Iowa Electronic Mail (Iowa Code § 716A.1 - § 716A.7)

Iowa Electronic Mail

Iowa Code § 716A.1 - § 716A.7

 

SUMMARY:

Unsolicited Bulk Email/Penalties.

A person is guilty of an aggravated misdemeanor when they (i) intentionally falsify/forge email transmission/routing info in sending unsolicited bulk email; or (ii) knowingly sell/give/distribute/possess, with intent to sell/give/distribute, software that (a) is mainly designed/produced to; (b) has only limited commercially significant purpose/use other than to; or (3) is marketed by a person acting alone (or with another with their knowledge) for use in facilitating/enabling the falsification of email transmission/routing info.

A person is guilty of a class "D" felony when the:

  • Volume of unsolicited bulk email exceeds (i) 10k recipients in 24 hours; (ii) 100k recipients in 30 days; or (iii) one million recipients in 1 year.  

  • Revenue generated from (i) a specific email exceeds $1k; or (ii) all bulk email exceeds $50k.

  • Person knowingly hires, employs, uses, or permits a minor to assist in sending bulk email.

An organization sending emails to its members is not a violation.

Encryption Use/Penalty.

A person who willfully uses encryption to further a crime is guilty of a separate crime, in addition to the original crime the encryption furthered, and is punishable as an aggravated misdemeanor.

Damages/Venue/Forfeiture.

A person injured can file an action and recover any damages including lost profits/attorney fees/costs.  They can choose, in lieu of actual damages, to recover either the lesser of $10 per email, or $25k per day; or $1 per intended recipient, or $25k per day.  No person will file an action against an email service provider that merely sends the unsolicited bulk email in violation over their network.  At the request of any party, the court can conduct all legal proceedings in a way to protect the secrecy/security of the computer/network/data/program/software involved, in order to prevent possible recurrence of the same/similar act by another, and to protect any trade secrets.  Nothing here limits a person's right to pursue any additional remedy available to them.

Statute of limitation is the earlier of 5 years after the last act in violation, or 2 years after the injured person discovers (reasonably should have discovered) the last act in violation.  Personal jurisdiction can be exercised over any person who engages in any act in IA.

A violation here is a violation of Iowa’s Consumer Frauds.  All the powers the Attorney General has under that law, they have here to enforce this law, including the power to issue subpoenas, adopt rules, and seek injunctive relief/penalties.  In seeking reimbursement from a person in violation, the Attorney General can get an order from the court that a person pay the Attorney General, on behalf of consumers, the amounts that the person is liable for each consumer affected.

A violation is considered to have been committed in any county where (i) the act was performed; (ii) the owner’s place of business is; (iii) the offender has control or possession of any proceeds from the violation, or of any books, records, docs, property, financial, instrument, software, program, data, material, or objects used to further the violation; (iv) access to a computer/network was made by wires, electromagnetic waves, microwaves, or any other means of communication; (v) the offender resides; or (vi) a computer that is the object/instrument of the violation is located at the time of the crime.

All property including all income/proceeds earned, but not yet received from a 3rd party, used in connection with a violation, or known by the owner to have been used in violation, will be subject to seizure/forfeiture.

 

CITATION:

716A.1 Definitions.

As used in this chapter, unless the context otherwise requires:

1. “Computer” means the same as defined in section 702.1A.

2. “Computer data” means the same as defined in section 702.1A.

3. “Computer network” means the same as defined in section 702.1A.

4. “Computer operation” means arithmetic, logical, monitoring, storage, or retrieval functions, or any combination thereof, and includes, but is not limited to, communication with, storage of data to, or retrieval of data from any device or human hand manipulation of electronic or magnetic impulses. “Computer operation” for a particular computer may also mean any function for which the computer was generally designed.

5. “Computer program” means an ordered set of data representing coded instructions or statements that, when executed by a computer, causes the computer to perform one or more computer operations.

6. “Computer services” means computer time or services, including data processing services, internet services, electronic mail services, electronic message services, or information or data stored in connection therewith.

7. “Computer software” means a set of computer programs, procedures, and associated documentation concerned with computer data or with computer operation, a computer program, or a computer network.

8. “Electronic mail service provider” means a person who does either of the following:

a. Is an intermediary in sending or receiving electronic mail.

b. Provides to end users of electronic mail services the ability to send or receive electronic mail.

9. “Encryption” means the enciphering of intelligible data into unintelligible form or the deciphering of unintelligible data into intelligible form.

10. “Owner” means an owner or lessee of a computer or a computer network or an owner, lessee, or licensee of computer data, a computer program, or computer software.

11. “Person” means the same as defined in section 4.1.

12. “Property” means all of the following:

a. Real property.

b. Computers, computer equipment, computer networks, and computer services.

c. Financial instruments, computer data, computer programs, computer software, and all other personal property regardless of whether they are any of the following:

(1) Tangible or intangible.

(2) In a format readable by humans or by a computer.

(3) In transit between computers or within a computer network or between any devices which comprise a computer.

(4) Located on any paper or in any device on which it is stored by a computer or by a person.

13. “Uses” means, when referring to a computer or computer network, causing or attempting to cause any of the following:

a. A computer or computer network to perform or to stop performing computer operations.

b. The withholding or denial of the use of a computer, computer network, computer program, computer data, or computer software to another user.

c. A person to put false information into a computer.

2005 Acts, ch 123, §1

 

716A.2 Transmission of unsolicited bulk electronic mail — criminal penalties.

1. A person who does any of the following is guilty of an aggravated misdemeanor:

a. Uses a computer or computer network with the intent to falsify or forge electronic mail transmission information or other routing information in any manner in connection with the transmission of unsolicited bulk electronic mail through or into the computer network of an electronic mail service provider or its subscribers.

b. Knowingly sells, gives, or otherwise distributes or possesses with the intent to sell, give, or otherwise distribute computer software that does any of the following:

(1) Is primarily designed or produced for the purpose of facilitating or enabling the falsification of electronic mail transmission information or other routing information.

(2) Has only limited commercially significant purpose or use other than to facilitate or enable the falsification of electronic mail transmission information or other routing information.

(3) Is marketed by that person acting alone or with another for use in facilitating or enabling the falsification of electronic mail transmission information or other routing information.

2. A person is guilty of a class “D” felony for committing a violation of subsection 1 when either of the following apply:

a. The volume of unsolicited bulk electronic mail transmitted exceeds ten thousand attempted recipients in any twenty-four-hour period, one hundred thousand attempted recipients in any thirty-day time period, or one million attempted recipients in any twelve-month time period.

b. The revenue generated from a specific unsolicited bulk electronic mail transmission exceeds one thousand five hundred dollars or the total revenue generated from all unsolicited bulk electronic mail transmitted to any electronic mail service provider by the person exceeds fifty thousand dollars.

3. A person is guilty of a class “D” felony if the person knowingly hires, employs, uses, or permits a person less than eighteen years of age to assist in the transmission of unsolicited bulk electronic mail in violation of subsection 2.

4. Transmission of electronic mail from an organization to a member of the organization shall not be a violation of this section.

2005 Acts, ch 123, §2; 2019 Acts, ch 140, §24

 

716A.3 Sale or offer for direct sale of prescription drugs — criminal penalties.

1. The retail sale or offer of direct retail sale of a prescription drug, as defined in section 155A.3, through the use of electronic mail or the internet by a person other than a licensed pharmacist, physician, dentist, optometrist, podiatric physician, or veterinarian is prohibited.

A person who violates this subsection is guilty of a simple misdemeanor.

2. a. A person who knowingly sells an adulterated or misbranded drug through the use of electronic mail or the internet is guilty of a class “D” felony.

b. If the death of a person occurs as the result of consuming a drug, as defined in section 155A.3, sold in violation of this subsection, the violation is a class “B” felony.

2005 Acts, ch 123, §3; 2013 Acts, ch 90, §197

 

716A.4 Use of encryption — criminal penalty.

A person who willfully uses encryption to further a violation of this chapter is guilty of an offense which is separate and distinct from the predicate criminal activity and punishable as an aggravated misdemeanor.

2005 Acts, ch 123, §4

 

716A.5 Venue for criminal violations.

For the purpose of venue, a violation of this chapter shall be considered to have been committed in any county in which any of the following apply:

1. An act was performed in furtherance of any course of conduct which violated this chapter.

2. The owner has a place of business in the state.

3. An offender has control or possession of any proceeds of the violation, or of any books, records, documents, property, financial instrument, computer software, computer program, computer data, or other material or objects used in furtherance of the violation.

4. Access to a computer or computer network was made by wires, electromagnetic waves, microwaves, or any other means of communication.

5. The offender resides.

6. A computer which is an object or an instrument of the violation is located at the time of the alleged offense.

2005 Acts, ch 123, §5

 

716A.6 Civil relief — damages.

1. A person who is injured by a violation of this chapter may bring a civil action seeking relief from a person whose conduct violated this chapter and recover any damages incurred including loss of profits, attorney fees, and court costs.

2. A person who is injured by the transmission of unsolicited bulk electronic mail in violation of this chapter may elect, in lieu of actual damages, to recover either of the following:

a. The lesser of ten dollars for each unsolicited bulk electronic mail message transmitted in violation of this chapter, or twenty-five thousand dollars per day the messages are transmitted by the violator.

b. One dollar for each intended recipient of an unsolicited bulk electronic mail message where the intended recipient is an end user of the electronic mail service provider, or twenty-five thousand dollars for each day an attempt is made to transmit an unsolicited bulk electronic mail message to an end user of the electronic mail service provider.

3. a. A violation of this chapter is a violation of section 714.16, subsection 2, paragraph “a”. All the powers conferred upon the attorney general to accomplish the objectives and carry out the duties prescribed pursuant to section 714.16 are also conferred upon the attorney general to enforce this chapter, including, but not limited to, the power to issue subpoenas, adopt rules which shall have the force of law, and seek injunctive relief and civil penalties.

b. In seeking reimbursement pursuant to section 714.16, subsection 7, from a person who has committed a violation of this chapter, the attorney general may seek an order from the court that the person pay to the attorney general on behalf of consumers the amounts for which the person would be liable under subsection 1 or 2, for each consumer who has a cause of action pursuant to this section. Section 714.16, as it relates to consumer reimbursement, shall apply to consumer reimbursement pursuant to this section.

4. At the request of any party to an action brought pursuant to this section, the court may, in its discretion, conduct all legal proceedings in such a way as to protect the secrecy and security of the computer, computer network, computer data, computer program, and computer software involved in order to prevent possible recurrence of the same or a similar act by another person, and to protect any trade secrets of any party and in such a way as to protect the privacy of nonparties who complain about violations pursuant to this section.

5. This section shall not be construed to limit a person’s right to pursue any additional civil remedy otherwise allowed by law.

6. An action brought pursuant to this section shall be commenced before the earlier of five years after the last act in the course of conduct constituting a violation of this chapter or two years after the injured person discovers or reasonably should have discovered the last act in the course of conduct constituting a violation of this chapter.

7. Personal jurisdiction may be exercised over any person who engages in any conduct in this state governed by this chapter.

8. The injured person shall not have a cause of action against the electronic mail service provider that merely transmits the unsolicited bulk electronic mail over its computer network.

2005 Acts, ch 123, §6

 

716A.7 Forfeitures for violations of chapter.

All property, including all income or proceeds earned but not yet received from a third party as a result of a violation of this chapter, used in connection with a violation of this chapter, known by the owner thereof to have been used in violation of this chapter, shall be subject to seizure and forfeiture pursuant to chapter 809A.

2005 Acts, ch 123, §7

 

For more information, see here:  https://www.legis.iowa.gov/publications/search#advanced

 

These materials were obtained directly from the State Legislative websites and are posted here for your review and reference only.  No Claim to Original State Government Works.  This may not be the most recent version.  The State may have more current information.  We make no guarantees or warranties about the accuracy or completeness of this information, or the information linked to.  Please check the linked sources directly.

Download: 
AttachmentSize
PDF icon iowa_electronic_mail_716a.pdf57.43 KB

These materials were obtained directly from the U.S. Federal Government public websites, U.S. State Government public websites, or the International Government public websites and are posted here for your review and reference only. No Claim to Original U.S. Government Works, Original U.S. State Government Works, or Original International Government Works. This information may not be the most recent version. The U.S. Government, U.S. States, or International Governments may have more current information. We make no guarantees or warranties about the accuracy or completeness of this information, or the information linked to. Please check the linked sources directly.