|
CALIFORNIA BUSINESS AND
PROFESSIONS CODE
SECTION 17538.4
As amended by Assembly Bill 1676 (1998)
(approved by Governor September 26, 1998)
17538.4. (a) No person or entity conducting business in this
state shall facsimile (fax) or cause to be faxed, or electronically
mail (e-mail) or cause to be e-mailed, documents consisting
of unsolicited advertising material for the lease, sale, rental,
gift offer, or other disposition of any realty, goods, services,
or extension of credit unless:
(1) In the case of a fax, that person or entity establishes
a toll-free telephone number that a recipient of the unsolicited
faxed documents may call to notify the sender not to fax the
recipient any further unsolicited documents.
(2) In the case of e-mail, that person or entity establishes
a toll-free telephone number or valid sender operated return
e-mail address that the recipient of the unsolicited documents
may call or e-mail to notify the sender not to e-mail any
further unsolicited documents.
(b) All unsolicited faxed or e-mailed documents subject
to this section shall include a statement informing the recipient
of the toll-free telephone number that the recipient may call,
or a valid return address to which the recipient may write
or e-mail, as the case may be, notifying the sender not to
fax or e-mail the recipient any further unsolicited documents
to the fax number, or numbers, or e-mail address, or addresses,
specified by the recipient.
In the case of faxed material, the statement shall be in
at least nine-point type. In the case of e-mail, the statement
shall be the first text in the body of the message and shall
be of the same size as the majority of the text of the message.
(c) Upon notification by a recipient of his or her request
not to receive any further unsolicited faxed or e-mailed documents,
no person or entity conducting business in this state shall
fax or cause to be faxed or e-mail or cause to be e-mailed
any unsolicited documents to that recipient.
(d) In the case of e-mail, this section shall apply when
the unsolicited e-mailed documents are delivered to a California
resident via an electronic mail service provider's service
or equipment located in this state. For these purposes "electronic
mail service provider" means any business or organization
qualified to do business in this state that provides individuals,
corporations, or other entities the ability to send or receive
electronic mail through equipment located in this state and
that is an intermediary in sending or receiving electronic
mail.
(e) As used in this section, "unsolicited e-mailed
documents" means any e-mailed document or documents consisting
of advertising material for the lease, sale, rental, gift
offer, or other disposition of any realty, goods, services,
or extension of credit that meet both of the following requirements:
(1) The documents are addressed to a recipient with whom
the initiator does not have an existing business or personal
relationship.
(2) The documents are not sent at the request of, or with
the express consent of, the recipient.
(f) As used in this section, "fax" or "cause
to be faxed" or "e-mail" or "cause to
be e-mailed" does not include or refer to the transmission
of any documents by a telecommunications utility or Internet
service provider to the extent that the telecommunications
utility or Internet service provider merely carries that transmission
over its network.
(g) In the case of e-mail that consists of unsolicited advertising
material for the lease, sale, rental, gift offer, or other
disposition of any realty, goods, services, or extension of
credit, the subject line of each and every message shall include
"ADV:" as the first four characters. If these messages
contain information that consists of unsolicited advertising
material for the lease, sale, rental, gift offer, or other
disposition of any realty, goods, services, or extension of
credit, that may only be viewed, purchased, rented, leased,
or held in possession by an individual 18 years of age and
older, the subject line of each and every message shall include
"ADV:ADLT" as the first eight characters.
(h) An employer who is the registered owner of more than
one e-mail address may notify the person or entity conducting
business in this state e-mailing or causing to be e-mailed,
documents consisting of unsolicited advertising material for
the lease, sale, rental, gift offer, or other disposition
of any realty, goods, services, or extension of credit of
the desire to cease e-mailing on behalf of all of the employees
who may use employer-provided and employer-controlled e-mail
addresses.
(i) This section, or any part of this section, shall become
inoperative on and after the date that federal law is enacted
that prohibits or otherwise regulates the transmission of
unsolicited advertising by electronic mail (e-mail).
--------------------------------------------------------------------------------
CALIFORNIA BUSINESS AND PROFESSIONS CODE
SECTION 17538.45
Added by Assembly Bill 1629 (1998)
(approved by Governor September 26, 1998)
17538.45. (a) For purposes of this section, the following
words have the following meanings:
(1) "Electronic mail advertisement" means any
electronic mail message, the principal purpose of which is
to promote, directly or indirectly, the sale or other distribution
of goods or services to the recipient.
(2) "Unsolicited electronic mail advertisement"
means any electronic mail advertisement that meets both of
the following requirements:
(A) It is addressed to a recipient with whom the initiator
does not have an existing business or personal relationship.
(B) It is not sent at the request of or with the express
consent of the recipient.
(3) "Electronic mail service provider" means any
business or organization qualified to do business in California
that provides registered users the ability to send or receive
electronic mail through equipment located in this state and
that is an intermediary in sending or receiving electronic
mail.
(4) "Initiation" of an unsolicited electronic
mail advertisement refers to the action by the initial sender
of the electronic mail advertisement. It does not refer to
the actions of any intervening electronic mail service provider
that may handle or retransmit the electronic message.
(5) "Registered user" means any individual, corporation,
or other entity that maintains an electronic mail address
with an electronic mail service provider.
(b) No registered user of an electronic mail service provider
shall use or cause to be used that electronic mail service
provider's equipment located in this state in violation of
that electronic mail service provider's policy prohibiting
or restricting the use of its service or equipment for the
initiation of unsolicited electronic mail advertisements.
(c) No individual, corporation, or other entity shall use
or cause to be used, by initiating an unsolicited electronic
mail advertisement, an electronic mail service provider's
equipment located in this state in violation of that electronic
mail service provider's policy prohibiting or restricting
the use of its equipment to deliver unsolicited electronic
mail advertisements to its registered users.
(d) An electronic mail service provider shall not be required
to create a policy prohibiting or restricting the use of its
equipment for the initiation or delivery of unsolicited electronic
mail advertisements.
(e) Nothing in this section shall be construed to limit
or restrict the rights of an electronic mail service provider
under Section 230(c)(1) of Title 47 of the United States Code,
or any decision of an electronic mail service provider to
permit or to restrict access to or use of its system, or any
exercise of its editorial function.
(f) (1) In addition to any other action available under
law, any electronic mail service provider whose policy on
unsolicited electronic mail advertisements is violated as
provided in this section may bring a civil action to recover
the actual monetary loss suffered by that provider by reason
of that violation, or liquidated damages of fifty dollars
($50) for each electronic mail message initiated or delivered
in violation of this section, up to a maximum of twenty-five
thousand dollars ($25,000) per day, whichever amount is greater.
(2) In any action brought pursuant to paragraph (1), the
court may award reasonable attorney's fees to a prevailing
party.
(3) (A) In any action brought pursuant to paragraph (1),
the electronic mail service provider shall be required to
establish as an element of its cause of action that prior
to the alleged violation, the defendant had actual notice
of both of the following:
(i) The electronic mail service provider's policy on unsolicited
electronic mail advertising.
(ii) The fact that the defendant's unsolicited electronic
mail advertisements would use or cause to be used the electronic
mail service provider's equipment located in this state.
(B) In this regard, the Legislature finds that with rapid
advances in Internet technology, and electronic mail technology
in particular, Internet service providers are already experimenting
with embedding policy statements directly into the software
running on the computers used to provide electronic mail services
in a manner that displays the policy statements every time
an electronic mail delivery is requested. While the state
of the technology does not support such a finding at present,
the Legislature believes that, in a given case at some future
date, a showing that notice was supplied via electronic means
between the sending and receiving computers could be held
to constitute actual notice to the sender for purposes of
this paragraph.
(4) A violation of this section shall not be subject to
Section 17534.
--------------------------------------------------------------------------------
CALIFORNIA PENAL CODE
SECTION 502
Added by Assembly Bill 1629 (1998)
(approved by Governor September 26, 1998)
502. (a) It is the intent of the Legislature in enacting
this section to expand the degree of protection afforded to
individuals, businesses, and governmental agencies from tampering,
interference, damage, and unauthorized access to lawfully
created computer data and computer systems. The Legislature
finds and declares that the proliferation of computer technology
has resulted in a concomitant proliferation of computer crime
and other forms of unauthorized access to computers, computer
systems, and computer data.
The Legislature further finds and declares that protection
of the integrity of all types and forms of lawfully created
computers, computer systems, and computer data is vital to
the protection of the privacy of individuals as well as to
the well-being of financial institutions, business concerns,
governmental agencies, and others within this state that lawfully
utilize those computers, computer systems, and data.
(b) For the purposes of this section, the following terms
have the following meanings:
(1) "Access" means to gain entry to, instruct,
or communicate with the logical, arithmetical, or memory function
resources of a computer, computer system, or computer network.
(2) "Computer network" means any system that provides
communications between one or more computer systems and input/output
devices including, but not limited to, display terminals and
printers connected by telecommunication facilities.
(3) "Computer program or software" means a set
of instructions or statements, and related data, that when
executed in actual or modified form, cause a computer, computer
system, or computer network to perform specified functions.
(4) "Computer services" includes, but is not limited
to, computer time, data processing, or storage functions,
or other uses of a computer, computer system, or computer
network.
(5) "Computer system" means a device or collection
of devices, including support devices and excluding calculators
that are not programmable and capable of being used in conjunction
with external files, one or more of which contain computer
programs, electronic instructions, input data, and output
data, that performs functions including, but not limited to,
logic, arithmetic, data storage and retrieval, communication,
and control.
(6) "Data" means a representation of information,
knowledge, facts, concepts, computer software, computer programs
or instructions. Data may be in any form, in storage media,
or as stored in the memory of the computer or in transit or
presented on a display device.
(7) "Supporting documentation" includes, but is
not limited to, all information, in any form, pertaining to
the design, construction, classification, implementation,
use, or modification of a computer, computer system, computer
network, computer program, or computer software, which information
is not generally available to the public and is necessary
for the operation of a computer, computer system, computer
network, computer program, or computer software.
(8) "Injury" means any alteration, deletion, damage,
or destruction of a computer system, computer network, computer
program, or data caused by the access.
(9) "Victim expenditure" means any expenditure
reasonably and necessarily incurred by the owner or lessee
to verify that a computer system, computer network, computer
program, or data was or was not altered, deleted, damaged,
or destroyed by the access.
(10) "Computer contaminant" means any set of computer
instructions that are designed to modify, damage, destroy,
record, or transmit information within a computer, computer
system, or computer network without the intent or permission
of the owner of the information. They include, but are not
limited to, a group of computer instructions commonly called
viruses or worms, that are self-replicating or self-propagating
and are designed to contaminate other computer programs or
computer data, consume computer resources, modify, destroy,
record, or transmit data, or in some other fashion usurp the
normal operation of the computer, computer system, or computer
network.
(11) "Internet domain name" means a globally unique,
hierarchical reference to an Internet host or service, assigned
through centralized Internet naming authorities, comprising
a series of character strings separated by periods, with the
rightmost character string specifying the top of the hierarchy.
(c) Except as provided in subdivision (h), any person who
commits any of the following acts is guilty of a public offense:
(1) Knowingly accesses and without permission alters, damages,
deletes, destroys, or otherwise uses any data, computer, computer
system, or computer network in order to either (A) devise
or execute any scheme or artifice to defraud, deceive, or
extort, or (B) wrongfully control or obtain money, property,
or data.
(2) Knowingly accesses and without permission takes, copies,
or makes use of any data from a computer, computer system,
or computer network, or takes or copies any supporting documentation,
whether existing or residing internal or external to a computer,
computer system, or computer network.
(3) Knowingly and without permission uses or causes to be
used computer services.
(4) Knowingly accesses and without permission adds, alters,
damages, deletes, or destroys any data, computer software,
or computer programs which reside or exist internal or external
to a computer, computer system, or computer network.
(5) Knowingly and without permission disrupts or causes
the disruption of computer services or denies or causes the
denial of computer services to an authorized user of a computer,
computer system, or computer network.
(6) Knowingly and without permission provides or assists
in providing a means of accessing a computer, computer system,
or computer network in violation of this section.
(7) Knowingly and without permission accesses or causes
to be accessed any computer, computer system, or computer
network.
(8) Knowingly introduces any computer contaminant into any
computer, computer system, or computer network.
(9) Knowingly and without permission uses the Internet domain
name of another individual, corporation, or entity in connection
with the sending of one or more electronic mail messages,
and thereby damages or causes damage to a computer, computer
system, or computer network.
(d) (1) Any person who violates any of the provisions of
paragraph (1), (2), (4), or (5) of subdivision (c) is punishable
by a fine not exceeding ten thousand dollars ($10,000), or
by imprisonment in the state prison for 16 months, or two
or three years, or by both that fine and imprisonment, or
by a fine not exceeding five thousand dollars ($5,000), or
by imprisonment in a county jail not exceeding one year, or
by both that fine and imprisonment.
(2) Any person who violates paragraph (3) of subdivision
(c) is punishable as follows:
(A) For the first violation that does not result in injury,
and where the value of the computer services used does not
exceed four hundred dollars ($400), by a fine not exceeding
five thousand dollars ($5,000), or by imprisonment in a county
jail not exceeding one year, or by both that fine and imprisonment.
(B) For any violation that results in a victim expenditure
in an amount greater than five thousand dollars ($5,000) or
in an injury, or if the value of the computer services used
exceeds four hundred dollars ($400), or for any second or
subsequent violation, by a fine not exceeding ten thousand
dollars ($10,000), or by imprisonment in the state prison
for 16 months, or two or three years, or by both that fine
and imprisonment, or by a fine not exceeding five thousand
dollars ($5,000), or by imprisonment in a county jail not
exceeding one year, or by both that fine and imprisonment.
(3) Any person who violates paragraph (6), (7), or (8) of
subdivision (c) is punishable as follows:
(A) For a first violation that does not result in injury,
an infraction punishable by a fine not exceeding two hundred
fifty dollars ($250).
(B) For any violation that results in a victim expenditure
in an amount not greater than five thousand dollars ($5,000),
or for a second or subsequent violation, by a fine not exceeding
five thousand dollars ($5,000), or by imprisonment in a county
jail not exceeding one year, or by both that fine and imprisonment.
(C) For any violation that results in a victim expenditure
in an amount greater than five thousand dollars ($5,000),
by a fine not exceeding ten thousand dollars ($10,000), or
by imprisonment in the state prison for 16 months, or two
or three years, or by both that fine and imprisonment, or
by a fine not exceeding five thousand dollars ($5,000), or
by imprisonment in a county jail not exceeding one year, or
by both that fine and imprisonment.
(4) Any person who violates paragraph (9) of subdivision
(c) is punishable as follows:
(A) For a first violation that does not result in injury,
an infraction punishable by a fine not exceeding two hundred
fifty dollars ($250).
(B) For any violation that results in injury, or for a second
or subsequent violation, by a fine not exceeding five thousand
dollars ($5,000), or by imprisonment in a county jail not
exceeding one year, or by both that fine and imprisonment.
(e) (1) In addition to any other civil remedy available,
the owner or lessee of the computer, computer system, computer
network, computer program, or data may bring a civil action
against any person convicted under this section for compensatory
damages, including any expenditure reasonably and necessarily
incurred by the owner or lessee to verify that a computer
system, computer network, computer program, or data was or
was not altered, damaged, or deleted by the access. For the
purposes of actions authorized by this subdivision, the conduct
of an unemancipated minor shall be imputed to the parent or
legal guardian having control or custody of the minor, pursuant
to the provisions of Section 1714.1 of the Civil Code.
(2) In any action brought pursuant to this subdivision the
court may award reasonable attorney's fees to a prevailing
party.
(3) A community college, state university, or academic institution
accredited in this state is required to include computer-related
crimes as a specific violation of college or university student
conduct policies and regulations that may subject a student
to disciplinary sanctions up to and including dismissal from
the academic institution. This paragraph shall not apply to
the University of California unless the Board of Regents adopts
a resolution to that effect.
(f) This section shall not be construed to preclude the
applicability of any other provision of the criminal law of
this state which applies or may apply to any transaction,
nor shall it make illegal any employee labor relations activities
that are within the scope and protection of state or federal
labor laws.
(g) Any computer, computer system, computer network, or
any software or data, owned by the defendant, that is used
during the commission of any public offense described in subdivision
(c) or any computer, owned by the defendant, which is used
as a repository for the storage of software or data illegally
obtained in violation of subdivision (c) shall be subject
to forfeiture, as specified in Section 502.01.
(h) (1) Subdivision (c) does not apply to any person who
accesses his or her employer's computer system, computer network,
computer program, or data when acting within the scope of
his or her lawful employment.
(2) Paragraph (3) of subdivision (c) does not apply to any
employee who accesses or uses his or her employer's computer
system, computer network, computer program, or data when acting
outside the scope of his or her lawful employment, so long
as the employee's activities do not cause an injury, as defined
in paragraph (8) of subdivision (b), to the employer or another,
or so long as the value of supplies and computer services,
as defined in paragraph (4) of subdivision (b), which are
used do not exceed an accumulated total of one hundred dollars
($100).
(i) No activity exempted from prosecution under paragraph
(2) of subdivision (h) which incidentally violates paragraph
(2), (4), or (7) of subdivision (c) shall be prosecuted under
those paragraphs.
(j) For purposes of bringing a civil or a criminal action
under this section, a person who causes, by any means, the
access of a computer, computer system, or computer network
in one jurisdiction from another jurisdiction is deemed to
have personally accessed the computer, computer system, or
computer network in each jurisdiction.
(k) In determining the terms and conditions applicable to
a person convicted of a violation of this section the court
shall consider the following:
(1) The court shall consider prohibitions on access to and
use of computers.
(2) Except as otherwise required by law, the court shall
consider alternate sentencing, including community service,
if the defendant shows remorse and recognition of the wrongdoing,
and an inclination not to repeat the offense.
--------------------------------------------------------------------------------
|
