HOUSE BILL REPORT
E2SHB 1888
As Amended by the Senate
Title: An act relating to electronic mail fraud.
Brief Description: Regulating electronic mail fraud.
Sponsors: By House Committee on Appropriations (originally sponsored by Representatives Nixon, Morris, Hunter, B. Sullivan, Simpson, Ormsby, Morrell, Haler, Clibborn, Ericks, Williams, Darneille, Dunn, Dickerson, P. Sullivan, Green and Hudgins).
Brief History:
Technology, Energy & Communications: 2/15/05, 2/17/05 [DPS];
Appropriations: 3/1/05, 3/2/05 [DP2S(w/o sub TEC)].
Floor Activity:
Passed House: 3/9/05, 96-0.
Senate Amended.
Passed Senate: 4/7/05, 49-0.
Brief Summary of Engrossed Second Substitute Bill |
|
HOUSE COMMITTEE ON TECHNOLOGY, ENERGY & COMMUNICATIONS
Majority Report: The substitute bill be substituted therefor and the substitute bill do pass. Signed by 11 members: Representatives Morris, Chair; Kilmer, Vice Chair; Crouse, Ranking Minority Member; Haler, Assistant Ranking Minority Member; Ericks, Hudgins, Nixon, P. Sullivan, Sump, Takko and Wallace.
Staff: Kara Durbin (786-7133).
HOUSE COMMITTEE ON APPROPRIATIONS
Majority Report: The second substitute bill be substituted therefor and the second substitute bill do pass and do not pass the substitute bill by Committee on Technology, Energy & Communications. Signed by 29 members: Representatives Sommers, Chair; Fromhold, Vice Chair; Alexander, Ranking Minority Member; Anderson, Assistant Ranking Minority Member; McDonald, Assistant Ranking Minority Member; Armstrong, Bailey, Buri, Clements, Cody, Conway, Darneille, Dunshee, Grant, Haigh, Hinkle, Hunter, Kagi, Kenney, Kessler, Linville, McDermott, McIntire, Miloscia, Pearson, Priest, Schual-Berke, Talcott and Walsh.
Staff: Nona Snell (786-7153).
Background:
Unsolicited E-mail:
In 1998, legislation was enacted regulating commercial electronic mail (e-mail) messages,
collectively referred to as "spam." A commercial electronic mail message is an e-mail
message sent for the purpose of promoting real property, goods, or services for sale or lease.
In particular, the laws prohibit the sending of commercial e-mail from a computer located in
Washington to an e-mail address of a Washington resident if the commercial e-mail uses:
The law not only prohibits the sender from sending a false or misleading commercial e-mail
message, but also prohibits anyone who conspires with the sender or who assists in the
transmission of the commercial e-mail message. A sender is responsible for knowing that a
recipient is a Washington resident, if that information is available, upon request, from the
registrant of the internet domain name contained in the recipient's electronic mail address,
typically the internet service provider. The Attorney General and the Washington
Association of Internet Service Providers have established a voluntary on-line registry where
a Washington resident can register their e-mail address.
An interactive computer service (which includes internet service providers) may block the
transmission of commercial e-mail that it reasonably believes is being sent in violation of the
law and may not be held liable for this voluntary action taken in good faith.
A recipient or an internet service provider may bring a civil action against a sender who
violates the laws relating to commercial electronic mail messages. In the case of a suit
brought by a recipient, the penalty is the greater of $500 or actual damages incurred. In the
case of a lawsuit brought by an internet service provider, the penalty is the greater of $1,000
or actual damages. A violation of laws relating to commercial electronic mail messages is
also a violation of the Consumer Protection Act and may be enforced by the Attorney
General. A violation of the Consumer Protection Act may result in a civil fine, treble
damages, court costs, and attorneys' fees.
Phishing:
The term "phishing" generally refers to a type of internet activity that uses fraudulent e-mails
and websites to solicit personal financial information from an e-mail recipient. Typically, a
user receives an e-mail that appears to be from a familiar business or organization, such as an
internet service provider, bank, or online retailer. The message usually requests that the
recipient update or validate his or her account information by clicking on a link embedded in
the e-mail. Once the recipient clicks on the link, the user is taken to a fraudulent website
where the user is asked to input personal and confidential information.
Summary of Engrossed Second Substitute Bill:
This law prohibits a person from soliciting, requesting, or taking any action to induce another
person to provide personally identifying information by means of a web page, electronic mail
message, or otherwise using the internet by representing oneself, either directly or by
implication, to be a business or individual, without the authority or approval of such business
or individual.
"Personally identifiable information" is defined as any of the following types of information:
An Injured person may bring a civil action against a person or entity that directly violates this
act and seek damages of up to $500 per violation, or actual damages, whichever is greater.
An internet service provider, an owner of a web page, or a trademark owner may bring a civil
action against a person or entity that directly violates this act and seek to enjoin further
violations, and may also, recover $5,000 per violation, or actual damages, whichever is
greater. In addition, the court may increase the damage award up to three times (up to
$15,000) if the defendant has engaged in a pattern and practice of engaging in the prohibited
activities. The court may also award costs and reasonable attorneys' fees to the prevailing
party.
A savings clause is added to clarify that the bill does not alter application of the Consumer
Protection Act to future cases.
There is a severability clause.
EFFECT OF SENATE AMENDMENT(S):
The amendment adds government agencies to the definition of "person" and makes a
technical change. It also makes conduct prohibited under this bill a per se violation of the
Consumer Protection Act, chapter 19.86 RCW.
Appropriation: None.
Fiscal Note: Available.
Effective Date: The bill takes effect 90 days after adjournment of session in which bill is passed.
Testimony For: (Technology, Energy & Communications) This is a widespread problem. Many computer users receive multiple fraudulent e-mails per day. These phishing e-mails create a sense of urgency and look very real. It is very easy for phishers to forge e-mail addresses. Often, the link the computer user sees on his or her screen is not where the link actually goes to. The fake site looks almost identical to the real site. Financial institutions support this bill because ultimately it is their customers that are the bait. The banks often have to bear some of the costs. This bill is needed because it is estimated that phishing-related losses will exceed $150 million in Washington this year.
Testimony For: (Appropriations) Phishing is a common problem that effects everyone who
uses the Internet. There are some costs as a result of the bill, but there is also potential
revenue from fines. The penalties are civil, not criminal.
The bill will empower the current effort to reduce spam. It will make Washington a hostile
environment for people who misrepresent themselves over the Internet.
Testimony Against: (Technology, Energy & Communications) None.
Testimony Against: (Appropriations) None.
Persons Testifying: (Technology, Energy & Communications) Representative Nixon, prime sponsor; Gary Gardner, Boeing Employees Credit Union and Washington Association of Internet Service Providers; Denny Eliason, Washington Bankers Association; and Steve Larsen, Office of the Attorney General, High-Tech Section.
Persons Testifying: (Appropriations) Representative Nixon, prime sponsor.