November 12, 2009
Tagged Settles Spam and Address Book Harvesting Claims Brought by NY and TX Authorities
[Post by Venkat]
Tagged, which is supposedly the "third-largest social networking site in the world" (whatever this means) recently settled enforcement actions brought by New York and Texas Attorneys General. (See coverage at Bits and Media Post.)
The basic allegations were that Tagged sent emails to people which falsely implied that the people were depicted (or "tagged") in photos in order to get people to sign up for the service. At sign up Tagged also allegedly failed to disclose that Tagged would access the address books of users and send emails trying to get friends of these users to sign up.
The Tagged settlements - details of which are recapped by David Johnson here - required Tagged to pay 250,000 and 500,000 to Texas and New York, respectively. The settlements also require Tagged to provide users with greater disclosure and require Tagged to jump through certain hoops before accessing the address book of a user. David notes that the enforcement actions were brought under a variety of New York statutes including New York's deceptive trade practices law and false advertising statutes. He notes that those statutes "would not be preempted by CAN-SPAM . . . [but] we will never know" for sure, since Tagged settled.
Although Tagged chose not to fight the battle, there's another case pending in California that is roughly analogous, where the court ruled that claims arising out of similar conduct were preempted by CAN-SPAM. (Hoang v. Reunion.com, discussed by Ethan here and here.) As Ethan notes, in the Reunion case, Judge Chesney ruled that CAN-SPAM preempted pretty much every type of email-based claim except for those sounding in common law fraud. Common law fraud has a high damage threshold and because none of the plaintiffs were able to show that they actually relied on, or suffered out of pocket loss due to, misstatements in any Reunion emails, Judge Chesney dismissed the claims against Reunion. (Incidentally, that case is mired at the district court level. Plaintiffs have indicated they plan to appeal, but defendants moved for sanctions based on the fact that plaintiffs represented to the court that they could file a third amended complaint containing adequate damage allegations but ultimately changed their minds and decided they wanted to appeal. The court deferred ruling on the pending motions and requested additional briefing from the parties.)
Tagged is also defending against a class action filed in California. The plaintiffs in this case allege claims under the Computer Fraud and Abuse Act and the Stored Communications Act, among other statutes. (You can access a copy of the complaint here (scroll down).)
So, what to make of these lawsuits against Tagged and Reunion?
1. I'm inclined to agree with Ethan that Reunion went too far in concluding that only claims for common law fraud are carved out of CAN-SPAM's preemption clause. Mummagraphics - the early appellate preemption case - concluded that immaterial errors are not actionable, but that's a far cry from the high bar set by the court in the Reunion case.
2. CAN-SPAM's preemption clause has a second exception for laws that "are not specific to electronic mail," I don't understand why plaintiffs don't try to rely on non-email specific laws. The Reunion plaintiffs brought claims under California spam statutes. Maybe there were structural (standing or damages-related) reasons for why they did so, but I was surprised they didn't just bring claims under California's unfair business practices statute. On a related note, with respect to the Tagged class action, the Computer Fraud and Abuse Act and Stored Communications Act don't seem like a good fit for these types of claims. The Computer Fraud and Abuse Act has a damage threshold that is probably tough to satisfy, and the Stored Communications Act regulates access to the contents of communications.
3. There isn't a ton of law on the scope of California's anti-spam statute, but the Ninth Circuit certified an issue to the California Supreme Court in Kleffman v. Vonage. I'm not sure if this ruling will add to the mix, but it should be interesting to see what the court does here.
4. It's tough to say whether these lawsuits illustrate that enforcement is better left in the hands of government regulators or whether private parties should play a role in enforcement. Excluding large ISPs, private plaintiffs don't seem to have accomplished very much by way of stopping spam. If anything, they have pushed the envelope, and ended up with a framework that makes private enforcement much harder. That said, here the Texas and New York enforcement actions followed the California class action against Tagged, so it's tough to say.
5. Where is the FTC in all of this? Busy regulating paid endorsements by bloggers I guess.
Posted by Venkat at November 12, 2009 08:54 AM | Spam