i'm asking this question both out of curiosity, and to throw around
some ideas that someone out there who is more knowledgeable than me
might be able to put to good use (in which case i'll consider my 10$
well spent).

to get my 10$, you must tell me the current state of the art in
fighting spam by legal means (other means are also fine, if you know
any!). has anybody ever been sued for spamming? what are the
technicalities involved? why is it hard to fight spamming legally, or,
if it's not hard, why isn't anyone doing it, or, if people are doing
it, why do i still get a lot of spam in my mailbox?

i have some thoughts of my own regarding the feasibility of this, it
would be nice to hear comments about them:

practically all the spam i get contains some kind of disclaimer saying
something like "this message, in compliance with federal regulation
blabla, could only have been sent to you if you solicited it. if you
feel it was received in error and do not wish to receive any more,
click on this link or send an email to blabla with the word REMOVE in
the subject line."

now, needless to say, none of the spam i get is solicited since
otherwise it would not fall under the definition of "spam".
furthermore, if you make the mistake of trying to follow the
instructions to get yourself removed from their list, you usually get
back an error message saying "unknown address". in the worse case, you
get no reply, which, according to a frightening rumor i heard, means
they are using your removal request to identify you as an active user,
which means they can put your address on a list of active users and
sell it for even more money, resulting in you receiving in the future
even more spam!

so, it seems (duh!) that these evil people are only PRETENDING to
comply with federal regulations...

but doesn't that mean that they are making themselves susceptible to
lawsuit? all that anybody would need to do would be to PROVE that
their removal mechanism is not functioning, and that the message was
not solicited. and how hard can this be? one could do a survey among
users about a particular spamming site, to see what proportion of them
solicited the spam, or successfully removed themselves without getting
an unknown address message. surely the overwhelming statistical
evidence would refute beyond reasonable doubt the site managers'
likely defense that there was some temporary malfunction (which is
doubtless what they would claim if there was just a single user suing
them).

now, you might say, let's say i could prove i was spammed. how much
could i claim in damages? 1$, let's say? maybe 10$, to be generous.
nothing to make the spammers sh*t their pants, though. but then, i
understand that there is a thing called a "class action lawsuit" where
you can sue in the name of a large group of consumers all hurt by the
same phenomenon, so the 10$ gets multiplied by the number of people
spammed. now we're talking pretty big figures...

so, any smart lawyer out there eager to make a decent profit while
helping humanity at the same time?

dannidin

Thanks for asking!

Over the past several years, a number of legislative bodies have
attempted to regulate the use and abuse of e-mail. U.S. Congress has
debated a number of anti-spam proposals. In the 105th, 106th and 107th
Congressional sessions, spanning the  period 1997 to 2002. Below each
section, you'll find a link referring you to more detailed summaries
and histories of the proposed laws.

105th Congress

5/21/97, S 771 introduced in Senate by Sen. Frank Murkowski, and
referred to Senate Commerce Committee.
2/9/98, S 1618 introduced in Senate by Sen. John McCain, and referred
to Senate Commerce Committee.
5/5/98, S 1618 reported to Senate, and Senate Report 105-183 issued by
Senate Commerce Committee.
5/12/98, S 1618 ES passed by Senate, with S 771 and Rockefeller's
"truth in billing" provision as amendments.
5/14/98, HR 3888 IS introduced in House by Rep. Billy Tauzin, and
referred to House Commerce Committee.
5/26/98, HR 3888 referred to House Telecommunications Subcommittee. 
6/9/98, HR 4018 IH introduced in House by Rep. Earl Blumenauer, and
referred to House Commerce Committee.
6/17/98, Senate Communications Subcommittee hearing on S 771. 
(Story.)
6/23/98, House Telecommunications Subcommittee hearing on HR 3888. 
8/4/98, House Telecommunications Subcommittee markup of HR 3888. 
9/24/98, House Commerce Committee markup of HR 3888. 
9/28/98, House Telecommunications Subcommittee holds hearing on spam.
10/12/98, House passes HR 3888 by voice vote. 

TechLaw Journal
Summary of 105th Congress Anti-Spam Legislation
http://www.techlawjournal.com/congress/slamspam/Default.htm

106th Congress

S 759, Inbox Privacy Act of 1999 (Murkowski-Torricelli). 
HR 1685, Internet Growth and Development Act (Boucher-Goodlatte). 
HR 1686, Internet Freedom Act (Goodlatte-Boucher). 
HR 1910, E-Mail User Protection Act (Green). 
HR 2162, Can Spam Act (Gary Miller). 
HR 3113, the Unsolicited Commercial Electronic Mail Act of 2000
(Wilson). \

TechLaw Journal
Summary of the 106th Congress Anti-Spam Legislation
http://www.techlawjournal.com/cong106/spam/Default.htm

107th Congress

H.R. 718, Anti-Spamming Act of 2001 (Wilson)
H.R. 1017, Anti-Spamming Act of 2001(Goodlatte)
S. 630, Controlling the Assault of Non-Solicited Pornography and
Marketing (CAN SPAM) Act of 2001/2002 (Burns)
H.R. 3146, Netizens Protection Act of 2001 (Smith)
H.R. 2472, Protect Children From E-Mail Smut Act of 2001
H.R. 1846, Who Is E-Mailing Our Kids Act 
H.R. 95, Unsolicited Commercial Electronic Mail Act of 2001
H.R. 113, Wireless Telephone Spam Protection Act

SpamLaws
107th Congress - Spam Laws - Pending Legislation
http://www.spamlaws.com/federal/summ107.html

A number of individual states have also enacted anti-spam legislation,
among them, California, Connecticut, Nevada (the first state to do
so), and Pennsylvania. The legislation differs greatly from state to
state. For instance, California's law only covers unsolicited
commercial e-mail sent to California residents, from facilities within
the state of California. You'll find a summary of the State level
legislation covered:

SpamLaws
Spam Laws: United States: State Laws: Summary
http://www.spamlaws.com/state/summary.html

The laws in force would seemingly provide legal remedies for dealing
with individual spammers, however, the process of tracking and
identifying these entities and providing a clear link to a real-world
business or individual is technologically challenging, adding to the
difficulty of legal prosecution. Spammers also hide offshore, using
the services of third-party bulk-e-mailers, whose servers are located
in countries where spam laws are non-existent.

One of the laws previously deemed useful by spam-fighting activists
had been the  FTC Telephone Consumer Protection Act (TCPA), 47 U.S.C.
§ 227. This was struck down in the United States District Court,
Eastern District of Missouri, Eastern Division, case of State of
Missouri, ex rel. Jeremiah W. (Jay) Nixon, Attorney General,
Plaintiff, vs. American Blast Fax, Inc., et al., Defendants. Case No.
4:00CV933 SNL. The United State, on behalf of FTC was obligated to
intervene in this case to defend the constitutionality of the TCPA.
You may read the case summary:

SpamLaws
Missouri v. American Blast Fax
http://www.spamlaws.com/cases/blastfax.html

You'll find additional links to specific spam cases, plus further link
resources to more at:

SpamLaws
Selected Cases
http://www.spamlaws.com/cases/index.html

The Richmond Journal of Law and Technology
Have Internet Service Providers Beat Spam?
http://recanati.tau.ac.il/courses2001/sem2/1242.3241/download/spamerrs.htm

Lawsuit Economics

In addition to the difficulty of identifying who to sue, one of the
factors used to determine if a lawsuit is financially viable is to
estimate costs and possible gains. While you mention a class action
lawsuit, in order to obtain a judgment (remember this is a civil
rather than a criminal complaint), you must locate a defendant with
pockets deep enough to make such a lawsuit economically viable. $10.00
per class actionee wouldn't begin to cover the costs involved in
locating plaintiffs, case preparation, negotiations, and possible
trial. Remember that most spammers are not large companies or
corporations. They're small companies or individuals, with shoe-string
capitalization, likely a one-person operation. Few in the legal
profession would be willing to invest the time and energy into a
negative return.

- - - - - - - - - - - - - - - - - - - -

This information leaves a rather bleak picture, doesn't it? Seems
we're doomed to be buried in an electronic avalanche of junk e-mail.
What can we do?

Turns out that there ARE a few bright spots. More and more ISP's are
offering 3rd party spam filters such as Brightmail
(http://www.brightmail.com) or Postini (http://www.postini.com/).
While most of us join you in wishing that getting rid of spam were as
simple as joining a few lawsuits, that's not a likely prospect at the
present time. There are a few conventional and some
not-so-conventional spam fighting techniques that can dramatically
reduce the amount of junk mail flowing to your Inbox. Though some may
be familiar to you, I'll lay out a few of the resources in my personal
anti-spam arsenal.

SpamCop

SpamCop. offers spam tracking and reporting services, spam filtered
web and forwarding e-mail accounts, and lists of I.P. addresses and
domains noted for spamming activities. This service is extremely
useful for reporting the type of mailing list removal trick you've
mentioned. Reporting thought spam-cop seems to have the desired effect
of removing you from an unwanted list, without adding your e-mail
address to any additional bulk-email lists.

SpamCop
http://www.spamcop.net


Disposable e-mail addresses

As a researcher, I surf and explore many websites on behalf of
customers. In some cases, I need to give an e-mail address in order to
gain access to portions of a website that are membership only or
password protected. These websites are often far different from my own
interests, so I really don't want to sign up for e-mail or give an
e-mail address that'll add to unwanted items in my Inbox. I use a
disposable e-mail address for these purposes. I create an e-mail
address, then "turn it off" after I've received site registration
information via a valid e-mail pathway.

Sneak Email
http://sneakemail.com/ 

Spam Gourmet
http://www.spamgourmet.com/

SpamEx
http://www.spamex.com/

Email 911
http://www.email911.com/emailcloak/disposable.shtml

In addition or separately to these disposable e-mail addresses, if you
own a domain configured for a catch-all e-mail forwarding address, or
an unlimited number of addresses, you can create your own set of
identifiers to tell you where spam originates. When signing up for a
new website or service, identify that service in your given e-mail
address. If the website is called ABCDEFGZYX, you'd use a signup
address of abcdefgzyx@yourdomain.com. Any junk e-mail to that address
can be quickly identified and filtered.


E-mail Client Filters

Nearly every popular e-mail client offers built-in spam filters. Check
the Outlook, Eudora, OperaMail, and Netscape Mail help and
instructions to tell your e-mail reader how to separate or delete mail
you've identified as unwanted. I've listed a few tutorials which
explain the various processes.

Outlook Express
http://www.pwrtc.com/~wdegroot/oefilters.html

Eudora
http://www.eudora.com/techsupport/tutorials/

Opera
http://www.opera.com/support/windows/tutorial/email/emailer4.html

Netscape Messenger
http://helpdesk.gwu.edu/helpdesk/manuals/mailfilter/netmess.html
http://www.ufaq.org/mac_filtering_spam.html


E-mail Munging

If you display your e-mail address anywhere on the web, there is a
simple precaution you can take to prevent spambots from collecting it
for later use. Spambots are automatic web page readers which
specifically search for e-mail addresses. Though you can't hide from
them completely, you can munge your e-mail address into a form that is
difficult for these spiders to digest. This technique will also work
inside most web-based forms and CGI's.

Address Munging FAQ
http://members.aol.com/emailfaq/mungfaq.html#how-mung

Online Munging Tools provided by helpful Netizens. If you want to
REALLY protect your e-mail address, you may first disconnect from the
Internet before using these tools, assuring that your e-mail address
is transmitted no further than your own computer system.

http://www.crans.ens-cachan.fr/~raffo/antispam/aem/
http://alicorna.com/obfuscator.html

Third-Party E-mail Filters

Instead of free web based mail providers with 'giveaway' addresses, I
use a third-party e-mail forwarding address for much of my personal
correspondence with both friends and unknowns. This assures that my
ISP e-mail address isn't shown on forwards or other widely distributed
e-mail documents. The service I use, POBox.com also provides a highly
customizable spam filter which can be set to get rid of spam before it
ever reaches your ISP. It'll also add a spam rating to e-mail headers
to warn in advance that incoming mail contains some of the
characteristics of spam. You can easily set the degree of sensitivity
you wish these filters to employ. The services cost $10-$15 per year
for one to three e-mail addresses, and have been a good investment in
my experience.

POBox.com
http://www.pobox.com

Iname.com
http://www.iname.com

Email.com
http://www.email.com


Mail Preview

As a last line of defense, I preview all incoming e-mail in a separate
application, and delete mail from the server before it reaches my
e-mail reader. You'll find an entire list of these helpful little
utilities available. Freeware ICQ99b's works quite well once
configured, of the shareware offerings, I've found MailAlert to be
excellent.

FreeDownloadsCenter.com
http://www.freedownloadscenter.com/Network_and_Internet/Misc__Communications_Tools/ICQ__32_bit__99b_beta.html

Tucows.com
E-mail Checkers
http://www.tucows.com/checkers95.html
Anti-Spam Tools
http://www.tucows.com/spam95.html


Finally, an overview article, published by as an opinion piece by CBS
News, that outlines some innovative spam-fighting methods. It's
partially tongue-in-cheek.

CBSNews.com - Against the Grain - Dick Meyer
Revenge of the Spam Slayers
http://www.cbsnews.com/stories/2002/03/19/opinion/meyer/main504058.shtml


Search strategy
"anti-spam legislation"
"anti-spam case law"
spam fighting tools


I hope you find this information useful in the battle against spam. If
you would like clarification of any part, please feel free to ask.

~larre-ga

Thanks for the well-researched, detailed and insightful (though
somewhat disappointing...) answer!

Actually, I believe that AOL sued a bulk-emailer (and won) at one
point. I'm not sure about that though

To add to the "Mail Preview" section, there is a really good free
software program that I use to preview and bounce spam email from all
my pop3 accounts. It's called MailWasher, and the website is
http://www.mailwasher.net

From the site:
"Finally the easy solution to managing your incoming emails has
arrived. And it's free!

Introducing MailWasher, the easiest way to check and manage your
emails before you download them.

MailWasher is a powerful email checker with effective spam
elimination. Discover the safe way to stop unwanted viruses and emails
before they get to your computer.

No gimmicks here, it is so easy to set up and use that you'll be
managing your email like a pro in seconds. It can even be used as an
effective privacy tool.

I think you will find this to be the easiest, most effective way to
manage your incoming emails. You will be amazed at how quickly you
will like using MailWasher.

Best regards 

Nick Bolton - MailWasher.net"

HTH (Hope this helps),

/zc-ga.

On a more technical point of view than a legal point of view, the following 
products and websites provide effective Spam fighting capability by monitoring
the Mail clients. The operating system they supported is given in parenthesis.
http://www.cloudmark.com/products/ (Windows)
http://www.deersoft.com/home.html (Windows)
http://spamassassin.org (Linux)

-Raj

Couple of memories:
AOL won a lawsuit against a certain company that was sending lots of
SPAM to AOL users. I think the company lost because of theft of
service or something like that.

Another guy in Washington State has successfully received settlements
from a couple of Spammers. WA has a law that defines a certain fine
for a certain type of spam. He either sued in small claims, or
threatened to do so. he automatic fine kicked in and they actually
sent him a cheque.

Some thoughts:
In general, suing a spammer will be very difficult. (IANAL, in case
you're wondering)
1) By the time you got around to reading the spam and attempting a
lawsuit, you'd most likely find that there website is gone, the email
account they used is gone, and they're gone.
2) Without an auto-fine like WA, you'd need some grounds. Proof of
intent to steal bandwidth and resources, harassment, for example.

Essentially, keep printed records of the spam you receive, (try to
print all headers from the message). Print out a copy of your
unsubscribe request. Use http://combat.uxn.com tools to try to track
down the spammer. When you receive another spam that you can track
back to them, sned them a registered letter (if you can get an
address) which will serve as a cease and desist order. Include in the
demand a penalty that will be applied if they continue to send mail to
you. If they continue to spam you, then you have the delivery
confirmation as proof of your request, and their knowledge of the
penalty. Sue them for the specified penalty amount.

There was another guy I read about who would track down the spammers,
and send them an email informing them that if the initiated any
further contact with him or his company, it could only be taken as a
request for consulting services as he had no business with them. In
the message he included the facts that his consulting services came at
$120/hour with a 10 hour minimum. He claimed he had successfully
billed a couple of "clients" who inadvertantly hired him by spamming
him, but I cannot confirm that.
I guess overall, you're more likely to simply scare them away from
spamming you, rather then get any cash.

Perhaps the most common way that spammers collect your e-mail address
is from the mass e-mails that your friends send you that tell you to
forward the e-mail or your love life will be ruined or something
ridiculous like that.  People hardly ever use the BCC: (bulk carbon
copy) line for the massive amounts of e-mail addresses that they send
the chain letters to leaving your e-mail address visible to everyone
that got the e-mail, and in turn visible to everyone that the letter
is forwarded on to as long as everyone that forwards it is too lazy to
delete the pile of e-mail addresses in the letter (which is generally
the case).  Spammers then collect those e-mails which often have
anywhere between 100 to 1,000 e-mail addresses in them to pile up into
their databases to send mass spams to.

Now if you're going to forward those stupid lettters on, PLEASE delete
all the e-mail addresses in the letter and put all the addresses of
your intended recipients in the BCC: line, and for politeness sakes,
make sure that you have people's permission before  you send them
e-mail forwards! I hate it when people assume that I care about the
things that they're forwarding me and think that I actually want them
to send me some of the junk that they send me.

And another way that spammers get your e-mail address (besides finding
it displayed on some website some where) is from your friends
submitting your e-mail address to either online greeting card
companies or those "Someone has a crush on you!" websites.  The crush
sites are a scam to get you to go put in the e-mail address of
everyone that you know in order to try to guess who has the crush on
you, and then all of the e-mails that you enter receive an "someone
has a crush on you!" e-mail thus prompting all of those people to
enter more e-mail addresses to try and guess who "has a crush" on
them.

So to avoid getting your e-mail address added to spam lists, be sure
to remind your friends not to give out your e-mail address, not to say
that they have a crush on you, and to USE THE BCC: line when sending
e-mails with more than one recipient!

I'm suprised nobody pointed you in this direction. You can join The
Coalition Against Unsolicited Commercial Email.

http://www.cauce.org/members/join.phtml

CAUCE was founded by Netizens who realized that technology alone can't
stop junk e-mail. As long as there is an economic incentive to send
junk e-mail, users and Internet Service Providers will need some legal
recourse to stop the growing flood. That's why in 1997 CAUCE proposed
an amendment to the Federal statute which outlaws junk "faxes" (47 USC
227) to also prohibit junk e-mail. Since then CAUCE has become the
preeminent voice for the anti-spam community.