[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: New California Spam Law is Bullshit

At 10:06 PM 9/30/98 -0700, Tim May wrote:
>Think twice before citing this new law....
>Whatever one thinks about unsolicited e-mail, the provisions of this new
>California bill are frightening to any supporter of liberty.

Yeah - they aren't totally evil bills, in the sense that one shouldn't
ascribe to malice that which can be adequately explained by stupidity,
but they're both pretty bad, as well as vague and unclear.
On the other hand, if you're not willing to go to Sacramento to help
them make sausages, the way the anti-spammers are, it's harder to
justify bitching about the quality of sausage they're shoving down your throat.

>* and where does the "must have a toll-free number" bullshit come from?
>Think about it. It may sound _nice_ to demand that people have toll-free
>numbers, but where is the constitutional support for such a taking?

More precisely, Bowen's bad bill requires you to establish either a
toll-free number or sender-operated email address, and include on your
unsolicited commercial fax or email the toll-free number or an address 
to which the recipient can write or email.  Less precisely, it doesn't
say that the number has to be toll-free IN CALIFORNIA, or that you have to
answer calls to the phone number.

Both bills have serious problems with banning anonymity, and with clearly 
identifying when they apply, given the combinations of recipient, sender, 
recipient's ISP, recipient's email mailbox, sender's ISP, telecom provider, 
and probably other physical and corporate entities that can either be
inside or outside California - or both - with or without knowledge of the
sender, and with asserting jurisdiction over non-California-based senders,
and asserting that jurisdiction based on factors the sender may not know.

And then there's the lovely definition of "published" in one of the bills -
it applies if you violate the ISP's published anti-spamming policy.
They're (correctly) not required to _have_ an anti-spamming policy,
but if they have one, you're required to obey it if it's published,
either by putting it on their web page (pointed to from their home page),
or "available by mail for free on request".  Of course, if they don't
*have* a policy, they're under no obligation to send you a timely
printed version by snail-mail, so even leaving out the undue burden
of determining who a recipient's email provider and ISP are,
and determining whether they have an anti-spamming policy,
and what if means, you can't safely send your fine commercial
solicitation to lucky recipients whose ISPs *don't* have an 
anti-spam policy on their web page, because it might only be on paper.

On the other hand, you can send your spam from a spamhaus,
and if I read the bill correctly, the spamhaus is safe,
and probably the sender is also, especially if they're both
outside of California.  So it's not much protection against spammers.
(The language about policies of the recipient's ISP is vaguer,
and has more risk of legal weakness because there's no
legal contract between the sender and the recipient's ISP.)

Then of course, who really _sent_ the mail?  An anonymous user
of a spamhaus?  (That bad, bad person!)  What if he paid digicash,
or walked in and paid cash for an account?  What if it's not "he",
but "it", a corporation that got set up for $50, used for spamming,
and then obeys the laws by never spamming any complainers again, 
though its owners can start a new corporation the next day and burn it too,
perhaps even starting it off by selling it the list of complainers...

Bill Stewart, [email protected]
PGP Fingerprint D454 E202 CBC8 40BF  3C85 B884 0ABE 4639