2003 UCLA J.L. & Tech. 5
A Two-Tiered Registry System to Regulate Spam
* J.D., UCLA School of Law, 2003; B.S./B.S., University of California, Irvine, 1995. Special thanks to Security Exchange Professor Lynn M. LoPucki, my advisor for this comment. I also thank Kat Paterno, Michelle Alig, Robin Baessler, Christian Dodd, Eric Herbert, and Sara Jasper for their editorial support.1. See William S. Galkin, The Law of Spam, 1 Computer Law Observer 20, Nov. 1996 (stating that “[s]pam has been credited with the power to bring down and destroy the Internet”) at http://www.netlegal.com/vol1Is18.html (last visited July 28, 2003).
2. See Anne Chen, Stop the spam madness – Firm deploys filter to keep improper e-mail out, eWeek, Sept. 3, 2001, at 49 (interviewing David Ferris of Ferris Research, Inc. who estimates that unsolicited commercial e-mail will increase to 44 percent a day by 2005).
3. “Spam” is distinguishable from “UCE.” While both are unsolicited and commercial in nature, spam is really fraudulent in nature. See FTC Public Hearing Release, Unsolicited Commercial Email (spam) May Chill Consumer Confidence in Online Commerce: FTC, Nov. 3, 1999 available at http://www.ftc.gov (defining spam as “deceptive unsolicited commercial e-mail) (last visited July 28, 2003). Additionally, the words “bogus” and “scam” are used in most of the FTC’s “The Dirty Dozen Spam Scams” list, connoting the fraudulent nature of spam, available at http://www.ftc.gov (last visited July 28, 2003). But see Alan Schwartz & simson garfinkel, Stopping Spam 1 (Deborah Russel ed., O’Reilly & Associates, Inc. 1998) (defining spam as “an unsolicited, unwanted message sent to [the recipient] without [the recipient’s] permission”). For purposes of this comment “spam” will be distinguished from “UCE” as particularly egregious or fraudulent UCE.
4. See Michael A. Hiltzik, The Spam Busters: A self-appointed global army is fighting the mass Internet mailings that annoy users and crash systems, the Los Angeles Times, Apr. 16, 2001, at A1 (reporting that “144,000 subscribers of Pacific Bell’s Internet service repeatedly lost access to their e-mail for hours because servers were clogged with spam”).
5. See Laura Frewin, E-business – Tarring e-mail pests with their own brush, Network News, Jul. 25, 2001 available at WESTLAW, AllNews File (2001 WL 8762679) (quoting Lyris CEO John Buckman “’Spam is a big problem for businesses. Mail servers get overloaded and this can slow the system or even cause it to crash’”).
6. An Internet Service Provider is a company that provides individuals and business access to the Internet. An ISP has the equipment and the telecommunication line access required to have a point of presence on the Internet for the geographic area served. It is in the interest of ISP’s to combat spam for two reasons: 1) loss of customers due to spam complaints and 2) a forced purchase of increased bandwidth to deal with very large volumes of e-mail. Additionally, the cost of personnel to control and administer spam-fighting tools can quickly add up. See, e.g., Sharon Gaudin & Suzanne Gaspar, The Spam Police; Tactics used by self-appointed spam fighters come under fire, Network World, Sept. 10, 2001,. at 58 (“AOL Time Warner…spends up to 15% of users’ monthly fees fighting spam. AT&T spends $35,000 per month, and WorldCom has 30 people dedicated to spam”).
7. Filtering mechanisms include both software that filters out unwanted spam and subscription to spam-friendly blacklists maintained by grass-roots organization such as Mail Abuse Prevention System (MAPS). See infra, notes 25-41 and accompanying text.
8. See, e.g., America Online, Inc. v. Nat. Health Care Discount, Inc., 121 F.Supp.2d 1255 (N.D. Iowa 2000) (holding that National Health Care Discount’s contract e-mailers were liable to ISP America Online under the Computer Fraud and Abuse Act, the Virginia Computer Crimes Act, and the theory of trespass of chattels for sending unsolicited bulk e-mail advertisements without authorization); CompuServe Inc. v. Cyber Promotions Inc., 962 F.Supp. 1015 (S.D. Ohio 1997) (holding defendant liable in tort under a theory of trespass to chattel to ISP CompuServe for failing to comply with CompuServ’s request to stop sending unsolicited e-mail and for deliberately evading plaintiff’s efforts to stop the mailings).
9. See John S. Quarterman, A Bad Spam Law, Matrix News, Vol.8, July 1998, at 7 (stating that “[s]pammers cause ISPs and others to carry mass unpaid traffic that the vast majority of recipients do not want”) available at http://www.mids.org/mn/807/spamlaw.html (last visited July 28, 2003); but see Mike Koller, Direct E-Mail Without Spam – Schwinn divides newsletters by demographic and tracks reader behavior, InternetWeek, Oct. 1, 2001, at 12 (reporting that Schwinn saved $169,200 in annual savings be sending out 40,000 electronic newsletters rather than the traditional print newsletters).
10. See Schwartz & Garfinkel, supra, note 3 at 139 (stating that approaches to blocking spam at the system level “rely on…sophisticated pattern-matching heuristics to determine whether a given message might be spam”). For a simple example, consider a filter that would filter out anything in the subject line that began with “ADV,” where ADV denoted an advertisement. The specific technology involved in these systems is beyond the scope of this comment. For a more complex explanation of filtering heuristics, see Marko Balabanovic, Yoav Shohan, & Yeogirl Yun, An Adaptive Agent for Automated Web Browsing, Stanford Univ. Digital Library Project at URL:http://historical.ncstrl.org/litesite-data/stan/CS-TN-97-52pdf (Feb. 1, 1997) (last visited Jan. 14, 2002).
11. See Schwartz & Garfinkel, supra, note 3 at 142.
12. See NEV. REV. STAT 41.705 – 41.735.
13. California, Colorado, Connecticut, Delaware, Idaho, Illinois, Iowa, Louisiana, Missouri, North Carolina, Oklahoma, Pennsylvania, Rhode Island, Tennessee, Virginia, Washington, and West Virginia have all enacted state statutes regulating spam.
14. See State of Washington v. Heckel, 143 Wash.2d 824 (2001) (holding that Washington Statute on Commercial Electron Mail Chapter 19.190 did not violate the dormant Commerce Clause and was therefore constitutional).
15. Compare Farhad Manjoo, She’s the Sexiest Geek Alive, Wired News, June 21, 2001, at http://www.wired.com (last visited July 28, 2003) (reporting that California resident Ellen Spertus won a judgment in a small claims court against Kozmo.com for sending UCE) and Jeffrey Benner, Wham, Bam, Thank You Spam, Wired News, Dec. 12, 2001, at http://www.wired.com (last visited July 28, 2003) (reporting that Washington resident Bennett Haselton won judgments totaling $2000 against spammers under the Washington anti-spam statute) with Steven Chase, Spam under attack, The Globe and Mail, Apr. 5, 2001, at T1 (quoting Internet legal expert professor Michael Geist as asserting that legislation will not make a “huge difference”).
16. See, Frewin, supra, note 5 (reporting that “[s]pammers typically send over 100,000 messages at a time and - to avoid angry replies - not from their own systems”).
17. See generally, Schwartz & Garfinkel, supra, note 3.
19. See, infra, note 41.
20. Id.; also see, Frewin, supra, note 5 (stating that “[i]ncidents of spam mail relaying on are on the rise” and stipulating that the .gov domain accounts for 38 percent and .co.uk domain accounts for 28 percent).
22. See generally, Matrix.net, Inc.’s website available at http://www.mids.org/nospam (last visited July 28, 2003). Matrix.net is an Internet performance analyst company that tracks, analyzes, and measures bits of information on the Internet. Their interest in reducing spam is high, since their products are designed to increase efficiency of businesses in e-commerce. In their “NoSpam” webpage, they list CAUCE as a resource to combat spam along with the stipulation that they “don’t agree with their approach of new [spam] laws, but [they are] listed anyway.”
23. See Steve Hill, Unwanted. Unwelcome. Unstoppable?, Internet Magazine, Vol. 3, Dec. 2001, at 64 (reporting that MEP Michael Cashman distinguishes spam as “‘rain…[t]hey don’t care where it lands’” from UCE, which according to Cashman “‘is based on research from the marketers and is targeted.’” Cashman is a member of the European Citizens Freedoms and Rights, Justice and Home Affairs Committee, “which is currently considering legislation on spam”).
24. See Chris Oakes, Free Spam Killing for the Masses, Wired News, July 19, 1999 at http://www.wired.com (last visited July 28, 2003) (quoting CAUCE (Coalition Against Unsolicited Commercial E-mail) spokesman John Mozena as saying “‘[Bright Light’s filtering system] is a good stop-gap until we’re able to find a more global solution to spam.’”).
25. See Raymond B. Everett, Guerrilla Warfare: A System Administrator’s Perspective on Unsolicited Commercial E-Mail, Comments for the FTC Consumer Privacy Hearings 1997, at 2.19 (discussing filtering mechanisms as the most used technological developments to stop spam) available at http://www.everett.org/testimony/ftc (last visited July 28, 2003).
26. See, e.g., the website www.lyris.com/products/mailshield for a brief description of rule-based filtering.
27. For example, a rule can be written “Reject the message if [text] appears in the Subject,” where [text] can equal a derogatory word.
28. See Joyce Slaton, What’s the Worst &*#% Filter, Wired News, Sept. 21, 2001, at http://wired.com (last visited Aug. 1, 2003)(quoting Digital Freedom Network Internet Development Director Alan Brown as saying that censorware [filtering software] is “ineffective at best;” and providing an example of how filtering can be ineffective with the following illustration: A would-be user named Sherrill Babcock was rejected as a registrant for censorware available at BlackPlanet.com. However, she was a successful registrant when she used the last names Babpenis and Babdildo).
29. A system administrator is the person responsible for configuring, administering, and maintaining computers, networks, and software systems.
30. See Schwartz & Garfinkel, supra, note 3 at 7.
31. See Anne Chen, Stop the spam madness – Firm deploys filter to keep improper e-mail out, eWeek Sept. 10, 2001 at 49 (reporting that Rockwood Specialties, Inc. IT Director Mark Yankowskas “carefully review every quarantined message” to avoid legal issues) available at http://www.eweek.com/article2/0,3959,88457,00.asp.(last visited Aug. 1, 2003).
32. See Everett, supra, note 25 at 2.19 (characterizing AOL’s PreferredMail as filtering spam through lists).
33. See Gaudin and Gaspar, supra, note 6 (reporting that “as many as half of the ISPs in the U.S. use [MAPS RBL] to block e-mail from…alleged spammers”); see also, Schwartz & Garfinkel, supra, note 3 at 142.
34. There are a number of ways in which spammers are added to the list, including sending unsolicited bulk e-mail, leaving an open-relay on network, and hosting web pages that are promoted by spam. See Sharon Gaudin and Suzanne Gaspar, How the blacklist system works, Network World, Sept. 10, 2001, at 62.
35. But see Media3 Technologies, LLC v. Mail Abuse Prevention System, LLC, 2001 WL 92389 (D.Mass) (denying a preliminary injunction on the grounds that MAPS placement of Media3 on their RBL list did not constitute defamation because the statement appeared to be true, did not amount to intentional interference with existing and prospective advantageous business relations because Media3 did not provide evidence of imminent business loss, and did not amount to unfair business practices although 1500 untainted websites hosted by Media3 were included in the RBL listing).
36. See Jeffrey Benner, Fixing a Hole Where Spam Comes In, Wired News, July 19, 2001 at http://www.wired.com (last visited Aug. 1, 2003) (stating that as the efforts to control spam increase, “more and more legitimate e-mail is getting blocked along with the junk”).
37. Id. (quoting Tom Geller as stating that “ISP’s block each other constantly”).
40. Headers contain information regarding the origin of the e-mail.
41. Open relays are routes within a network which allow senders of e-mail messages to route their messages through without authorization. Spammers use open relays to bypass their ISP in order to avoid penalties for the violation of their User Agreement provided by their ISP. This is an attempt by the spammer to disguise the origin of their spam. The recipient of a spam that went through an open relay would believe that the spam originated from an otherwise legitimate host. For example, a spammer recently used an open relay of the FAA’s domain site to purvey spam. See, Bill Duncan, FAA Asleep at the Control Column?, RISKS Digest Vol. 21, Iss. 73, Nov. 5, 2001 at http://catless.ncl.ac.uk/Risks/21.73.html(last visited Aug. 1, 2003).
42. See David G. Post, A New Legal Paradigm: What Larry Doesn’t Get: Code, Law and Liberty in Cyberspace, 52 Stan. L. Rev. 1439 at 1441 (quoting Larry Lessig from his column the Industry Standard). Larry Lessig is an Internet law professor at Stanford Law School.
43. See Media3 Technologies, LLC, 2001 WL 92389 (D.Mass); also see Gaudin & Gaspar, supra, note 6 (reporting that MAPS listed iBill’s entire block of IP addresses on the RBL when one of their thousands of customers had allegedly spammed MAPS).
44. See, supra, note 13.
45. Headers are identifying information about the source of a sent email. For legitimately sent e-mail messages, they contain accurate information regarding the date sent, the sender, and the recipient, in addition to a subject line and unique message identification number. However, this information can be falsified by spammers. See Geoff Mulligan, Removing the Spam: Email Processing and Filtering 10 (1999) (stating that “[i]t is a trivial task for anyone to insert their own forged headers and quite often users wishing to hide their true identity (such as spammers) will create messages with fake From addresses, Message-Id lines, and especially phony Received headers.”).
46. Louisiana Rev. Stat. §73.6(B) (2003).
47. Rev. Washington Stat. §19.190.010-.050 (amended 1999). Under the statute, it is a crime to send a commercial e-mail that contains false or missing routing information, a false or misleading subject line, or to use a third-party domain name without authorization.
48. Heckel, 143 Wash.2d 824 (2001).
49. Id. at 840.
50. But see, Brett Arquette, E-mail bill may fail to curtail spamming, eWeek, July 9, 2001, at 49 (arguing that the Unsolicited Commercial Electronic Mail Act of 2001 (H.R. 95) will not have much of an effect on curbing spam if one looks at the history of ineffectiveness of the Telephone Consumer Protection Act of 1991) available at http://www.eweek.com/article2/0,3959,464756,00.asp (last visited Aug. 1, 2003).
51. For example, pending legislation for the 108th Congress include the Ban on Deceptive E-mail Act of 2003 (S. 1052), prohibiting falsification or forgery of any electronic mail transmission information; the CAN-SPAM Act of 2003 (S. 877), mandating that identification, opt-out and physical address be included in any unsolicited e-mail transmission; and the Anti-Spam Act of 2003 (H.R. 2515), prohibiting commercial electronic email with false or misleading headers or subject headings For a brief summary, see spamlaws.com at http://spamlaws.com/federal/summ107.html (last visited Sept. 25, 2003).
52. Cost-shifting is the externalization of costs associated with an activity in which one person profits at the expense of another. See Schwartz & Garfinkel, supra, note 3, at 6-11 (discussing the costs of spam on those other than the spammer).
53. See Schwartz & Garfinkel, supra, note 3 at 4-6 (arguing that “[t]he biggest problem with spam is that if it continues to grow unchecked, its electronic deluge threatens to crowd out all other legitimate messages, making the electronic commons of the 21st century an unusable cesspool of useless marketing messages.”). The authors also assert that the very low costs associated with spam gives no incentive for spammers to target or control the output of their messages, thereby passing the costs off to everyone else – cost-shifting. Cost-shifting is considered an inefficiency of the free market, and, if not controlled, is detrimental to the economy. See also, CAUCE, About the Problem: Cost-Shifting at http://www.cauce.org/about/problem.shtml (last visited Aug. 13, 2003).
54. See, supra, note 9.
55. See Testimony of David Moore of 24/7 Media, Hearing on the Unsolicited Commercial E-mail Act of 2001 (H.R. 95) Before the Senate Communications Subcommittee, Apr. 26, 2001 (asserting that “enforcement mechanisms [regulating spam] should deter spammers from encroaching on the privacy of consumers and not penalize legitimate marketers who are adhering to the standards”) available at http://www.senate.gov/~commerce/hearings/0426moo.PDF (last visited Aug. 13, 2003). 24/7 Media is a provider of online marketing and advertising solutions and services.
56. See Testimony of Jerry Cerasale, House Telecommunications Subcommittee Hearing on Spam, Sept. 28, 1998 available at http://www.techlawjournal.com/congress/slamspam/80928cer.htm (last visited Aug. 13, 2003) (stating that “many current uses of unsolicited e-mail are not appropriate for legitimate marketing…[and] these current uses may well be poisoning the well of commercial e-mail in the minds of consumers.”) Jerry Cerasale is the Senior Vice President, Government Affairs for the Direct Marketing Association, an organization that promotes and regulates direct marketing via mail, phone, and now the Internet. See also, Testimony of David Moore, supra, note 54, (asserting that the “interactive marketing industry has been tainted by the actions of disreputable marketers who use deceptive practices in sending unsolicited commercial electronic mail.”).
57. Presently, the State of Washington has a registry system implemented that allows a resident of Washington to opt-out of UCE and also requires a sender of UCE to check the registry to verify that an address on his marketing e-mail list is not registered. If the sender of UCE sends his mail to a registrant on the registry, he will suffer criminal penalties. However, the procedure is quite cumbersome. The sender must input each e-mail address individually and then wait for an e-mail address that will indicate whether or not the e-mail address is registered. For more information on the registry, visit http://registry/waisp.org/ (last visited Jan. 14, 2002[unable to find this site). The constitutionality of the Washington Anti-Spam statute, of which the registry was its practical application, was the issue of contention in State of Washington v. Heckel, 143 Wn.2d 824 (2001). See, supra, note 46 and accompanying text.
58. The system articulated in this Comment does not contemplate unsolicited bulk e-mail (UBE) for political, religious, or non-profit purposes. That class of e-mail may have heightened constitutional considerations in relation to federal regulation not relevant to commercial e-mail.
59. For the purposes of this proposal, “commercial” means an advertisement that promotes the commercial availability of a product or service for profit.
60. See Heckel, 143 Wash. 2d 824 (2001). Defendant-Heckel registered multiple free accounts with juno.com in order to prevent discontinued access by Juno’s cancellation of his accounts used for practices in violation of their User Agreement. “[W]hen Juno canceled one e-mail account, [Heckel] would simply open a new one and send out another bulk mailing.” Id. at 830.
61. For example, hotmail.com, yahoo.com, and juno.com all issue free e-mail addresses.
62. See generally, CAUCE, supra note 53. (discussing the cost-shifting effects of spam on ISPs, including the costs of filtering, bandwidth purchases, outages, while pointing out the spammer accrues virtually no cost); see also, Schwartz & Garfinkel, supra, note 3, 50.
63. For a discussion on identification verification, see Lynn M. Lopucki, Information Law: A Systems approach 459-469 (2001).
64. See supra, note 8.
65. See supra, notes 25-43 and accompanying text.
66. See Schwartz & Garfinkel, supra, note 3 at 7; see also supra text accompanying note 30.
67. See Schwartz & Garfinkel, supra, note 3 at 4-6; see also supra text accompanying note 53; Rik Farrow, Putting a Stop to Spam, Network Magazine, Nov. 1, 2001, at 80 (stating that spammers “steal server time and network bandwidth”), available at http://www.networkmagazine.com/shared/article/showArticle.jhtml?articleId=8703232&classroom= (last visited Aug. 14, 2003).
68. See James Niccolai, Users look to ISPs to fight spam, survey finds, IDG News Service, June 14, 1999 (stating that “[m]ost users think their Internet service provider (ISP) should help protect them from spam mail, and a significant number will switch to another ISP if it doesn’t [according to a survey]”) at http://www.idg.net/idgns/1999/06/14/UsersLooktoIspsToFight.shtml (last visited Aug. 14, 2003). The article also reported that “7 percent of respondents cited spam as their primary reason for switching to another service provider…[which] translates into about US$7 million a year in lost revenues.”
69. See About the FCC at http://www.fcc.gov/aboutus.html (last visited Aug. 14, 2003) (the FCC is “charged with regulating interstate and international communications by radio, television, wire, satellite and cable”); but see the proposed legislation Unsolicited Commercial Electronic Mail Act of 2001§ 3, 6(H.R. 95) available at http://www.spamlaws.com/federal/107hr95_this_bill_was_not_enacted.html (last visited Aug. 14, 2003) (defining “Commission” as the Federal Trade Commission in section 3 and designating the Commission as the enforcement agency in section 6). The FTC, charged with regulating “unfair and deceptive practices” is a natural candidate for the pending legislation since their provisions mostly deal with truthfulness. The FCC in my proposed system, on the other hand, would act prophylactically to prevent dissemination of spam in the first place and issues related to unfair and deceptive practices would still fall under the jurisdiction of the FTC.
70. See William E. Kennard, Connecting the Globe: A Regulator’s Guide to Building a Global Information Community, June 16, 1999, FCC document available at http://www.fcc.gov/connectglobe (last visited Aug. 14, 2003) (stipulating that the absence of regulation has allowed the Internet to flourish and that “[a] ‘hands-off’ approach [of the FCC] allows the Internet to develop free from the burdens of traditional regulatory mechanisms.”).
71. See id. (reciting the principle that “[w]here government involvement is needed [for regulation of the Internet], it should support a predictable, minimalist, consistent, and simple legal environment for commerce”).
72. The bills introduced in the 107th Congress were the Unsolicited Commercial Electronic Mail Act of 2001, H.R. 95, 107th Cong. (2001), the Wireless Telephone Spam Protection Act, H.R. 113, 107th Cong. (2001), the Anti-Spamming Act of 2001, H.R. 718, 107th Cong. (2001), Anti-Spamming Act of 2001, H.R. 1017, 107th Cong. (2001), the Netizens Protection Act of 2001, H.R. 3146, 107th Cong. (2001), and the “CAN SPAM” Act of 2001, S. 630, 107th Cong. (2001). Most of the laws reflect similar provisions of the state laws.See, Brett Arquette, supra, note 50.
73. See About the Problem by CAUCE at http://www.cauce.org/about/problem.shtml (asserting that “very few reputable marketers us[e] UCE to advertise goods and service” and listing the most commonly seen UCE advertisements as “chain letters, pyramid schemes, ‘get rich quick’ schemes…, offers of phone sex lines and ads for pornographic web sites, offers of software for collecting e-mail addresses and sending UCE, offers of bulk e-mailing services for sending UCE, stock offerings for unknown start-up corporations, quack health products and remedies, illegally pirated software”).
74. See Eric Schlachter, The Intellectual Property Renaissance In Cyberspace: Why Copyright Law Could Be Unimportant On The Internet, 12 Berk. Tech. L.J. 15, (1997) available at http://www.law.berkeley.edu/journals/btlj/articles/vol12/Schlachter/html/reader.html (last visited Aug. 15, 2003) (asserting that “other media industries [besides the Internet] indicate that multi-billion industries can be built primarily on advertising”).
75. See supra, notes 56-58 and accompanying text.
76. See infra, notes 104-8 and accompanying text.
77. See generally, the organizations of CAUCE (Coalition Against Unsolicited Commercial E-mail) at http://www.cauce.org; MAPS (Mail Abuse Prevention Program) at http://mail-abuse.org; and the spam prevention discussion group SPAM-L at http://www.claws-and-paws.com/spam-l.
78. See Schwartz & Garfinkel, supra, note 3 at 5 (comparing the high costs of traditional paper advertising with the extremely low costs of e-mail advertising and asserting that the low costs of e-mail advertising do not give the spammer any incentive to target his message).
79. See Chase, supra note 15 (stating the “the problem [with controlling spam] is inherent in the design of the Internet.”).
80. ARPA stands for the Advanced Research Projects Agency.
81. See Stephen Segaller, Nerds 2.0.1: A Brief History of the Internet 39 (2000) (stating that the “Information Processing Techniques Office…of ARPA …buil[t] the foundations of the networked information economy which surrounds us today”).
82. See id. at 59 . Vint Cerf, one of the original designers of the pre-Internet technology, commented:
The trouble was that ARPA was asked repeatedly to buy the best computing equipment for each one of the universities on the grounds that you couldn’t do…quality computer science without the best computers…[but ARPA] couldn’t afford to keep doing that every year for every place…so the question was, how do I hook them together to do resource sharing, which was the original motivation for the ARPAnet.Id. The ARPAnet was the predecessor of the Internet. Id.
83. But see id. at 73 (relating the reluctance of AT&T, the long-distance telephone monopoly, to become involved in the development of ARPAnet during 1967-1969).
84. See Am. Libraries Ass’n v. Pataki, 969 F.Supp. 160, 164 (S.D.N.Y. 1997) (stating that “The Internet is [now] a decentralized, global communications medium.”).
85. A network is a series of points or nodes interconnected by communication paths. For purposes of this Comment, a network will be defined as the series of points maintained by an ISP, whether it is a private or public entity maintaining the server.
86. See Keith Sutherland, Understanding the Internet: A Clear Guide to Internet Technologies 138 (2000). The larger ISPs are referred to as backbone providers and include AT&T WorldNet, Cable & Wireless, UUNet, BT to name a few. Other backbone providers include IBM Global Network, MCI, Netcom PSINet, to name the most popular.
87. Id. at 138-39.
88. By local ISP I mean any ISP other than the telecommunication giants which are considered backbone ISPs.
89. See the Online Copyright Infringement Liability Limitation Act, 17 U.S.C.S. § 512(k)(1)(A)-(B) (1998).
90. Spoofing means that an e-mail sender deliberately changes the From: line of the header information in order to disguise its origins.
91. See Schwartz & Garfinkel, supra note 3 at 25. In order to bypass ISPs and gain independent access to the Internet, Cyber Promotions, Inc.’s Sanford Wallace “obtained his own high-speed T1 connection to the Internet’s backbone.”
92. See id. at 28. Cyber Promotions’ Sanford Wallace’s “high-speed Internet connection…was [eventually] terminated by Sprint, his upstream ISP.”
93. This is a general assumption. There are ways in which spammers can deliver their spam by bypassing the ISP in which they hold an account; see infra notes 103-5 and accompanying text.
94. Seegenerally, Sutherland, supra, note at 77-98. SSL stands for Secure Socket Layer and is a form of certification exchange for authentication purposes.
95. See Schwartz & Garfinkel, supra, note 3 at 48 (explaining SMTP as the standard protocol by which e-mail is relayed); also see, Sutherland, supra, note 86 at 55.
96. See Schwartz & Garfinkel, supra, note 3 at 47 (explaining that services such as e-mail, Use net, and web pages are assigned ports to designate that service so that the computers can understand what the user wishes to do).
97. See id. at 43-4 (explaining Internet Protocol (IP) addresses).
98. But see, id. at 85 (stating that “[t]he spammer’s ISP may not know that its computers are being used to send spam”). This, however, is most often the case when an ISP is not policing its own system very well. With the licensing requirement, the ISP would be required to police their system or suffer revocation of their license or other penalties.
99. See, infra, notes 103-5 and accompanying text for an explanation of open relays.
100. See Farrow, supra, note 67 (reporting that open mail relays are still available in 20% of ISPs as of 1999).
101. See, Farrow, supra, note 67.
102. Spammers may use throw-away accounts to purvey their spam. This is a common practice since free e-mail addresses are allowed, such as those offered by Hotmail, Yahoo, and Juno. See, supra, note 61.
103. See Mulligan, supra, note 45 at 19 (stating that “[s]pammers…use relays to hide their real identities and locations. By sending a message through a relay system, the spammer can make it look like that system was the originator of the message. Therefore, if mail from the spammer’s site is blocked, a message from the relay site probably isn’t”).
104. See Chip Rosenthal, What is Third-Party Mail Relay, available at http://mail-abuse.org/tsi/ar-what.html (last visited Aug. 27, 2003) for a detailed explanation of third-party relays.
105. See, supra, note 85.
106. See, Farrow, supra, note 67 (stating that mail servers generally ignore the content of e-mail).
107. See, supra, note 10.
108. It is not likely that a single human user could compose 100 messages in a half of an hour’s time. Therefore, this may trigger the ISP that such a volume of e-mail is being composed and sent by some type of automation.