The California Court of Appeal recently upheld a trial court’s findings that commercial emails violate the state’s anti-spam law when they are sent under a sender domain name that either fails to identify the actual sender, or isn’t readily traceable to the sender by use of a publicly available online database.
According to the appellate court, in Balsam v. Trancos, permitting commercial email marketers “to conceal themselves behind untraceable domain names” greatly increases the likelihood of “Internet fraud and abuse,” which are the “very evils for which the Legislature found it necessary to regulate such emails” with the anti-spam law.
The Trial Court
Plaintiff Balsam originally sued Trancos, an email marketer, under California Business and Professions Code Section (B&P Code §) 17529.5(a)(2) after he received eight commercial email advertisements on behalf of an unidentifiable marketer. The emails were sent through various domain names privately registered to a proxy service, which made it very difficult for plaintiff to determine who was responsible for sending them. Further, the advertisements did not purport to be from anyone in particular, as the “from” email addresses included accounts such as “firstname.lastname@example.org,” and “email@example.com.” The subject lines of the emails also varied – some recipients were invited to take surveys in exchange for payment, while others received dating-related services and offers.
According to the complaint, the defendant sent the commercial emails in violation of California B&P Code § 17529 et seq., which makes it unlawful for any person or entity to send a commercial email advertisement from California or to a California email address when the email advertisement contains or is accompanied by “falsified, misrepresented, or forged header information.” Plaintiff argued that because the sending domains and “from” names on the eight emails he received did not adequately identify the defendant as the sender, their “header information” was illegal.
The trial court largely agreed, finding that the sending domains and “from” names in seven of the eight emails at issue violated B&P Code § 17529.5(a)(2) by inadequately identifying the sender. According to the trial court, nowhere in the header, body and/or opt-out of the seven emails was there evidence that they came from the defendant – a company that operates a number of Internet advertising businesses. As such, defendant’s falsity or misrepresentation was based on the fact “that the ‘sender’ names (or domain names used) do not represent any real company, and cannot be readily traced back to the true owner/sender.”
In contrast, the trial court found that one of the eight emails at issue did not violate the statute as the sender was readily apparent in the header information.
Upon review, the California Court of Appeal affirmed each aspect of the trial court’s decision. According to the court, “header information in a commercial e-mail is falsified or misrepresented for purposes of section 17529.5(a)(2) when it uses a sender domain name that neither identifies the actual sender on its face nor is readily traceable to the sender using a publicly available online database such as WHOIS.” Further, where a commercial marketer, such as defendant Trancos, “intentionally uses privately registered domain names in its headers that neither disclose the true sender’s identity on their face nor permit the recipient to readily identify the sender…such header information is deceptive and does constitute a falsification or misrepresentation of the sender’s identity” in violation of the law. The appellate court found that the from lines, which “misrepresented the sender’s identity,” were unlawful.
To read the California Court of Appeal’s ruling in Balsam v. Trancos, click here.
To read the FTC’s CAN-SPAM Act, Compliance Guide for Business, click here.
Why it matters: The California Court of Appeal’s ruling in Balsam v. Trancos will ultimately have a significant impact on the way companies, both in and out of California, use commercial email advertisements to market products and services. Gone are the days when marketers and their hired affiliates freely use generic “from” lines or untraceable domain names to send ads to consumers. Instead, email marketers must now comply with California’s anti-spam law by including either (1) a domain name that is registered to the sender and can be easily determined by performing a WHOIS lookup, or (2) the name of the sender or marketer on whose behalf the email was sent in the emails header (i.e., the sender names, domain names, and email addresses that appear on the “from” lines).
Because provisions of B&P Code § 17529.5(a)(2) closely mimic those of the CAN-SPAM Act, it can be argued that the court’s ruling in Balsam v. Trancos reaches across California borders to all 50 states. The CAN-SPAM Act is a federal law that sets the rules for commercial email, establishes requirements for commercial messages, gives recipients the right to have the marketer stop emailing them, and spells out tough penalties for violations. Among other things, it prohibits the use of false or misleading header information in all commercial messages, which the law defines as “any electronic mail message the primary purpose of which is the commercial advertisement or promotion of a commercial product or service.” This includes email that promotes content on commercial websites.
Given the similarities between California and federal law, marketers throughout the country should revise their email protocols so as to ensure that the header information in their commercial emails is both accurate and traceable through use of a publicly available online database, such as WHOIS.