The US DOJ announced today the guilty plea of David Patton. Patton was charged with “aiding and abetting violations of the CAN SPAM act. Software written by Patton’s company provided the ability to modify email headers and use open proxies to disguise the source of the email.
The Ralsky convictions are, to the best of my knowledge, the first criminal prosecution for CAN SPAM violations and so far 9 of the 12 defendents charged have pled guilty.
Ethan Ackerman posted a rather long analysis of the class action lawsuit filed against Reunion.com over at Eric Goldman’s Technology and Law Blog. Part of the case is related to Reunion.com’s scraping of address books, something I have discussed here before.
The analysis goes through the case step by step and is well worth a read. There are a lot of issues being explored, including the applicability of CAN SPAM to “forward to a friend” email. This case also touches on CAN SPAM and preemption of state laws.
Definitely a post worth reading and a case worth keeping an eye on.
Yesterday the Supreme Court declined to hear an appeal for Virginia v. Jaynes. This means that the Virginia state supreme court ruling overturning the Virginia anti-spam law currently stands.
Jeremy Jaynes was a well known spammer who went under the name Gavin Stubberfield. He was pretty famous in anti-spammer circles for sending horse porn spam. In 2003 he was arrested under the Virginia state anti-spam statute. He was initially convicted but the conviction was overturned on appeal.
Ethan Ackerman has blogged about this case, including a recap today.
Venkat Balasubramani has also blogged about this case.
Mickey Chandler has the docs.
John Levine weighed in.
News Articles: CNN, Washington Post, CNET
Whatever one might think about confirming opt-ins I think we can all agree that requiring someone to jump through hoops and confirm an unsubscription request will just annoy that person.
Today I attempt to opt-out from a discussion list. It’s one I *thought* I had opted out of previously, but I could find no record of the request anywhere. OK. So I imagined unsubscribing, I’ll just unsub again and keep better records.
After digging through the headers, I find the unsub link and dutifully mail off my unsubscribe request. I then receive an email that requires I click on a link to confirm my unsub request. This causes me to grumble a bit. I have heard all the arguments about forged unsub requests and the various reasons this is good practice. I believe none of them. Requiring people to confirm an unsubscription request is bad practice.
In this case, the mailing list is a discussion list so there is no CAN SPAM violation. However, I know that some commercial mailing lists have also implemented confirm your opt-out request. For commercial mailing lists, this is a CAN SPAM violation. It’s also just plain rude. If someone says, “Stop!” then you should stop, no questions asked