What Exactly Is a “Spammer”?

email2a.jpgI’m coming a little late to the party, but the case of Omega World Travel, Inc. v. Mummagraphics, Inc., (4th Cir. Nov. 17, 2006) raises some interesting issues about the Controlling the Assault of Non Solicited Pornography and Marketing Act of 2003 (“CAN SPAM Act”), 15 U.S.C. §§ 7701 et seq.

Omega World Travel sent 11 emails to an email address owned by Mummagraphics, a web host company. The emails each advertised a travel “E deal.” Mark Mumma, head of Mummagraphics, called John Lawless, the general counsel of Omega and instructed him to stop sending email. Lawless said the emails would stop. They didn’t. Mumma then sent a letter threatening Omega with a suit under CAN SPAM and state anti-spam laws. The emails finally stopped.

Mumma demanded payment from Omega, which refused, so Mumma posted photos of Omega’s founders and accused them of being spammers. Omega and its founders sued for defamation and a variety of other claims. The district court granted summary judgment on all claims but the defamation claim, which is proceeding to trial.

Mummagraphics raised a few counterclaims, including a violation of the CAN SPAM Act. The district court granted summary judgment against the counterclaims.

The 4th Circuit, in an opinion by Judge Wilkinson, affirmed, holding that there was no CAN SPAM Act violation. Why? Because the CAN SPAM Act really doesn’t stop spam. It stops only certain kinds of fraudulent spam. The Act basically allows for the sending of unsolicited commercial email so long as people are provided with a way to opt out. For this to work, the sender must provide valid contact information. Specifically, the Act provides: “It is unlawful for any person to initiate the transmission, to a protected computer, of a commercial electronic mail message … that contains, or is accompanied by, header information that is materially false or materially misleading.” 15 U.S.C. § 7704(a)(1).

According to the court, the emails sent by Omega had the following inaccuracies:

First, each message stated that the recipient had signed up for the Cruise.com mailing list, but Mummagraphics alleges that it had not asked that inbox@webguy.net receive the company’s offers. Second, while each message listed Cruise.com as the sending organization, each also included the address “FL Broadcast.net” in its header information, even though Mummagraphics alleges that “FL Broadcast.net” is not an Internet domain name linked to Cruise.com or the other appellees. In addition, the messages contained the “from” address cruisedeals @cruise.com, even though Cruise.com had apparently stopped using that address.

Nevertheless, the court concluded:

We agree with the district court that these inaccuracies do not make the headers “materially false or materially misleading.” Id. § 7704(a)(1). The e mails at issue were chock full of methods to “identify, locate, or respond to” the sender or to “investigate [an] alleged violation” of the CAN SPAM Act. Id. § 7704(a)(6). Each message contained a link on which the recipient could click in order to be removed from future mailings, in addition to a separate link to Cruise.com’s website. Each message prominently displayed a toll free number to call, and each also listed a Florida mailing address and local phone number for the company. Several places in each header referred to the Cruise.com domain name, including one line listing Cruise.com as the sending organization.

These references come as little surprise, because the “E deal” messages were sales pitches intended to induce recipients to contact Cruise.com to book the cruises that the messages advertised. Since the “E deal” messages and their headers were replete with accurate identifiers of the sender, the alleged inaccuracies in the headers could not have impaired the efforts of any recipient, law enforcement organization, or other party raising a CAN SPAM claim to find the company. If the alleged inaccuracies in a message containing so many valid identifiers could be described as “materially false or materially misleading,” we find it hard to imagine an inaccuracy that would not qualify as “materially false or materially misleading.” Congress’ materiality requirement would be rendered all but meaningless by such an interpretation.

The 4th Circuit holding makes the very narrow and ineffective CAN SPAM law even more narrow and ineffective. It is common knowledge that you shouldn’t click the opt out link on an unsolicited email because many spammers use that trick as a way to verify that people have read the spam and will then send people even more spam. Yet because CAN SPAM wants to protect businesses’ ability to send unsolicited commercial emails more than it wants to protect people from spam, it is based on an opt out system that can readily be abused by spammers.

And be careful who you call a “spammer” because the only claims left in this case are the defamation claims by the founders of Omega.

For further commentary about the case, see Eric Goldman (who will be visiting with us this month), Spam Notes Blog, and Time Magazine (which has a lengthy article about the case).

You may also like...

9 Responses

  1. Syd says:

    Why would it be defamatory to call a spammer a spammer?

  2. Mark Mumma, head of Mummagraphics, called John Lawless, the general counsel of Omega and instructed him to stop sending email. Lawless said the emails would stop.

    Well, what did he expect from a lawyer named “Lawless”?

  3. Jim Graves says:

    What’s more disturbing is that CAN-SPAM preempts stronger state laws, and that weak federal legislation overriding strong state legislation is becoming something of an infosec law trend. We escaped 2006 without a federal version of California’s SB-1386 breach notification law, but the working copy of the federal law was weak and declawed the state versions.

  4. Grab some popcorn and kick back on the sofa. This story ain’t over.


  5. This movie does not yet have an ending.

    This movie is not yet rated.

  6. What says:

    I dont understand why reporters report without reading the case background on this. Though I hate spam and spammers, according to the facts of the case this company did not spam Mumma which is the main reason his lawsuit was thrown out in the Fedaeral and the Appeals court. Check out Mummas site ‘Sue a Spammer’. I think you will realize that this guy teaches people how to trap companies and make money. He demanded over $6k from the company to go away quitely because he told them he can sue them for spam. When they told him to go fly a kite he began an assault of their name. So they sued him. What a surprise. This bozo should have stuck to smaller companies that would have paid him to go away. You make your own decisions but for reference I suggest you read the case facts before you go on this reporters insight.

  7. Travis G. says:

    Isn’t the widely accepted definition of “spam” considered to be unsolicited commercial email (UCE)? If so, and if the cruise company sent an unsolicited email to Mumma, then they meet the widely held definition of a “spammer”; hence, no leg to stand on in a defamation suit.

  8. Privacy Law says:

    If so, and if the cruise company sent an unsolicited email to Mumma, then they meet the widely held definition of a “spammer”; hence, no leg to stand on in a defamation suit.


    Apparently the jury felt otherwise.