ARCHIVED—Key Elements of a Private Right of Action
Information identified as archived on the Web is for reference, research or recordkeeping purposes. It has not been altered or updated after the date of archiving. Web pages that are archived on the Web are not subject to the Government of Canada Web Standards. As per the Communications Policy of the Government of Canada, you can request alternate formats on the "Contact Us" page.
A Statutory Private Right of Action against Spammers in Canada
Canadian Context, Lessons Learned, and Implications of Different Approaches
Report to Industry Canada's Task Force on Spam
December 17, 2004
If a private right of action against spammers is to be adopted in Canada, legislators can learn from the experience with such actions in other jurisdictions and under other Canadian statutes so as to construct a mechanism that is effective in deterring spam and that does not have undesired consequences.
A statutory right of action in respect of spam should offer simple, uncomplicated rights of action that are easily susceptible to proof. In order to avoid lawsuits against bona fide marketers and to deter frivolous lawsuits, the cause of action can require demonstration of a “pattern or practice” of sending unsolicited e-mail (as under the US CANSPAM Act), or a second unsolicited e-mail message from the same party, after an objection and a sufficient length of time to permit removal of the address from any lists.69
A private right of action for individual recipients of spam is seen by many as a crucial part of effective anti-spam legislation, given that it may not be in the interest of ISPs to litigate violations of a spam law.
However, individual consumers generally lack the resources to fund litigation, especially where they do not have a strong and unique self-interest in the case. The availability of class actions (together with other measures) can serve to mitigate this problem. In the context of spam, however, certain requirements for class certification may be difficult to meet. In particular, it may be impossible to define an identifiable class of persons raising common claims (e.g., recipients of a given spam message who suffered damages as a result of reliance on a misrepresentation). On the other hand, some US experts warned against permitting class actions together with statutory damages and rights of action that can be used against legitimate marketers who have merely slipped up. Such a combination of factors can result in annihilation of companies rather than corrective practices.70
Some stakeholders oppose permitting individuals to sue, arguing that ISPs and E-mail service providers are better placed to identify and pursue the worst spammers. If a new anti-spam private right of action is to be adopted in Canada, further consideration should be given to this issue.
One of the thorniest problems in suing spammers is tracing and enforcing judgments against them. Many statutes surmount this problem by allowing plaintiffs to sue businesses who have engaged the spammer to advertise their wares. Indeed, this seems to be a key element of the more successful state statutes, as it allows plaintiffs to recover monetary awards from companies who want to stay in business. As noted by one expert,
"vendor liability reduces the problem of tracking down a target substantially. In most cases, vendors have a significantly more difficult time than the actual spammer at hiding their identity or internalizing the costs from the risk of prosecution. If you can dry up the demand by vendors for spammers' services, eventually the problem of spam will be greatly diminished."71
Another expert argues that businesses should not be able to escape liability by hiding behind spammers. Holding advertisers partly responsible for spam would encourage better “list hygiene”, and would encourage businesses to use reputable marketers to send their messages. Without the ability to sue both the spammers themselves and the businesses who engage them, some experts argue that anti-spam legislation will simply encourage a shell game, with one shielding the other from liability.
Others raise concerns about making businesses liable for the practices of e-mail marketers they engage, arguing that they cannot control such practices, and that they rather than the real culprits will end up being the targets of anti-spam lawsuits simply because of their deep pockets. California considered, but did not adopt, a provision allowing actions against the business or individual that hired the e-mail sender. The provision came under attack by businesses who argued that they should not be held liable for problems with the address lists of marketers.
CAUCE Canada withdrew its demands for a statutory right to sue the beneficiaries of spam because of a concern that no matter how certain the sender is that its list is “clean”, there will always be a risk that consent is lacking for a very small fraction of recipients. For example, a sender may send 24 million email newsletters on any given day containing as part of the message an advertisement from a third party business. If the sender were lacking consent for as few as 1% of those newsletters, the advertiser would still be liable for 240,000 messages. Since the proposed law provided for statutory damages, the risk to the advertiser would be too great to continue to advertise. Note that CAUCE's concern exists only with a consent-based cause of action, and could be addressed via a “pattern or practice” requirement such as in the US CAN-SPAM Act.
Consumer litigation behavior is highly sensitive to procedural complexity, timeliness and expense, suggesting that less formal forums may prove more attractive venues to a consumer considering bringing an anti-spam action. If a private right of action is meant to be used by individual plaintiffs, such plaintiffs should be able to bring their actions in provincial small claims courts. Even better from an access-to-justice perspective would be the establishment of less formal and onerous administrative processes by the CRTC or the Privacy Commissioner, were their governing statutes amended to permit the ordering of remedies.
Without statutory damages, an anti-spam private right of action is unlikely to be used. Damages in such cases are difficult to prove, and may be insignificant. As noted by one expert,
"Many private organizations are already dedicated to tracking down spammers. If these organizations and other enterprising individuals are rewarded with a small fee from governments they may, in effect, serve as private bounty hunters for prosecutors. While it seems unlikely that such a system alone would be sufficient to deal with the spam problem, so long as negative impacts to society are minimized, and the fee paid to the bounty hunters is lower than the costs prosecutors would normally bear to identify spammers, such a program may assist in creating an effective anti-spam regime."72
Every private right of action against spam in the US provides for statutory damages. The amounts of damages range from $10 to $10,000 per message or up to $35,000 per day. CAN-SPAM provides for statutory damages of $100 per message for false or misleading messages or $25 per message violating other provisions to a maximum of $1,000,000. Washington state law provides for $500 per spam; this model was recommended by two of the experts we consulted. Lower amounts than this are unlikely to encourage lawsuits. The rationale behind selecting a value should be to set an amount low enough to discourage frivolous lawsuits but high enough to sufficiently reward plaintiffs and deter spammers.
Two of the experts we consulted pointed to the success of the anti-junk fax provisions of the US federal Telephone Consumer Protection Act of 1991 in slowing down the rate of unsolicited fax transmissions in the USA. According to them, a key factor in this statute's success (in addition to its availability for use by anyone) is its provision for statutory damages.
Some commentators have argue that statutory damages in the hundreds of dollars are an insufficient incentive to private litigators, and that a significant "bounty" (e.g,. $100,000) for successful spam-hunters is likely to have more success. Such an approach has yet to be adopted. The FTC considered it earlier this year and found that the persons most likely to be able to identify spammers – insiders – may be reluctant to come forward even with high-dollar rewards.73 It concluded that "the benefits of a reward system remain unclear".
In addition to damages, there is general agreement that injunctions should also be available to plaintiffs in anti-spam lawsuits.
69. This would address the problem with Utah's legislation which did not allow the sender a reasonable time to comply with an opt-out request.
70. Both class actions and statutory damages are meant to facilitate lawsuits. Depending on the quantum of statutory damages, a successful class action combined with statutory damages could annihilate a defendant, rather than lead to corrective practices.
71. Matthew B. Prince, How to Craft an Effective Anti-Spam Law", Paper prepared for the ITU World Summit on the Information Society (WSIS) thematic workshop on countering spam (July 2004).
72. Ibid., p.9.
73. See www.ftc.gov/opa/2004/09/bounty.htm
- Date modified: