Federal Court Rejects Vagueness Challenge to CAN-SPAM
Last week a federal district judge rejected vagueness and overbreadth challenges to criminal provisions of CAN-SPAM: US v.
Twombly, et al., 2007
The description of the facts in the opinion is sparse. Basically Twombly and his cohorts leased
servers and sent out millions of spam emails:
Defendants allegedly sent
approximately 1 million spam electronic mail messages, followed several days
later by another 1.5 million. The spam messages allegedly contained advertising
for computer software, and directed recipients to the website of a software
company with an address in
The Government alleges the traffic generated by Defendant Twombly's leased server led internet-based anti-spam services to blacklist Biznesshosting's network domain, resulting in both immediate and continuing financial loss to Biznesshosting.
Defendants were charged with (among other things) violations of 18 USC 1037, which (1) prohibits the falsification of header information or (2) use of false identity or information in registering for "electronic mail accounts or online user accounts or two or more domain names" along with the initiation of spam in connection with such accounts or domain names.
The vagueness argument was obviously the more difficult of the two. And the court does not do a great job of disposing of it. It's not even clear from the opinion whether the conduct at issue is the transactions with the hosting company ("Biznesshosting, Inc.") or the subsequent emails (and headers in those emails). The problem, of course, is that the emails sent by defendants caused Biznesshosting to be blacklisted (see italicized text from the court's description of facts). If Defendants misrepresented the transmission paths of their messages, their misrepresentations were not terribly material or they did not do a very good job. After all, many ISPs were able to trace the messages to the hosting company (Biznesshosting) and blacklist the hosting company. (The obvious question here is, what say you Judge Wilkinson ?)
header information or registration information is materially falsified if it is altered or concealed in a manner that would impair the ability of a recipient of the message, an Internet access service processing the message on behalf of a recipient, a person alleging a violation of this section, or a law enforcement agency to identify, locate, or respond to a person who initiated the electronic mail message or to investigate the alleged violation.
(18 USC 1037(d)(2).) Is the standard measured from a reasonable person's
perspective? A reasonable ISP? Law enforcement officer? What does it mean to "impair the
ability of [the] recipient . . . to identify, locate, or respond" to the
sender? I think Defendants' argument has
some merit. (I forget whether there are
procedural complications – like that you can't challenge vagueness if you
clearly fit the statute and it's really difficult to tell from the court's description of the facts.)
Defendants also raised an overbreadth challenge. The court denies this challenge on the basis
that the overbreadth doctrine is not available to a commercial speaker and that
in any event, a limiting construction can or will be placed on the statute.
The takeaway: I hadn't previously examined this provision very closely,
but it's poorly written. Given the
severe consequences associated with non-compliance, it's extremely problematic
in that it may not afford defendants sufficient notice of what is prohibited
and what is not.
The real takeaway: CAN-SPAM is quickly turning into a morass.
3/1/2007 12:03 PM
Technology & Marketing Law Blog wrote:
By Eric Goldman * The California Highway Patrol (which, for reasons unclear to me, has investigatory power here) has concluded...