FINAL BILL REPORT
E2SHB 1888
C 378 L 05
Synopsis as Enacted
Brief Description: Regulating internet fraud.
Sponsors: By House Committee on Appropriations (originally sponsored by Representatives Nixon, Morris, Hunter, B. Sullivan, Simpson, Ormsby, Morrell, Haler, Clibborn, Ericks, Williams, Darneille, Dunn, Dickerson, P. Sullivan, Green and Hudgins).
House Committee on Technology, Energy & Communications
House Committee on Appropriations
Senate Committee on Financial Institutions, Housing & Consumer Protection
Background:
Unsolicited E-mail
In 1998, legislation was enacted regulating commercial electronic mail (e-mail) messages,
collectively referred to as "spam." A commercial electronic mail message is an e-mail
message sent for the purpose of promoting real property, goods, or services for sale or lease.
In particular, the laws prohibit the sending of commercial e-mail from a computer located in
Washington to an e-mail address of a Washington resident if the commercial e-mail uses:
The law not only prohibits the sender from sending a false or misleading commercial e-mail
message, but also prohibits anyone who conspires with the sender or who assists in the
transmission of a false or misleading commercial e-mail message.
A recipient or an Internet Service Provider may bring a civil action against a sender who
violates the laws relating to commercial electronic mail messages. In the case of a suit
brought by a recipient, the penalty is the greater of $500 or actual damages incurred. In the
case of a lawsuit brought by an Internet Service Provider, the penalty is the greater of $1,000
or actual damages. A violation of the laws relating to commercial electronic mail messages
is also a violation of the Consumer Protection Act and may be enforced by the Attorney
General. A violation of the Consumer Protection Act may result in a civil fine, treble
damages, court costs, and attorneys' fees.
Phishing
The term "phishing" generally refers to a type of Internet activity that uses fraudulent e-mails
and websites to solicit personal financial information from an e-mail recipient. Typically, a
user receives an e-mail that appears to be from a familiar business or organization, such as an
Internet Service Provider, bank, or online retailer. The message usually requests that the
recipient update or validate his or her account information by clicking on a link embedded in
the e-mail. Once the recipient clicks on the link, the user is taken to a fraudulent website
where the user is asked to input personal and confidential information.
Summary:
A person is prohibited from soliciting, requesting, or taking any action to induce another
person to provide personally identifying information by means of a web page, electronic mail
message, or otherwise using the Internet by representing oneself, either directly or by
implication, to be a business or individual, without the authority or approval of such business
or individual.
"Personally identifiable information" is defined as any of the following types of information:
An injured person may bring a civil action against a person or entity that directly violates
these provisions and seek damages of up to $500 per violation, or actual damages, whichever
is greater.
An Internet Service Provider, an owner of a web page, or a trademark owner may bring a
civil action against a person or entity that directly violates these provisions and seek to enjoin
further violations, and may also recover $5,000 per violation, or actual damages, whichever is
greater. In addition, the court may increase the damage award up to three times (up to
$15,000) if the defendant has engaged in a pattern and practice of engaging in the prohibited
activities. The court may also award costs and reasonable attorneys' fees to the prevailing
party.
A violation of these provisions is defined as an unfair or deceptive act for purposes of
applying the Consumer Protection Act.
Votes on Final Passage:
House 96 0
Senate 49 0 (Senate amended)
House 95 0 (House concurred)
Effective: July 24, 2005