Georgia Deceptive Commercial Email
Ga. Code Ann. § 16-9-100 - § 16-9-109.1
GEORGIA CODE (Last Updated: August 20, 2013)
Title 16. CRIMES AND OFFENSES
Chapter 9. FORGERY AND FRAUDULENT PRACTICES
Article 6. COMPUTER SYSTEMS PROTECTION
Part 2. SPAM E-MAIL
§ 16-9-100. Definitions
§ 16-9-101. Initiation of deceptive commercial e-mail
§ 16-9-102. Penalties
§ 16-9-103. Venue
§ 16-9-104. Jurisdiction for prosecutions
§ 16-9-105. Civil actions
§ 16-9-106. Violations as separate offenses; construction with other laws; e-mail policies of service providers not limited or restricted
§ 16-9-107. No cause of action against service providers
Part 3. INVESTIGATION OF VIOLATIONS
§ 16-9-108. Investigative and subpoena powers of district attorneys and the Attorney General
§ 16-9-109. Disclosures by service providers pursuant to investigations
Part 4. INTERNET AND E-MAIL FRAUD
§ 16-9-109.1. Fraudulent business practices using Internet or e-mail; definitions; penalties and sanctions; immunity
Part 2. SPAM E-MAIL
Section 16-9-100. Definitions
As used in this part, the term:
(1) "Advertiser" means a person or entity that advertises through the use of commercial e-mail.
(2) "Automatic technical process" means the actions performed by an e-mail service provider's or telecommunications carrier's computers or computer network while acting as an intermediary between the sender and the recipient of an e-mail.
(3) "Commercial e-mail" means any e-mail message initiated for the purpose of advertising or promoting the lease, sale, rental, gift, offer, or other disposition of any property, services, or extension of credit.
(4) "Direct consent" means that the recipient has expressly consented to receive e-mail advertisements from the advertiser or initiator, either in response to a clear and conspicuous request for direct consent or at the recipient's own initiative.
(5) "Domain" means any alphanumeric designation which is registered with or assigned by any domain name registrar, domain name registry, or other domain name registration authority as part of an electronic address on the Internet.
(6) "Domain owner" means, in relation to an e-mail address, the actual owner at the time an e-mail is received at that address of a domain that appears in or comprises a portion of the e-mail address. The registrant of a domain is presumed to be the actual owner of that domain.
(7) "E-mail" means an electronic message that is sent to an e-mail address and transmitted between two or more telecommunications devices, computers, or electronic devices capable of receiving electronic messages, whether or not the message is converted to hard copy format after receipt, viewed upon transmission, or stored for later retrieval. The term includes electronic messages that are transmitted through a local, regional, or global computer network.
(8) "E-mail address" means a destination, commonly expressed as a string of characters, to which e-mail can be sent or delivered. An e-mail address consists of a user name or mailbox, the "@" symbol, and reference to a domain.
(9) "E-mail service provider" means any person, including an Internet service provider, that is an intermediary in sending or receiving e-mail or that provides to end-users of the e-mail service the ability to send or receive e-mail.
(10) "False or misleading," when used in relation to a commercial e-mail, means that:
(A) The header information includes an originating or intermediate e-mail address, domain name, or Internet protocol address which was obtained by means of false or fraudulent pretenses or representations;
(B) The header information fails to accurately identify the computer used to initiate the e-mail;
(C) The subject line of the e-mail is intended to mislead a recipient about a material fact regarding the content or subject matter of the e-mail;
(D) The header information is altered or modified in a manner that impedes or precludes the recipient of the e-mail or an e-mail service provider from identifying, locating, or contacting the person who initiated the e-mail;
(E) The header information or content of the commercial e-mail, without authorization and with intent to mislead, references a personal name, entity name, trade name, mark, domain, address, phone number, or other personally identifying information belonging to a third party in such manner as would cause a recipient to believe that the third party authorized, endorsed, sponsored, sent, or was otherwise involved in the transmission of the commercial e-mail;
(F) The header information or content of the commercial e-mail contains false or fraudulent information regarding the identity, location, or means of contacting the initiator of the commercial e-mail; or
(G) The commercial e-mail falsely or erroneously states or represents that the transmission of the e-mail was authorized on the basis of:
(i) The recipient's prior direct consent to receive the commercial e-mail; or
(ii) A preexisting or current business relationship between the recipient and either the initiator or advertiser.
(11) "Header information" means those portions of an e-mail message which designate or otherwise identify:
(A) The sender;
(B) All recipients;
(C) An alternative return e-mail address, if any; and
(D) The names or Internet protocol addresses of the computers, systems, or other means used to send, transmit, route, or receive the e-mail message.
The term does not include either the subject line or the content of an e-mail message.
(12) "Incident" means the contemporaneous initiation in violation of this part of one or more commercial e-mails containing substantially similar content.
(13) "Initiate" or "initiator" means to transmit or cause to be transmitted a commercial e-mail, but does not include the routine transmission of the commercial e-mail through the network or system of a telecommunications utility or an e-mail service provider.
(14) "Internet protocol address" means the unique numerical address assigned to and used to identify a specific computer or computer network that is directly connected to the Internet.
(15) "Minor" means any person under the age of 18 years.
(16) "Person" means a person as defined by Code Section 16-1-3 and specifically includes any limited liability company, trust, joint venture, or other legally cognizable entity.
(17) "Preexisting or current business relationship," as used in connection with the sending of a commercial e-mail, means that the recipient has made an inquiry and has provided his or her e-mail address, or has made an application, purchase, or transaction, with or without consideration, regarding products or services offered by the advertiser.
(18) "Protected computer" means any computer that, at the time of an alleged violation of any provision of this part involving that computer, was located within the geographic boundaries of the State of Georgia.
(19) "Recipient" means any addressee of a commercial e-mail advertisement. If an addressee of a commercial e-mail has one or more e-mail addresses to which a commercial e-mail is sent, the addressee shall be deemed to be a separate recipient for each e-mail address to which the e-mail is sent.
(20) "Routine transmission" means the forwarding, routing, relaying, handling, or storing of an e-mail message through an automatic technical process. The term shall not include the sending, or the knowing participation in the sending, of commercial e-mail advertisements.
Code 1981, § 16-9-100, enacted by Ga. L. 2005, p. 199, § 4/SB 62.
Section 16-9-101. Initiation of deceptive commercial e-mail
Any person who initiates a commercial e-mail that the person knew or should have known to be false or misleading that is sent from, passes through, or is received by a protected computer shall be guilty of the crime of initiation of deceptive commercial e-mail.
Code 1981, § 16-9-101, enacted by Ga. L. 2005, p. 199, § 4/SB 62.
Section 16-9-102. Penalties
(a) Any person convicted of a violation of Code Section 16-9-101 shall be guilty of a misdemeanor and punished by a fine of not more than $1,000.00 or by imprisonment of not more than 12 months, or both, except:
(1) Where the volume of commercial e-mail transmitted exceeded 10,000 attempted recipients in any 24 hour period;
(2) Where the volume of commercial e-mail transmitted exceeded 100,000 attempted recipients in any 30 day period;
(3) Where the volume of commercial e-mail transmitted exceeded one million attempted recipients in any one-year period;
(4) Where the revenue generated from a specific commercial e-mail exceeded $1,000.00;
(5) Where the total revenue generated from all commercial e-mail transmitted to any e-mail service provider or its subscribers exceeded $50,000.00; or
(6) Where any person knowingly hires, employs, uses, or permits any minor to assist in the transmission of commercial e-mail in violation of Code Section 16-9-101,
the person shall be guilty of a felony and punished by a fine of not more than $50,000.00 or by imprisonment of not more than five years, or both.
(b) For the second conviction of Code Section 16-9-101 within a five-year period, as measured from the dates of previous arrests for which convictions were obtained to the date of the current arrest for which a conviction is obtained, the person shall be guilty of a felony and punished by a fine of not more than $50,000.00 or by imprisonment of not more than five years, or both. For the purpose of this subsection, the term "conviction" shall include a plea of nolo contendere.
Code 1981, § 16-9-102, enacted by Ga. L. 2005, p. 199, § 4/SB 62.
Section 16-9-103. Venue
For the purpose of venue under this part, any violation of this part shall be considered to have been committed:
(1) In the county of the principal place of business in this state of the owner of an involved protected computer, computer network, or any part thereof;
(2) In any county in which any person alleged to have violated any provision of this part had control or possession of any proceeds of the violation or of any books, records, documents, or property which were used in furtherance of the violation;
(3) In any county in which any act was performed in furtherance of any transaction which violated this part; and
(4) In any county from which, to which, or through which any use of an involved protected computer or computer network was made, whether by wires, electromagnetic waves, microwaves, or any other means of communication.
Code 1981, § 16-9-103, enacted by Ga. L. 2005, p. 199, § 4/SB 62.
Section 16-9-104. Jurisdiction for prosecutions
The Attorney General shall have concurrent jurisdiction with the district attorneys and solicitors-general to conduct the criminal prosecution of violations of this part.
Code 1981, § 16-9-104, enacted by Ga. L. 2005, p. 199, § 4/SB 62.
Section 16-9-105. Civil actions
(a) The following persons shall have standing to assert a civil action under this part:
(1) Any e-mail service provider whose protected computer was used to send, receive, or transmit an e-mail that was sent in violation of this part; and
(2) A domain owner of any e-mail address to which a deceptive commercial e-mail is sent in violation of this part, provided that the domain owner also owns a protected computer at which the e-mail was received.
(b) Any person who has standing and who suffers personal, property, or economic damage by reason of a violation of any provision of this part may initiate a civil action for and recover the greater of:
(1) Five thousand dollars plus expenses of litigation and reasonable attorney's fees;
(2) Liquidated damages of $1,000.00 for each offending commercial e-mail, up to a limit of $2 million per incident, plus expenses of litigation and reasonable attorney's fees; or
(3) Actual damages, plus expenses of litigation and reasonable attorney's fees.
Code 1981, § 16-9-105, enacted by Ga. L. 2005, p. 199, § 4/SB 62.
Part 3. INVESTIGATION OF VIOLATIONS
Section 16-9-108. Investigative and subpoena powers of district attorneys and the Attorney General
(a) In any investigation of a violation of this article or any investigation of a violation of Code Section 16-12-100, 16-12-100.1, 16-12-100.2, 16-5-90, Article 8 of Chapter 5 of this title, or Article 8 of this chapter involving the use of a computer in furtherance of the act, the Attorney General or any district attorney shall have the power to administer oaths; to call any party to testify under oath at such investigation; to require the attendance of witnesses and the production of books, records, and papers; and to take the depositions of witnesses. The Attorney General or any such district attorney is authorized to issue a subpoena for any witness or a subpoena to compel the production of any books, records, or papers.
(b) In case of refusal to obey a subpoena issued under this Code section to any person and upon application by the Attorney General or district attorney, the superior court in whose jurisdiction the witness is to appear or in which the books, records, or papers are to be produced may issue to that person an order requiring him or her to appear before the court to show cause why he or she should not be held in contempt for refusal to obey the subpoena. Failure to obey a subpoena may be punished by the court as contempt of court.
Code 1981, § 16-9-108, enacted by Ga. L. 2005, p. 199, § 4/SB 62; Ga. L. 2013, p. 524, § 1-2/HB 78.
Section 16-9-109. Disclosures by service providers pursuant to investigations
(a) Any law enforcement unit, the Attorney General, or any district attorney who is conducting an investigation of a violation of this article or an investigation of a violation of Code Section 16-12-100, 16-12-100.1, 16-12-100.2, or 16-5-90, Article 8 of Chapter 5 of this title, or Article 8 of this chapter involving the use of a computer, cellular telephone, or any other electronic device used in furtherance of the act may require the disclosure by a provider of electronic communication service or remote computing service of the contents of a wire or electronic communication that is in electronic storage in an electronic communications system for 180 days or less pursuant to a search warrant issued under the provisions of Article 2 of Chapter 5 of Title 17 by a court with jurisdiction over the offense under investigation. Such court may require the disclosure by a provider of electronic communication service or remote computing service of the contents of a wire or electronic communication that has been in electronic storage in an electronic communications system for more than 180 days as set forth in subsection (b) of this Code section.
(b) (1) Any law enforcement unit, the Attorney General, or any district attorney may require a provider of electronic communication service or remote computing service to disclose a record or other information pertaining to a subscriber to or customer of such service, exclusive of the contents of communications, only when any law enforcement unit, the Attorney General, or any district attorney:
(A) Obtains a search warrant as provided in Article 2 of Chapter 5 of Title 17;
(B) Obtains a court order for such disclosure under subsection (c) of this Code section; or
(C) Has the consent of the subscriber or customer to such disclosure.
(2) A provider of electronic communication service or remote computing service shall disclose to any law enforcement unit, the Attorney General, or any district attorney the:
(A) Name;
(B) Address;
(C) Local and long distance telephone connection records, or records of session times and durations;
(D) Length of service, including the start date, and types of service utilized;
(E) Telephone or instrument number or other subscriber number or identity, including any temporarily assigned network address; and
(F) Means and source of payment for such service, including any credit card or bank account number of a subscriber to or customer of such service when any law enforcement unit, the Attorney General, or any district attorney uses a subpoena authorized by Code Section 16-9-108, 35-3-4.1, or 45-15-17 or a grand jury or trial subpoena when any law enforcement unit, the Attorney General, or any district attorney complies with paragraph (1) of this subsection.
(3) Any law enforcement unit, the Attorney General, or any district attorney receiving records or information under this subsection shall not be required to provide notice to a subscriber or customer. A provider of electronic communication service or remote computing service shall not disclose to a subscriber or customer the existence of any search warrant or subpoena issued pursuant to this article nor shall a provider of electronic communication service or remote computing service disclose to a subscriber or customer that any records have been requested by or disclosed to any law enforcement unit, the Attorney General, or any district attorney pursuant to this article.
(c) A court order for disclosure issued pursuant to subsection (b) of this Code section may be issued by any superior court with jurisdiction over the offense under investigation and shall only issue such court order for disclosure if any law enforcement unit, the Attorney General, or any district attorney offers specific and articulable facts showing that there are reasonable grounds to believe that the contents of an electronic communication, or the records or other information sought, are relevant and material to an ongoing criminal investigation. A court issuing an order pursuant to this Code section, on a motion made promptly by a provider of electronic communication service or remote computing service, may quash or modify such order, if compliance with such order would be unduly burdensome or oppressive on such provider.
(d) (1) Any records supplied pursuant to this part shall be accompanied by the affidavit of the custodian or other qualified witness, stating in substance each of the following:
(A) The affiant is the duly authorized custodian of the records or other qualified witness and has authority to certify the records;
(B) The copy is a true copy of all the records described in the subpoena, court order, or search warrant and the records were delivered to the attorney, the attorney's representative, or the director of the Georgia Bureau of Investigation or the director's designee;
(C) The records were prepared by the personnel of the business in the ordinary course of business at or near the time of the act, condition, or event;
(D) The sources of information and method and time of preparation were such as to indicate its trustworthiness;
(E) The identity of the records; and
(F) A description of the mode of preparation of the records.
(2) If the business has none or only part of the records described, the custodian or other qualified witness shall so state in the affidavit.
(3) If the original records would be admissible in evidence if the custodian or other qualified witness had been present and testified to the matters stated in the affidavit, the copy of the records shall be admissible in evidence. When more than one person has knowledge of the facts, more than one affidavit shall be attached to the records produced.
(4) No later than 30 days prior to trial, a party intending to offer such evidence produced in compliance with this subsection shall provide written notice of such intentions to the opposing party or parties. A motion opposing the admission of such evidence shall be filed within ten days of the filing of such notice, and the court shall hold a hearing and rule on such motion no later than ten days prior to trial. Failure of a party to file such motion opposing admission prior to trial shall constitute a waiver of objection to such records and affidavit. However, the court, for good cause shown, may grant relief from such waiver.
Code 1981, § 16-9-109, enacted by Ga. L. 2005, p. 199, § 4/SB 62; Ga. L. 2006, p. 72, § 16/SB 465; Ga. L. 2007, p. 283, § 1/SB 98; Ga. L. 2013, p. 524, § 1-3/HB 78.
Part 4. INTERNET AND E-MAIL FRAUD
Section 16-9-109.1. Fraudulent business practices using Internet or e-mail; definitions; penalties and sanctions; immunity
(a) As used in this part, the term:
(1) "E-mail message" means a message sent to a unique destination, commonly expressed as a string of characters, consisting of a unique user name or mailbox, commonly referred to as the "local part," and a reference to an Internet domain, commonly referred to as the "domain part," whether or not displayed, to which an electronic message can be sent or delivered.
(2) "Employer" includes a business entity's officers, directors, parent corporation, subsidiaries, affiliates, and other corporate entities under common ownership or control within a business enterprise.
(3) "Identifying information" means, with respect to an individual, any of the following:
(A) Social security number;
(B) Driver's license number;
(C) Bank account number;
(D) Credit card or debit card number;
(E) Personal identification number or PIN;
(F) Automated or electronic signature;
(G) Unique biometric data;
(H) Account password; or
(I) Any other piece of information that can be used to access an individual's financial accounts or to obtain goods or services.
(4) "Internet" shall have the meaning set forth in paragraph (10) of Code Section 16-9-151.
(5) "Web page" means a location that has a single uniform resource locator or other single location with respect to the Internet.
(b) (1) It shall be unlawful for any person with intent to defraud, by means of a web page, e-mail message, or otherwise through use of the Internet, to solicit, request, or take any action to induce another person to provide identifying information by representing himself, herself, or itself to be a business without the authority or approval of such business.
(2) It shall be unlawful for any person, with actual knowledge, conscious avoidance of actual knowledge, or willfully, to possess with intent to use in a fraudulent manner, sell, or distribute any identifying information obtained in violation of paragraph (1) of this subsection.
(c) Any person who intentionally violates subsection (b) of this Code section shall be guilty of a felony and shall be punished by imprisonment for not less than one nor more than 20 years, a fine of not less than $1,000.00 nor more than $500,000.00, or both.
(d) (1) No employer shall be held criminally liable under this Code section as a result of any actions taken:
(A) With respect to computer equipment used by its employees, contractors, subcontractors, agents, leased employees, or other staff which the employer owns, leases, or otherwise makes available or allows to be connected to the employer's network or other computer facilities when such equipment is used for an illegal purpose without the employer's knowledge, consent, or approval; or
(B) By employees, contractors, subcontractors, agents, leased employees, or other staff who misuse an employer's computer equipment for an illegal purpose without the employer's knowledge, consent, or approval.
(2) No person shall be held criminally liable under this Code section when its protected computers, computer equipment, or software product has been used by unauthorized users to violate this Code section without such person's knowledge, consent, or approval.
(e) This Code section shall not apply to a telecommunications provider's or Internet service provider's good faith transmission or routing of, or intermediate temporary storing or caching of, identifying information.
(f) No provider of an interactive computer service may be held liable in a civil action under any law of this state, or any of its political subdivisions, for removing or disabling access to content on an Internet website or other online location controlled or operated by such provider, when such provider believes in good faith that such content has been used to engage in a violation of this part.
Code 1981, § 16-9-109.1, enacted by Ga. L. 2008, p. 442, § 1/SB 24; Ga. L. 2011, p. 752, § 16/HB 142.
For more information, see here: http://ga.elaws.us/law/16-9%7C6
These materials were obtained directly from the State Legislative websites and are posted here for your review and reference only. No Claim to Original State Government Works. This may not be the most recent version. The State may have more current information. We make no guarantees or warranties about the accuracy or completeness of this information, or the information linked to. Please check the linked sources directly.