Update: "Address Book Harvesting" Issues to Contend With

Posted on September 8, 2009 by Proskauer Rose LLP

Earlier this year, we blogged about address book scraping and some of the issues associated with the practice, specifically transparency and the use of unsolicited, deceptive e-mails. In a suit against reunion.com, a recipient alleged that she received a “deceptive” e-mail from the site because it was purported to be from her friend when in fact it was from reunion.com and sent without her friend’s consent.

Now another site has come under scrutiny for similar address book scraping tactics. This July, New York Attorney General Andrew M. Cuomo announced that he intends to sue Tagged.com (“Tagged”) for deceptive e-mail marketing practices and invasion of privacy.

According to the Attorney General, Tagged engaged in “unethical and illegal behavior” when it sent misleading invitational e-mails to the personal contacts of its members. Once a person became a member, Tagged would gain access to his or her personal e-mail contacts. Unbeknownst to many members, Tagged would then send personalized e-mails to his or her contacts. The company would personalize these e-mails by making them appear to come directly from the member’s personal e-mail account and, if the member added a picture of him or herself to the site, by including that picture in the e-mail. Tagged further personalized the e-mails by stating that the member had posted pictures online for the recipient to view when no such pictures existed. When a recipient would try to access the pictures, Tagged would require him or her to become a member, and the cycle would start anew.

The Attorney General equated Tagged’s practices to “breaking into a home, stealing address books, and sending phony mail to all of an individual’s personal contacts.” He wants Tagged to stop its practices and is also seeking fines. Tagged sent millions of e-mails between April and June of this year, but stopped its e-mail marketing program after consumers complained of its tactics.

This new development reinforces the importance of transparency and highlights the negative impact of the misuse of e-mails in marketing campaigns. A user should be conspicuously informed if messages may be sent to his or her address book contacts, and the user should provide informed consent before these messages are sent out. Additionally, any e-mail messages that are sent should not be fraudulent or deceptive and comply with the Federal CAN-SPAM Act.
Tags: , ,

CAN-SPAM Preempts California Anti-Spam Laws

Posted on July 6, 2007 by Proskauer Rose LLP

In a recent decision, the Northern District of California held that e-mail harvesting without permission may give rise to a cause of action under the California Penal Code and based on common law misappropriation. More striking, however, was the court’s ruling that the federal CAN-SPAM Act, 15 U.S.C. § 7701 et seq., preempts two California anti-spam statutes. Facebook, Inc. v. ConnectU LLC, --- F.Supp.2d ---, 2007 WL 1514783 (N.D. Cal. 2007).

In the litigation, Plaintiff Facebook, Inc. contends that Defendant ConnectU, Inc. violated several federal and state statutes and engaged in common law misappropriation when it collected e-mail addresses of Facebook’s registered users and then sent them commercial e-mail, encouraging them to switch to ConnectU. Among its claims, Facebook argues that ConnectU violated California Penal Code § 502(c), California Business and Professions Code §§ 17529.4 and 17538.45, and CAN-SPAM, 15 U.S.C. § 7701 et seq. ConnectU moved to dismiss several of these claims, pursuant to Federal Rule of Civil Procedure 12(b)(6).

The trial court denied ConnectU’s motion to dismiss the claim under California Penal Code §502(c), holding that Facebook sufficiently alleged ConnectU "knowingly" accessed Facebook’s website and took, copied, or made use of data it found thereon "without permission."

The court also denied ConnectU’s motion to dismiss Facebook’s misappropriation claim. Rejecting ConnectU’s argument that the federal Copyright Act preempts the common law claim, the court held that the e-mail addresses at issue are not works of authorship, nor are they elements of some larger work of authorship, so they do not fall within the scope of the Copyright Act.

However, the court granted ConnectU’s motion to dismiss California Business and Professions Code §§ 17529.4 and 17538.45, holding that these California statutes are in fact preempted by the CAN-SPAM Act, 15 U.S.C. § 7701 et seq. That legislation provides as follows:

This chapter supersedes any statute, regulation, or rule of a State or political subdivision of a State that expressly regulates the use of electronic mail to send commercial messages, except to the extent that any such statute, regulation, or rule prohibits falsity or deception in any portion of a commercial electronic mail message or information attached thereto.

The court rejected Facebook’s argument that the California statutes fall outside the scope of preemption because they focus on the collection of email addresses, stating that both provisions still plainly regulate the "use of electronic mail to send commercial messages" within the preemptive effect of the CAN-SPAM Act. The court also held that "neither [statute]… purport[s] to regulate false or deceptive email, or require such falsity or deception as an element of the statutory violation."

Tags: , , , ,