Leave it to Californians to pass an anti-spam law that could ruin e-mail for the rest of us. New legislation -- signed into law two months ago by Gray Davis and set to take effect Jan. 1 -- would load punitive burdens on businesses not just in the Golden State but across the country, while shutting down uses of e-mail that are in fact welcome to most recipients. It would also unleash bounty-hunting lawyers who'd concentrate their efforts not on the fly-by-night spam operations that clog most inboxes, but on extracting money from legitimate concerns that weren't intending to break any law.
The trouble with the California law starts with its broad definition of spam. Most unwanted bulk e-mail is sent blindly to thousands, even millions of recipients. Amazingly, California lawmakers set no threshold at all: They explicitly contemplate liability for "a single transmission or delivery to a single recipient." (Think twice before sending an e-mail to someone whose business card you picked up at a convention.)
The only lawful messages would be those in which the recipient had either requested e-mail regarding goods and services, or had a pre-existing business relationship with the sender. Permission given to one sender would probably not be transferable to others, even if the address-holder intended to give broad consent at the time. The result would be to shut down sharing of what is known as "permission-based" e-mail lists between marketers, no matter how willingly consumers had given such permissions.
Other legal traps aren't hard to find. Online publications include a button inviting visitors to "Send this story to a friend." But this would very likely violate the new California law, because even if the friend has a pre-existing relationship with the recipient, the publication, whose server will be used to send the message, doesn't.
What lends urgency to these speculations is the harsh penalty: $1,000 per errant e-mail, payable to individual complainants. There's a million-dollar ceiling per "incident," but each transmission not containing "substantially similar content" would count as a separate incident. So a year's worth of a weekly newsletter would expose a company to $52 million in possible liability, even if no actual recipients had complained. Entrepreneurial lawyers, with which California is well supplied, would be sure to demand class-action status on behalf of all recipients whom a mailer couldn't prove had given exactly the right kind of consent.
The consequences of the law can't be confined within California's borders. There's no way to pick through a list of Hotmail addresses to pick out which ones are used by California residents, accessed from California computers, or billed to a California mailing address -- each of these a category covered by the law. Even relatively small businesses elsewhere in the U.S. would run into liability in California courts.
There is, however, a way around the California law. The "CAN-SPAM" Act, expected to land soon on the president's desk, would override anti-spam laws now in effect in 37 states, including California's. Anti-spam activists complain that CAN-SPAM doesn't ban unsolicited commercial e-mail as such, and reserves enforcement for public agencies and Internet service providers rather than giving individual e-mail users a right to sue. But one need only consider the litigation resulting from 50 different anti-spam laws in 50 different states to realize that a federal law is required.