Home | Databases | WorldLII | Search | Feedback Privacy Law and Policy Reporter

Rollo, Troy --- "Liability for spam through trespass to goods" [2001] PrivLawPRpr 37; (2001) 8(4) Privacy Law and Policy Reporter 77

Liability for spam through trespass to goods

Troy Rollo

Spam is perhaps the single largest issue affecting privacy on the internet. The problem of email spam first arose in earnest in 1995 and 1996, with exponential growth patterns since then. Legal development of this issue has been twofold: statutes have been passed in several European and US jurisdictions,[1] and actions using the tort of trespass to chattels — also known as ‘trespass to goods’ — have been prosecuted in the US. In the absence of statutes explicitly prohibiting spam, there has been a general assumption that spam per se is not illegal. Further research into the case law, however, reveals that this assumption appears to have been mistaken.

To begin, we need to define spam. Spam has been variously defined as ‘unsolicited bulk email’ (UBE), ‘unsolicited commercial email’ (UCE) and ‘any email the recipient doesn’t want’. Although the core of the problem is in the bulk nature of the email, the most visible part is commercial, and due to constitutional issues in the US, UCE has taken the spotlight in legislation and UBE in litigation. In any event, it is useful for the purposes of this article to treat the status of unsolicited email that is both bulk and commercial, or ‘UBCE’, as there is little dispute that any email that is in both categories is spam. This is, coincidentally, the approach taken by Sorkin in his recent article[2] giving a detailed account of the state of play on spam to date.

Trespass to goods as used to date

The use of the action in trespass to goods is interesting due to its potential applicability to all common law jurisdictions. The tort can be committed by any intentional act involving interference with goods in the possession of another.[3]

The first case to consider whether spam could constitute trespass to goods was CompuServe v Cyber Promotions.[4] In that case, CompuServe had issued notice to Cyber Promotions that its spams were unwelcome, and had made efforts to block the transmissions. Cyber Promotions responded to this by transmitting the spams with new origination addresses, thereby bypassing the blocking mechanisms.

The critical questions of the decision were whether the sending of spam to the plaintiff’s systems constituted a sufficient interference with the computers, whether there was damage and whether there was consent for the interference.

The question of permission was easily dealt with. The defendant pleaded that by placing a computer on the internet, configured to accept email, permission had been granted for the transmission of email. In the normal case, this seems prima facie a plausible defence. In CompuServe, how-ever, the plaintiff had given an explicit notice that the interference was unwelcome, so any implied permission was thus withdrawn. The Court mused that in the absence of explicit notice directed at the defendant, there may have still been implied consent — however, that this aspect of the reasoning was obiter, and was not presented as a definite statement of principle.

In the US, the tort also requires the interference to be a physical interference, although there appears to be no requirement for the interference to be physical in Australia, and the historical view supports a lack of a requirement for a physical interference.[5] The CompuServe decision referenced Thrifty-Tel Inc v Bezenek,[6] which held that electronic signals were a sufficient interference to support an action in trespass.

At first glance the established US requirement of damage for a case in trespass to goods seems fatal to a prosecution for spam. The most often cited source of this principle is the Restatement (Second) of Torts[7] §218. While the authority of that principle is in any event questionable,[8] it did not prevent the action — the Court found that the plaintiff’s computer was damaged under the second heading of damage in the Restatement, impairment to the chattel’s condition, quality or value. The Restatement appears to allow for even trivial and subjective damage, offering as an example a plaintiff’s view that a toothbrush, after being used by another, may have no further value at all.

The result of the CompuServe case has been repeated in numerous cases since then,[9] and has been expanded to other types of unauthorised access to computers.[10] In Ebay Inc v Bidder’s Edge Inc,[11] in which the plaintiff gave the defendant an explicit notice withdrawing permission to use a spider program to extract data from the site, Whyte J held that the potential for even minimally diminished performance is sufficient to constitute an impairment of value. Further, the possibility that multiple parties could combine to cause significant cumulative damage was stated as an important policy consideration.

Objections to this use of trespass to goods

This use of trespass to goods as a method of dealing with spam is not entirely without its critics. Dan Burk has stated some significant concerns with the use of trespass to goods to protect electronic equipment. He argues that if these cases are accepted:

[W]hole new vistas of electronic trespass are opened to our view. Unwanted telephone callers would seem to be engaging in trespass to chattels ... So, too, with fax machines that receive unwelcome transmissions, radios and televisions that receive unwanted transmissions ... I will not even begin to pursue here the endless possibilities for trespass upon household appliances plugged into electrical outlets, but instead leave such reflections to the reader’s imagination.[12]

While this reductio ad absurdium argument seems sufficient to strike fear into the heart of a person ignorant in the law, it fails to account for the very mechanisms of the law that are in place to prevent such outcomes. Implied consent prevents an action against arbitrary unwanted callers, and the requirement for a direct and intentional interference deals with the unwitting and indirect interferences with televisions or electrical appliances that Burk envisions.

Scope of consent

CompuServe v Cyber Promotions did not need to deal with the extent of implied consent, and no case since has examined this point further. The scope of any implied consent is determined by the expectations of society as a whole as to what implied consent exists. A sender of email has consent only to the degree accepted by society. In 1996, when CompuServe was before the Court, the expectations in the area of spam may still have been subject to some controversy. This is not the case today.

In Codes Communications Inc v Nexx Online Inc,[13] the Canadian courts had the opportunity to consider directly the community acceptance of spam. The Court found that spam was a breach of ‘netiquette’ — essentially ruling that the use of spam is not considered reasonable by society at large. The Court made this decision based on the number of complaints that spam generates, the fact that the plaintiff spammers were unable to find an alternative service provider who would allow them to spam, and widely published material on the subject already available on the internet. The Court concluded that ‘[t]he unrestricted use of unsolicited bulk commercial email appears to undermine the integrity and utility of the internet system’.

Today there is little doubt that the implied consent for email does not extend to spam. The principle that ‘opt in’ is the standard for bulk email is well established, and it is difficult to find a service provider whose acceptable uses policy does not prohibit spam. There is no plausible opportunity to claim today that the implied consent includes consent for spam. A spammer’s ignorance as to this limitation on implied consent is irrelevant — such a claim of ignorance would be an attempt at a defence of mistake, a defence that does not exist for any trespass.[14]

Conclusion

The existing cases clearly support an action for trespass to goods by ISPs against spammers who have been given an explicit withdrawal of consent, and the social limitation on implied consent suggests that an ISP has an action against the sender at the time of the first spam. There appears to be no need to have notified the spammer in advance that their spam was unwelcome — which is an impossible feat in any event. The tort of trespass to goods thus accords well with standard community expectations that no person should send bulk commercial email other than at the request of the recipients.

The United States courts have already held that exemplary damages can be recovered for spam.[15] While this may strike some as extreme, there is little question that a spammer breaches the property rights of recipients of the spam, and that without exemplary damages there is little to discourage the actions of spammers. In order to deter spamming, an activity which usually seeks to realise commercial gain, the measure of exemplary damages would need to be enough to ensure that spammers could not hope to profit from their activities.

Troy Rollo is chairman of the Coalition Against Unsolicited Bulk Email, Australia, and is currently studying graduate law at the University of Western Sydney.

[1] <law.spamcon.org/>.

[2] Sorkin David E ‘Technical and legal approaches to unsolicited electronic mail’ (2001) 35 USFL Rev 325.

[3] Fleming John G The Law of Torts (9th ed) LBC Information Services NSW 1998.

[4] CompuServe Inc v Cyber Promotions [1997] 962 F Supp 1015; [1997] US Dist LEXIS 1997; (1997) 25 Media L Rep 1545.

[5] Farmer v Hunt (1610) 1 Brown 220; [1675] EngR 565; 123 ER 766.

[6] Thrifty-Tel Inc v Bezenek (1996) 46 Cal App 4th 1559.

[7] Restatement of the Law: Second, Torts American Law Institute Publishers St Paul 1965.

[8] Three cases are cited by the Restatements as authority for this principle: Glidden v Szybiak (1949) 95 NH 318, 63 A 2d 233 cited a previous edition of the Restatement as its source of authority; Paul v Slason (1850) 22 Vt 231, 54 Am Dec 75 was a case in which there was neither damage nor affront to the plaintiff in the use of his property, save for the fact that it was used in assisting with the removal of other property taken in judgement; and Graves v Severens (1868) 40 Vt 636, which was an action against a person in possession by the owner, which is no action at all in Australia: Penfolds Wines Pty Ltd v Elliot [1946] HCA 46; (1946) 74 CLR 204.

[9] Hotmail v Van Money Pie [1998] US Dist LEXIS 10729; (1998) 47 USPQ2D (BNA) 1020; America Online Inc v IMS et al [1998] 24 F Supp 2d; [1998] US Dist LEXIS 17437; (1998) 48 USPQ2D (BNA) 1857; America Online Inc v National Health Care Discount Inc [1998] 121 F Supp 2d 1255; [2000] US Dist LEXIS 17055 America Online Inc v LCGM Inc et al [1998] 46 F Supp 2d 444; [1998] US Dist LEXIS 20144; America Online Inc v Prime Data Systems Inc Prime Worldnet Systems Inc and Vernon N Hale [1998] US Dist LEXIS 20226; America Online Inc v IMS et al [1998] US Dist LEXIS 20645.

[10] Ebay Inc v Bidder’s Edge Inc [2000] 100 F Supp 2d 1058; (2000) 54 USPQ2D (BNA) 1798; TicketMaster Corp v Tickets.Com Inc [2000] US Dist LEXIS 12987; (2000) Copy L Rep (CCH) 28,146; Register.Com Inc v Verio Inc [2000] 126 F Supp 2d 238; [2000] US Dist LEXIS 18846.

[11] Ebay Inc v Bidder’s Edge Inc [2000] 100 F Supp 2d 1058; (2000) 54 USPQ2D (BNA) 1798.

[12] Burk DL ‘The trouble with trespass’ (2000) 4 J Small & Emerging Bus L 27 at 34.

[13] 1267623 Ontario Inc and Codes Communications Inc v Nexx Online Inc (1999) ACWSJ LEXIS 16867; (1999) ACWSJ 28951; (1999) 89 ACWS (3d) 135.

[14] Whittier ‘Mistake in the law of torts’ (1902) 15 Harv L Rev 335; Basely v Clarkson [1797] EngR 187; (1681) 3 Lev 37; 83 ER 565; Hollins v Fowler [1875] UKLawRpHL 18; (1875) LR 7 HL 757; Fleming above note 2 at 84.

[15] America Online v Prime Data Systems [1998] US Dist LEXIS 20226.