Regulating Cyberspace -- A Case Study In SPAM

Professor Lydia Loren
Northwestern School of Law of Lewis & Clark College

Phase One | Phase Two | Phase Three

If you have an email account, you have probably experienced, first hand, Unsolicited Commercial Email (UCE), often referred to as "spam". These email messages range from the friendly reminder of new features and products offered on a website, to announcements of get rich quick schemes or pornographic websites. UCE is, to most, an annoyance. It clutters your email inbox, takes time to download, time to determine that it is, in fact, UCE, and it takes time to delete. For individuals, the annoyance factor largely depends on how much UCE one receives, how quickly one can hit the delete key, and how tolerant they are of such interruptions. Regardless of the level of annoyance, UCE has very real costs. The increased downloading time may result in a higher monthly service fee individuals pay their on-line service provider. The time spent sorting through email is also a cost incurred by individuals as a result of UCE.

UCEs also consume space in the form of computer memory. For an individual, the memory space used by UCEs can become a problem, but more typically, the space consumed by UCE is more acutely felt by the on-line service providers (OSPs). For OSPs, unsolicited commercial email is much more than a mere annoyance. UCEs cost OSPs money. In order to keep their systems operating at peak efficiency so as to keep their customers satisfied, OSPs must have adequate memory space to handle not only the regular email traffic, but also the increased email load created by UCEs. The increased load on the entire Internet created by UCE also slows the flow of other Internet traffic.

UCE also has an even darker side. Because those who send UCE know that the vast majority of recipient do not like receiving junk email and will often delete the message without even opening it, senders of UCE have been known to falsely identify the content of the messages. Senders of UCE also know that the use of filtering technology will block messages with certain identifying characteristics, such as a mail server known for sending mass quantities of UCE. Additionally, some individuals despise receiving junk email so much that they react by targeting the sending party with retaliation. The retaliation can range from sending a nasty email to more aggressive (and illegal) tactics of sending email bombs or viruses to the sender of the UCE. Because of the possible filtering of messages and the possibility of more serious reactions from angry recipients of SPAM, senders of UCE have been known to falsely identify the return email address and other routing information.

While UCEs are almost universally loathed, regulating the sending of UCE provides insight into the difficulties faced in regulating any conduct in cyberspace. In a very practical sense, new technologies challenge lawyers to find approaches within the bounds of current legal doctrine to assist their clients in achieving results the clients desire. In the case of UCEs, that means finding legal theories or causes of action that will permit those who bear the cost of UCEs, i.e., individuals and OSPs, to prohibit or at least place restrictions on the sending of UCE. This approach to regulating cyberspace is explored in phase one of this module.

As problems with the application of these extant doctrines in cyberspace become apparent, inevitably there are calls for new laws on local, state, national and even international levels. Several states in the United States have passed laws regulating UCE. Each year new legislation is introduced in the United States Congress that would address UCE, although at the time this module was written, none had yet been adopted. Internationally there also has been movement towards the regulation of UCE. These approaches to regulating this cyberspace activity are explored in phase two of this module.

In addition to top-down regulation through government imposed laws, regulating activity in cyberspace is also attempted through what is sometimes referred to as a bottom-up approach. The bottom-up approach involves individual actors attempting to shape behavior through promotion of a code of conduct or "netiquette" or through social and monetary pressures with vehicles such as boycotts, but not through government enacted laws. In the case of UCE, the Realtime Blackhole List is an example of such bottom-up "regulation" and illustrates an alternative approach to unwanted cyberspace activity. Phase three of this module explores the bottom up approach to regulating cyberspace activity.

Each of these approaches to regulating conduct in cyberspaces has pros and cons explored in the readings below. As you read ask yourself what are the unique problems that the law faces in coping with UCE as a result of the activity occurring in cyberspace as opposed to real space.

Phase One: Regulating from the Top-Down through Common Law

Phase Two: Regulating from the Top-Down through Statute

Phase Three: Alternative – Regulating from the Bottom-Up

Return to the Learning Cyberlaw homepage