Gordon v. Virtumundo, Inc. | |
---|---|
Court | United States Court of Appeals for the Ninth Circuit |
Full case name | Gordon v. Virtumundo, Inc. |
Decided | August 6, 2009 |
Citation(s) | 575 F.3d 1040 |
Case history | |
Prior action(s) | Gordon v. Virumundo, Inc., No. 06-0204-JCC, 2007 WL 1459395 (W. D. Wash. May 15, 2007) |
Appealed from | United States District Court for the Western District of Washington |
Appealed to | United States Court of Appeals for the Ninth Circuit |
Holding | |
The Ninth Circuit affirmed the lower court's dismissal of plaintiff's complaint for lack of standing. | |
Court membership | |
Judges sitting | Ronald Gould, Richard Tallman, and Consuelo Callahan |
Case opinions | |
Decision by | Richard Tallman |
Keywords | |
CAN-SPAM Act of 2003, spam |
Gordon v. Virtumundo, Inc., 575 F.3d 1040, [1] is a 2009 court opinion in which the United States Court of Appeals for the Ninth Circuit addressed the standing requirements necessary for private plaintiffs to bring suit under the Controlling the Assault of Non-Solicited Pornography and Marketing Act of 2003, or CAN-SPAM Act of 2003, [2] 15 U.S.C. ch. 103, as well as the scope of the CAN-SPAM Act's federal preemption. Prior to this case, the CAN-SPAM Act's standing requirements had not been addressed at the Court of Appeals level, and only the Fourth Circuit had addressed the CAN-SPAM Act's preemptive scope. [1] [3]
James S. Gordon, Jr. ("Gordon"), was the manager and sole member of Omni Innovations, LLC ("Omni"), a self-described "spam-business". Omni's business model consisted of bringing suit against entities sending unsolicited commercial email, or spam, under various anti-spam statutes and then profiting from either settlement agreements or statutory damage awards. [4]
To set up his spam-suit business, Gordon, through Omni, leased server space from GoDaddy, a domain registrar and web hosting company. He then used the server space to host his own domain name, gordonworks.com, and to create email addresses for himself and several friends and family members using his domain name. [1]
Gordon registered the gordonworks.com email addresses for online promotions, eventually joining between 100 and 150 email mailing lists. As a result, the accounts received thousands of spam emails. Gordon took control of the accounts, instructing his friends and family to create their own domain names and new email addresses on Omni's server space. He then configured the old gordonworks.com addresses to respond to commercial emails with an automated message - a "contract" by which senders agreed to stop sending spam or pay $500 for each new piece of unsolicited commercial email. [1]
In 2004, after the spam did not stop, Gordon and Omni began to sue the companies that had sent spam to the email addresses on Omni's server space. [1] Omni generated no revenue except for settlement agreements in these spam-related lawsuits. [1]
Virtumundo, Inc. and Adknowledge, Inc. were internet marketing companies that had sent spam to Omni-hosted accounts. In 2006, Gordon and Omni sued Virtumundo, Inc., Adknowledge, Inc., and Scott Lynn, the sole shareholder of both companies (collectively, "Virtumundo"), in the United States District Court for the Western District of Washington, alleging violations of the federal CAN-SPAM Act and related Washington state law claims. [4]
Gordon and Omni argued that Virtumundo's emails violated the CAN-SPAM Act because they contained misleading headers, and Section 7704 of the CAN-SPAM Act prohibits "header information that is materially false or materially misleading." Gordon and Omni also claimed that the headers violated the Washington Commercial Electronic Mail Act ("CEMA"), Wash. Rev. Code § 19.190.010 et seq., [5] which prohibits commercial emails that "misrepresent[] or obscure[] any information in identifying the point of origin or the transmission path of a commercial electronic message". Finally, Gordon and Omni claimed that the emails constituted "unfair or deceptive acts or practices in the conduct of ... commerce" in violation of the Washington Consumer Protection Act ("CPA"), [6] Wash. Rev. Code. § 19.86.020, and that they violated the Washington "Prize Statute", Wash. Rev. Code. § 19.170.010 et seq. [7] In terms of relief, Gordon and Omni sought only statutory damages, as opposed to damages based on actual harm. [4]
The District Court dismissed Gordon and Omni's Washington Prize Statute claims due to pleading deficiencies. Virtumundo then moved for summary judgment on Gordon and Omni's remaining CAN-SPAM Act, Washington CEMA, and Washington CPA claims. The District Court ruled in favor of Virtumundo, holding that Gordon and Omni lacked standing to bring an action under the CAN-SPAM Act and that the federal CAN-SPAM Act preempted their CEMA and CPA claims. [4] Gordon and Omni appealed the summary judgment ruling to the Ninth Circuit. [1]
Presented below is a rough outline of the major events during the legal proceedings (table adapted from [8] ).
Date | Event |
---|---|
September 2003 | Gordon creates additional e-mail addresses on gordonworks.com |
4th quarter of 2003 | Gordon begins to sign-up for mailing lists. |
January 1, 2004 | CAN-SPAM Act becomes law. |
2004 | Gordon begins filling lawsuits over spam. |
February 2006 | Gordon files lawsuit against Virtumundo. Claims "approximately 13,800 materially misleading or otherwise unlawful e-mail messages". |
December 2006 | Virtumundo's motion to dismiss for pleading deficiencies is granted in part and denied in part. |
January 2007 | Gordon's e-mail addresses are still active at the beginning of the deposition. |
May 15, 2007 | Virtumundo granted summary judgement. Gordon was found to have sufficient standing to use a private action under CAN-SPAM. |
June 2007 | Gordon appeals summary judgement. |
December 2008 | Appeal begins in the US Court of Appeals for the Ninth Circuit |
August 2009 | Judge Tallman releases ruling on appeal. Gordon found to lack sufficient standing under CAN-SPAM as he was not an ISP and did not incur sufficient damages. |
The appeals court found Gordon and Omni did not have standing to sue under the CAN-SPAM act because :
The CAN-SPAM Act primarily provides for government actors (the Federal Trade Commission and state attorneys general) to enforce its provisions, however Section 7706(g) of the Act creates a limited private cause of action for "provider[s] of Internet access service adversely affected by a violation of" the act. [2] To address the standing issue, the Court of Appeals therefore needed to assess whether Omni was an Internet Access Service ("IAS") provider, and (2) whether it had been "adversely affected" within the meaning of the statute.
The court first addressed the issue of whether or not Omni was an IAS provider. Section 7702 of the CAN-SPAM Act defines "Internet access service" by reference to 47 U.S.C. § 231, [9] which states:
The term "Internet access service" means a service that enables users to access content, information, electronic mail, or other services offered over the Internet, and may also include access to proprietary content, information, and other services as part of a package of services offered to consumers. Such term does not include telecommunications services.
— 47 U.S.C. § 231 [9]
To interpret this definition, the court first attempted to determine Congress's intent, and it concluded that Congress had intended the private cause of action to be very narrowly construed. The court noted that Congress could not have contemplated the complete eradication of spam through broad private action because the text of the CAN-SPAM Act explicitly recognizes that "[e]lectronic mail has become an extremely important and popular means of communication". Although the court held that the definition of IAS provider was not limited to traditional internet service providers (ISP), providing email accounts alone, as Gordon and Omni had done, was not sufficient to satisfy the statutory definition. The court declined to state exactly what more would be needed, but it noted that GoDaddy.com - which retained physical control over the server hardware - and Verizon - the internet service provider that enabled Gordon's access to the internet - would "have a compelling argument that they are IAS providers." [1]
In addition, the legislative history indicated that Congress only intended the private cause of action to extend to "bona fide IAS providers" suffering spam-related network slowdowns or other technical difficulties as opposed to opportunistic plaintiffs suing to profit from awards of statutory damages. [1]
The court went on to address whether or not Omni had been "adversely affected" by Virtumundo's spam. Although the CAN-SPAM Act does not specify the meaning of "adversely affected", the court held that the statute required "network crashes, higher bandwidth utilization, and increased costs for hardware and software upgrades, network expansion and additional personnel"; [1] in other words, harms that might be experienced by typical internet service providers, not the mere inconvenience of ordinary email consumers. Since Omni had not experienced any of these problems, and had actually profited from the spam through lawsuit settlements, it had not been "adversely affected". [1]
Next, the court addressed whether Gordon and Omni's remaining state law claims were preempted by the CAN-SPAM Act's express preemption clause, contained within 15 U.S.C. § 7707(b):
This chapter supersedes any statute, regulation, or rule of a state or political subdivision of a State that expressly regulates the use of electronic mail to send commercial messages, except to the extent that any such statute, regulation, or rule prohibits falsity or deception in any portion of a commercial electronic mail message attached thereto.
— 15 U.S.C. § 7707(b) [2]
Pursuant to this clause, the CAN-SPAM Act preempts any state regulation of commercial electronic messages, "except to the extent that any statute ... prohibits falsity or deception." The question before the Court of Appeals was the scope of this exception. The court looked first to the dictionary definitions of "deception" and "falsity", and found that deception could easily be defined as referring to "something more than immaterial inaccuracies or inadvertent mistakes"; in other words material misrepresentation or fraud. However, the definition of falsity was ambiguous. [1]
To interpret the term "falsity", the court again looked to the CAN-SPAM Act's text and legislative history to determine Congressional intent. The legislative history indicated that Congress had intended the CAN-SPAM Act to be the national standard for the regulation of commercial email in order to spare businesses from having to deal with different standards in the fifty states. In addition, the language immediately following the preemption clause provides that the CAN-SPAM Act does not preempt "(A) State laws that are not specific to electronic mail, including State trespass, contract, or tort law; or (B) other State laws to the extent that those laws relate to acts of fraud or computer crime." [1]
From these facts, the court concluded that Congress intended for the "falsity" and "deception" exception to be read narrowly. States should be allowed to "extend traditional tort theories such as claims arising from fraud or deception to commercial e-mail communication", but no more. Thus state law claims based on immaterial misrepresentations would be preempted by the CAN-SPAM Act, though a state law claim of fraud would survive. Applying this to Gordon and Omni's case, the court concluded that Gordon and Omni's Washington CEMA and Washington CPA claims were preempted because Gordon and Omni had not alleged facts that rose to the level of "falsity or deception" within the meaning of the CAN-SPAM Act. [1]
Judge Gould wrote a concurring opinion in which he agreed with the main opinion, but would have held that Gordon lacked standing solely because he was suing for profit as opposed to seeking recovery for injury. Judge Gould distinguished the CAN-SPAM Act's limited private cause of action from anti-discrimination statutes, such as the Americans with Disabilities Act, in which Congress included broad private causes of action and statutory damages provisions to encourage citizens to "test" for discrimination. [1]
The failure Gordon's use of technical infractions of the CAN-SPAM set a precedent for future anti-spam cases. [10] Judge Tallman did not find Gordon's use technical infractions of the CAN-SPAM convincing; therefore, individuals fighting spam will be unable to claim ISP status for their legal basis. In addition, the holding also diminished the importance of state anti-spam laws given the preemption of the federal CAN-SPAM law. [10]
Asis Internet Services v. Azoogle.com: [11] The United States Court of Appeals for the Ninth Circuit dismissed claims under the CAN-SPAM Act for lack of standing where the plaintiff claimed that the cost of implementing spam-filtering programs constituted "adverse effects." The court held that "such ordinary filtering costs do not constitute a harm," and that "the mere cost of carrying SPAM emails over Plaintiff's facilities does not constitute a harm as required by the statute."
Asis Internet Services v. Subscriberbase: [12] The United States District Court for the Northern District of California held that the CAN-SPAM Act did not pre-empt California's anti-spam statute, California Business & Professions Code § 17529.5, [13] where the plaintiff based its claims on deceptive email headers. The court did not require the plaintiff to plead all the elements of common law fraud - specifically, reliance and damages - to escape preemption, although the court noted that district courts in California had previously been split on the issue.
Hypertouch, Inc. v. Valueclick, Inc.: [14] The California Court of Appeal also held that a plaintiff asserting claims under California Business & Professions Code § 17529.5 was not required to establish reliance and damages to escape preemption by the CAN-SPAM Act.
Melaleuca, Inc. v. Hansen : [15] The United States District Court for the District of Idaho held that the owner of a domain name lacked standing to sue under the CAN-SPAM Act where, similar to Omni, (1) it provided email and internet access through a third party internet service provider, and (2) failed to allege harms rising above routine business expenses. The defendant in this case had emailed the plaintiff's employees encouraging them to join the defendant's company (as opposed to the plaintiff corporation). Plaintiff later attempted to sue the same defendant on the same claims; the court held the new action was barred by the doctrine of collateral estoppel. [16]
Spamming is the use of messaging systems to send multiple unsolicited messages (spam) to large numbers of recipients for the purpose of commercial advertising, for the purpose of non-commercial proselytizing, for any prohibited purpose, or simply repeatedly sending the same message to the same user. While the most widely recognized form of spam is email spam, the term is applied to similar abuses in other media: instant messaging spam, Usenet newsgroup spam, Web search engine spam, spam in blogs, wiki spam, online classified ads spam, mobile phone messaging spam, Internet forum spam, junk fax transmissions, social spam, spam mobile apps, television advertising and file sharing spam. It is named after Spam, a luncheon meat, by way of a Monty Python sketch about a restaurant that has Spam in almost every dish in which Vikings annoyingly sing "Spam" repeatedly.
The Sherman Antitrust Act of 1890 is a United States antitrust law which prescribes the rule of free competition among those engaged in commerce. It was passed by Congress and is named for Senator John Sherman, its principal author.
The Controlling the Assault of Non-Solicited Pornography And Marketing (CAN-SPAM) Act of 2003 is a law passed in 2003 establishing the United States' first national standards for the sending of commercial e-mail. The law requires the Federal Trade Commission (FTC) to enforce its provisions. Introduced by Republican Conrad Burns, the act passed both the House and Senate during the 108th United States Congress and was signed into law by President George W. Bush in December 2003.
Mobile phone spam is a form of spam, directed at the text messaging or other communications services of mobile phones or smartphones. As the popularity of mobile phones surged in the early 2000s, frequent users of text messaging began to see an increase in the number of unsolicited commercial advertisements being sent to their telephones through text messaging. This can be particularly annoying for the recipient because, unlike in email, some recipients may be charged a fee for every message received, including spam. Mobile phone spam is generally less pervasive than email spam, where in 2010 around 90% of email is spam. The amount of mobile spam varies widely from region to region. In North America, mobile spam steadily increased after 2008 and accounted for half of all mobile phone traffic by 2019. In parts of Asia up to 30% of messages were spam in 2012.
Email spam, also referred to as junk email, spam mail, or simply spam, is unsolicited messages sent in bulk by email (spamming). The name comes from a Monty Python sketch in which the name of the canned pork product Spam is ubiquitous, unavoidable, and repetitive. Email spam has steadily grown since the early 1990s, and by 2014 was estimated to account for around 90% of total email traffic.
Trespass to chattels is a tort whereby the infringing party has intentionally interfered with another person's lawful possession of a chattel. The interference can be any physical contact with the chattel in a quantifiable way, or any dispossession of the chattel. As opposed to the greater wrong of conversion, trespass to chattels is argued to be actionable per se.
Email marketing is the act of sending a commercial message, typically to a group of people, using email. In its broadest sense, every email sent to a potential or current customer could be considered email marketing. It involves using email to send advertisements, request business, or solicit sales or donations. Email marketing strategies commonly seek to achieve one or more of three primary objectives: build loyalty, trust, or brand awareness. The term usually refers to sending email messages with the purpose of enhancing a merchant's relationship with current or previous customers, encouraging customer loyalty and repeat business, acquiring new customers or convincing current customers to purchase something immediately, and sharing third-party ads.
The Spamhaus Project is an international organisation based in the Principality of Andorra, founded in 1998 by Steve Linford to track email spammers and spam-related activity. The name spamhaus, a pseudo-German expression, was coined by Linford to refer to an internet service provider, or other firm, which spams or knowingly provides service to spammers.
Zeran v. America Online, Inc., 129 F.3d 327, cert. denied, 524 U.S. 937 (1998), is a case in which the United States Court of Appeals for the Fourth Circuit determined the immunity of Internet service providers for wrongs committed by their users under Section 230 of the Communications Decency Act (CDA). Section 230(c)(1) of the CDA provides that "No provider or user of an interactive computer service shall be treated as the publisher or speaker of any information provided by another information content provider."
Altria Group v. Good, 555 U.S. 70 (2008), was a United States Supreme Court case in which the Court held that a state law prohibiting deceptive tobacco advertising was not preempted by a federal law regulating cigarette advertising.
The Stored Communications Act is a law that addresses voluntary and compelled disclosure of "stored wire and electronic communications and transactional records" held by third-party Internet service providers (ISPs). It was enacted as Title II of the Electronic Communications Privacy Act of 1986 (ECPA).
A Doe subpoena is a subpoena that seeks the identity of an unknown defendant to a lawsuit. Most jurisdictions permit a plaintiff who does not yet know a defendant's identity to file suit against John Doe and then use the tools of the discovery process to seek the defendant's true name. A Doe subpoena is often served on an online service provider or ISP for the purpose of identifying the author of an anonymous post.
In Milgram v. Orbitz Worldwide, LLC, the New Jersey Superior Court held that online ticket resellers qualified for immunity under Section 230 of the Communications Decency Act (CDA), and that such immunity preempted a state law consumer fraud statute. The opinion clarified the court's test for determining whether a defendant is acting as a publisher, the applicability of the CDA to e-commerce sites, and the extent of control that an online intermediary may exercise over user content without becoming an "information content provider" under the CDA. The opinion was hailed by one observer as a "rare defeat for a consumer protection agency" and the "biggest defense win of the year" in CDA § 230 litigation.
Kleffman v. Vonage Holdings Corp., 232 P.3d 625, is a 2010 Supreme Court of California case certified by United States Court of Appeals for the Ninth Circuit. The decision ruled that sending unsolicited advertisement emails using multiple domain names was not unlawful under California Business and Professions Code section 17529.5, subdivision (a)(2), which made it unlawful to advertise in a commercial email advertisement that contained or was accompanied by falsified, misrepresented, or forged header information.
United States v. Kilbride, 584 F.3d 1240 is a case from the United States Court of Appeals for the Ninth Circuit rejecting an appeal from two individuals convicted of violating the Can Spam Act and United States obscenity law. The defendants were appealing convictions on 8 counts from the District Court of Arizona for distributing pornographic spam via email. The second count which the defendants were found guilty of involved the falsification of the "From" field of email headers, which is illegal to do multiple times in commercial settings under 18 USC § 1037(a)(3). The case is particularly notable because of the majority opinion on obscenity, in which Judge Fletcher writes an argument endorsing the use of a national community obscenity standard for the internet.
CompuServe Inc. v. Cyber Promotions, Inc. was a ruling by the United States District Court for the Southern District of Ohio in 1997 that set an early precedent for granting online service providers the right to prevent commercial enterprises from sending unsolicited email advertising – also known as spam – to its subscribers. It was one of the first cases to apply United States tort law to restrict spamming on computer networks. The court held that Cyber Promotions' intentional use of CompuServe's proprietary servers to send unsolicited email was an actionable trespass to chattels and granted a preliminary injunction preventing the spammer from sending unsolicited advertisements to any email address maintained by CompuServe.
Melaleuca, Inc. v. Hansen was a United States District Court for the District of Idaho case which clarified the meaning of "internet access provider" and "direct adverse" effect as used in the Controlling the Assault of Non-Solicited Pornography and Marketing Act of 2003, or CAN-SPAM Act of 2003, 15 U.S.C. ch. 103
America Online, Inc. v. IMS, 24 F. Supp. 2d 548 was one of a series of legal battles America Online launched against junk e-mail. In this case, the court held that defendants' unauthorized mailing of unsolicited bulk e-mail constituted a trespass to chattels under Virginia state law.
Omega World Travel, Inc. v. Mummagraphics, Inc., 469 F.3d 348, is a case in the United States Court of Appeals for the Fourth Circuit in which Mummagraphics, Inc. is sued by Omega World Travel, Inc. (Omega) and Cruise.com after Mummagraphic alleged that they received 11 commercial e-mail messages in violation of the Controlling the Assault of Non-Solicited Pornography and Marketing (CAN-SPAM) Act of 2003 as well as Oklahoma state law. In the initial filing, the United States District Court for the Eastern District of Virginia had awarded summary judgment to Omega on all of Mummagraphics' claims finding that the commercial emails from Omega did not violate the CAN-SPAM Act, and that the CAN-SPAM Act preempted Oklahoma state law. The Court of Appeals affirmed.
The misappropriation doctrine is a U.S. legal theory conferring a "quasi-property right" on a person who invests "labor, skill, and money" to create an intangible asset. The right operates against another person "endeavoring to reap where it has not sown" by "misappropriating" the value of the asset. The quoted language and the legal principle come from the decision of the United States Supreme Court in International News Service v. Associated Press, 248 U.S. 215 (1918), also known as INS v. AP or simply the INS case.