Despite promises to the contrary and a number of state laws making it unlawful to send unsolicited, commercial e-mail, the California Attorney General and the California Department of Consumer Affairs (DOCA), including its newly formed Office of Privacy Protection, appear to have done little to fight the crush of spam that is burdening businesses in the state.
Moreover, when asked about fighting spam, the responsible agencies fumbled for information, and were not sure whether they had a program to fight spam or the authority to do so.
An agent named Karen in the consumer assistance department of the California Attorney General’s Office told the E-Commerce Times to use its Web site to file an online inquiry and complaint to report damages caused by spam, saying that the complaint form was used “to develop information about patterns of activity by specific companies.”
However, when pressed on the question of whether the online inquiry and complaint form would result in any action by the Attorney General’s office to combat spam, the agent said, “I don’t know if there is an enforcement program or whether the AG office will be able to provide info on who has jurisdiction.”
An online inquiry and complaint form regarding spam was filed with the AG’s office in mid-August, but resulted in no action or response on the part of law enforcement agency.
The AG’s office, however, did forward copies of the state laws in California that forbid the sending of unsolicited e-mail advertisements.
Much like the efforts to reach a company that sends out thousands of spam e-mails using a false address, the effort to find someone in the California law enforcement and regulatory agencies who is doing anything about spam came to a dead end — although it appeared promising at first.
The DOCA publishes a page on its site entitled “Fighting a Spam Attack,” which says that people affected by the “barrage of spam-mail” should contact the Office of Privacy Protection or call the Consumer Affairs office at (800) 952-5210.
Open Door Policy?
According to the “Fighting a Spam Attack” site, the Office of Privacy Protection was to open on July 1st. However, when the E-Commerce Times called the DOCA in mid-August, the agent, Dan Gomez, said the Office of Privacy Protection was not yet open.
Wednesday, an agent in the Office of Privacy Protection told the E-Commerce Times that the office has been funded and employees are already working on research and educational projects, but that the Web site and services are not fully operational. The site address provided for the office, http://www.privacyprotection.dca.ca.gov, went nowhere.
Passing the Spam
According to Gomez, contacting the Attorney General’s office would be “the quickest route” for getting information on enforcement actions. He also provided the phone number of the person in charge of the newly formed Office of Privacy Protection, Joanne McNabb.
When the E-Commerce Times called McNabb, she said that the Office of Privacy Protection was late in opening its doors because it was in the process of getting funds and hiring people to help businesses and consumers protect their privacy.
The Office of Privacy Protection would also be running educational programs and working with other agencies in enforcing state privacy laws, McNabb said. However, McNabb said, she did not believe that there was a state law that prohibits spam and that it “is up to the consumer” to track down the source of spam, “which can be pretty darn tricky.”
“It’s a challenge to regulate,” McNabb said, “It’s not clear where it takes place or who has jurisdiction.”
What is clear — at least in the legal books — is that spam is illegal in the Golden State. The California Business and Professions Code, in sections 17538.4 and 17538.45, prohibits the sending of unsolicited e-mail advertisements.
Subsection 4 provides that e-mail senders must include a toll-free number or valid return e-mail address that consumers and businesses can use to request that no further unsolicited e-mails be sent. The subsection also specifically requires that e-mail advertisements bear the legend “ADV” in the header of the mail.
Subsection 45 — which is an entirely separate law from subsection 4 despite their similar number designations — prohibits use of another company’s services or equipment for the transmission of unsolicited e-mail advertisements.
According to subsection 45, those damaged by violations of the law can recover actual monetary losses or liquidated damages of US$50 for each illegal e-mail, up to a maximum of $25,000 per day.
Going Straight To Jail
In addition, California has broad references in its penal code regarding the illegal use of computers.
Penal Code section 502 makes it a crime for individuals and companies to damage, knowingly access without permission, or otherwise use any data, computer, computer system or computer network in order to execute a deceptive scheme or wrongfully obtain money, property or data.
The law’s scope includes those acts in which an individual knowingly, and without permission, disrupts or causes the disruption of computer services. The punishment for violating section 502 includes fines not exceeding $10,000 and imprisonment.
Apparently, someone in the state attorney general’s office believes that section 502 applies to spam because the law was included in the set of laws it mailed out in response to the telephone inquiry about what businesses in California can do about spam.
Under the terms of the section 502, violating the computer-use law from a computer in Arizona through use of a computer in California gives California law enforcement officers the authority to prosecute.
However, research revealed that only a few Internet service providers and highly motivated private citizens in the state have stepped up to the plate and brought lawsuits against spammers — to little avail.