law. The good new is that compliance with spam laws is fairly simple.

The CAN-SPAM Act

The focus of the CAN-SPAM Act of 2003 (15 USC 7701), which went into effect Jan. 1, 2004, is fraud. Fraud in the e-mail routing information, e-mail subject line or content may constitute a violation. No labeling is required, but there must be an opt-out feature, some identifying information in the routing portion of the e-mail, and a physical address. In addition, warning labels are required under Federal Trade Commission (FTC) regulations for “sexually explicit content.”

All state spam laws, including labeling and opt-in requirements, are pre-empted by the federal CAN-SPAM Act, with one general exception: fraud. Thus, only the antifraud sections of the state spam laws survived the Federal CAN-SPAM Act.

The act does not apply to political or charitable spam. For other unsolicited bulk e-mail, the CAN SPAM statute prohibits:

  • Senders from falsifying or disguising their true identity or using misleading subject lines;
  • Harvesting of e-mail addresses by either
  • Automatic means from an Internet Web site or a proprietary online service maintained by a third party; or
  • An automated system that generates possible electronic addresses by combining names, letters and numbers in numerous permutations; and
  • Businesses from knowingly promoting themselves through false or misleading e-mails.

Under the act, spammers must:

  • Include a legitimate return e-mail and physical postal address for the sender;
  • Activate a functioning opt-out mechanism which is associated with a clear and conspicuous notice of the opportunity to opt out;
  • Honor any such opt-out request;
  • Ensure the spam has a clear and conspicuous notice that the message is an advertisement or solicitation; and
  • Ensure that messages with sexually oriented material be clearly identified.

The FTC and state attorney generals are charged with the enforcement of the law. Liability under the act is broad, not only for the spammers themselves, but for those who hire them. If a company knowingly hires a spammer who does not comply with the act, the company may be prosecuted in the same manner as the spammer. Criminal penalties for violation of the act include substantial fines and up to 5 years in prison. Civil penalties can be as much as $250 per e-mail. Repeated misconduct or aggravated violations can result in treble damages.

To avoid liability, employers should update their employee handbooks to ban employees from using company computer and Internet systems for the purpose of sending spam. Such action may be the basis of a substantial compliance defense if legal difficulties arise.

If there is a third-party sender, but the source knew or should have known the third party violated the act, there is potential liability. There is a right of action for Internet service providers (ISP) against the sending businesses, but not those businesses merely named in the e-mail.

In sum, spam is regulated, but lawful. Like its pre-Internet predecessor, junk mail and junk faxes, both state and federal statutes legalize its use.

Advice for Spammers

Attorneys should be prepared to advise clients on the cost and legality of sending spam.

Spam is a lawful and economically efficient program for marketing goods and services. The CAN-SPAM Act has removed the cost of legal difficulties associated with spam use. The CAN-SPAM Act also has removed the stigma from spam for businesses that comply.

It costs spammers between $100 and $500 to send one million e-mails, with roughly 100 “paying” responses expected from each transmission. One-person bulk e-mailers typically send 30 million unsolicited commercial e-mails a day.

According to one well-reported story, an order log left exposed at an organ-enlarging product Web site showed that over a 4-week period, some 6000 people responded to e-mail ads and placed orders for the company's herbal supplement. Most customers ordered two bottles of the pills at a price of $50 per bottle. The Internet firm, which relied upon spam for business, grossed more than half a million dollars. Thus, if a client should ask about the potential wrath of spam recipients, Internet service providers and federal regulators, an attorney might advise them to do the math.

Among the most difficult compliance aspects of the CAN-SPAM Act is the duty a spammer has to stop sending spam to those who request that no more spam be sent to them. Software exists that can help high-volume e-mailers comply with the CAN-SPAM Act by inserting their postal address in the mail and by keeping track of recipients who ask to be removed from the sender's mailing list.

Even clients who comply with the CAN-SPAM Act should prepare for their day in court. To ward off fraudulent claims, clients should keep accurate records of spam activity, execute employee handbooks detailing proper spam behavior and keep samples of spam-related transactions. Also, just as clients budget for marketing and for lease payments, clients should budget for legal bills. Prosecutors have been heavy-handed in their recent cases against spammers.

When sending e-mail, everyone, not just spammers, should keep in mind the following points:

  • The act applies to all unsolicited e-mail;
  • The act requires each e-mail to contain valid contact information, an effective “opt-out” option and a honest subject line;
  • The act forbids shielding of identity via routing; and
  • Spam must comply with the spammer's ISP requirements regarding e-mail for commercial purposes.


Jonathan Bick Internet Law & Strategy

[Editor's note: We've covered the CAN SPAM Act fairly extensively from a "what is it" type of perspective. In this article, Board of Editors member Jonathan Bick provides some practical advice on how to advise those clients who want to send marketing e-mails lawfully (it just doesn't seem right to say "spam lawfully.")]

By all accounts, unsolicited commercial e-mail advertisement, or spam, comprises the majority of all e-mail traffic in the United States.

Although an annoyance to most Internet users, spam persists because it is simple and cost-effective. There is no per message charge to send e-mail. As a result, a spammer's transaction costs are normally confined to equipment costs, a monthly rental fee for an e-mail account, and the price of a mailing list. If a spammer can send an e-mail advertisement to one million people at a cost of only $100, he or she will make a 10% profit if just 11 customers respond and pay $10 each.

However, to avoid litigation-related costs, spammers must take care to operate within the law. The good new is that compliance with spam laws is fairly simple.

The CAN-SPAM Act

The focus of the CAN-SPAM Act of 2003 (15 USC 7701), which went into effect Jan. 1, 2004, is fraud. Fraud in the e-mail routing information, e-mail subject line or content may constitute a violation. No labeling is required, but there must be an opt-out feature, some identifying information in the routing portion of the e-mail, and a physical address. In addition, warning labels are required under Federal Trade Commission (FTC) regulations for “sexually explicit content.”

All state spam laws, including labeling and opt-in requirements, are pre-empted by the federal CAN-SPAM Act, with one general exception: fraud. Thus, only the antifraud sections of the state spam laws survived the Federal CAN-SPAM Act.

The act does not apply to political or charitable spam. For other unsolicited bulk e-mail, the CAN SPAM statute prohibits:

  • Senders from falsifying or disguising their true identity or using misleading subject lines;
  • Harvesting of e-mail addresses by either
  • Automatic means from an Internet Web site or a proprietary online service maintained by a third party; or
  • An automated system that generates possible electronic addresses by combining names, letters and numbers in numerous permutations; and
  • Businesses from knowingly promoting themselves through false or misleading e-mails.

Under the act, spammers must:

  • Include a legitimate return e-mail and physical postal address for the sender;
  • Activate a functioning opt-out mechanism which is associated with a clear and conspicuous notice of the opportunity to opt out;
  • Honor any such opt-out request;
  • Ensure the spam has a clear and conspicuous notice that the message is an advertisement or solicitation; and
  • Ensure that messages with sexually oriented material be clearly identified.

The FTC and state attorney generals are charged with the enforcement of the law. Liability under the act is broad, not only for the spammers themselves, but for those who hire them. If a company knowingly hires a spammer who does not comply with the act, the company may be prosecuted in the same manner as the spammer. Criminal penalties for violation of the act include substantial fines and up to 5 years in prison. Civil penalties can be as much as $250 per e-mail. Repeated misconduct or aggravated violations can result in treble damages.

To avoid liability, employers should update their employee handbooks to ban employees from using company computer and Internet systems for the purpose of sending spam. Such action may be the basis of a substantial compliance defense if legal difficulties arise.

If there is a third-party sender, but the source knew or should have known the third party violated the act, there is potential liability. There is a right of action for Internet service providers (ISP) against the sending businesses, but not those businesses merely named in the e-mail.

In sum, spam is regulated, but lawful. Like its pre-Internet predecessor, junk mail and junk faxes, both state and federal statutes legalize its use.

Advice for Spammers

Attorneys should be prepared to advise clients on the cost and legality of sending spam.

Spam is a lawful and economically efficient program for marketing goods and services. The CAN-SPAM Act has removed the cost of legal difficulties associated with spam use. The CAN-SPAM Act also has removed the stigma from spam for businesses that comply.

It costs spammers between $100 and $500 to send one million e-mails, with roughly 100 “paying” responses expected from each transmission. One-person bulk e-mailers typically send 30 million unsolicited commercial e-mails a day.

According to one well-reported story, an order log left exposed at an organ-enlarging product Web site showed that over a 4-week period, some 6000 people responded to e-mail ads and placed orders for the company's herbal supplement. Most customers ordered two bottles of the pills at a price of $50 per bottle. The Internet firm, which relied upon spam for business, grossed more than half a million dollars. Thus, if a client should ask about the potential wrath of spam recipients, Internet service providers and federal regulators, an attorney might advise them to do the math.

Among the most difficult compliance aspects of the CAN-SPAM Act is the duty a spammer has to stop sending spam to those who request that no more spam be sent to them. Software exists that can help high-volume e-mailers comply with the CAN-SPAM Act by inserting their postal address in the mail and by keeping track of recipients who ask to be removed from the sender's mailing list.

Even clients who comply with the CAN-SPAM Act should prepare for their day in court. To ward off fraudulent claims, clients should keep accurate records of spam activity, execute employee handbooks detailing proper spam behavior and keep samples of spam-related transactions. Also, just as clients budget for marketing and for lease payments, clients should budget for legal bills. Prosecutors have been heavy-handed in their recent cases against spammers.

When sending e-mail, everyone, not just spammers, should keep in mind the following points:

  • The act applies to all unsolicited e-mail;
  • The act requires each e-mail to contain valid contact information, an effective “opt-out” option and a honest subject line;
  • The act forbids shielding of identity via routing; and
  • Spam must comply with the spammer's ISP requirements regarding e-mail for commercial purposes.


Jonathan Bick WolfBlock Brach Eichler Random House Internet Law & Strategy

This premium content is locked for Entertainment Law & Finance subscribers only

  • Stay current on the latest information, rulings, regulations, and trends
  • Includes practical, must-have information on copyrights, royalties, AI, and more
  • Tap into expert guidance from top entertainment lawyers and experts

For enterprise-wide or corporate acess, please contact Customer Service at [email protected] or 877-256-2473

Read These Next
'Huguenot LLC v. Megalith Capital Group Fund I, L.P.': A Tutorial On Contract Liability for Real Estate Purchasers Image

In June 2024, the First Department decided Huguenot LLC v. Megalith Capital Group Fund I, L.P., which resolved a question of liability for a group of condominium apartment buyers and in so doing, touched on a wide range of issues about how contracts can obligate purchasers of real property.

Strategy vs. Tactics: Two Sides of a Difficult Coin Image

With each successive large-scale cyber attack, it is slowly becoming clear that ransomware attacks are targeting the critical infrastructure of the most powerful country on the planet. Understanding the strategy, and tactics of our opponents, as well as the strategy and the tactics we implement as a response are vital to victory.

CoStar Wins Injunction for Breach-of-Contract Damages In CRE Database Access Lawsuit Image

Latham & Watkins helped the largest U.S. commercial real estate research company prevail in a breach-of-contract dispute in District of Columbia federal court.

Fresh Filings Image

Notable recent court filings in entertainment law.

The Power of Your Inner Circle: Turning Friends and Social Contacts Into Business Allies Image

Practical strategies to explore doing business with friends and social contacts in a way that respects relationships and maximizes opportunities.