National Conference of State Legislatures
National Conference of State Legislatures
Unsolicited E-MailInternet Privacy
Harassing and Threatening E-Mail
Federal Action
Unsolicited E-Mail
Nevada in 1997 became the first state to pass legislation directly addressing the problem of unsolicited e-mail advertisements, also called junk e-mail or "SPAM." The Nevada law, which becomes effective on July 1, 1998, requires companies or individuals sending unsolicited commercial electronic mail messages to identify the message as an advertisement or otherwise ensure that the message is identifiable as promotional. The message must also include the legal name, address, and e-mail address of the sender and include information as to how the recipient may decline additional messages. The law does not apply to companies or individuals that have a preexisting business or personal relationship with the message recipient or those who send to individuals who have expressly consented to receive such messages.
Nevada residents who receive unsolicited messages that do not comply with the law may go to court to prevent the advertiser from sending further messages and may recover attorney's fees and costs and actual damages or damages of $10 per e-mail message, whichever is greater. Critics of the Nevada law point out, however, that advertisers could legally continue to send unwanted e-mail as long as certain information is contained in the message. For example, an advertiser conceivably could send a message including identifying information and a procedure that requires the recipient to pay a fee in order to be removed from the mailing list.
Washington state passed a law in March that makes it illegal to forge headers, hijack other e-mail systems or otherwise "misrepresent the messages' point of origin." Because Internet service providers generally have strict rules against Spam, most of those who mail out the junk use one or more of these methods to get their messages on the Net.
Other states that considered legislation to address junk e-mail in 1997 included Colorado, Connecticut, Massachusetts, New York, Rhode Island, and Wisconsin. Several states have introduced bills this session attempting to limit Spam including Arizona (S.B. 1016), California (A.B. 1629), Kentucky (H.B. 41), and New Hampshire (H.B. 1633).
Harassing and Threatening E-mail
Several states have already enacted legislation regarding threatening or harassing e-mail. Alabama, Alaska, Arizona, Connecticut, Delaware, Michigan, Oklahoma, and Wyoming make harassing electronic communications a crime. The two most recent of these laws, passed in 1997 in Delaware and in 1996 in Connecticut, define computer harassment as that sent "with intent to harass, annoy or alarm another person . . . in a manner . . . likely to cause annoyance or alarm . . . "
Legislation introduced in Washington in 1998—H.B. 2441—would amend existing law to include electronic communications in the types of conduct that can constitute harassment and stalking.
Federal Action
Four Congressional bills introduced in 1997 address the junk e-mail issue. Senator Frank Murkowski introduced S. 771, the Unsolicited Commercial Email Choice Act of 1997, which would require all unsolicited messages to carry the header "advertisement" and contain identifying information. It also would require Internet service providers to have filtering capabilities that would enable their subscribers to avoid unwanted ads.
S. 875, introduced by Senator Torricelli, which would apply to all mass e-mailings, not just commercial advertising, requires the sender to clearly identify himself and prohibits him from sending additional messages to anyone who requests removal from the mailing list.
A proposal by Rep. Chris Smith, H.R. 1748, would expand the federal law prohibiting unsolicited faxes to include unsolicited e-mail, and H.R. 2368, proposed by Rep. Tauzin, would create an industry working group to establish voluntary guidelines relating to the distribution of unsolicited commercial e-mail.
The John Marshall Law School provides links to the federal bills described above and other information about unsolicited e-mail, including cases and law review articles.
—submitted by Pam Greenberg & Janna Goodwin, NCSL
Internet Privacy
The issue of personal information privacy has heated up in the last few months, fueled in part by the Navy's attempt to discharge a sailor based on information obtained from an online service provider. Now states and the federal government alike are looking more closely at the Internet, examining issues such as SPAM, cookies, consumer profiling, data collection from children, and encryption.
At the State level, legislators are tackling the Spam issue head-on, with Nevada having the first law on the books, and several other states considering similar measures. The main thrust of the legislation requires that all Spam must be clearly identified as advertising, and consumers must be able to request that they be removed from the direct marketer's mailing lists. Legislators in California are considering three bills, each of which adopts a different fine structure, going up to $500 for each unsolicited e-mail sent by a company.
Other states, including California, are considering legislation aimed at making sure that the state's current unfair trade practices laws are applicable to transactions over the Internet. Utah is considering creating a task force to look at ways to protect citizen's information privacy on the Internet. Minnesota and New York are looking at legislation regulating how telecommunications carriers and Internet service providers can use personal information about their customers.
States are also regulating what their agencies can do to collect information from visitors at the agency's websites. California, for example, is considering a bill (SB 1386) that would require any agency that uses "cookies" or any other device to collect information from visitors to their website to fully disclose that fact, along with a statement about how the information will be used, and tell the visitors how they can prevent this information from being collected.
The FTC has taken an active role in addressing Internet privacy for the federal government, having recently concluded a survey of the privacy and data collection practices of 1200 commercial websites, including those targeted at children. A report to Congress on the Commission's findings and recommendations will be presented in June. A press release and a transcript of testimony before a House subcommittee are available from the FTC.
—submitted by Randall Jackson, NCSL
Electronic Access to Information
A number of states addressed the issue of access to government information in 1997. Most of their efforts were aimed at making information available in an electronic format. The issues of fees for access and campaign finance reporting were also addressed by several states.
Indiana, Maine, North Carolina, Nebraska, New Hampshire, Oregon, Tennessee, Texas and Virginia all enacted legislation enhancing the public's access to government information. Indiana's bill provides enhanced access across the board, as does Nebraska's. Maine now requires a variety of legislative information to be put on-line, including legislator's voting records. Hawaii appropriated funds for their legislative broadcast and information systems to improve access to legislative information throughout the state. North Carolina and Virginia both provide electronic access to court records, and Tennessee provides access to municipal and county information on-line. North Carolina provides access to the geographical information systems data base, Oregon makes electronic lien records available, and Texas allows interactive access to driver's license information. New Hampshire now requires all state entities to have a presence on the state' automated information system.
Florida, Hawaii, Nebraska, North Carolina, Tennessee, Texas and Virginia have all addressed the issue of access fees, and all have allowed fees to be collected. However, all of these states limit those fees to an amount reasonably necessary to cover the cost of providing the service.
California, Illinois, Maine, North Carolina, Virginia and Wisconsin all enacted legislation requiring the electronic filing of campaign finance reports, making it easier to publish the reports on-line and make them searchable by the public.
Louisiana enacted legislation enhancing access to public information for the blind and creating an advisory council on the issue. The law also ensures access to data processing equipment for visually impaired state employees. Washington now allows state agencies to send notices required by the Administrative Procedure Act via e-mail distribution lists.
Along with using the Internet to increase access to the government, states are increasingly using new technologies to manage public records. In many cases, this involves revisiting old laws that require the state to keep paper copies of the various documents filed with the state. In order to take advantage of the new technology, laws were updated to allow for digital or photographic imaging of these documents in order to convert them to a more manageable form (Idaho, Indiana, Louisiana and Virginia), and to allow the courts to accept these digital documents as if they were originals (Montana, Virginia and West Virginia). The other advantage to retaining documents in digital form is that it enables the state to sort, search and make more accessible the information contained in those documents, while reducing the expense of storing all of the originals.
California, Minnesota and Utah all passed legislation allowing for meetings of public bodies by teleconference or interactive television, and Hawaii appropriated the funds to improve and expand their teleconference system.
(More information on these and other issues is available in Information Technology and Internet Laws Passed—1997 currently available from NCSL.)
Some predict the most alarming impact of the Y2K problem is avalanche of litigation that it will trigger. In December 1997, Altaz International filed the first class action Y2K lawsuit against Software Business Technologies and its subsidiary, SBT Accounting Systems for breach of warranty, fraud, and unfair business practices. Atlaz claimed that SBT had failed to provide free year 2000 compliance upgrades. In February, another California based computer firm, Symantec, became the target of class action suit also, in part, for failure to provide free compliance upgrades. This suit alleges defects in Symantec's Norton Antivirus software regarding the capability to process dates in 2000 and alleges that Symantec is improperly requiring customers to pay for upgrades to resolve the problem.
Caspers Jones, Chairman of Software Productivity Research estimates that litigation expenses and damages awards for the year 2000 problem could outstrip costs of repairs by as much as 20 to 1. He predicts that legal fees for the U.S. as a whole may come close to $2 trillion between 1997 and 2005, and damages and punitive damages could be as high $100 trillion. In addition to class action lawsuits by customers of software packages, Jones predicts several other types of litigation. He includes litigation by clients whose finances have been damaged, litigation stemming from deaths and injuries resulting from year 2000 glitches, litigation aimed at contractors, vendors, and consultants who fail to make all the necessary year 2000 corrrections, and litigation against hardware manufacturers when the problem lies in embedded systems. Caspers' report, The Global Economic Impact of the Year 2000 Software Problem, is available at http://www.spr.com/html/year_2000_problem.htm.
Nevada was the first state to pass legislation limiting the state's liability for damages resulting from year 2000 date problems. The 1997 Nevada law prevents claimants and their attorneys from making the taxpayers of Nevada their "insurance". In 1998, twelve other states introduced similar legislation — California, Florida, Georgia, Hawaii, Illinois, Kansas, New Hampshire, Pennsylvania, South Carolina, Virginia and Washington. Also in this session, California Assemblyman Brooks Firestone introduced legislation to limit damage recovery awards for year 2000-based class action lawsuits. This bill provides broad protection for companies facing year 2000 actions. AB 1710 died in committee in April, but supporters may work to resuscitate it.
—submitted by Jo Anne Bourquard, NCSL