When millions of unsolicited e-mails wreaked havoc on an Iowa business owner's small ISP company, he didn't take it lightly. After tracking down the source of the spam, Robert Kramer III, owner and operator of CIS Internet Services, sued and won an $11.2 billion judgment on Dec. 23, 2005, in an Iowa federal court. The massive award comes just two years after he won a $1 billion judgment against three marketing companies that flooded his servers with spam in 2003. His recent victory against Miami-based spammer James McCalla is the largest judgment ever in an anti-spam suit. It sent a cheer through the ISP community and a warning to companies that use e-mail marketing.
While many ISPs had hoped the 2004 enactment of the Controlling the Assault of Non-Solicited Pornography and Marketing Act (CAN-SPAM) would reduce spam, Kramer's case exemplifies that it's still a problem.
"The fact that the court was willing to recognize that McCalla sent hundreds of millions of unsolicited e-mails certainly spotlights the scale of the problem, especially to a small ISP such as Kramer," says Kelly Wallace, a partner at Atlanta-based Wellborn & Wallace, who represented CIS. "Hopefully, when something like this happens it helps spammers go into another line of work."
While CIS's courtroom victory may be a sign of a crackdown on those who flout anti-spamming laws, CIS's situation highlights the disturbing ease with which spammers can disrupt companies' operations.
McCalla simply purchased a CD-ROM titled "Bulk Mailing 4 Dummies," which contained millions of e-mail addresses. Nearly all of them were fake, but processing the messages he sent to illegitimate addresses consumed a huge amount of CIS's computer resources. The 2.8 million spam advertisements jammed CIS's servers, created technical problems and resulted in the loss of customers.
While Kramer's relentless legal battle paid off, other companies may have less success fighting spammers in court.
Only the FTC, state attorneys general and ISPs are allowed to bring suit under CAN-SPAM, leaving corporations somewhat helpless if mass e-mails are bogging down their operations. Although corporations that operate interoffice e-mail servers are ISPs for purposes of CAN-SPAM, most experts believe the cost of going to court isn't worth it.
"If I were the GC for a company that maintains a mail server that was flooded with spam, I wouldn't take legal actions," says Anne Mitchell, president and CEO of the California-based consulting group Institute for Spam and Internet Public Policy. "Your resources are much better focused getting more effective anti-spam technology."
Becoming The Enemy
While businesses may just have to deal with obnoxious e-mails, legal departments should ensure that their companies don't become part of the problem.
"Hiring an e-mail marketer carries the same liability that tortious hiring of any employee does," Wallace says. "Corporations need to ensure that they're only working with e-mail marketers that run a legal and legitimate operation."
Mitchell agrees. "The problem is that marketing departments say 'we've got this great idea for our campaign. Let's e-mail everyone who has ever bought anything from us.'"
Not only could marketing departments' actions violate anti-spamming laws, but using your customers' e-mail addresses is just bad business. According to a poll Slashdot.com conducted, business-relationship spam, the form of spam you get when companies you deal with add you to their mailing lists, is consumers' "most hated" form of spam.
Sara Radicati, president and CEO of The Radicati Group Inc., a technology market research firm, says the simplest way to avoid being sued for spamming is giving recipients of any e-mail marketing the option to discontinue receiving messages, and regularly ensuring that your opt-in lists are accurate and up to date.