California bans all spam e-mail

California took a tough stand against spam e-mail on Wednesday after Governor Gray Davis signed a law prohibiting anyone from sending unsolicited commercial e-mail advertisements to a California e-mail address.

The law sets up an “opt-in” requirement, the aim being to prevent e-mail users from getting e-mail advertisements unless they asked to be on the sender’s list. Senders of unsolicited messages could be held liable for damages up to $1,000 for each message to an individual and up to $1 million for each e-mail advertisement sent out. The recipient, the state attorney general or the e-mail service provider could seek damages.

The law also bans sending spam from California and prohibits the collection of e-mail addresses or registering multiple e-mail addresses for the purpose of sending spam. It passed the state Senate on Sept. 11 as Senate Bill 186. Another bill, Senate Bill 12, which proponents said would have allowed Internet service providers to be held liable for spam, died in an state Assembly committee in July. The author of that bill, State Senator Debra Bowen of Redondo Beach, said Microsoft had spearheaded an effort to defeat it. Microsoft denied the charge.

The law is set to take effect Jan. 1, 2004.

Microsoft sees the law as a positive step, according to spokesman Sean Sundwall. The company has taken several steps to keep spammers from taking advantage of its Hotmail service, he said. If a spammer uses such a service to send unwanted e-mail, “that’s the fault of the spammer, not the fault of the ISP,” Sundwall said.

Its provision for individuals to sue over spam makes this law stand out, said commentators familiar with the legal issues.

Unscrupulous spammers who are hard to track down are unlikely to knuckle under, but the law should have some effect on both senders and recipients of commercial e-mail, they said.

“I don’t think this is the silver bullet to spam. You’re still going to want e-mail filters and you’re still going to receive spam from parts unknown, but this will make a dent,” said David Kramer, a partner at the law firm Wilson, Sonsini, Goodrich and Rosati, in Palo Alto. Companies that may have been on the fence about whether to send unsolicited commercial e-mail now have a clear sign that it is illegal and the potential for lawsuits will enter the cost equation, he said.

A strong law in the largest U.S. state also will apply pressure toward more effective national laws, Kramer added. For members of Congress now, “it’s hard to go on record supporting weak or pre-emptive legislation,” he said.

Washington is where the battle is headed now, said Devin Gensch, an attorney at Fenwick & West LLP, in Mountain View, Calif.

“I don’t think this is the end of it by any means,” Gensch said. The new law is likely to spark action by both spam opponents that want stronger laws and industry groups that want to pre-empt California with a more permissive federal law, he said.

Meanwhile, corporations that communicate with customers will need to take steps to make sure they have legally watertight opt-in systems, Gensch added.

Cindy Cohn, legal director of the San Francisco-based Internet rights group Electronic Frontier Foundation, said individuals’ right to sue should mean more actions taken against spammers. However, she worries about the larger impact.

“It’s very broad, and I think it’s likely to seep in to more than just what people think of as spammers,” Cohn said. For example, a small business that sends occasional e-mail messages to a few customers could be hit because the law doesn’t specify bulk transmissions, she said.

What’s more, because it’s hard to separate California e-mail addresses from those anywhere else, it could amount to the state imposing its standards all over, she added.

“It’s not appropriate for one state, by writing an overly broad law, to dictate what people do elsewhere,” she said. The best way to fight spam is not with a law but with filtering technology, which is more flexible, Cohn said.