CircleID

Zango, a company that used to be called 180 solutions, has a long history of making and distributing spyware. (See the Wikipedia article for their sordid history.) Not surprisingly, anti-spyware vendors routinely list Zango's software as what's tactfully called "potentially unwanted". Zango has tried to sue their way out of the doghouse by filing suit against anti-spyware vendors.

In a widely reported decision last week, Seattle judge John Coghenour crisply rejected Zango's case, finding that federal law gives Kaspersky complete immunity against Zango's complaint.

After disposing of some jurisdictional quibbles (Kaspersky writes their software in Russia and only sells it here), he addresses the key question of whether 47 USC 230(c)(2) provides immunity to Kaspersky. This is a section of the CDA originally intended to protect purveyors of anti-porn web filters, but deliberately written broadly to cover any sort of filterware. The judge found that Kaspersky is an "interactive computer service", that they consider the material blocked "otherwise objectionable", and that their users use their filters in good faith, hence the law applies, Zango has no case, dismissed. Reading the law carefully, he noted that it doesn't matter whether Zango's software is factually objectionable, only that Kaspersky considers it so, and it doesn't even matter whether Kaspersky lists them in good faith or bad, only that their users block in good faith. The decision, which is only 8 pages long, is here [PDF], and is easy to read.

This is good news for anti-spam blacklists, because you could simply replace "spyware" with "spam", and it would apply just as broadly to to blacklist providers such as Spamcop and Spamhaus. The finding that the good faith requirement applies to the users, not the filter provider, is particularly good news Legal challenges to anti-spam blacklists usually charge that the blacklist provider has a nefarious hidden agenda against the poor innocent listee. Even though the charge is baseless, it is tedious to refute since the provider has to document their listing process. Under this precedent, there's no need to refute or document; all they have to do is get affidavits from some typical users confirming that they think the blacklist is swell.

Incidentally, this is the same judge who handed down the lengthy and exasperated decision in Gordon vs. Virtumundo last month, widely seen as a defeat for the anti-spam community. This decision reminds us that if you provide a judge with good facts and good law, as Kaspersky did and Gordon didn't, you can get a good result.

By John Levine, Author, Consultant & Speaker. Visit the blog maintained by John Levine here.

Related topics: Spam