California Appeals Court Says Company Can Be Held Liable For Spam It Didn't Write Or Know About
from the that-doesn't-make-any-sense dept
In a ruling that Eric Goldman correctly refers to as "divorced from reality," a California Appeals court has ruled that two advertising firms can be held liable for actions done by their affiliates (and sub-affiliates). In this case, these sub-affiliates sent out spam, advertising things on behalf of the defendants in the case. There were a few legal questions raised by the case, including yet another attempt to see if CAN SPAM really pre-empts state anti-spam laws, which are interesting, but which we won't discuss right now. Instead, I wanted to focus on that one key issue of putting the blame on a company for what a third party does.This is a key point that we've been raising a lot around here lately, as more and more people look to blame third parties, often because it's (a) easier and (b) those third parties have more money. While I recognize that we all get annoyed by spam, a ruling of this nature is completely misdirected. It means that if you want to get a company in trouble, just send spam advertising their stuff to California residents. Now those firms are liable for your statements even if it had no idea that you were doing this. Goldman warns that this ruling will "generate lots more of wasteful profit-seeking litigation."
Both Venkat and Eric in the link above question how this ruling could survive a Section 230 analysis -- which should present a perfectly valid safe harbor for the two firms in question. It's not clear if either firm even raised a Section 230 defense, but even without that, I'm troubled by the fact that the court didn't seem to comprehend that it was blaming a company for actions of someone they have no control over. The court -- incorrectly -- claims that this could lead to "take a more active role in supervising" actions of affiliates, but as Eric points out, the strict liability standard put forth by the court means that no matter how active a role they take, if one spam message slips through, they're still liable. That doesn't lead to a more active role in supervising, it leads companies to dump such programs altogether:
Because of strict liability, even advertisers who undertake substantial efforts to police their affiliate network ARE STILL LIABLE FOR ANY PROBLEMS CREATED BY AFFILIATES. Maybe the court got confused about what it meant to impose STRICT LIABILITY. In reality, many advertisers won't rely on affiliates at all if they are strictly liable for what they do. I bet this court would view that as a perfectly fine outcome, but the it's disingenuous to say that strict liability will ratchet up the policing effort. A negligence standard might have done that; strict liability squashes the endeavor altogether.This is definitely a worrisome trend, as we've seen a growing number of courts get tripped up on ideas surrounding third party liability, not recognizing the consequences of those rulings.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: california, liability, spam
Reader Comments
Subscribe: RSS
View by: Time | Thread
[ link to this | view in thread ]
Easy Solution:
Where, even if you "win" you will never be awarded anything--the other party will simply be fined and the money going to the public's (publics' ?) coffers. You still pay your own lawyering fees, win or lose. The only sidereal exception would be cases in which there is demonstrable physical harm to person and/or property; in which case the defendant would pay for the "repairs" thru the court; with the plaintiff never seeing a dime and having no opportunity whatsoever to seek kickbacks via 3rd party contractors...
Such a change would bring about a rapid decline in bullshit "give me money" lawsuits. IMHO anyways.
[ link to this | view in thread ]
They're still affiliates
Holding root vendors liable does two things. First, it prevents vendors from affiliate hopping—that is, moving from one badly behaved affiliate to another. Second, if provides consumers, who typically have less relative power in these adversarial relationships, with an easy to identify entity that should hold some responsibility in solving the problem of spam. Tracking down vendors is easy; just follow the credit card payment. Tracking down spammers is hard (and often impossible, due to overseas connections).
[ link to this | view in thread ]
I don't see this as a problem.
Normally I agree with you Mike, but I don't see this as a problem. If they were not liable, any company could just go to a spamming affiliate and say "oh, don't spam - nudgenudge, winkwink" and be off the hook.
As it sits, it will make sure that companies do business with responsible advertisers and avoid fly-by-nights, which is a win for everybody.
The bit about "blaming third parties" is silly - because the companies in question are not third parties. They are paying the spammers to advertise their products. If they don't do due dilligence when they select their advertisers, it's entirely their fault.
If they were held responsible when someone joe-jobs them, you might have a point, but this is not the case.
[ link to this | view in thread ]
Well Then
[ link to this | view in thread ]
Extreme Hyperbole
Second, under 17529.5, there is a provision for reduction of damages, if there are preventative measures in place.
Third, the reality is that most companies that hire spammers will have a policy prohibiting it, but do nothing to enforce that policy. In a case that I am litigating, the Defendants David Szpak and Emmanuel Gurtler decided not to check any of their affiliates, accept defaults judgments on prior lawsuits (totaling over $300k USD). Even after the judgments were satisfied by seizing monies from accounts, they never bothered sending an e-mail or making a phone call to the plaintiffs in those cases to ask which affiliate.
Fourth, in my current litigation, one of the identified affiliates is Yambo Financials (listed on ROSKO since 2004 and associated with Child porn and fake canadian drugs), which turned out to have 17 different affiliate IDs that shared banking/epassport accounts. In fact, Gurtler claimed that once they learned of this, they terminated this "affiliate" but that was a lie, and they didn't terminate all 17 different aliases for this "affiliate."
[ link to this | view in thread ]
I see your point, Techdirt, but I often think you don't see both sides of an issue. You seem to think business is inherently good, and the bad stuff is just an aberration. It's the other way around.
[ link to this | view in thread ]
The Junk fax law did not cause the sun to explode.
The law is well known and has been around since the 90s that if you hire someone who sends junk faxes, you are liable. I can also spoof faxes, but I have not heard much of that.
[ link to this | view in thread ]
[ link to this | view in thread ]
Re: I don't see this as a problem.
In some cases, I have seen affiliate programs who create phantom accounts, and use those accounts as spam landing pages. When someone complains, they "term" the "rogue affiliate" out of the program, and create a new account for spamming. Oh yeah, they still take all the traffic generated by the same, they just tell people they got rid of that horrible (non-existant) affiliate.
I also agree that TD is on a man run against "third party" stuff this month, but this clearly isn't third party. They are directly in line, not some sideline of the process.
A complete TD fail this time around.
[ link to this | view in thread ]
Re:
I think you took that one a little too far.
[ link to this | view in thread ]
For example, what would the law say about a sub-contractor collecting receivables who breaks the law in the process (ex: breaks a guys arm). I suspect it would depend if the parent company asked them to do that or had prior knowledge of the practices used.
Perhaps there is special consideration given the parent company is deeply familiar with the work the sub-contractor is performing.
[ link to this | view in thread ]
Re: Civil Discourse
[ link to this | view in thread ]
[ link to this | view in thread ]
Re: Re: Civil Discourse
Good question. At least part of it is the rise of 'ownership culture.' Weirdly, it works in two directions. You can own what has been done before you (e.g., most everyone for the last fifty years,) and you can be forced to own what has been done after you (e.g., the above.)
I can't make sense of this mess.
[ link to this | view in thread ]
Re: Re:
[ link to this | view in thread ]
Re: Re: I don't see this as a problem.
Recently we received letters printed on university stationary signed by a university administrators that were nothing more than sales brochures. It is not an appropriate activity for our educational institutions. While not as egregious as spam, those in marketing seem to lack any moral restraint in separating you from your money. Dilbert Cartoon
[ link to this | view in thread ]
Hmm
[ link to this | view in thread ]
Techdirt
/sarc (as the kids say nowadays)
[ link to this | view in thread ]
Re: Re: Civil Discourse
When dealing with children jumping up and down, half of whom are yelling the sky is falling, the other half yelling mine, mine, mine. There can be no rational discourse.
[ link to this | view in thread ]
Ah, it was the anti-spammer trying to make them look bad defense
Valueclick did not deny that it was their affiliates that were responsible.
Most o the time, spammers blame others, anti-spammers, terminated affiliates, or competitor trying to make them look bad.
Years ago, the lawyer for Scott Bradley claimed it was an anti-spammer trying to make him look bad. He is in prison for another year for illegal spamming.
[ link to this | view in thread ]
I am getting tired of companies saying "WE ARE NOT RESPONSIBLE!" when someone who they are doing business with does something bad that they are directly or indirectly PAYING THEM FOR.
[ link to this | view in thread ]
Re: The Junk fax law did not cause the sun to explode.
[ link to this | view in thread ]
Re: Re: The Junk fax law did not cause the sun to explode.
There is a simple solution, track down a few, haul them into court for $1,500 each.
[ link to this | view in thread ]
Re: Extreme Hyperbole
[ link to this | view in thread ]
Re: Extreme Hyperbole
Fair enough. Go after those sending the spam then.
Second, under 17529.5, there is a provision for reduction of damages, if there are preventative measures in place.
Still, why not go after those actually responsible?
Third, the reality is that most companies that hire spammers will have a policy prohibiting it, but do nothing to enforce that policy.
As others noted, why not use a negligence standard then, rather than strict liability?
Fourth, in my current litigation, one of the identified affiliates is Yambo Financials (listed on ROSKO since 2004 and associated with Child porn and fake canadian drugs), which turned out to have 17 different affiliate IDs that shared banking/epassport accounts. In fact, Gurtler claimed that once they learned of this, they terminated this "affiliate" but that was a lie, and they didn't terminate all 17 different aliases for this "affiliate."
In which case negligence could work, right?
[ link to this | view in thread ]
Re: Easy Solution:
[ link to this | view in thread ]
Re:
This is why we have Discovery.
[ link to this | view in thread ]
Re:
[ link to this | view in thread ]
Re: Re: Extreme Hyperbole
To me, it means that the affiliate is not a strict third-party to the plaintiff.
[ link to this | view in thread ]
Re: Re: Extreme Hyperbole
CAN-SPAM liability, for an ISP, is either knew or consciously avoided knowing which is a very difficult standard. Defendants in my case claim to enforce their program. However, when asked to produce documents of such Emmanuel Gurtler and David Szpak said, "We don't keep such records." Not only that, they had programmed their web sites to rewrite the URL so that their spam victims cannot identify the affiliate who sent the spam (unless they watch http headers.)
There are two rules when dealing with spammers and their attorneys: 1. Spammers lie, 2. when a spammer says something see rule one. Or in other words, when do you believe a liar?
[ link to this | view in thread ]
[ link to this | view in thread ]
[ link to this | view in thread ]
[ link to this | view in thread ]
Oh wait - not under that decision. :-( I live elsewhere.
[ link to this | view in thread ]
Companies need to be responsible for the actions of their affiliates, whether it's spam, affiliate-link-laden autoblogs, or whatever other sleazy dealings they think will make them money. We're not talking about honest people working in earnest here. We're talking about lazy, entitled, "screw over whoever you can to make a buck" scum who are basically destroying the internet to push their hostgator affiliate pages and "squeeze pages" for clickbank ebooks.
If you don't believe me, look up some characters like Alex Goad, Wilson Mattos, Jason Fladlien, Build-A-Niche-Store, or just google "make money from home". If there were more rulings like this, these people would be forced back to working real jobs...
[ link to this | view in thread ]
About Span
[ link to this | view in thread ]