Is Your E-mail Being Rejected?

March 1, 2004

Due to the increase in spamming activities, Internet Service Providers have come under increasing fire from their subscribers to impose spam-preventing measures. In response, ISPs have installed and continuously use various filtering software programs to prevent:

(a) third party spam from reaching their subscribers’ inboxes; and

(b) their own subscribers from engaging in spamming activities.

This filtering software normally identifies “spam” on two bases:

(a) bulk e-mail sent from one e-mail to numerous e-mail addresses; and

(b) when certain words or phrases, such as “free”, “opt out” and “viagra” that have been identified as indicating potential spam messages, appear within the text of an e-mail.

Unfortunately, the software is not a 100% foolproof and often either permits junk e-mail to reach its intended recipients (for example, due to the forging of e-mail addresses) or prevents “legitimate” e-mail from reaching its destination.

“Legitimate e-mail”, in this contribution, refers to e-mail sent to subscribers who have previously indicated that they wish to receive e-mail from a particular business. “Spam” and “junk e-mail”, on the other hand, refer to unsolicited e-mail.

The term “white-listing” refers to the instance where, for example, an entity’s e-mail was rejected by the ISP’s filtering software and that entity then requests the ISP to permit e-mail from the said e-mail address to other Internet users and the ISP adhered to this request.

Rejecting Legitimate E-mail May Entail Serious Consequences

When legitimate e-mail is rejected by filtering software, businesses may suffer huge financial losses, as the following three examples illustrate:

1. Firm A wants to send a free monthly or weekly electronic newsletter to its clients. Due to the fact that this e-mail will be sent from one e-mail address to numerous e-mail addresses, ISPs’ filtering software may identify the e-mail as spam, therefore rejecting it. Although such a newsletter may be free of charge, client liaison may be harmed in the process.

2. Firm B is in the legitimate business of delivering its performance by e-mail – legal updating services for example. If the firm’s clients do not receive the e-mail, these clients will labour under the impression that Firm B is guilty of breach of contract which may, in turn, cause a loss of custom as well as a loss of goodwill.

3. Firm C indicates on its Web site that Internet users can subscribe to its e-mail service for one month free of charge. Thereafter they will be given the option to subscribe to its e-mail service at a fee. Should interested third parties respond to this free subscription offer and firm C consequently sends them the free e-mail, but it never reaches them, this may cause a loss of goodwill as well as a loss of potential business.

Some ISPs hold the view that they will only “white-list” an e-mail address on request from the (intended) receiving subscribers. This means that when the filtering software of ISP X identifies Y’s e-mail as “potential” spam and consequently rejects it, ISP X will permit the e-mail to go to the intended recipients only when these recipients indicate that they wish to receive the e-mail. In many instances this is not practical, especially where Y has a large subscriber basis.

The Law

The subscriber and his ISP

The question of law which arises is whether a subscriber enjoys a legal remedy to compel his own ISP to white-list his e-mail address(es) upon proving that he is conducting a legitimate e-mail practice.

The first aspect to be considered is whether legislation exists that addresses this question. In South Africa, at least, no such legislation exists – here the 2002 Electronic Communications and Transactions Act, addressing some computer and Internet aspects, only deals with the possible liability of an ISP in respect of third-party activities. I do not know of any legislation dealing with the issue in other jurisdictions.

Consequently, one must turn to the subscriber contract concluded between the ISP and the said subscriber. One should specifically look at clauses with headings such as “mailbox”, “e-mail practices” and “indemnity”. Although ISPs’ subscriber contracts correspond to some extent, they do differ and consequently one should look at each subscriber contract individually.

The contract may contain limitations imposed by the ISP upon the subscriber’s use of its e-mail service. For example, the contract may contain the following limitations:

(a) The number of recipients of one e-mail may not exceed a certain number (such as 50); and

(b) An e-mail message cannot exceed, for example 5, or 10 MB.

Therefore, should the contract contain such a restrictions clause and the subscriber sends an e-mail to 51 or more recipients, the subscriber is in breach of the contract and cannot complain if the ISP refuses to deliver. More important, subscriber contracts contain, as a rule of thumb, a clause dealing with spam. Normally these clauses (spam delivery clauses) provide that the ISP will not deliver e-mail if either:

(a) the e-mail constitutes spam; or

(b) the ISP suspects the e-mail of constituting spam e-mail.

The contract may even go further and state that the ISP may refuse to deliver e-mail to the intended recipients if it considers, in its sole discretion, that the e-mail constitutes junk e-mail (the sole discretion clause). The contract may also provide that the ISP is entitled to take such steps to fight spam as it may deem necessary (the necessary steps clause).

One should also specifically look at any indemnity clause. These clauses normally provide that the subscriber cannot hold the ISP liable-

(a) for any loss caused as a result of the implementation of the above restrictions and steps; and

(b) as a result of negligent acts of the ISP or its employees.

So what remedies and liabilities apply?

1. The “spam delivery clause” does not entitle the ISP to refuse to deliver legitimate e-mail where it has been informed that the said e-mail constitutes legitimate e-mail. The e-mail does not constitute spam and furthermore the ISP cannot argue that it suspected the e-mail of constituting spam seeing that it was informed by the subscriber, A, that his e-mail constitutes legitimate e-mail. Of course, A will have to provide proof of this to his ISP.

2. Therefore, where A obtains consent from his subscribers to send them e-mail, and the ISP’s filtering software rejects his e-mail as spam, A can inform his ISP that the e-mail constitutes solicited e-mail, supported by the necessary proof, whereafter the ISP must permit the e-mail to go through its computer network.

3. Furthermore, the ISP cannot rely on the “sole discretion clause”; where it was informed as indicated above, it cannot argue that in its sole discretion it constituted junk e-mail. The “necessary steps clause” will also be of no avail to the ISP in that the e-mail does not constitute spam, and therefore the ISP’s measures to prevent spam do not apply to the e-mail under consideration.

4. Should the ISP still refuse to deliver the e-mail, it is submitted that the ISP will be guilty of breach of contract. The next question is whether the “indemnity clause” will assist the ISP; stated differently, can A hold the ISP liable for possible damages? That will depend on the wording of the said clause. However, even where the indemnity clause protects the ISP from possible damages, the subscriber can still obtain an interdict to compel the ISP to permit (ie white-list) his e-mail address and/or to allow his e-mail to go through the ISP’s network.

The subscriber and a third party ISP

One has to keep in mind that the following contractual relationships exist, namely:

· a contract between subscriber A and his ISP;

· a contract between subscriber B and his ISP, which may the same ISP as A’s (however, for this purpose it will be assumed that A’s ISP and B’s ISP are different) and

· a contract between subscriber A and subscriber B, under the terms of which A is obliged to deliver e-mail to B.

Consider the following scenario. A sends legitimate e-mail to B, which is rejected by the filtering software of B’s ISP. Obviously, B can inform his ISP that A’s e-mail address should be white-listed, thus allowing all e-mail from that e-mail address to reach B. However, this puts the onus on the client, namely B, which can place A in an awkward position in that he has to ask all his subscribers to inform their ISPs to white-list his e-mail address. Therefore the question arises whether A has a legal remedy to compel B’s ISP to white-list his e-mail address. Under South African law, one has to turn in this instance to the law of delict, specifically the unlawful act (ie the tort) of “third party interference with a contract”. In South African law the elements of this tort are as follows:

(a) A contract must exist between A and B.

(b) C’s conduct must interfere with the contractual relationship between A and B Note, however, that the said interference is not limited to enticement or inducement. Neither is a breach of contract per se required. The law simply requires that the third party’s conduct relates to the interference with the respective rights and obligations of the contracting parties in respect of the performance.

(c) C’s interference must be unlawful.

(d) C’s interference is or was either intentional or negligent.

(e) C’s interference causes a loss to A.

It is submitted that where A sends e-mail to B and the filtering software of B’s ISP rejects the said e-mail as spam, B’s ISP will not be liable to A in that it can be argued that the ISP’s conduct (namely refusing to deliver the legitimate e-mail) was neither negligent nor intentional. Seeing that B’s ISP was unaware of the fact that the said e-mail constituted legitimate e-mail, it definitely did not have the intent to refuse legitimate e-mail. Furthermore, it cannot be argued that B’s ISP was negligent in that any reasonable ISP in its position would also have used the said filtering software.

However, where A informs B’s ISP that his e-mail is legitimate, and supports this allegation with the necessary proof, a different scenario arises. Now the said ISP has knowledge of a contractual relationship between A and B, its subscriber. Should B’s ISP still refuse to deliver the e-mail, it is submitted that it is probably guilty of the unlawful act of interference with a contract:

(a) The ISP’s refusal to deliver the said e-mail interferes with the contractual relationship between A and B in terms of which A is obliged to deliver its performance electronically to B, seeing that the ISP prevents A from delivering its e-mail (ie performance) to B;

(b) Seeing that A’s e-mail constitutes legitimate e-mail and furthermore taking into account that the ISP has knowledge of the contract between A and B, the ISP’s interference may be contra boni mores in that there is no valid reason for refusing to deliver the legitimate e-mail. Stated differently, it may be unreasonable for the ISP to reject the said e-mail. Therefore its conduct is probably unlawful.

(c) Seeing that the said ISP has knowledge that the e-mail under consideration constitutes legitimate e-mail, subsequent refusal to deliver the said e-mail will, in my opinion, constitute an intentional refusal in the sense of dolus eventualis: Because A informed the said ISP of the contractual relationship between him and B and further informed it that the said e-mail constitutes legitimate e-mail and that refusal to deliver the e-mail may cause him (ie A) to suffer damages, it is submitted that the ISP now foresees the possibility that its refusal (to deliver the e-mail to B) will interfere with the relationship between A and B, which refusal may cause a loss to A. Alternatively, it can be argued that, under these circumstances, the reasonable ISP in its position would foresee that refusal to permit the e-mail would cause a loss to A and would therefore have allowed the e-mail to prevent the said loss from occurring. Therefore, the ISP is also negligent in not permitting the legitimate e-mail.

Therefore A will have two options: either institute legal proceedings to claim damages from B’s ISP and/or obtain an interdict (ie an injunction) against B’s ISP to protect his personal rights against unlawful interference.

Should the courts not be prepared to uphold the above argument, it is submitted that the said ISP’s conduct also constitutes another delict in that the ISP unlawfully interferes with A’s right to carry on his trade without unlawful interference from third parties.

Dr Gerrie Ebersöhn is an Attorney at Hofmeyr Herbstein & Gihwala Inc, a commercial law firm in South Africa (Johannesburg) and specialises in information technology law.