India: Throwing A ‘Spam’-Mer In The Works

We’ve all got a lot of it, without ever asking for it, and despite the fact that its free, we don’t want any more of it. We’re talking about ‘spam’.

‘Spam’ may be defined as unsolicited bulk e-mail sent for commercial and marketing purposes. Almost anyone who has a web-based email account would have received innumerable amounts of spam mail, which attempt to sell anything from low mortgage rates to pornography to miraculous cures for weight loss.

Spam is undesirable for several reasons: Spam mails are useless - containing information that we would usually never need, and products that we would even less likely purchase. Spam mails are also a headache, as we would require deleting them to ensure that our email accounts do not exceed the maximum permitted storage size.

Additionally, spamming results in ISPs facing slower server speeds and degraded response times from the ISP's mail exchanger service. Last but not the least, objectionable spam mail is sometimes well disguised and often so worded in the header that it looks like an ordinary mail – thereby causing quite a bit of embarrassment when pictures of unknown semi-clad women pop up on our computer screens!

An OECD Report estimates that the "worldwide cost to Internet subscribers of spam is in the vicinity of $ 12.5 billion a year". Not surprisingly, several countries have enacted laws to regulate, and in some cases prohibit, this technological ‘scourge’.

Though several states in the United States already have their own legislations regulating spam, the only enacted federal legislation in the United States in force presently is the "Controlling the Assault of Non-Solicited Pornography and Marketing Act of 2003", popularly known as the CAN-SPAM Act.

The Preamble to the Act clearly sets out its objectives:

"To regulate interstate commerce by imposing limitations and penalties on the transmission of unsolicited commercial electronic mail via the Internet."

The Act requires unsolicited commercial e-mail messages to be labeled (though no standard method is prescribed) and to contain opt-out instructions for the recipient, as well as the sender's physical address. The Act also prohibits the use of deceptive subject lines and false headers in such messages. Interestingly, the Federal Trade Commission, the regulatory agency with wide-ranging powers to create and enforce a wide variety of rules under various consumer protection legislations, is authorized to establish a "do-not-email" registry, but not compulsorily required to make such a registry. The CAN-SPAM Act takes effect on January 1, 2004.

Several states in the United States have their own legislations such as Washington, which had its own law regulating Spam as early as 1998. Unlike the federal law, which only regulates spam, the Washington legislation prohibits commercial e-mail that has false or otherwise misleading information in the subject line. Further, it also bans commercial e-mail that contains an invalid reply address or disguises the transmission path. From the perspective of enforcement, the law permits message recipients and ISP's as well as the attorney general's office to file civil suits for compensation and punitive damages.

B. United Kingdom

The United Kingdom has been relatively less pro-active compared to other jurisdictions, which have implemented legislations to regulate spam much earlier.

Until recently, the only legislation in force was the Consumer Protection (Distance Selling) Regulations 2000, which implements the EU Directive 97/7/EC on the Protection of Consumers in respect of Distance Contracts. Under the EU Directive, Member States have three options while legislating: (a) provide for an opt-in clause, (b) provide for an opt-out clause and (c) provide for self-regulation by the industry.

Subsequently the above principles have been extended, in the light of new technology, to apply to unsolicited mail, phone and the Internet in the form of implementation of the EC Directive on Privacy and Electronic Communications (2002/58/EC). The said regulations are in force since 11 December 2003 and the new rules apply on a "technology neutral" basis.

Under UK law, any use of email, e-faxes and SMS messages for direct marketing will require the prior consent of subscribers, who can ‘opt-in’ for such services. There are limited exceptions to this requirement - such as if the electronic contact details had been obtained in the course of the sale or negotiations for sale of product or service to the target customer.

Another requirement under the new Regulations is that all e-marketing messages must include a valid address to which the recipient may address an unsubscribe request.

There is no law presently in India, which provides for, or has been enacted to deal with the issue of spam.

The Information Technology Act, 2000 (the "IT Act") does not contain any provision regulating the act of ‘spamming’. However, the IT Act does regulate ‘obscenity’, which covers publishing, transmitting or causing to be published in electronic form, any material which is lascivious, or appeals to the prurient interest, etc. Considering that a large proportion of ‘spam e-mail’ pertains to pornography, is it possible that a ‘spammer’ may be brought under such a provision?

In any event, the wording of Section 67 is ambiguous, and it may be also possible that an ISP may be considered liable, as it may be said to be ‘transmitting’ such electronic material.

In the absence of any statutory protection to check spam mails on Internet, it may be necessary to rely on the traditional tort law principles of ‘trespass to goods’ as well as the ‘law of nuisance’ to address the challenges posed by spammers.

The term ‘nuisance’ is derived from the French word ‘nuire’, to do hurt, or to annoy, and an action for nuisance arises in respect of an act producing material injury to property or an act producing personal discomfort.

‘Trespass to goods’ occurs when the unlawful disturbance of possession of the goods, whether actual or constructive held by the plaintiffs, by an act of the defendants causing damage to the goods.

It would seem likely that Indian courts would use existing laws of torts, to deal with the issue of spam, until separate legislation specifically regulating spam is enacted.

In the first-ever judicial order in India on the issue of spam, the Delhi High Court has restrained a party from "causing transmission of unsolicited bulk electronic mail" to any user of the services of an Internet Services Provider (ISP).

In the case of Tata Sons v. Amait Kumar Gupta, Justice R.C. Chopra has passed an interim injunction against McCoy Infosystems Pvt Ltd and its proprietors and agents from indulging in the activity of jamming the VSNL Internet server.

A suit was instituted by Tata Sons, on behalf of VSNL, wherein it was alleged that through the Unsolicited Bulk Commercial E-mail (UBCE), McCoy Infosystems Pvt Ltd and the other defendants were intentionally "tresspassing" on VSNL's property despite being black-listed for habitual transmission of UBCE.

The plaintiffs argued that the transmission of UBCE by McCoy Infosystems Pvt Ltd into the VSNL systems was directly responsible for denying VSNL access to use of its own property. As such, the defendants were causing an electronic nuisance to VSNL and breaching the terms and conditions of the services provided by it.

It may be noted that the said interim order is in the nature of a temporary restraint, and it may be some time until the entire court proceedings are completed, which include submissions by all the parties and a final hearing, before the final judgement is issued.

Nevertheless, the order of the Delhi High Court is significant – firstly, it recognizes that spamming is a problem and needs regulation, and secondly, in the absence of a specific law, judicial recognition through interpretation of other laws may be necessary.

It is interesting to note that VSNL had obtained the said order on the basis of arguments addressed under the traditional tort law principles of trespass to goods as well as the law of nuisance.

Though the current Indian legal regime may be ambiguous and indefinite about the regulation of spam, it is possible that existing Indian laws could be creatively used to provide some relief against the persons engaging in spamming activity.

Nevertheless, the enactment of clearly defined laws and the establishment of effective enforcement machinery may be imperative in the longer run. Until then, the only effective remedy to fight the onslaught of spam may be technology itself!