Is their increased vigilance pissing you off? If so, your anger is misplaced. They are reacting quite sensibly to market conditions apparently imposed by Spamhaus. Ken Magill

While I agree with Ken that the ESPs are reacting to market conditions. Where we disagree is the idea that these conditions are imposed by Spamhaus. I don’t think all the uptick in ESP enforcement and compliance activity is the result of Spamhaus’ actions. I believe that many of the mass market ISPs are changing how they detect unwanted mail, and are fine tuning filters to reduce the amount of unwanted mail that shows up in the inbox.

One of the big changes is better tools for handling huge data sets. Bigger ISPs handle billions of messages a week. Even just collecting and storing the mail is a giant task. Storing it in a useable form was almost out of the question. But over the last few years there have been significant improvements in the speed and affordability of hardware to handle very, very large datasets. Likewise, there have been algorithm and software improvements in mining that data for useful correlations.

In practical terms, ISPs and filtering companies like Spamhaus don’t have to focus on complaints or trap hits or “simple” measurements. They can draw complex correlations and look at mail in a way that was simply impossible 2 or 3 years ago. This means they can better identify senders who had previously been able to slide in under the filters.

Spamhaus rolled out tools to monitor their spam feeds in a different way and have been listing a lot more “legitimate” senders because of it. ISPs are rolling out tools to better filter “greymail” and keep users inboxes full of mail that the users actually want.

One of the trends I’m noticing is that direct marketers are getting more aggressive. Whether it’s a response to the years of recession or a response to the slowly warming economy, I can’t tell. But there are a lot of direct marketers who are no longer afraid to break the law. For instance, my cell phone is getting multiple telemarketing calls a week, despite being a cell and despite being on the do not call list. My inbox is full of unsolicited email carefully engineered to get past standard filters, much of which violates CAN SPAM. I’m even getting the occasional unsolicited fax.

The increase in listings by Spamhaus are one example of the filtering screws being tightened. But it’s not just Spamhaus that’s driving this; ISPs and filtering companies are also filtering more aggressively. I’m seeing a lot more emphasis being placed on content and a good IP reputation is no longer a ticket to the inbox. Content must be clean and recipients have to want mail for it to get into the inbox.

Spam is illegal and Spammers are criminal. Let’s not mess about with words here. Calling someone a spammer is inflamitory [sic].

I’m not arguing that sending unsolicited bulk email is anything other than bad. And that a lot of senders have a negative reaction to being called spammers. I’ve even had hate mail for saying that an ISP was blocking mail because recipients were saying the mail was spam.

In the US, though, spam is not illegal. Violating CAN SPAM is illegal and may result in civil or criminal penalties. Sending mail to recipients that never gave permission? Not illegal.

Is there a lot of spam out there that violates CAN SPAM? Absolutely. But that’s not the sum total of email. In fact, that’s very little of the email that recipients actually see. ISPs and filtering companies do a pretty good job at filtering out most of the illegal stuff.

There is a lot of social pressure to not be perceived as a spammer. There is much social pressure to not send mail people like.

And, yes, there are countries where it is illegal to send mail without opt-in permission. Ironically, one of those countries is the UK. Marketers in the UK have 3 or 4 of my email addresses and frequently send me unsolicited email, in violation of their laws. I’ve even blogged about some of it.

Return-Path:
Received: by m.wordtothewise.com (Postfix, from userid 1003)
  id 166562E196; Wed,  5 Oct 2011 13:50:25 -0700 (PDT)
Received: from [164.193.177.203] (86.sub-75-248-121.myvzw.com
  [75.248.121.86]) by m.wordtothewise.com (Postfix) with SMTP id
  850862E185 for <MUNGED>; Wed,  5 Oct 2011 13:50:23 -0700 (PDT)
Received: from [164.193.177.203][127.0.0.1] by [164.193.177.203]
  [127.0.0.1] (SMTPD32); Wed, 5 Oct 2011 13:49:44 -0700
  Message-ID: <275a6de8fff734e0abd353db00143bb7@g2gm.com>
From: "Ashley Anderson"
To: <MUNGE>
Subject: Do You Want Access to NEW Customers?
Date: Wed, 5 Oct 2011 13:49:42 -0700
MIME-Version: 1.0
Content-Type: text/plain;
charset="windows-1252"
Content-Transfer-Encoding: quoted-printable

Hello,

Does you company need access to fresh databases that can be used
for E-mail Marketing, Direct Mail & Telemarketing?

We have access to 200 Million Consumers & 45 Million
Businesses.=09

Some of our most popular lists are:

> U.S. Realtors - 1,281,916 Full Records=09
> U.S. Lawyers - 269,787 Full Records=09
> U.S. Financial Planners - 265,425 Full Records=09
> U.S. Businesses - 4.8 Million Full Records=09
> U.S. Manufacturers - 1,057,119 Full Records=09
> U.S. Homeowners - 1,326,620 Full Records=09
> U.S. Physicians - 741,809 Full Records=09
> Worldwide Investors - 8,562,140 Emails Only=09

*Much More Available Upon Request=2E
Call us to get a FREE quote!

Thank You,
Ashley Anderson
Data Specialist
Business Networking Services
1 (800) 841-5070

I’m counting at 4 violations, plus aggravated damages because the address was harvested.

How many violations can you find?

Would you trust this company to sell you actual opt-in addresses?

The judge is treating these two cases as basically a single case. When it came time for arguments, the cases were called together and both Yahoo and Microsoft’s lawyers were at the defendant’s table.

Oral arguments centered on the question of CDA immunity and to a lesser extent if there is an objective industry standard for blocking and dealing with blocks. Nothing at all was mentioned about the wiretapping arguments.

The judge opened the hearing with a quick summary of the case so far and what he wanted to hear from the lawyers.

Judge Fogel pointed out that current case law suggests that the CDA provides a robust immunity to ISPs to block mail. The plaintiff can’t just say that the blocks were done in bad faith, there has to be actual evidence to show bad faith. The law does permit subjective decisions by the ISPs. Also, that it is currently hard to see any proof of bad faith by the defendants.

The judge asked the plaintiff’s attorney for his “absolute best argument” as to the bad faith exhibited by the defendants.

The plaintiff responded that they are a competitor who is being stonewalled by the defendants. That their email is not spam (as it is CAN SPAM compliant) and it is wanted email. The defendants are not following the “objective industry standard” as defined by MAAWG.

The judge responded clarifying that the plaintiff really claimed he didn’t need to present any evidence. “Yes.” Judge Fogel mentioned the Towmbly standard which says that a plaintiff must have enough facts to make their allegations plausible, not just possible.

Yahoo!’s lawyer pointed out that both case law and the statutes require a robust showing to invalidate claims under the CDA. And that the purpose of the CDA is to protect ISPs from second guessing. She started to bring up the absolute numbers of emails, but was interrupted and told the numbers weren’t relevant. My notes don’t say if that was the judge or Holomaxx’s lawyer that interrupted, and the numbers discussion did come up again.

Yahoo continued that the CAN SPAM compliance is not a litmus test for what is spam. The decision for what is and is not spam is left to the subjective judgement of the ISP. She also pointed out that the numbers are important. She defined the amount of spam as a tax on the network and a tax on users.

She also addressed the anti-competitive claim. Even if Holomaxx is right, and neither defendant was conceding the point, and it is doubtful that the anti-competitive point can be proven, competition alone cannot establish bad faith. What evidence is there that either defendant exhibited bad faith? In Yahoo’s case there is zero advertiser overlap and in the Microsoft case Holomaxx showed one shared customer.

She then pointed out that the MAAWG document was a stitched collection of experiences from desks. That the document itself says it is not a set of best practices. She also pointed out that there was nothing in the document about how to make spam blocking decisions. That it was solely a recommendation on how to handle people who complain.

According to Yahoo!’s lawyer the plaintiffs brought this suit because they disagreed with the ISPs’ standards for blocking and they were upset about how they were treated. That the worst Holomaxx can say is the MS and Y! had bad customer service.

At this point there was some discussion between the judge and lawyers about how they were currently in a “grey area” between Rule 9(b) and Rule 12(b)6. I am not totally sure what this was about (one of my lawyer readers can help me out?) but there was also mention of using these rules in the context of the ISPs’ robust immunity under the CDA.

Finally, the judge asked Microsoft’s lawyer if he had anything more to add. He reiterated that the MAAWG document was not a standard, it was a collection of options. He also brought up the volume issue again, asserting that even if it is a true standard that the volume of unwanted mail sent by Holomaxx does not mean ISPs need to follow it.

Judge Fogle asked him if he meant there was no legal obligation for the ISPs to be warm and fuzzy.

The judge and defendant lawyers talked around a few general ideas about the MAAWG document. First that there was no obligation to tell senders enough information so that senders could reverse engineer spam filters. Microsoft also brought up the volume issue again, saying that the volume of unwanted 3rd party mail that the plaintiff was sending was, in itself, proof that the mail was bad.

Holomaxx interrupted claiming that the volume is a red herring. Judge Fogel countered with “but the gross number of unwanted emails is a huge number of emails.” Holomaxx’s lawyer argued that both Yahoo and Microsoft had large, robust networks, and the volume is irrelevant. I thought this was funny, given how often both of them have outages due to volume. However, the Holomaxx lawyer did have a point. Facebook sends billions of emails a day and both Yahoo and Hotmail can cope with that volume of mail and that volume dwarfs what Holomaxx sends.

The judge asked if he should look at the percentage of complaints about the mail rather than the gross number. Holomaxx replied that both were just a drop in the bucket and neither number was relevant.

Holomaxx then claimed again that MAAWG was a standard. The judge pointed out it was a standard for customer service, not a standard for blocking. Holomaxx disagreed and said that the MAAWG document was a standard for both how to block and how to deal with blocks afterwards.

The judge asked Holomaxx if there was any actual evidence of their claims. He talked about a case he heard a few years ago. Some company was suing Google because their search results were not on the front page of Google results. That company didn’t prevail because they never offered any actual evidence that Google was deliberately singling them out. He asked Holomaxx how they were being singled out.

Holomaxx replied there was no industry standard to measure against.

The judge wrapped up the hearing by pointing out that he was being asked to show where the exceptions to the CDA were and that he had to consider the implications of his ruling. He agreed that bad faith was clearly an exception to CDA protection, but what was the burden of proof required to identify actual bad faith. He seemed to think this was the most important point and one that would take some deliberation.

Overall, the hearing took about 15 minutes, which seemed in line with the case immediately before this one.

My impression was that the judge was looking for Holomaxx to argue something, anything with facts rather than assertion. But, I am scientist enough to see that may be my own biases at work. But the judge gave Holomaxx the opportunity to show their absolute best evidence, and Holomaxx provided exactly zero, instead falling back to it’s true because we said it’s true.

The judge will issue a written ruling, I’ll keep an eye out for it and post it when it’s out.

The short version is that Hypertouch sued Valueclick in 2008 under both CAN SPAM and the California anti-spam law. Eventually the judge in the case ruled that there was no clear evidence of fraud, therefore CAN SPAM preempted the California law.

Hypertouch appealed the case.

Yesterday the appeals court published their opinion and kicked the case back down to the lower court.

The trial court granted summary judgment, ruling that the CAN-SPAM Act preempted Appellant‟s section 17529.5 claims. Although the Act expressly exempts from preemption state laws prohibiting “falsity or deception” in commercial e-mail, the court concluded this exemption was only intended to apply to state statutes that require a plaintiff to establish each element of common law fraud. The court entered judgment dismissing the case in its entirety and awarded Respondents approximately $100,000 in costs.

On appeal, Appellant argues that the court erred in ruling that the CAN-SPAM Act preempts claims arising under section 17529.5. In addition, Appellant argues that: (1) it introduced sufficient evidence to establish a triable issue of fact as to whether Respondents violated section 17529.5; (2) section 17592.5 claims are governed by the three-year statute of limitations in Code of Civil Procedure section 338, rather than the one-year period described in section 340, subdivision (a); and (3) the trial court abused its discretion in awarding Respondents $100,000 in costs.

We reverse the trial court‟s grant of summary judgment, concluding that the CAN-SPAM Act does not preempt Appellant‟s claims and that Appellant has raised a triable issue of fact regarding whether Respondents violated section 17529.5.

Slashdot article

Metnews Article

Today the Canadian anti spam law received royal assent and is now law. ReturnPath is saying it will take effect September 2011, but that’s the only date I’ve seen published. The full text of the bill as passed by the House of Commons can be found at http://www2.parl.gc.ca/content/hoc/Bills/403/Government/C-28/C-28_3/C-28_3.PDF

It’s fairly dense and I’m still reading through the final version. Of critical importance for anyone marketing in Canada is that it sets requirements that commercial email be sent with the permission of the recipient. This is different from CAN SPAM here in the US which doesn’t require consent of the recipient, but allows anyone to send unsolicited email as long as it meets the standards set by the law.

CBC Story

Return Path blog post

CAUCE posts

Thin Data implementation guide

In fine spammer style the defendant, Adam Guerbuez, is flouting the judgment and claiming he won’t pay a dime. In fact, he’s already filed bankruptcy and is reported to have transferred a number of assets to family members. From what I’m hearing from some of my Canadian colleagues the courts up there take a very dim view of his behaviour. Like many things that go through the court system, though, it is unlikely that the process will be rapid.

This is one of the largest, if not the largest, fines levied for violations of the CAN SPAM act. I don’t think Facebook will see much, if anything, of the money. But, hey, maybe the Canadian courts will throw this spammer in jail for flouting their ruling.