QUESTION
Our bank’s compliance officer has the view that CAN-SPAM
requirements preempt all state laws that are similar to it. Are there any
instances where state law trumps CAN-SPAM?
ANSWER
CAN-SPAM preempts any statute, regulation, or rule of a
state, or even a political subdivision of a state, that expressly regulates the
use of electronic mail to send commercial messages – except to the extent that
any such statute, regulation, or rule prohibits falsity or deception in any
portion of a commercial electronic mail message or information attached
thereto. [15 USC § 7707(b)(1)]
Thus, CAN-SPAM carves out an exception from preemption for
state laws that govern the use of commercial email by prohibiting fraud or
deception in messages or attachments.
CAN-SPAM does not preempt the applicability of (1) state
laws that are not specific to electronic mail, including state trespass,
contract or tort laws, or (2) state laws that relate to acts of fraud or
computer crime. [15 USC § 7707(b)(2)]
State laws that are not specific to commercial email, but
would apply to commercial email (together with other types of communication or
activity), are not preempted; neither are state laws that address computer
fraud or crime more generally.
Although not specific to mortgage banking, policies and
procedures used by "internet access services" to block spam are also
protected from preemption. Internet access services’ policies and procedures
are preempted from CAN-SPAM with respect to declining to transmit, route,
relay, handle, or store certain types of electronic mail messages. [15 USC §
7707(c)]
Questions as to which state anti-spam laws are preempted,
and to what extent such laws are preempted, are ultimately answered through the
legal interpretation of courts. So far, the issue of CAN-SPAM preemption has
been addressed by three Federal Circuit Courts of Appeals: the Fourth Circuit,
the Fifth Circuit, and the Ninth Circuit.
Jonathan Foxx
President & Managing Director
Lenders Compliance Group
