James S. GORDON, Jr., an individual doing business as gordonworks.com, Plaintiff-Appellant,
v.
VIRTUMUNDO, INC., a Delaware corporation; Adknowledge, Inc., a Delaware corporation; and Scott Lynn, an individual, Defendants-Appellees.
No. 07-35487.
United States Court of Appeals, Ninth Circuit.
Argued and Submitted December 9, 2008. Filed August 6, 2009.*1044 Timothy J. Walton, Walton & Rose, LLP, Palo Alto, CA, for plaintiff-appellant James S. Gordon, Jr.
Derek Newman (argued), Randall Moeller, Newman & Newman, Attorneys at Law, LLP, Seattle, WA, and Michael R. Geroe, General Counsel, Adknowledge, Inc., Santa Monica, CA, for defendants-appellees, Virtumundo, Inc., Adknowledge, Inc., and Scott Lynn.
Shannon E. Smith, Deputy Attorney General, Robert M. McKenna, Attorney General of Washington, Seattle, WA, for Amicus Curiae State of Washington.
Jason K. Singleton, Richard E. Grabowski, Singleton Law Group, Eureka, CA, for Amicus Curiae ASIS Internet Services, Joel Householter, and Ritchie Phillips.
Before RONALD M. GOULD, RICHARD C. TALLMAN, and CONSUELO M. CALLAHAN, Circuit Judges.
Opinion by Judge TALLMAN; Concurrence by Judge GOULD.
TALLMAN, Circuit Judge:
This case addresses unsolicited commercial e-mail, more commonly referred to as "spam."[1] While ignored by most and reviled *1045 by some, spam is largely considered a nuisance and a source of frustration to e-mail users who, at times, must wade through inboxes clogged with messages peddling assorted, and often unwanted, products and services. The rising tide of spam poses an even greater problem to businesses, institutions, and other entities through network slowdowns, server crashes, and increased costs. At the same time, commercial enterprise has staked its claim within the online world. The Internet is a unique medium that offers legitimate businesses a low-cost means to promote themselves and their wares and in turn fosters competition in the marketplace. Both consumers and Congress have come to view e-mail, when fairly employed, as an established and worthwhile device in the toolbox of accepted marketing practices.
After individual states initially wrestled with properly balancing the benefits and burdens of commercial e-mail, Congress enacted legislation in an effort to curb the negative consequences of spam and spamming practices without stifling legitimate commerce. Through this opinion we review the federal statutory scheme of the Controlling the Assault of Non-Solicited Pornography and Marketing ("CAN-SPAM") Act of 2003, 15 U.S.C. § 7701 et seq., and assume the formidable task of determining the statutory standing requirements and the scope of federal preemption intended by Congress.
In the case before us, James S. Gordon, Jr. and his company, Omni Innovations, LLC ("Omni"),[2] sued Virtumundo, Inc., Adknowledge, Inc., and Scott Lynn, the sole shareholder of both companies, seeking injunctive relief and significant damages based on the receipt of thousands of commercial e-mails. Defendants are in the online marketing business and widely transmit e-mail advertisements and solicitations to potential consumers on behalf of third-party clients. In the parlance of our time, they are "spammers."
Based on a dense record developed through substantial discovery, the district court granted summary judgment in favor of Virtumundo, Adknowledge, and Lynn (collectively, "Virtumundo") on all of Gordon's claims. We have jurisdiction over Gordon's appeal pursuant to 28 U.S.C. § 1291. Having carefully and independently evaluated the issues in light of the evidence, we agree that summary judgment was proper and therefore affirm.
I
Gordon is the original registrant of the Internet domain "gordonworks.com," which he hosts on server space that Omni leases from GoDaddy, a domain registrar and web hosting company that also sells e-business related software and services, see http://www.godaddy.com. The GoDaddy service allows users to virtually access the server through an ordinary Internet connectionin Gordon's case, a broadband connection from Verizon. Through a virtual desktop called a "Plesk," Gordon is able to manage his domain. He can post content on the Internet, create new e-mail accounts, and set user names and log-on passwords. There are, of course, substantial restrictions regarding Gordon's usage of the leased server space.
It was through this vehicle that Gordon created a personal e-mail address: "jim@ gordonworks.com." Around September *1046 2003, Gordon created additional e-mail accounts through the gordonworks.com domain for about six friends and family members, which he monitored for "data collection" and "research purposes." Gordon registered jim@gordonworks.com and the gordonworks.com e-mail addresses of his "clients" in response to various online promotions and for numerous prize giveaways. Gordon estimates that, in doing so, he subscribed, or "opted in," to e-mail mailing lists somewhere between 100 and 150 times.[3]
Soon thereafter, these accounts began receiving e-mails from businesses marketing their goods and services. Some of these messages were transmitted by online marketers, such as Virtumundo, on behalf of their clients. At his instruction, Gordon's "clients" relinquished control of their e-mail accounts. They then set up their own domains through GoDaddy, which they housed on the server space leased by Omni. This enabled these individuals to create their own e-mail addresses "@" personalized domain namese.g., "anthonycentral.com," "jaykaysplace.com," and "chiefmusician.net"rather than gordonworks.com.
Gordon continued to maintain and monitor the abandoned gordonworks.com e-mail accounts. He described his ongoing efforts as "do[ing] research on the spam that comes through." At some later point, Gordon configured the e-mail server to provide an automated response to all commercial e-mail sent to gordonworks.com accounts. The response was titled "NOTICE OF OFFER TO RECEIVE UNSOLICITED COMMERCIAL EMAIL (SPAM)" and purported to consummate a "binding contract" by which the sender agreed to either cease and desist or pay Gordon $500 for each additional unsolicited e-mail subsequently delivered to the account. While he claims that online marketers, including Virtumundo, ignored his requests that all gordonworks.com e-mail addresses be removed from their mailing lists, Gordon does not provide evidence, apart from a general "belief," that he followed the "opt-out" procedure stated in the individual e-mail messages. Not surprisingly, the e-mail accounts continued to receive spam, which over time accumulated in the unused inboxes. At the time of his deposition in January 2007, these gordonworks.com e-mail accounts remained active. However, the only persons who actually used a gordonworks.com account were Gordon and his wife.
In 2004, Gordon began filing lawsuits in state and federal court against persons and companies who sent solicitations or advertisements to e-mail accounts hosted on Omni's leased server space. In February 2006, Gordon filed this lawsuit against Virtumundo in the Western District of Washington. He asserted various causes of action for violations of the CAN-SPAM Act, 15 U.S.C. § 7701 et seq., the Washington Commercial Electronic Mail Act ("CEMA"), Wash. Rev.Code § 19.190.010 et seq., the Washington Consumer Protection Act ("CPA"), Wash. Rev.Code § 19.86.010 et seq., and the Washington "Prize Statute," Wash. Rev.Code § 19.170.010 et seq. As relevant to this appeal, Gordon contends that Virtumundo sent, according to his most recent estimate, approximately 13,800 materially misleading or otherwise unlawful commercial e-mail messages to e-mail accounts hosted through gordonworks.com. Gordon sought injunctive relief, several millions of dollars *1047 in statutory and treble damages, and his attorney's fees and costs.[4]
In December 2006, the Honorable John C. Coughenour granted in part and denied in part Virtumundo's motion to dismiss for pleading deficiencies. The order dismissed Gordon's Prize Statute claims, in their entirety, and his CEMA and CPA claims to the extent they related to the gathering of "personally identifying information." Wash. Rev.Code § 19.190.080. The court gave leave to amend the complaint to cure pleading deficiencies, but Gordon never did so.
Virtumundo then moved for summary judgment on all remaining claims, which consisted of Gordon's CAN-SPAM Act claims and the surviving CEMA and CPA claims. By Order dated May 15, 2007, the district court granted the defense motion, see Gordon v. Virtumundo, Inc., No. 06-0204, 2007 WL 1459395 (W.D.Wash. May 15, 2007). Judge Coughenour concluded that both Gordon and Omni lacked standing to pursue a private action under the CAN-SPAM Act and that the state law claims failed as a matter of law based in part on federal preemption grounds.
Gordon alone now appeals this grant of summary judgment.[5]
II
We review a district court's grant of summary judgment de novo, and may affirm on any basis supported by the record. Burrell v. McIlroy, 464 F.3d 853, 855 (9th Cir.2006). Our review is governed by the same standard used by the trial court under Federal Rule of Civil Procedure 56. Adcock v. Chrysler Corp., 166 F.3d 1290, 1292 (9th Cir.1999). "Viewing the evidence in the light most favorable to the nonmoving party, we must determine whether there are any genuine issues of material fact and whether the district court correctly applied the relevant substantive law." Devereaux v. Abbey, 263 F.3d 1070, 1074 (9th Cir.2001) (en banc).
A determination of standing is a question of law that we review de novo, see Nat'l Res. Def. Council v. EPA, 542 F.3d 1235, 1244 (9th Cir.2008), as is a finding of federal preemption, see Indus. Truck Ass'n, Inc. v. Henry, 125 F.3d 1305, 1309 (9th Cir.1997).
III
A
We first turn to Gordon's CAN-SPAM Act claims. The CAN-SPAM Act became effective on January 1, 2004, and was enacted in response to mounting concerns associated with the rapid growth of spam e-mails. Congress determined:
(1) there is a substantial governmental interest in regulation of commercial electronic mail on a nationwide basis;
(2) senders of commercial electronic mail should not mislead recipients as to the source or content of such mail; and
(3) recipients of commercial electronic mail have a right to decline to receive additional commercial electronic mail from the same source.
15 U.S.C. § 7701(b).[6] The Act does not *1048 ban spam outright, but rather provides a code of conduct to regulate commercial e-mail messaging practices. Stated in general terms, the CAN-SPAM Act prohibits such practices as transmitting messages with "deceptive subject headings" or "header information that is materially false or materially misleading." See 15 U.S.C. § 7704(a)(1), (2). The Act also imposes requirements regarding content, format, and labeling. For instance, unsolicited e-mail messages must include the sender's physical postal address, indicate they are advertisements or solicitations, and notify recipients of their ability to decline further mailings. 15 U.S.C. § 7704(a)(5). Moreover, in order to comply with the Act, each message must have either a functioning return e-mail address or a comparable mechanism that allows a recipient to "opt out" of future mailings. 15 U.S.C. § 7704(a)(3).[7]
The CAN-SPAM Act's enforcement provision empowers the Federal Trade Commission, state attorneys general, and other state and federal agencies to pursue legal actions to enforce the Act's provisions. 15 U.S.C. § 7706(a), (b), (f). Congress also provided a limited private right of action, which states: A "provider of Internet access service adversely affected by a violation of" § 7704(a)(1), (b), or (d), or "a pattern or practice that violates" § 7704(a)(2) through (5) of the Act "may bring a civil action in any district court" to enjoin further violation by a defendant or to recover either actual or statutory damages, whichever is greater. 15 U.S.C. § 7706(g)(1). Statutory damages under the CAN-SPAM Act are substantial and can equal as much as $300 per unlawful e-mail.[8] 15 U.S.C. § 7706(g)(3). The Act also authorizes an award of attorneys' fees and costs against any party at the district court's discretion. 15 U.S.C. § 7706(g)(4).
Therefore, in any private action claiming CAN-SPAM Act violations, a threshold issue is whether the plaintiff satisfies the statutory standing requirements. On its motion for summary judgment, Virtumundo challenged Gordon's and Omni's ability to pursue a private action under § 7706(g)(1). The district court conducted a thorough analysis of the existing case law, the CAN-SPAM Act itself, and the legislative history. Based upon the well-developed facts of the summary judgment record, the district court concluded that Plaintiffs had not demonstrated adequate harmi.e., an "adverse effect," as the district court called itand therefore lacked standing with respect to these federal claims. Gordon, 2007 WL 1459395, at *8.
We agree that Gordon lacks standing to bring a private action under the CAN-SPAM Act. We commend the district court's pioneering analysis in this uncharted territory, and reach a similar conclusion based on our assessment of the CAN-SPAM Act's statutory standing requirement and the appellate record.
B
As recognized by several courts, the case law regarding the relevant legal standards *1049 under the CAN-SPAM Act is "scant," ASIS Internet Servs. v. Optin Global, Inc., No. 05-05124, 2008 WL 1902217, at *15 (N.D.Cal. Apr.29, 2008), and few courts have construed the standing provision, ASIS Internet Servs. v. Active Response Group, No. 07-6211, 2008 WL 2952809, at *2 (N.D.Cal. July 30, 2008). Neither we nor any of our sister circuits have comprehensively addressed this issue. We endeavor to do so here, at least in part.
1
We begin by acknowledging that the CAN-SPAM standing inquiry involves two general components: (1) whether the plaintiff is an "Internet access service" provider ("IAS provider"), and (2) whether the plaintiff was "adversely affected by" statutory violations. See, e.g., Brosnan v. Alki Mortgage, LLC, No. 07-4339, 2008 WL 413732, at *1-*2 (N.D.Cal. Feb.13, 2008). Beyond that, however, the statutory standing provision read as a whole is ambiguousa point upon which all parties agree. We therefore employ familiar techniques of statutory construction to evaluate Congress's intent with regard to both components and their relation to one another.
While over time courts have developed various canons to assist with statutory interpretation, this "is an area in which absolutist rules do not [always] lead to sensible or accurate results." Mt. Graham Red Squirrel v. Madigan, 954 F.2d 1441, 1453 (9th Cir.1992). "[I]t is," after all, "the duty of a court in construing a law to consider the circumstances under which it was passed and the object to be accomplished by it." United States v. Curtis-Nev. Mines, Inc., 611 F.2d 1277, 1280 n. 1 (9th Cir.1980) (quoting United States v. Anderson, 9 Wall. 56, 76 U.S. 56, 65-66, 19 L. Ed. 615 (1869)); accord Callejas v. McMahon, 750 F.2d 729, 731 (9th Cir. 1984). Therefore, especially in this highly technical and evolving field, "[c]ommon sense not dogma is what is needed in order to explore the actual meaning of legislative enactments." Mt. Graham Red Squirrel, 954 F.2d at 1453.
There are a few points that heavily influence our analysis, which we identify at the outset. First, despite what Gordon and likeminded anti-spam enthusiasts might contend, the purpose of the CAN-SPAM Act was not to stamp spam out of existence. While Gordon is likely not alone in his deep-seated hostility toward spam and those who profit from it, there are beneficial aspects to commercial e-mail, even bulk messaging, that Congress wanted to preserve, if not promote. Indeed, the Act recognizes e-mail's value as a worthwhile commercial tool:
Electronic mail has become an extremely important and popular means of communication, relied on by millions of Americans on a daily basis for personal and commercial purposes. Its low cost and global reach make it extremely convenient and efficient, and offer unique opportunities for the development and growth of frictionless commerce.
15 U.S.C. § 7701(a)(1); see also S.Rep. No. 108-102, at 2 (2003), as reprinted in 2004 U.S.C.C.A.N. 2348, 2349 ("Unlike direct mail delivered through the post office to consumers, [e-mail] can reach millions of individuals at little to no cost and almost instantaneously."). The tailored regulations, which target deceptive and predatory practices and attempt to alleviate the negative effects of spam without unduly stifling lawful enterprise, embody the fine balance struck by Congress.
Second, Congress conferred standing only on a narrow group of possible plaintiffs: the Federal Trade Commission, certain state and federal agencies, state attorneys general, and IAS providers adversely affected by violations of the CAN-SPAM *1050 Act. See 15 U.S.C. § 7706(a), (b), (f), (g). The decision to restrict the right of action does not reflect an indifference or insensitivity to the effects of spam on consumers. The contrary is true. The CAN-SPAM Act's express findings and legislative history are littered with references to the burdens shouldered by individuals, businesses, and other institutions. The Act itself recognizes the "costs to recipients ... for the storage of [unsolicited commercial e-mail], or for the time spent accessing, reviewing, and discarding such mail, or both." 15 U.S.C. § 7701(a)(3). We surmise that Congress's intent was to limit enforcement actions to those best suited to detect, investigate, and, if appropriate, prosecute violations of the CAN-SPAM Actthose well-equipped to efficiently and effectively pursue legal actions against persons engaged in unlawful practices and enforce federal law for the benefit of all consumers.
Third, our review of the congressional record reveals a legitimate concern that the private right of action be circumscribed and confined to a narrow group of private plaintiffs: "[Section 7706](g) provides for a limited right of action by bona fide Internet service providers." 150 Cong. Rec. E72-02 (Jan. 28, 2004) (remarks of Rep. Dingell) (emphasis added); accord id. at E73-01 (remarks of Rep. Tauzin). It is perhaps a sad reality that Congress must specify a bona fide IAS provider, as possibly distinct from a non-genuine IAS provider. But this demonstrates to us that lawmakers were wary of the possibility, if not the likelihood, that the siren song of substantial statutory damages would entice opportunistic plaintiffs to join the fray, which would lead to undesirable results. While Congress did not intend that standing be limited to fee-for-service operations,[9] we think it did intend to exclude plaintiffs who, despite certain identifying characteristics, did not provide the actual, bona fide service of a legitimate operation. See 150 Cong. Rec. E72-02 ("[W]e intend that Internet access service providers provide actual Internet access service to customers."). We believe that Congress's clear intention to restrict private action remains of great importance and guides the proper standing analysis.
Fourth and finally, we must factor into the calculus the unique nature of the subject matter at issue. Especially in this arena, the engine of innovation moves far more quickly and nimbly than the methodical pace of legislation. That is readily apparent here. In the few years since the CAN-SPAM Act became effective, the uses of the Internet and the prevalence and variety of available online services have multiplied exponentially. The marketplace has developed a panoply of related products and services not available when Congress authored the federal legislation. Significantly, no longer are typical Internet users primarily limited to accessing e-mail accounts and searching for content or information. With the rise of social networking sites, blogs, and other user-driven websites, the ability to post content on the Internet or to create forums for others to do so is no longer a privilege reserved for the technologically savvy or the financially elite. The rate of development will only accelerate. As this inevitably occurs and the gateway to the online world further widens for the masses, courts should be mindful that the lines Congress intended to draw when *1051 drafting the statutory text might lose clarity.
With these principles in mind, we apply a standing analysis that encapsulates Congress's will when it provided a limited private right of action.
2
We first address whether Gordon is a "provider of Internet access service" who, if adversely affected by a statutory violation, has private standing to bring CAN-SPAM Act claims. The CAN-SPAM Act defines "Internet access service" by reference to the Communications Act, see 15 U.S.C. § 7702(11), which provides:
The term "Internet access service" means a service that enables users to access content, information, electronic mail, or other services offered over the Internet, and may also include access to proprietary content, information, and other services as part of a package of services offered to consumers. Such term does not include telecommunications services.
47 U.S.C. § 231(e)(4). We have not previously spoken "as to who is an `Internet access service' provider" within the meaning of the CAN-SPAM Act, see Ferguson v. Quinstreet, Inc., No. 07-5378, 2008 WL 3166307, at *5 (W.D.Wash. Aug.5, 2008), and note the ambiguity of this statutory definition.
District courts in our circuit have interpreted the definition of "Internet access service" broadly to encompass a wide range of services, and not merely traditional Internet Service Providers ("ISPs")i.e., the service that connects customers to the Internet itself. See Hypertouch, Inc. v. Kennedy-Western Univ., No. 04-05203, 2006 WL 648688, at *3 (N.D.Cal. March 8, 2006) (stating that "a provider of e-mail service alone, without any other services, qualifies" as an IAS provider under the CAN-SPAM Act). For instance, one such court reasoned that, although the definition "appears primarily to contemplate services that provide consumers their initial connection point to the Internet, the language is broad enough to encompass entities such as Facebook," a popular social networking site, "that provide further access to content and communications between users for persons who may initially access the Internet through a conventional [ISP]." Facebook, Inc. v. ConnectU LLC, 489 F. Supp. 2d 1087, 1094 (N.D.Cal.2007); see also MySpace, Inc. v. The Globe.com, Inc., No. 06-3391, 2007 WL 1686966, at *3 (C.D.Cal. Feb.27, 2007) (holding that MySpace had standing under the CAN-SPAM Act and interpreting the definition of "Internet access service" broadly to "include[] traditional [ISPs], any email provider, and even most website owners"). Gordon claims IAS-provider status, asserting that through the gordonworks.com domain and the leased server space he enables users to access Internet content and e-mail. On a superficial level, this proposition is hard to dispute. In the most general terms, a "service that enables users to access" online content or e-mail could encompass the proprietor of an Internet coffee shop or, as one district court suggested, "any person who allows another person to use their computer to access the Internet," Ferguson, 2008 WL 3166307, at *5. Indeed, at some level, common utility services play a role in enabling users to access Internet content. Without question, this was not what Congress intended when it was defining the private right of action.
While we agree that statutory standing is not limited to traditional ISPs, we reject any overly broad interpretation of "Internet access service" that ignores congressional intent. Contrary to Gordon's suggestion, providing e-mail accounts cannot alone be sufficient. Many employers and institutions, for example, provide their employees *1052 or members with e-mail accounts and serviceincluding our court. The findings codified in the statute note Congress's concern pertaining to the growth of unsolicited commercial e-mail and its imposition of "monetary costs on providers of Internet access services," which have standing to sue, as well as on "businesses, and educational and nonprofit institutions that carry and receive such mail." 15 U.S.C. § 7701(a)(6). Clearly, Congress viewed IAS providers as distinct from entities that merely "carry [or] receive such mail." Standing under the CAN-SPAM Act requires more. See, e.g., White Buffalo Ventures, LLC v. Univ. of Texas at Austin, 420 F.3d 366, 373 (5th Cir.2005) ("[W]e are hard-pressed to find that providing email accounts and email access does not bring [the University of Texas] within the statutory definition ...." (emphasis added)). There may well be a technical or hardware component implicit in the definition. But, we find the parties' briefing on the topic inadequate to reach an informed decision here. Because it is not necessary to our holding, we decline this opportunity to set forth a general test or define the outer bounds of what it means to be a provider of "Internet access service."
Nevertheless, we conclude that Gordon does not fit any reasonable definition of "Internet access service" provider. Gordon is a registrant of a domain name, which he, through Omni, hosts on leased server space. He neither has physical control over nor access to the hardware, which GoDaddy owns, houses, maintains, and configures. From our review of the record, Gordon's service appears to be limited to using his "Plesk" control panel, which he accesses via an ordinary Internet connection through an ISP, to set up e-mail accounts and log-in passwords and to execute other administrative tasks. Verizon enables his online access. GoDaddy provides the service that enables ordinary consumers to create e-mail accounts, register domain names, and build personalized web pages. Gordon has simply utilized that service for himself and on behalf of others. It matters not that he entered the keystrokes or clicked the mouse. Nor is it relevant that he created gordonworks.com e-mail addresses for family and friends, and not merely himself. While Verizon and GoDaddy might have a compelling argument that they are IAS providers within the meaning of the CAN-SPAM Act, Gordon's claim that he holds such elite status is unconvincing.
In addition to his nominal role in providing Internet-related services, we are also troubled by the extent to which Gordon fails to operate as a bona fide e-mail provider. As discussed in greater detail below, Gordon has purposefully avoided taking even minimal efforts to avoid or block spam messages. Instead, Gordon devotes his resources to adding his "clients'" e-mail addresses to mailing lists and accumulating spam through a variety of means for the purpose of facilitating litigation.
Gordon's arguments of technical compliance with this standing component, without any regard for the overarching congressional purpose, are not compelling. The record here is sufficiently developed. We hold that Gordon is not an "Internet access service" provider within the meaning of the CAN-SPAM Act.
3
We next turn to the "adversely affected by" component of the CAN-SPAM Act's standing inquiry. Gordon has undoubtedly encountered a large volume of commercial e-mail. This, however, is not enough to establish statutory standing. In order to pursue a private right of action, an IAS provider must demonstrate that it has been "adversely affected by a violation of... or a pattern or practice that violates" the Act. 15 U.S.C. § 7706(g)(1) (emphasis *1053 added). As with other issues on this appeal, we find little guidance in existing case law as to the meaning of the nebulous text.
a
The CAN-SPAM Act itself does not delineate the types of harm suggested by the "adversely affected by" language. The district court, acknowledging this ambiguity, confronted the question by reference to traditional methods of statutory interpretation and ultimately concluded that the harm "must be both real and of the type uniquely experienced by IASs for standing to exist." Gordon, 2007 WL 1459395, at *7 (emphasis added).[10] To our knowledge, all courts that have addressed the issue have similarly concluded that the type of harm envisioned by Congress did not encompass the ordinary inconveniences experienced by consumers and end users. See Active Response, 2008 WL 2952809, at *5. We have considered the statutory text and the legislative record, and we agree.
It is notable that Congress conferred standing only on adversely affected IAS providers, but not adversely affected consumers. Logically, the harms redressable under the CAN-SPAM Act must parallel the limited private right of action and therefore should reflect those types of harms uniquely encountered by IAS providers. The Committee Report identified the cost of "investing in new equipment to increase capacity and customer service personnel to deal with increased subscriber complaints ... [and] maintaining e-mail filtering systems and other anti-spam technology on their networks to reduce the deluge of spam" as undesirable consequences facing the typical ISP. S.Rep. No. 108-102, at 6. "All courts that have construed the statute" have similarly defined the harms upon which standing may be predicated to include "network crashes, higher bandwidth utilization, and increased costs for hardware and software upgrades, network expansion and additional personnel." Active Response, 2008 WL 2952809, at *5. We conclude that these sorts of ISP-type harms are what Congress had in mind.[11]
We do not purport to enumerate each and every harm that might satisfy the CAN-SPAM Act's standing provision. Nor do we suggest that the list is finite. At minimum, however, the harm must be both real and of the type experienced by ISPs. While the harm need not be significant *1054 in the sense that it is grave or serious, the harm must be of significance to a bona fide IAS providersomething beyond the mere annoyance of spam and greater than the negligible burdens typically borne by an IAS provider in the ordinary course of business. In most cases, evidence of some combination of operational or technical impairments and related financial costs attributable to unwanted commercial e-mail would suffice. See Hypertouch, 2006 WL 648688, at *4 (finding evidence of "decreased server response and crashes," "higher bandwidth utilization," and "expensive hardware and software upgrades" sufficient harm for statutory standing).
Courts must of course be careful to distinguish the ordinary costs and burdens associated with operating an Internet access service from actual harm. We expect a legitimate service provider to secure adequate bandwidth and storage capacity and take reasonable precautions, such as implementing spam filters, as part of its normal operations. Courts should take an especially hard look at the cited harm if it suspects at the outset that a plaintiff is not operating a bona fide Internet access service, as is the case here.
Defining the type of harm required for CAN-SPAM Act standing is, however, only one part of the equation. Section 7706(g)(1) also inquires whether the contemplated harm is attributable to the type of practices circumscribed by the Acti.e., whether an IAS provider was adversely affected by misconduct. After all, network slowdowns, server crashes, increased bandwidth usage, and hardware and software upgrades bear no inherent relationship to spam or spamming practices. On the contrary, we expect these issues to arise as a matter of course and for legitimate reasons as technology, online media, and Internet services continue to advance and develop. Therefore, evidence of what could be routine business concerns and operating costs is not alone sufficient to unlock the treasure trove of the CAN-SPAM Act's statutory damages.
To give the statutory text meaning there must be, at bare minimum, a demonstrated relationship between purported harms and the type of e-mail practices regulated by the Acti.e., a showing that the identified concerns are linked in some meaningful way to unwanted spam and, in turn, represent actual harm. The e-mails at issue in a particular case must, at the very least, contribute to a larger, collective spam problem that caused ISP-type harms.[12]
*1055 We note, in passing, that the threshold of standing should not pose a high bar for the legitimate service operations contemplated by Congress. In some civil actionswhere, for example, well-recognized ISPs or plainly legitimate Internet access service providers file suitadequate harm might be presumed because any reasonable person would agree that such entities dedicate considerable resources to and incur significant financial costs in dealing with spam. See S.Rep. No. 108-102, at 2-3 (recounting reports by America Online, Microsoft, and Earthlink regarding the effects of increasing volumes of spam). Where, by comparison, a private plaintiff's status as an IAS provider is questionable and reasonably contested, courts should not only inquire into the plaintiff's purported Internet-related service operations but also closely examine the alleged harms attributable to spam. We have confidence in our district courts to review the individual characteristics of the plaintiffs on a case-by-case basis and make a reasoned decision whether a purported IAS provider is truly the type of bona fide IAS provider adversely affected by commercial e-mail messaging that Congress envisioned when it enacted the CAN-SPAM Act.
b
In opposition to Virtumundo's summary judgment motion, Gordon argued that he had been adversely affected by spam because he and his "clients" had been "forced to wade through thousands of e-mails sent by" Virtumundo that "clogged" his service. Applying the proper interpretation of the CAN-SPAM Act's standing provision, we conclude that Gordon also fails the "adversely affected by" component. It is readily apparent that Gordon, an individual who seeks out spam for the very purpose of filing lawsuits, is not the type of private plaintiff that Congress had in mind when it fashioned § 7706(g)(1)'s standing provision. While many anti-spam enthusiasts may applaud his zealous counter-attack against alleged spammers, Gordon's passion for the cause does not displace the will of Congress in drafting a narrow private right of federal action.
Gordon has failed to argue, let alone come forth with evidence, that, even if he was an IAS provider, he has suffered any real harm contemplated by the CAN-SPAM Act. He has not hired additional personnel, nor has he experienced technical concerns or incurred costs that can be necessarily attributed to commercial e-mail. It is also compelling that Gordon purposefully refuses to implement spam filters in a typical manner or otherwise make any attempt to block allegedly unwanted spam or exclude such messages from users' e-mail inboxes. In fact, Gordon acknowledges that he was able to "blacklist" domain names at the server level, so that the GoDaddy server would reject e-mails from online marketers such as Virtumundo. Still, even without taking even basic precautions, he has not "come close" to using the 500 gigabytes of bandwidth available to him through GoDaddy. He has presented nothing beyond the negligible burdens typically experienced by bona fide IAS providers. As the district court concluded, Gordon has "suffered no harm related to bandwidth, hardware, Internet connectivity, network integrity, overhead costs, fees, staffing, or equipment *1056 costs." Gordon, 2007 WL 1459395, at *8. Indeed, given his heavy dependence on the services and hardware of third parties, it would be difficult, if not impossible, for him to incur many of these harms.[13]
Gordon's claimed harms almost exclusively relate to litigation preparation, not to the operation of a bona fide service. Gordon made no real effort to avoid, block, or delete commercial e-mail, but instead has voluntarily assumed the role of a spam sleuth. He expends time and resources seeking out and capturing massive volumes of spam, which he collects and then organizes for use in his prolific lawsuits. He admits setting up domains as "spam traps" with the sole purpose of snagging as many e-mail marketing messages as possible. The record reveals that gordonworks.com was one such trap. He is not alone in his litigation enterprise. His "clients" also use their personalized domains to gather commercial e-mails, which they then send to Gordon in enormous unsorted batches of 10,000 to 50,000 messages to fuel his various anti-spam lawsuits.[14] In exchange, Gordon's "clients" share in settlement proceeds. Gordon apportions the bounty according to each individual's contribution to the particular lawsuiti.e., the number of e-mails provided to Gordon for use against a specific defendant.
Gordon admits operating an anti-spam business, which entails, in his words, "[n]otifying spammers that they're violating the law" and filing lawsuits if they do not stop sending spam.[15] As Gordon concedes, he is a professional plaintiff. Reply Br. of Appellant at 5. Since at least 2004, Gordon has held no employment. He has never been compensated for any of his purported Internet services, and his only income source has come from monetary settlements from his anti-spam litigation campaign. Likewise, his company, Omni, generates no revenue and is financed strictly through these lawsuits against e-mail marketers. While the term "professional," as in "professional plaintiff," is not a "dirty word," see Murray v. GMAC Mortgage Corp., 434 F.3d 948, 954 (7th Cir.2006), and should not itself undermine one's ability to seek redress for injuries suffered, Gordon's status is uniquely relevant to the statutory standing question here. Cf. Hypertouch, 2006 WL 648688, at *4 n. 2 (rejecting defendant's argument that Hypertouch was a "professional plaintiff" that entered the ISP business for the sole purpose of bringing anti-spam lawsuits).
*1057 Because we are tasked with determining whether Gordon has been adversely affected by conduct regulated by the CAN-SPAM Act, it is highly significant that the burdens Gordon complains of are almost exclusively self-imposed and purposefully undertaken. Here, Gordon acknowledges that he benefits from the receipt of spam through his research and monetary settlements. The fact that Gordon derives substantial financial benefit but endures no real ISP-type harm from commercial e-mail, coupled with his unusual efforts to seek out and accumulaterather than avoid or blockspam, demonstrates that he has not been adversely affected by alleged violations of the federal act in any cognizable way.
We do not discount the harmful effects spam and spamming practices, both lawful and unlawful, have upon businesses and consumers, and we recognize the need of bona fide IAS providers, both small and large, for a legal remedy against law-breaking spammers. We, like Congress, are sympathetic to legitimate operations hampered by a deluge of unwanted e-mail marketing. Our record, however, conclusively demonstrates that this is not the case before us. Gordon has created a cottage industry where he and his "clients" set themselves up to profit from litigation. The CAN-SPAM Act was enacted to protect individuals and legitimate businessesnot to support a litigation mill for entrepreneurs like Gordon.
As discussed above, it is undisputed that Gordon encounters huge quantities of commercial e-mail. Nevertheless, he is neither a bona fide IAS provider nor has he been adversely affected by alleged violations of the CAN-SPAM Act. We conclude that Gordon lacks standing to pursue claims under § 7706(g)(1), and affirm the district court's summary judgment dismissal of all his federal claims.
IV
Gordon also appeals the adverse summary judgment dismissing his claims for alleged violations of CEMA, Washington's statute regulating commercial e-mail messages. See Wash. Rev.Code § 19.190.010 et seq. Like many other states, Washington has enacted legislation that seeks to curb e-mail abuses. CEMA states in relevant part:
(1) No person may initiate the transmission, conspire with another to initiate the transmission, or assist the transmission, of a commercial electronic mail message from a computer located in Washington or to an electronic mail address that the sender knows, or has reason to know, is held by a Washington resident that:
(a) Uses a third party's internet domain name without permission of the third party, or otherwise misrepresents or obscures any information in identifying the point of origin or the transmission path of a commercial electronic mail message; or
(b) Contains false or misleading information in the subject line.
Wash. Rev.Code § 19.190.020. The statute also prohibits certain practices aimed at inducing a person to reveal personally identifying information. Wash. Rev.Code § 19.190.080. Like its federal counterpart, CEMA provides for sizeable statutory damages or actual damages, whichever is greater.[16] Wash. Rev.Code § 19.190.040.
*1058 A
At the outset, we must frame the issue as it comes to us. First, Virtumundo does not contest Gordon's standing to bring CEMA claims. In contrast to the more restrictive standing requirement of the CAN-SPAM Act, CEMA authorizes a recipient of a commercial e-mail message or an "interactive computer service" to bring a private action. Id.
Of Gordon's various CEMA claims on appeal, only his claim relating to allegedly deficient headers requires detailed discussion. Gordon has no viable CEMA claim based on the body of the e-mail messages at issue. Unlike the CAN-SPAM Act, CEMA "does not regulate the body of the e-mail." State v. Heckel, 122 Wash.App. 60, 93 P.3d 189, 194 (2004), review denied, 153 Wash.2d 1021, 108 P.3d 1229 (2005) ("Heckel II"). Similarly, the state statute does not purport to regulate "opt-out" mechanisms. Therefore, Gordon's CEMA claims, by nature of the state statute, are limited to the information contained in the e-mail headers and subject lines.
We further conclude, however, that summary judgment was properly granted on Gordon's claim that Virtumundo's e-mail subject lines are deceptive. In opposition to Virtumundo's summary judgment motion, Gordon failed to identify or describe any specific e-mail or subject line text and simply countered that "Gordon contests" the position that the subject lines are not misleading. Gordon does not attempt to better articulate this claim on appeal.
The "party opposing summary judgment must direct [the court's] attention to specific, triable facts," S. Cal. Gas Co. v. City of Santa Ana, 336 F.3d 885, 889 (9th Cir. 2003), and the reviewing court is "not required to comb through the record to find some reason to deny a motion for summary judgment," Carmen v. San Francisco Unified Sch. Dist., 237 F.3d 1026, 1029 (9th Cir.2001) (quoting Forsberg v. Pac. Nw. Bell Tel. Co., 840 F.2d 1409, 1418 (9th Cir.1988)). See Hernandez v. Spacelabs Med. Inc., 343 F.3d 1107, 1112 (9th Cir. 2003) ("[The nonmoving party] cannot defeat summary judgment with allegations in the complaint, or with unsupported conjecture or conclusory statements."). Because Gordon has failed to present a prima facie case in opposition to summary judgment, his claim that Virtumundo's subject lines violate CEMA fails as a matter of law, and summary judgment was appropriate.
Therefore, the sole remaining CEMA claim that we must address relates to the headers of Virtumundo's e-mails. Gordon argues that the header information misrepresents or obscures the identity of the sender, and therefore violates CEMA, see Wash. Rev.Code § 19.190.020(1)(a). We review the district court's conclusion that this claim is preempted pursuant to the CAN-SPAM Act's express preemption clause, 15 U.S.C. § 7707(b).
B
1
As a preliminary matter, the Attorney General for the State of Washington ("State"), appearing here as amicus curiae, insists that we need not reach the preemption issue. See Atel Fin. Corp. v. Quaker Coal Co., 321 F.3d 924, 926 (9th Cir.2003) ("We may affirm a district court's judgment on any ground supported by the record, whether or not the decision of the district court relied on the same grounds or reasoning we adopt."). The State argues *1059 that we may affirm summary judgment with respect to this CEMA claim because Gordon's allegations regarding the header information do not satisfy "Washington's well-developed deceptiveness standard," as a matter of law. We have surveyed the legal landscape and note a fatal shortcoming in the State's proposition. CEMA prohibits the sending of commercial e-mail that "misrepresents or obscures any information in identifying the point of origin or the transmission path." Wash. Rev.Code § 19.190.020(1)(a). The standard for "deception" under Washington law is thus only relevant to the extent courts so limit the broad language of CEMAa critical step that the State overlooks entirely.
In Benson v. Oregon Processing Service, Inc., 136 Wash.App. 587, 150 P.3d 154 (2007), review denied, 162 Wash.2d 1004, 175 P.3d 1092 (2007), the state appellate court interpreted the previously undefined terms "misrepresent" and "obscure" according to their ordinary dictionary meaningi.e., "misrepresent" to mean "representing incorrectly: to give a false, imperfect or misleading representation," and "obscure" to mean "to conceal or hide from view as by or as if covering wholly or in part: make difficult to discern." Id. at 156 (quoting Webster's Third New Int'l Dictionary 1445 & 1557 (2003)). These broad definitions extend CEMA's prohibitive reach and purport to regulate a vast array of non-deceptive acts and practices. As subsequent courts reviewing CEMA have recognized, without further clarification, "a sender of commercial email could be potentially held liable under [CEMA] for unintentional clerical errors," Ferguson, 2008 WL 3166307, at *8, imperfect representations, or immaterial misstatements.
In short, we cannot conclude, as the State presumes, that CEMA's prohibitions extend only to acts of deception. The Washington Legislature or state courts may ultimately mold CEMA's broad language so as to cabin its breadth or interpret the law in conformity with federal legislation. This task is, however, a matter for the State, as sovereign, to resolve.[17]
2
We therefore turn, as we must, to whether summary judgment was proper under the doctrine of preemption. As recently noted by a district court, "[t]here is no Ninth Circuit authority on whether Plaintiff's claim under the provision of CEMA ... is preempted by CAN-SPAM." Ferguson, 2008 WL 3166307, at *7. Indeed, the scope of the CAN-SPAM Act's *1060 preemption is an issue of first impression in this circuit. See Asis Internet Servs. v. Consumerbargaingiveaways, LLC, No. 08-04856, 2009 WL 1035538, at *5 (N.D.Cal. Apr.17, 2009).
The concept of preemption derives from the Supremacy Clause of the United States Constitution, which provides that the laws of the United States "shall be the supreme Law of the Land; ... any Thing in the Constitution or Laws of any State to the Contrary notwithstanding." U.S. Const. art. VI, cl. 2. "Consistent with that command, we have long recognized that state laws that conflict with federal law are `without effect.'" Altria Group, Inc. v. Good, ___ U.S. ___, 129 S. Ct. 538, 543, 172 L. Ed. 2d 398 (2008) (quoting Maryland v. Louisiana, 451 U.S. 725, 746, 101 S. Ct. 2114, 68 L. Ed. 2d 576 (1981)). Courts typically identify three circumstances in which federal preemption of state law exists:
(1) express preemption, where Congress explicitly defines the extent to which its enactments preempt state law; (2) field preemption, where state law attempts to regulate conduct in a field that Congress intended the federal law exclusively to occupy; and (3) conflict preemption, where it is impossible to comply with both state and federal requirements, or where state law stands as an obstacle to the accomplishment and execution of the full purpose and objectives of Congress.
Indus. Truck Ass'n, 125 F.3d at 1309 (citing English v. Gen. Elec. Co., 496 U.S. 72, 78-80, 110 S. Ct. 2270, 110 L. Ed. 2d 65 (1990)). When interpreting the scope of an express preemption clause, as is the case here, we must "identify the domain expressly pre-empted" by its language. Medtronic, Inc. v. Lohr, 518 U.S. 470, 484, 116 S. Ct. 2240, 135 L. Ed. 2d 700 (1996) (quoting Cipollone v. Liggett Group, Inc., 505 U.S. 504, 517, 112 S. Ct. 2608, 120 L. Ed. 2d 407 (1992)).
Although the analysis of the scope of preemption begins with the text, "interpretation of that language does not occur in a contextual vacuum." Id. at 484-85. Rather, this inquiry is guided by two principles about the nature of preemption. First, there is a presumption against supplanting "the historic police powers of the States" by federal legislation "unless that [is] the clear and manifest purpose of Congress." Id. at 485, 116 S. Ct. 2240. "This presumption against preemption leads us to the principle that express preemption statutory provisions should be given narrow interpretation." Air Conditioning & Refrigeration Inst. v. Energy Res. Conservation & Dev. Comm'n, 410 F.3d 492, 496 (9th Cir.2005). Second, the preemption analysis is guided by the "oft-repeated comment ... that the purpose of Congress is the ultimate touchstone in every preemption case." Medtronic, 518 U.S. at 485, 116 S. Ct. 2240 (quotations and brackets omitted). "As a result, any understanding of the scope of a pre-emption statute must rest primarily on a fair understanding of congressional purpose," and calls for courts to consider not only the language of the statute itself but also the "statutory framework" surrounding it and the "structure and purpose of the statute as a whole." Id. at 485-86, 116 S. Ct. 2240 (quotations omitted); accord Altria Group, 129 S.Ct. at 543 ("Congress may indicate pre-emptive intent through a statute's express language or through its structure and purpose.").
With this framework in mind, we review the preemption clause of the CAN-SPAM Act, which states in relevant part:
This chapter supersedes any statute, regulation, or rule of a State or political subdivision of a State that expressly regulates the use of electronic mail to send commercial messages, except to the extent that any such statute, regulation, or rule prohibits falsity or deception in any portion of a commercial electronic mail *1061 message or information attached thereto.
15 U.S.C. § 7707(b)(1). The following subsection adds further clarity: Congress reiterated that the preemption clause "shall not be construed to preempt the applicability of (A) State laws that are not specific to electronic mail, including State trespass, contract, or tort law; or (B) other State laws to the extent that those laws relate to acts of fraud or computer crime." 15 U.S.C. § 7707(b)(2) (emphasis added). Thus, the express language of § 7707(b) demonstrates Congress's intent that the CAN-SPAM Act broadly preempt state regulation of commercial e-mail with limited, narrow exception. Congress carved out from preemption state laws that proscribe "falsity or deception" in commercial e-mail communications.
To date, the Fourth Circuit's opinion in Omega World Travel, Inc. v. Mummagraphics, Inc., 469 F.3d 348 (4th Cir.2006), is the only federal circuit court decision addressing preemption of state law claims by the CAN-SPAM Act. In Omega, Mummagraphics alleged violations of the CAN-SPAM Act and Oklahoma law, see Okla. Stat. tit. 15, § 776.1(A),[18] based on e-mail messages that contained a variety of inaccuracies.[19]Omega, 469 F.3d at 351. The Fourth Circuit reviewed the scope of the CAN-SPAM Act's preemption provision and concluded that Congress could not have intended, by way of the carve-out language, to allow states to enact laws that prohibit "mere error" or "insignificant inaccuracies." Id. at 354-55. The court reasoned that a materiality component comported with the policy pursued by the federal legislation as a whole, further noting that a contrary reading "would upend [the] balance [struck by Congress] and turn an exception to a preemption provision into a loophole so broad that it would virtually swallow the preemption clause itself." Id. at 355. Ultimately, the court determined that the challenged e-mails could not be actionable under the Oklahoma statutes "because allowing a state to attach liability to bare immaterial error in commercial e-mails would be inconsistent with the federal Act's preemption text and structure, and, consequently, with a `fair understanding of congressional purpose.'" Id. at 359 (quoting Medtronic, 518 U.S. at 486, 116 S. Ct. 2240).
Having independently analyzed the CAN-SPAM Act's text, structure, and legislative purpose, we reach the same conclusion as the district court and the Fourth Circuit,[20] and interpret the CAN-SPAM Act's express preemption clause in a manner that preserves Congress's intended purpose i.e., to regulate commercial e-mail "on a nationwide basis," 15 U.S.C. § 7701(b)(1), and to save from preemption only "statutes, regulations, or rules that *1062 target fraud or deception," S.Rep. No. 108-102, at 21 (emphasis added).
As with any issue of statutory interpretation, we start with the text itself. The CAN-SPAM Act's preemption clause makes an exception for state laws that prohibit "falsity or deception" in commercial e-mail communication. 15 U.S.C. § 7707(b)(1). Because those terms are not defined in the statute, they should be given their ordinary meaning. Emmert Indus. Corp. v. Artisan Assocs., Inc., 497 F.3d 982, 987 (9th Cir.2007). Whereas the word "deception" certainly denotes something more than immaterial inaccuracies or inadvertent mistakes, the word "falsity" is susceptible to differing dictionary meanings. "Falsity" means "quality or state of being false," which is not itself informative. Merriam-Webster's Collegiate Dictionary 451 (11th ed.2005). The term "false" is defined, however, not only as "not true" but also as "intentionally untrue," "adjusted or made so as to deceive," and "intended or tending to mislead." Id. We therefore acknowledge facial ambiguity in the statutory text. See Bryan A. Garner, Dictionary of Modern Legal Usage 348 (2d ed.1995) (stating that "false" "is potentially ambiguous", since the word may mean either "erroneous, incorrect" or "purposely deceptive"); Bryan A. Garner, Garner's Modern Am. Usage 339 (2003) (same).
Recognizing the same ambiguity, the Fourth Circuit applied the maxim of noscitur a sociis, a canon of statutory construction that "counsels that a word is given more precise content by the neighboring words with which it is associated." United States v. Williams, ___ U.S. ___, 128 S. Ct. 1830, 1839, 170 L. Ed. 2d 650 (2008). Reading "falsity" in conjunction with "deception," which connotes a type of tort action based on misrepresentations, we are likewise persuaded that the exception language, read as Congress intended, refers to "traditionally tortious or wrongful conduct." Omega, 469 F.3d at 354. We find further support for this reading in the statutory text, which counsels against any interpretation that preempts laws relating to "acts of fraud." See 15 U.S.C. § 7707(b)(2). Indeed, the Committee explained that while "a State law requiring some or all commercial e-mail to carry specific types of labels, or to follow a certain format or contain specified content, would be preempted[,] ... a State law prohibiting fraudulent or deceptive headers, subject lines, or content in commercial e-mail would not be preempted." S.Rep. No. 108-102, at 21 (emphasis added); see also 150 Cong. Rec. at E73-01 (recognizing broad preemption, except state laws prohibiting falsification techniques and deception). The Committee's repeated reference to "fraud" and "deception" is telling and confirms that Congress did not intend that states retain unfettered freedom to create liability for immaterial inaccuracies or omissions.
Further scrutiny of congressional intent solidifies our reading of the preemption clause. As discussed supra, the CAN-SPAM Act prohibits only deceptive subject line headings or materially false or materially misleading header information. See 15 U.S.C. § 7704(a); accord 15 U.S.C. § 7701(b)(2) ("[S]enders of commercial electronic mail should not mislead recipients as to the source or content of such mail." (emphasis added)). Significantly, Congress intended this standard to regulate commercial e-mail messaging practices "on a nationwide basis."[21] 15 U.S.C. § 7701(b)(1). It was because the patchwork *1063 of state laws had proven ineffective that Congress sought to implement "one national standard," S.Rep. No. 108-102, at 21, applicable across jurisdictions. The CAN-SPAM Act expresses this goal:
Many states have enacted legislation intended to regulate or reduce unsolicited commercial electronic mail, but these statutes impose different standards and requirements. As a result, they do not appear to have been successful in addressing the problems associated with unsolicited commercial electronic mail, in part because, since an electronic mail address does not specify a geographic location, it can be extremely difficult for law-abiding businesses to know with which of these disparate statutes they are required to comply. 15 U.S.C. § 7701(a)(11); see also S.Rep. No. 108-102, at 21-22 ("[I]n contrast to telephone numbers, e-mail addresses do not reveal the State where the holder is located. As a result, a sender of e-mail has no easy way to determine with which State law to comply."). Moreover, a single e-mail could instantaneously implicate the laws of multiple jurisdictions as it journeys through cyberspace, traveling over various facilities before reaching its intended recipient, whose location is often unknown. Therefore, "one state's Internet laws may impose compliance costs on businesses throughout the country." Omega, 469 F.3d at 356 (citing PSINet, Inc. v. Chapman, 362 F.3d 227, 239-41 (4th Cir.2004)). The CAN-SPAM Act was designed to ensure that "legitimate businesses would not have to guess at the meaning of various state laws when their advertising campaigns ventured into cyberspace." Kleffman v. Vonage Holdings Corp., No. 07-2406, 2007 WL 1518650, at *3 (C.D.Cal. May 23, 2007) (concluding that the CAN-SPAM Act preempted California state law claims).
It would be logically incongruous to conclude that Congress endeavored to erect a uniform standard but simultaneously left states and local lawmakers free to manipulate that standard to create more burdensome regulation. We are compelled to adopt a reading of the preemption clause that conforms with the statute's structure as a whole and the stated legislative purpose. See 15 U.S.C. § 7701(b)(1). The CAN-SPAM Act established a national standard, but left the individual states free to extend traditional tort theories such as claims arising from fraud or deception to commercial e-mail communication. To find otherwise would create "an exception to preemption [that] swallow[s] the rule and undermine[s] the regulatory balance that Congress established," Omega, 469 F.3d at 356, and which would once again subject legitimate businesses to inconsistent and possibly incompatible state regulations.
Applying its proper reading, the CAN-SPAM Act's preemption clause applies here and undermines Gordon's remaining CEMA claim. Although he admits he was not in any way misled or deceived, Gordon argues that the headers in the e-mails at issue specifically, the "from lines" violate CEMA because they fail to clearly identify Virtumundo as the e-mails' sender and therefore misrepresent or obscure the identity of the sender. See Wash. Rev.Code § 19.190.020(1)(a). The "from lines" at issue contain two components: a "from name" field, which typically references a topic or subject matter of the advertisement, and a domain name. Examples of "from lines" condemned by Gordon include "CriminalJustice@vm-mail. com," "PublicSafetyDegrees@vmadmin. com," and "TradeIn@vm-mail.com."
There is of course nothing inherently deceptive in Virtumundo's use of fanciful domain names. See 15 U.S.C. § 7702(4); S.Rep. No. 108-102, at 3 (recognizing Microsoft's "msn" and "hotmail" domains *1064 used for e-mail services). Gordon agrees that the domains from which these e-mails were sent e.g., "vmmail.com," "vmadmin.com," "vtarget.com," and "vmlocal.com" were properly registered to Virtumundo. Gordon further concedes that a WHOIS search, or a similar reverse-look-up database, accurately identifies Virtumundo as the domain registrant and provides other identifying information.[22] Gordon complains that in order to ascertain the actual identity of the e-mails' sender a recipient must either review the message content or consult a WHOIS-type database. He insists that any practice that requires consumers to engage in an extra step violates CEMA.
Nothing contained in this claim rises to the level of "falsity or deception" within the meaning of the CAN-SPAM Act's preemption clause. Gordon offers no proof that any headers have been altered to impair a recipient's ability to identify, locate, or respond to the person who initiated the e-mail. Nor does he present evidence that Virtumundo's practice is aimed at misleading recipients as to the identity of the sender. Cf. Aitken v. Commc'ns Workers of Am., 496 F. Supp. 2d 653, 667 (E.D.Va.2007) (holding that "it is inappropriate to conclude, as a matter of law, that the misleading header information is immaterial" where the defendant misappropriated identities of managers to send "pro-union" e-mails to employees). As stated by our district court, Gordon's claim is "for, at best, `incomplete' or less than comprehensive information" regarding the sender. Gordon, 2007 WL 1459395, at *12. Such technical allegations regarding the header information find no basis in traditional tort theories and therefore fall beyond the ambit of the exception language in the CAN-SPAM Act's express preemption clause.
Gordon further suggests that the only information that could be used in the "from name" field that would not misrepresent is the name of the "person or entity who actually sent the e-mail, or perhaps ... the person or entity who hired the [sender] to send the email on their behalf." In other words, he argues that CEMA's provisions require that "Virtumundo" or a client's name expressly appear in the "from lines." The CAN-SPAM Act does not impose such a requirement. To the extent such a content or labeling requirement may exist under state law, it is clearly subject to preemption. See S.Rep. No. 108-102, at 21-22 ("State law requiring some or all commercial email to carry specific types of labels ... or contain specified content, would be preempted."); see also Kleffman, 2007 WL 1518650, at *3 ("[T]he claim that the failure to include Vonage's name in the email is clearly preempted.").
In sum, Gordon's alleged header deficiencies relate to, at most, non-deceptive statements or omissions and a heightened content or labeling requirement. Regardless of the merits of his arguments, assuming they are actionable under CEMA, such state law claims falter under the weight of federal preemption. Summary judgment was properly entered on Gordon's CEMA claims.[23]
*1065 V
Gordon also appeals summary judgment of his claim that Virtumundo violated the Washington CPA, which generally prohibits "[u]nfair methods of competition and unfair or deceptive acts or practices in the conduct of any trade or commerce." Wash. Rev.Code. § 19.86.020.[24] A plaintiff must typically prove five elements to establish a CPA violation: (1) an unfair or deceptive act or practice, (2) in trade or commerce, (3) that impacts the public interest, (4) which causes injury to the party in his business or property, and (5) the injury must be causally linked to the unfair or deceptive act. Hangman Ridge Training Stables, Inc. v. Safeco Title Ins. Co., 105 Wash.2d 778, 719 P.2d 531, 535-37 (1986). A violation of CEMA, however, likely constitutes a per se CPA violation.[25]See Wash. Rev. Code § 19.190.030; Heckel I, 24 P.3d at 407 ("RCW 19.190.030 makes a violation of [CEMA] a per se violation of the [CPA]....").
Gordon primarily relies upon alleged CEMA violations to establish his CPA claim. Because his CEMA claims fail as a matter of law, his CPA claims, to the extent grounded in CEMA violations, are likewise inadequate and were properly dismissed.
To the extent that Gordon also brings independent CPA claims, they too fail. Gordon has failed to identify an act or practice that "misleads or misrepresents something of material importance." Nguyen v. Doak Homes, Inc., 140 Wash. App. 726, 167 P.3d 1162, 1166 (2007) (emphasis *1066 added); accord Robinson v. Avis Rent-A-Car Sys., Inc., 106 Wash.App. 104, 22 P.3d 818, 824 (2001) ("[K]nowing failure to reveal something of material importance is `deceptive' within the CPA."). Because Gordon's CPA claims are not predicated on unfair or deceptive conduct that has "the capacity to deceive a substantial portion of the public," Hangman Ridge, 719 P.2d at 535, summary judgment was appropriate. See Carlile v. Harbour Homes, Inc., 147 Wash.App. 193, 194 P.3d 280, 289 (2008) (confirming that whether an act is unfair or deceptive is a question of law).
Additionally, in order to succeed on a CPA claim, "[a] plaintiff must establish that, but for the defendant's unfair or deceptive practice, the plaintiff would not have suffered an injury." Indoor Billboard/Wash., Inc. v. Integra Telecom of Wash., Inc., 162 Wash.2d 59, 170 P.3d 10, 22 (2007). Here, Gordon seeks only statutory damages and, despite more than adequate opportunity, has made no attempt to show that Virtumundo proximately caused him actual harm. Because Gordon has failed in his burden to provide sufficient evidence to establish an essential element of this cause of action, his CPA claims must also fail as a matter of law. See River City Markets, Inc. v. Fleming Foods West, Inc., 960 F.2d 1458, 1462 (9th Cir. 1992).
VI
We briefly address Gordon's remaining arguments and assignments of error on appeal. His claim that summary judgment violated the Seventh Amendment is devoid of merit. "As the Supreme Court held, over one hundred years ago, a summary judgment proceeding does not deprive the losing party of its Seventh Amendment right to a jury trial." In re Slatkin, 525 F.3d 805, 811 (9th Cir.2008) (citing Fid. & Deposit Co. of Md. v. United States, 187 U.S. 315, 319-21, 23 S. Ct. 120, 47 L. Ed. 194 (1902)). Further, Gordon, dissatisfied with the result in the Western District of Washington, cannot now challenge his initial choice of venue on appeal. See generally Olberding v. Ill. Cent. R.R. Co., 346 U.S. 338, 340, 74 S. Ct. 83, 98 L. Ed. 39 (1953) (noting that the plaintiff relinquishes his right to object to venue by bringing his lawsuit in a particular district). Finally, we decline to entertain Gordon's poorly articulated argument that the CAN-SPAM Act is unconstitutional under the Fourth and Fourteenth Amendments. See Broad v. Sealaska Corp., 85 F.3d 422, 430 (9th Cir.1996). This constitutional challenge was neither raised before the district court, nor pressed in the reply brief or at oral argument. We reject these and any additional arguments possibly buried in Gordon's briefing not expressly addressed herein. See Indep. Towers of Wash. v. Washington, 350 F.3d 925, 929 (9th Cir.2003) (repeating the now familiar maxim: "[j]udges are not like pigs, hunting for truffles buried in briefs" (quoting United States v. Dunkel, 927 F.2d 955, 956 (7th Cir.1991))).
VII
In summary, Gordon lacks statutory standing to bring a private action for alleged violations of the CAN-SPAM Act. His state law claims fail as a matter of law because they are precluded by the Act's express preemption clause and because he has failed to demonstrate that a genuine issue of material fact exists. Accordingly, we affirm the district court's order of summary judgment.
All parties shall bear their own costs on appeal.
AFFIRMED.
GOULD, Circuit Judge, concurring:
The most pertinent conclusion for me in this case, one that I reach after a careful *1067 evaluation of the district court's comprehensive factual findings and cogent legal analysis, is that Gordon was seeking to use the CAN-SPAM Act to build a litigation factory for his personal financial benefit. For the reasons amply explained by Judge Tallman's fine opinion, the ways in which Gordon inserted himself into legal controversy here require conclusions that he is not an Internet access service ("IAS") provider and that he was not adversely affected by spam. Each of these conclusions is independently sufficient to deny Gordon statutory standing to assert his claims, and each conclusion requires our affirmance of the district court's summary judgment order.
I write separately to add this comment. In the long course of Anglo-American law, development of the common law has normally occurred in ways that gave legal remedies to persons who cried out for relief against a perceived injustice. See, e.g., Oliver Wendell Holmes, Jr., The Common Law 37 (Dover Pubs.1991) (1881) ("[T]he various forms of liability known to modern law spring from the common ground of revenge."). The body of the common law that we know as contract law developed from the need to provide remedies when certain promises were broken and more ancient common law writs were inadequate. See id. at 274-75 (tracing history of contracts to the writ of "trespass on the case," which developed because "there were many cases which did not exactly fall within the definition of trespass, but for which it was proper that a remedy should be furnished"). Similarly, tort law has for centuries expanded[1] to cover new types of claims where wrong had caused damage. See id. at 162-63 (stating that tort law is "continually adding to its specific rules" based on "[t]he tendency of a given act to cause harm under given circumstances," rules "which must be determined by experience").
In both contract and tort claims for damages, the common law always required a showing of damages proximately caused by the wrong as an element of the claim. See Hadley v. Baxendale, 9 Exch. 341 (1854) (holding that contract damages must either "aris[e] naturally" or "reasonably be supposed to have been ... the probable result of the breach of [the contract]"); Dan B. Dobbs, The Law of Torts § 377 (2001) ("In personal injury cases, the normal remedy is compensatory damages... for all losses that have proximately resulted from the tort and all losses that will so result in the future."). The branch of the common law known in England as chancery jurisdiction, which also developed in the colonies and in the early United States, was concerned with providing an equitable remedy to injured persons when common law damage remedies were inadequate. See Joseph Story, Chancery Jurisdiction: An Article Written for the North American Review, in 1820, on the Reports of Mr. Johnson, The Miscellaneous Writings of Joseph Story 165 (William W. Story ed., 2000) (1852) (stating that courts of equity are necessary because "[t]here are many cases in which the parties are without remedy at law, or in which the remedy is wholly inadequate to the attainment of justice").
Thus the common law developed ample remedies for persons who had suffered grievous harms, but, as I understand the history of our common law, it did not *1068 develop remedies for people who gratuitously created circumstances that would support a legal claim and acted with the chief aim of collecting a damage award.[2]See Charles T. McCormick, Law of Damages § 33 (1935) ("[T]he rules for awarding damages should be such as to discourage even persons against whom wrongs have been committed from passively suffering economic loss which could be averted by reasonable efforts, or from actively increasing such loss where prudence would require that such activity cease."). I believe that the same principles that animated the common law influenced Congress when it enacted the CAN-SPAM Act. That Congress explicitly limited claims to a subset of individuals or entities who were "adversely affected" by the proscribed conduct shows that Congress did not aim to provide a remedy to anyone or any entity who sought out a position where the alleged harm might inevitably occur. But, for a person seeking to operate a litigation factory, the purported harm is illusory and more in the nature of manufactured circumstances in an attempt to enable a claim. In my view, manufactured claims should not be tolerated absent a clear endorsement from Congress. Such claims would not likely have been recognized at common law, and Congress here wisely excluded them.
Judge Tallman's opinion rightly focuses on language in the legislative history stating that only bona fide IAS providers should have statutory standing. I would presume a bona fide requirement even without this legislative history because Congress provided a private right of action for CAN-SPAM violations but expressly limited it to certain individuals and entities. Given this limited private right of action, statutory standing should be denied to plaintiffs such as Gordon who purposely structure themselves to look like one of the limited entities eligible to sue but do so for the primary purpose of collecting damages and settlements from litigation. Such individuals trying to game the system do not fall into the limited class to which Congress made available a private remedy, and ordinarily they should be denied statutory standing. That the legislative history specifies bona fide IAS providers strengthens our conclusion that Gordon's suit should be dismissed, but the legislative history is not necessary to reach this conclusion in light of the common-law antecedents that do not favor manufactured claims.
*1069 There are a few areas in which our developing statutory law has embraced the concept of permitting claims by those who insert themselves in the controversy for the express purpose of creating a lawsuit. One of the best examples is that we accord standing to those who "test" for discrimination in housing by feigning interest in a housing site. See, e.g., Havens Realty Corp. v. Coleman, 455 U.S. 363, 373-74, 102 S. Ct. 1114, 71 L. Ed. 2d 214 (1982). There may be good reasons for allowing this practice as a way to strengthen the enforcement of housing discrimination laws, and Congress provided a broad standing provision for private actors. In permitting standing for testers, the Supreme Court reasoned that Congress "conferred on all `persons' a legal right to truthful information about available housing" and "plainly omitted" a "bona fide" requirement for standing when it explicitly required one elsewhere in the same section of the fair housing statute. Id.
Similarly, we accord standing to individuals who sue defendants that fail to provide access to the disabled in public accommodation as required by the Americans with Disabilities Act ("ADA"), even if we suspect that such plaintiffs are hunting for violations just to file lawsuits. See Molski v. Evergreen Dynasty Corp., 500 F.3d 1047, 1061-62 (9th Cir.2007) (per curiam) ("For the ADA to yield its promise of equal access for the disabled, it may indeed be necessary and desirable for committed individuals to bring serial litigation advancing the time when public accommodations will be compliant with the ADA."). There, too, however, Congress provided standing to "any person" subjected to disability discrimination in violation of the ADA, and it also did not expressly require a showing of injury or adverse effect from the discrimination. 42 U.S.C. § 12188(a)(1); accord Molski v. M.J. Cable, Inc., 481 F.3d 724, 730 (9th Cir.2007).[3]
We should not extend the concept of "tester" standing to an area where we do not have confidence that Congress intended to empower anyone to make claims. Unlike the broad standing provisions in the housing discrimination laws and the ADA, here the CAN-SPAM statutory language grants a private right of action not to "all persons" regardless of injury, but only to IAS providers who suffer adverse effect. These requirements make clear that a litigation-seeking party in Gordon's circumstances has no standing to proceed under the CAN-SPAM Act.
NOTES
[1] While "spam" in this context does not have a precise definition, it is typically understood to refer broadly to unsolicited e-mail messages (or "junk" e-mail), typically commercial in nature. See United States v. Kelley, 482 F.3d 1047, 1055 (9th Cir.2007) (Thomas, J., dissenting).
The term "SPAM" originated as the trademark name for a canned pre-cooked meat product manufactured by Hormel Foods Corporation. See Hormel Foods Corp. v. Jim Henson Productions, Inc., 73 F.3d 497, 500 (2d Cir.1996). The e-mail-related connotation has its roots in a popular 1970 sketch by the British comedy troupe Monty Python's Flying Circus, in which the word "spam" is repeated to the point of absurdity. Kelley, 482 F.3d at 1056 n. 2 (Thomas, J. dissenting) (citing CompuServe Inc. v. Cyber Promotions, Inc., 962 F. Supp. 1015, 1018 n. 1 (S.D.Ohio 1997)). A waitress recites menu items, which, to the restaurant patrons' dismay, involve increasingly repetitive mention of SPAM, only to be periodically interrupted by a group of Vikings chanting a chorus about SPAM until normal dialogue is impossible. David Crystal, Language and the Internet 53-54 (2001) (citing to Monty Python's Flying Circus, 2d series, episode 25 (BBC television broadcast Dec. 15, 1970)). Thus, in the context of the Internet, "spam" has come to symbolize unwanted, and perhaps annoying, repetitious behavior that drowns out ordinary discourse. The term was first used in the electronic messaging context to describe the practice of sending advertisements to many recipients, particularly on newsgroup forums. Id. But see S.Rep. No. 108-102, at 2 n.1 (2003), as reprinted in 2004 U.S.C.C.A.N. 2348, 2348 (noting that "[i]t all started in early Internet chat rooms and interactive fantasy games where someone repeating the same sentence or comment was said to be making `spam.'").
[2] Unless otherwise specified, we use the term "Gordon" in the recitation of the facts to collectively refer to both plaintiffs, Gordon and Omni. Omni has no employees, and Gordon is its manager and sole member.
[3] Gordon further admits subscribing to various mailing lists as part of his "reconnaissance" activities in preparation for his pending and potential lawsuits. For example, Gordon would register his e-mail address in order to gain access to corporate information about potential defendants.
[4] For example, in his motion for partial summary judgment, which the district court denied, Gordon sought statutory damages in the amount of $10,257,000, plus attorney's fees and costs, based on 7,890 allegedly unlawful e-mails.
[5] A notice of appeal was filed on behalf of both Gordon and Omni. Gordon and trial counsel parted ways following the district court's summary judgment order, and Gordon proceeded pro se. Upon the filing of Gordon's opening brief, we dismissed Omni from this appeal as an improper pro se corporate appellant.
[6] The CAN-SPAM Act defines "commercial electronic mail message" to mean "any electronic mail message the primary purpose of which is the commercial advertisement or promotion of a commercial product or service (including content on an Internet website operated for a commercial purpose)," excluding transactional or relationship messages. 15 U.S.C. § 7702(2).
[7] The CAN-SPAM Act also delineates "aggravated violations" for various spamming practices such as e-mail harvesting and dictionary server attacks, see 15 U.S.C. § 7704(b), which are not at issue in this lawsuit.
[8] Statutory damages are calculated by multiplying the number of violations (i.e., the number of unlawful e-mail messages) by up to $100 in the case of a violation of § 7704(a)(1), or by up to $25 for any other violation. 15 U.S.C. § 7706(g)(3). The court may consider the defendant's conduct in setting the statutory damage award and, if it determines that violations are aggravated, may increase the damage award up to three times the amount otherwise available. Id.
[9] In support of its summary judgment motion, Virtumundo argued that, as providers of free services, Gordon and Omni did not qualify as IAS providers. The district court correctly rejected this argument because Congress expressly discussed free Internet services when it enacted the CAN-SPAM Act. See S.Rep. No. 108-102, at 3 (mentioning Microsoft's free e-mail service when discussing effects of the increasing volume of spam).
[10] The district court further reasoned that if the limited private right of action is to have any traction at all, "[n]ot only must CAN-SPAM private plaintiffs allege a particular type of harm, the adverse effect they allege must be significant." Gordon, 2007 WL 1459395, at *8 (emphasis added). The court did not explain the meaning of the term "significant." As discussed herein, we believe that Congress intended that the alleged harm be something of significance to an IAS provider. To this extent, we agree with the district court's reasoning that harm be significant.
[11] In their amicus brief, ASIS Internet Services, Joel Householter, and Ritchie Phillips (collectively, "ASIS") argue that "harm" for CAN-SPAM standing purposes is merely "the cost of carrying SPAM emails over the [Internet access provider]'s facilities." This view contradicts the plain text of the statute and the legislative goal of limiting the private right of action. No court has adopted this position, and we reject it as well. Congress stated that the private standing provision of § 7706(g)(1) "could include a service provider who carried unlawful spam over its facilities, or who operated a website or online service from which recipient e-mail addresses were harvested in connection with a violation." S.Rep. No. 108-102, at 21 (emphasis added). In this context, the term "could," which has a different meaning than "would," see Rosas v. Monroe County Tax Claim Bureau, 323 B.R. 893, 900 (Bankr.M.D.Pa.2004) ("There is a clear difference between the plain meaning of the words `could', `might' and `will.'"), implies that encountering spam is merely a component of the standing equation. Some qualifying harm must follow.
[12] Whether a private plaintiff must allege and prove that the defendant's particular e-mails caused ISP-type harms has been a point of conflict among district courts. While summary judgment in our case did not turn on a lack of causation, the district court's order has contributed to the confusion within our circuit. In finding a lack of "adverse effect" to support standing, the district court remarked that Gordon and Omni "have alleged absolutely no financial hardship or expense due to e-mails they received from Defendants." Gordon, 2007 WL 1459395, at *8 (emphasis added). Subsequent courts have interpreted this language to impose upon private plaintiffs the burden of showing that a defendant's e-mails directly caused the harm alleged. See Optin Global, 2008 WL 1902217, at *17 ("While there is some evidence that spam generally has imposed costs on ASIS over the years, there is no evidence that the Emails at issue in this action resulted in adverse effects to ASIS...."); Brosnan, 2008 WL 413732, at *2-*3 (dismissing sua sponte plaintiff's CAN-SPAM Act claims for lack of standing and citing Gordon for the proposition that "[t]he plaintiff must have suffered actual adverse effects as a result of Defendant's actions"). As some subsequent courts have cautioned, we are troubled by the possibility that imposing a direct causation requirement, although not inconsistent with the statutory text, might create an unworkable standard for private plaintiff standing given the impracticability of tracing a harm to a specific e-mail or batch of e-mails. See Active Response, 2008 WL 2952809, at *5. This reading erects a barrier that could in some situations insulate wrongdoers, especially less prolific spammers, from private enforcement actions. Nevertheless, our holding today does not foreclose this possible interpretation of § 7706(g)(1). We reserve this determination for another case where the issue is squarely presented to us and adequately briefed by the parties.
[13] We also note that there may be significance in distinguishing Gordon from Omni, a non-party to this appeal. See Real Marketing Servs., LLC v. Protocol Commc'ns, Inc. (In re Real Marketing Servs., LLC), 309 B.R. 783, 788 (Bankr.S.D.Cal.2004) (holding that managing member lacked standing to bring claims for damages of LLC), relied upon in Finley v. Takisaki, No. 05-1118, 2006 WL 1169794, at *2-*3 (W.D.Wash. Apr.28, 2006) (holding that, under Washington law, LLC members lacked standing because their claimed loss derived solely from their membership in the LLC); see generally United States v. Stonehill, 83 F.3d 1156, 1160 (9th Cir.1996) ("Well-established principles of corporate law prevent a shareholder from bringing an individual direct cause of action for an injury done to the corporation or its property by a third party."). The record is murky as to the distinction, due largely to Gordon's inability to distinguish himself as an individual from his capacity as Omni's agent. Because Omni has been dismissed from this appeal, Gordon's claims are even weaker.
[14] Gordon has filed and continues to file numerous actions in state and federal courts against various defendants, often representing himself pro se. As the district court noted, in 2006 and 2007, Omni was a party to 10 other lawsuits pending in the Western District of Washington alone.
[15] As should be apparent here, "the law" that Gordon purportedly enforces relates more to his subjective view of what the law ought to be, and differs substantially from the law itself.
[16] CEMA provides for greater per-violation statutory damages than the CAN-SPAM Act. A recipient of commercial e-mail or electronic text messages may recover $500 per violation, and an "interactive computer service" may recover $1,000 per violation. Wash. Rev. Code § 19.190.040. An "interactive computer service" is defined as "any information service, system, or access software provider that provides or enables computer access by multiple users to a computer server, including specifically a service or system that provides access to the internet and such systems operated or services offered by libraries or educational institutions." Wash. Rev.Code § 19.190.010(8).
[17] We acknowledge, however, that the State's proposed interpretation is not unfounded. Some state court decisions imply a narrow interpretation of CEMA. See State v. Heckel, 143 Wash.2d 824, 24 P.3d 404, 412-13 (2001) (en banc) ("Heckel I") (commenting that "[CEMA] reaches only those deceptive [unsolicited commercial e-mail] messages directed to a Washington resident or initiated from a computer located in Washington"); Heckel II, 93 P.3d at 193-94 (affirming the judgment and permanent injunction in favor of the State and remarking that "the Act is narrowly tailored to regulate only deceptive commercial speech, which is not protected by the First Amendment"). Moreover, the provision at issue is titled "Unpermitted or misleading electronic mail," Wash. Rev.Code § 19.190.020 (emphasis added), which suggests that CEMA's prohibition extends only to deceptive commercial e-mail. See Bhd. of R.R. Trainmen v. Baltimore & Ohio R.R. Co., 331 U.S. 519, 528-29, 67 S. Ct. 1387, 91 L. Ed. 1646 (1947) (noting that the title of a statute and the heading of a section may help "shed light on some ambiguous word or phrase"). This reading also finds support in the statute's intersection with Washington's consumer protection laws. See Wash. Rev.Code §§ 19.190.030(3) and 19.190.100. Logic dictates that by equivocating violations of CEMA to violations of the CPA, the Washington Legislature intended to adopt the CPA's deceptiveness standard.
[18] The Oklahoma statute prohibited the initiation of an e-mail message that the sender knows or has reason to know "[m]isrepresents any information in identifying the point of origin or the transmission path of the electronic mail message," "[d]oes not contain information identifying the point of origin or the transmission path of the electronic mail message," or "[c]ontains false, malicious, or misleading information which purposely or negligently injures a person." Okla. Stat. tit. 15, § 776.1(A).
[19] As a matter of clarity, the district court's summary judgment order mistakenly refers to Mummagraphics as the "plaintiff." Mummagraphics was a defendant in the underlying lawsuit and had alleged violations of the CAN-SPAM Act and Oklahoma law as counterclaims against plaintiff, Omega World Travel. Omega, 469 F.3d at 352.
[20] Our reliance on Omega is limited to the Fourth Circuit's interpretation of the CAN-SPAM Act's preemption clause. We pass no judgment on whether summary judgment was appropriate based on the unique facts of that particular case.
[21] The State argues that this policy goal does not extend to illegitimate commercial behavior, such as unfair or deceptive business practices. This argument, however, begs the question. Whether the exception language of § 7707(b) permits states to prohibit e-mail activity that is not unfair or deceptive is precisely the issue before us.
[22] WHOIS is a publically available online database through which users can access information regarding domains, including the registrant's name, address, phone number, and e-mail address. See Definitions, Implementation, and Reporting Requirements Under the CAN-SPAM Act, 70 Fed.Reg. 25,426, 25,446 n.233 (proposed May 12, 2005) (to be codified at 16 C.F.R pt. 316). WHOIS data is compiled by registrars from information submitted by registrants.
[23] The State argues against preemption, citing Beyond Systems, Inc. v. Keynetics, Inc., 422 F. Supp. 2d 523 (D.Md.2006). The district court there denied defendants' motion to dismiss, concluding that the CAN-SPAM Act did not preempt Maryland's Commercial Electronic Mail Act, Md.Code Ann., Com. Law § 14-3001 et seq. ("MCEMA"), a statute modeled after Washington's CEMA. Id. at 532 n. 11 & 537-38. The State, without offering much in the way of independent analysis or explanation, contends that "[b]ecause CEMA is substantially identical to MCEMA, this Court should apply the same preemption analysis and find that CEMA is not preempted by CAN-SPAM." We decline this invitation. Notwithstanding the non-precedential nature of a district court opinion from another circuit, see United States v. Ensminger, 567 F.3d 587, 591 (9th Cir.2009), we find Beyond Systems to be of no persuasive value here. Unlike the Maryland district court, we are reviewing summary judgment on a well-developed record. More significantly, however, we view its preemption analysis as flawed. Without considering the factual allegations underlying the plaintiff's claims, the court there held that MCEMA was not inconsistent with the goals of the CAN-SPAM Act and that "insofar as a state statute is not inconsistent with CAN-SPAM, it will not be deemed pre-empted." Beyond Sys., 422 F.Supp.2d at 537-38. The Maryland court not only fundamentally misconstrued the legislative purpose of the federal act, its analysis also belies the doctrine of express preemption. Indeed, the sole authority upon which the court relied dealt with field preemption not, as was the case before it (or as is the case here), express preemption. See Colo. Anti-Discrimination Comm'n v. Continental Air Lines, 372 U.S. 714, 723, 83 S. Ct. 1022, 10 L. Ed. 2d 84 (1963) (finding "no express or implied [congressional] intent to bar state legislation in this field" and upholding a state statute barring discriminatory hiring practices by airlines).
[24] The CAN-SPAM Act does not preempt CPA claims generally. The preemption clause states that the federal act will not preempt the applicability of state laws not specific to commercial e-mail. 15 U.S.C. § 7707(b)(2).
[25] Section 19.190.030 states, in relevant part:
(1) It is a violation of the consumer protection act, chapter 19.86 RCW, to conspire with another person to initiate the transmission or to initiate the transmission of a commercial electronic mail message that:
(a) Uses a third party's internet domain name without permission of the third party, or otherwise misrepresents or obscures any information in identifying the point of origin or the transmission path of a commercial electronic mail message; or
(b) Contains false or misleading information in the subject line.
Wash. Rev.Code § 19.190.030.
[1] An example of this expansion is seen in Judge Cardozo's famous opinion in MacPherson v. Buick Motor Co., 217 N.Y. 382, 111 N.E. 1050 (1916), which did much to influence the demise of the privity barrier and opened the way for claims by any person injured by a manufacturer's negligence. See Dan B. Dobbs, The Law of Torts § 353 (2001) ("Judge Cardozo substantially abolished the privity rule for negligence cases in the famous MacPherson case....").
[2] Here of course we deal with a statute, the CAN-SPAM Act, and it is sometimes thought that statutory law is separate from the common law. However, on close examination, many distinctions between common law and statutory law disappear. The English common law, for example, was built in part upon ancient statutory law which, even once it was no longer applicable, had created usages and customs from which the common law developed. See, e.g., Sir Matthew Hale, The History of the Common Law of England, ch. 1, (Charles M. Gray ed., 1971) (1713) ("[M]any of those Things that now obtain as Common Law, had their Original by Parliamentary Acts or Constitutions, made in Writing by the King, Lords and Commons; though those Acts are now either not extant, or if extant, were made before Time of Memory...."); 2 Sir William Searle Holdsworth, A History of English Law 145-46 (3d ed.1922) (discussing formation of English common law after the Norman Conquest and concluding that "the influence of the civil and canon law is perhaps the most important of all the external influences which have shaped the development of English law"). Similarly, when we consider statutory law, the United States Supreme Court has told us that we are to presume that Congress has acted with knowledge of the prior common law. See Astoria Federal Sav. and Loan Ass'n v. Solimino, 501 U.S. 104, 108, 111 S. Ct. 2166, 115 L. Ed. 2d 96 (1991) ("Congress is understood to legislate against a background of common-law adjudicatory principles.").
[3] Evergreen Dynasty also involved state disability claims under California's Unruh Civil Rights Act, Cal. Civ.Code § 51 et seq., and the standing provisions under that statute are similarly broad. See Cal. Civ.Code § 52(a) (holding that violators of the Act are liable to "any person denied the rights" guaranteed by the Act); Botosan v. Paul McNally Realty, 216 F.3d 827, 835 (9th Cir.2000) (holding that under the Unruh Act, "proof of actual damages is not a prerequisite to recovery of statutory minimum damages"); cf. Evergreen Dynasty, 500 F.3d at 1060 n. 6 (citing cases suggesting that in general "statutory damages do not require proof of injury").