Court Says California’s Anti-Spam Statute Doesn’t Regulate Affiliate Networks–Bank v. Hydra

This judgment followed a bench trial in a case over three unwanted email messages. The case was originally filed in 2010!

The plaintiff is a lawyer suing pro se. The defendant is Hydra Group, which operated an affiliate network. The three emails received in January 2010 purported to remind plaintiff about an upcoming renewal for auto insurance. The content of the messages were an advertisement for “quotewizard,” which promised to provide savings for auto insurance. The emails contained unsubscribe instructions with Entourage Media’s address.

There were three entities in the cast of characters: (1) QuoteWizard, the company which advertised in the email, (2) Entourage Media, the entity that sent the emails, and (3) Hydra, the affiliate network.

Plaintiff testified that he opened the messages and clicked on the links and was initially directed to LynxTrack or HydraNetwork, two pages that Hydra maintained in order to track links from the emails. Plaintiff’s memory was equivocal on this point. At trial, plaintiff was understandably unable to click on the links and demonstrate to the court where they took him.

Plaintiff asserted claims under section 17529.5 of California’s anti-spam statute. He alleged that the emails had misleading subject lines (they purported to remind recipients to renew their insurance, but were actually ads). The key question was whether Hydra, as the affiliate network, could be held liable. The statute prohibits a “person or entity [from] advertis[ing]” in emails that contain misleading subject lines.

There was no dispute that Hydra was not advertised in the emails. Plaintiff argued that Hydra should be held liable because Hydra had a “material role” in sending the emails. Testimony from Hydra’s witness (its former GC) recounted how Hydra facilitated advertising on behalf of its network advertisers. Hydra provided an interface where affiliates could log on and obtain graphics, subject lines, and other details associated with a campaign. While Hydra did not hit the send button, Plaintiff’s theory was that without Hydra, the emails would not have been sent.

The court rejects this argument. Citing to Blanchard v. Fluent [pdf] as persuasive authority, the court concludes that the statute does not impose liability on a sender—i.e., even if Hydra had actually sent the messages, it could not be held liable. It follows that if Hydra merely played a material role, it could not be liable. Blanchard cited to section 17529.2, passed in the same year as the statute at issue here, and noted that that statute addressed both senders and advertisers and purported to restrict both. (CAN-SPAM’s preemption rendered 17529.2 largely ineffectual although it’s still on the books.) The omission of language from 17529.5 covering senders (specifically the word “initiate”) reflects legislative intent for this statute to only cover those advertised in prohibited messages. The court also notes that the California recently considered an amendment to 17529.5 to specifically cover senders.

Plaintiff also cited to California appeals court rulings in Hypertouch v. Valueclick and Balsam v. Trancos in support of his position. In Hypertouch, the plaintiff alleged Hypertouch was advertised in the emails and introduced some evidence that the emails redirected recipients to Hypertouch’s own products or services. Balsam did not involve the question of whether senders, rather than advertisers, can be held liable under the statute. The court finds neither case particularly helpful to plaintiff.


The Blanchard ruling fell through the blogging cracks, but it’s an important one. The California spam statute imposes liability on a different set of actors than CAN-SPAM. The analogous provision of CAN-SPAM prohibits the “initiation” of messages that contain false header information, use another’s domain name without permission or misleading subject lines. In contrast, the California statute imposes liability on those whose products are services are advertised in such messages.

One could argue that senders, rather than advertisers, are in a better position to ensure emails comply with the statute. Affiliate networks may have some control over the content of the messages and manner of mailing. In this case, there was evidence that Hydra provided some of the content or ad copy, but often this choice is up to the advertiser or the emailer. The affiliate network generally functions as an intermediary, which raises some Section 230 issues. (See Eric’s post on the FTC’s Leadclick case.)  The court in this case distinguishes the appeals court ruling in Valueclick, but that case seemed to say that affiliates can be held liable. The court also drops a cite to the Cyberheat case. Although it flags Cyberheat for an evidentiary proposition, that was also an affiliate liability case under CAN-SPAM that grappled with the appropriate standard for imposing affiliate liability.

It’s a good win for Hydra but surprising that the case took 10 years to work its way through the system (without any appeals).

I reached out Jared Gordon, one of Hydra’s lawyers (its former GC) to see what he had to say about the ruling, and his comment is below:

I am glad that this case is finally resolved the way we knew it should be- with a verdict for defendant. This case was a great example of the old adage about lawyers that represent themselves.

Case citation: Bank v. Hydra Group, LLC, 10 CIV 1770 (VMS) (E.D.N.Y. Mar. 31, 2019)

Bonus spam ruling: in Zoobuh v. Savicom, 2019 WL 1466285 (D. Utah April 3, 2019), the court granted a default judgment in the amount of $3,003,600. The court finds that defendant’s use of pseudonyms or fake names (e.g., “Cassidy Fox”) in the header means the messages runs afoul of CAN-SPAM. It’s a default judgment, but still a hefty one.

Related posts:

CA Appeals Court: Claims Under State Spam Statute Not Preempted by CAN-SPAM – Hypertouch v. Valueclick

Affiliate Spam Liability is Fact Question–US v. Cyberheat

CA Appeals Court: Claims Under State Spam Statute Not Preempted by CAN-SPAM – Hypertouch v. Valueclick

Does the FTC Get a Free Pass From Section 230?–FTC v. LeadClick