Federal CAN-SPAM Law Is EarthLink's Big Stick
Saturday March 27, 1:59 am ET
Richmond Eustis, Fulton County Daily Report

By passing federal anti-spam legislation, the U.S. Congress gave Internet companies a heavy weapon to use on spammers, and the companies wasted little time in putting it to use.

In the first major case filed under the CAN-SPAM Act of 2003, Atlanta-based EarthLink Inc. joined with America Online, Microsoft and Yahoo! Inc. to pursue scores of operators who send the unsolicited commercial e-mails that have come to be known as spam.

EarthLink outside counsel Paul F. Wellborn III, of Wellborn & Butler in Atlanta, characterizes the 75 John Doe defendants EarthLink named in the suit: "Defendants are criminals," he wrote. They know what they're doing, know it's illegal, and do it anyway and try to hide it, he wrote in the complaint.

EarthLink is the third-largest Internet service provider in the United States, with about 5 million subscribers.

EarthLink and the other Internet companies have accused the defendants of sending hundreds of millions of e-mails to customers. They are not co-plaintiffs, but instead coordinated their filings against disparate defendants. They have been cooperating with each other to identify and punish the most notorious spammers.

In all of the suits, the spam e-mails included solicitations for get-rich-quick schemes, pornography, prescription drugs, mortgage loans and university diplomas, among other pitches. Many of them were sent through what the plaintiffs call "open proxies" -- the use of third-party computers to hide the spam's computer of origin. Other ads lacked a physical address in the e-mail, or a way to get off the company's mailing list.

Although these activities were certainly a nuisance to individuals and Internet companies, they weren't necessarily illegal until Congress acted last year. Before the new law, Internet companies went after spammers under laws dealing with trespass, conversion and fraud.


But sending spam specifically is banned under the "Controlling the Assault of Non-Solicited Pornography and Marketing" Act of 2003, which took effect Jan. 1. The law gives ISPs and law enforcement officials more ways to go after spammers -- including criminalizing the tactics some spammers use to flood people's e-mail accounts, 15 U.S.C. 7701 (et seq.)

Still, it's unlikely the new law will stop spam. In cases where companies have won judgments against spammers, they've seldom collected damages. Spammers tend to be small operators without substantial assets. EarthLink has won two multimillion-dollar judgments in federal court against spammers but collected on neither.

In spring 2003, the company won a $16.4 million judgment against the "Buffalo Spammer," Howard Carmack, a prolific, well-known spammer in upstate New York. EarthLink had accused Carmack of sending nearly one billion e-mails through EarthLink accounts.

The company also won a $25 million judgment against K.C. "Khan" Smith of Tennessee in 2002.

And the businesses selling the products featured in spam often are operating on the fringes of the law, trying to lure unsuspecting e-mail recipients into fraudulent schemes. Sometimes spammers are just collecting leads, from people looking for low-cost home refinancing, for example. Such leads then might be sold to mortgage companies that are far removed from the actual spam activity.

Up until now, companies such as EarthLink have relied mostly on technical solutions to thwart spammers, a strategy that has met with mixed success.


The new suit names only John Doe defendants, although the company said it is confident it has the technical means to identify the defendants eventually.

EarthLink divides its 75 John Doe defendants into "Prescription Drug Spammers," "Mortgage Lead Spammers," "Cable Descrambler Spammers," "University Diploma Spammers," "Get Rich Quick Spammers" and "Other Spammers". These defendants, the company claims, are responsible for a large portion of the spam that flows through its system. EarthLink v. Does, No. 1:04CV0667 (N.D. March 9, 2004).

Filing against John Does allows EarthLink's lawyers to use federal subpoena powers to obtain documents that identify the defendants. Internet companies pursue not only the people who send the spam, but also the companies that hire the spammers to do their marketing.

In EarthLink's complaint, Wellborn and co-counsel Kelly O. Wallace note that the defendants have hidden their identities behind spoofed addresses, false domain registration information, fake headers, deceptive subject lines and false "from" lines. This violates the CAN-SPAM Act, other federal and state laws and EarthLink's terms of use policy, according to the complaint.

"Some of the defendants have used text randomizers to insert long passages of gibberish in messages in attempts to evade EarthLink's spam filters," Wellborn wrote.

Some of the identifying "fingerprint phrases" in messages from the spammers EarthLink is pursuing include the following:

"Enjoy deep discount meds here"

"attention single mothers"

"G_eneric via-gra 60% cheap*r cowslip" (sic)

EarthLink is accusing the defendants of violating not only the CAN-SPAM Act, but also state and federal civil Racketeer Influenced and Corrupt Organizations statutes and the Computer Fraud and Abuse Act. The defendants also are accused of various Lanham Act violations -- for using the names of EarthLink and its predecessor company, MindSpring, without permission -- computer theft, conversion and trespass, among other charges.

The company is seeking unspecified general damages -- tripled in the case of the RICO violations, punitive damages and attorney fees.


The variety and range of charges show that ISPs were hardly defenseless against spam before the federal law passed. The CAN-SPAM Act criminalized some practices specific to spam, but doesn't obviate or supersede other methods for going after spammers.

EarthLink General Counsel Samuel R. DeSimone Jr. said the company will continue to use all the means it has to go after spammers.

"This law just gives us another arrow in our quiver to go after the spammers," he said. "We will continue to use the other means as well, where they're appropriate."

Because of the spammers' illegal activity, Wellborn wrote, EarthLink has had to contend with a flood of complaint calls and e-mails from customers and others who thought EarthLink was responsible in some way for the spam.

But spam isn't confined to EarthLink's system. That's why the company joined with its competitors to form an anti-spam coalition in 2003. The members cooperate on anti-spam techniques and on identifying top spammers. Spam, they say, drains time, resources and network space from online companies, and hassles and annoys their customers.

"Spam is the equivalent of a COD package that the recipient ISP and end-users are forced to accept, or a series of costly collect calls that the victim is forced to accept and that tie up the victim's phone systems," Wellborn wrote. "These universally despised e-mails cause the user-recipients to waste time, money and computer resources in relation to the storage, review, and inevitable deletion of the unwanted spam."

In this case, the spammers were put on notice by EarthLink's publicly posted Acceptable Use Policy, which constitutes a "virtual 'No Trespassing' sign," Wellborn wrote.

Go to for legal information and services on the web.
Sign up today for a free subscription to the daily legal newswire .