How to sue a British spammer

Biting back

Chartered engineer Nigel Roberts became the first person to win a court judgment over a company's breach of the UK's anti-spam law late last year. His success received widespread media coverage – and now he's encouraging others to do the same.

Roberts sued Media Logistics (UK) Ltd, a marketing firm based in Falkirk, Scotland, for sending him unsolicited emails about contract car hire and fax broadcasting businesses.

The judge's ruling is unlikely to influence future courts: it was an undefended Small Claims action – the simplest procedure in the English court system, which can be used by anyone without legal representation. The judge expressed no opinion on the merits of Roberts' claim, and the question of damages was never addressed because Media Logistics settled with Roberts before a scheduled damages hearing took place.

But even if it sets no precedent, the action was surely a rare victory in the spam wars.

Media Logistics has suffered negative publicity from national coverage by BBC News, ITN News, Channel 4, The Times, The Guardian,The Independent, Daily Mirror, The Sun and overseas publications. Now Roberts is working on a kit that will make it easy for others to sue British spammers.

Roberts has shared his proof of concept with OUT-LAW – all correspondence between himself and Media Logistics, the company's solicitors and the court documents. He plans to make the necessary lawsuit tools publicly available from his own Spam Legal Action website.

The complaint

Roberts received an email to his private email address on 8 August 2005 from Media Logistics that promoted a website selling contract car hire services. It wasn't the first he'd received from the company, but it was the one that provoked his action. He wrote to the company that day, complaining that the email had been sent in breach of the law. Roberts wrote that he had never had any dealings with the company and had never given his consent to receive marketing emails from them. The email, therefore, breached the Privacy & Electronic Communications Regulations of 2003.

He demanded four things to prevent him suing: an apology; details of who provided his personal information to Media Logistics; details of all personal information held by the company and damages to compensate his losses. He pointed out that spam such as this had forced him to incur the cost of email filtering services.

The company replied: "Media Logistics (UK) Ltd apologises for any distress or inconvenience caused by the email sent to you…" – but it refused to name the supplier of the email address and refused to pay damages to Roberts, instead offering to donate £50 to a charity of his choosing. It also said the personal information held about Roberts was limited to his email address and that this had been deleted.

Who provided the email address?

An exchange of correspondence followed. Roberts asserted his rights under the Data Protection Act, asking to see all the data held about him, which would include the identity of its supplier. He also pointed out that he had not requested the deletion of his data – and that the Information Commissioner would surely frown upon a company deleting data rather than complying with the exercise of a request for sight of the data, as provided for in the Act.

Roberts, who lives in Alderney in the Channel Islands but comes from the Colchester area, sued in Colchester County Court on 23 August 2005. He alleged breaches of the Privacy & Electronic Communications Regulations and of the Data Protection Act. He said the actions of Media Logisitcs caused annoyance and nuisance, inconvenience and expense – including interference with the proper functioning of his email, the need for additional disk storage and a subscription to, delay in his receipt of legitimate email, and time wasted sorting legitimate email from junk. Roberts requested damages but did not specify a sum at this stage.

On 19 October, the court ruled in favour of Roberts. Media Logistics did not appear in court to defend the action. A damages hearing was scheduled for January 2006. Settlement negotiations took place by mail, but Roberts still wanted to know how the company got his email address. Eventually, after refusals and misinformation, the source of the data was revealed, by Media Logistics' solicitors: a company called Vserve Limited. That company was dissolved in 2004.

The solicitors explained why his email address had been used: "Our client assumed in good faith that it was a business email address and, therefore, our client deemed it reasonable to market its services to you."

If it were a company email address, it is true that the company's activity would escape the reach of the 2003 Regulations. But, like many email addresses, there was no way to tell from Roberts' address in isolation whether it was a home or business address.

Roberts pointed out by reply that, if this argument was true, the person dealing with the complaint at Media Logistics might have expressed it sooner. "I simply don't believe him," he wrote of the individual handling the complaint within Media Logistics. Roberts described it as "simply a transparent attempt to justify his spamming activity".


Roberts suspected that Media Logistics had simply acquired a "spam CD" with a list of addresses and nothing else. He rejected an offer of £100 and said he would settle for £270 plus his £30 court fee. The company paid up and the damages hearing was cancelled.

Some commentators have asked why Roberts settled once he had a court ruling in his favour. But the most he could have received in the January hearing was £300 plus his expenses of £30. When a claim is brought in a County Court, the filing fee depends on the sum sued for. The cheapest claim to file costs £30 – but this only works for sums claimed up to £300.

If you pay £120 when filing a Small Claim, you can sue for up to £5,000. But you may not get that much – even if you do win the case – and it seems unlikely that Roberts could have won such a sum in the circumstances of his claim.

Roberts told OUT-LAW, “I could have claimed for an 'unspecified amount not exceeding £5000' and paid the higher fee, I guess, but since it was just a couple of spam emails I thought I'd see how the Small Claims track and a defendant coped with a claim under the 2003 Regulations.”

The 2003 Regulations required him to show damage – and to sue for compensation for that damage, not for damage caused by other spammers. Media Logistics did not take the opportunity to argue on damages: it could have admitted liability and claimed that damages should be nil. Its obvious argument would be that there is no quantifiable loss and that it should not be held liable for Roberts' spam-filtering costs.

Struan Robertson, editor of OUT-LAW.COM and a technology lawyer with Pinsent Masons, the law firm behind OUT-LAW, said: "Mr Roberts was right to settle after winning his judgment. If a damages hearing took place in court, he may have won some compensation – but there was a real risk that he would receive nothing at all because proving loss caused by spam and attributing that loss to one spammer would be very difficult."

Robertson believes the settlement figure of £300 holds no significance for future court cases – "although it hopefully sends a strong warning to companies that get email marketing wrong", he said.

Roberts concluded: "This is a small victory. But perhaps some spammers will now start to realise that people in Europe won't tolerate their email inboxes being filled with unwanted junk."

Spam must originate in the UK for someone to sue under the UK regulations, although there are equivalent laws across the EU (the Dutch privacy regulator has fined spammers as much as €27,500). Roberts did not approach the British regulator – the Information Commissioner – who would have to order Media Logistics to stop sending spam and then await a breach of that order before the company could be fined in a British court.

What Roberts hopes is that others will follow his lead and, where possible, use the toolkit he is preparing to make freely available at his website to take matters into their own hands and fight back against spammers.

Copyright © 2006,

OUT-LAW.COM is part of international law firm Pinsent Masons.

Other stories you might like

  • You need to RTFM, but feel free to use your brain too
    But I was only following the procedures!

    Who, Me? Monday is here, and with it a warning that steadfast determination to ignore instructions might not be such a silly thing after all. Welcome to Who, Me?

    Today's story comes from a reader Regomized as "Sam" and takes us back to his first proper IT job following his departure from the education system.

    Sam found himself on the mainframe operations team for a telecommunications company. The work was, initially, pretty manual stuff. The telco wasn't silly, and had its new recruits start by performing offline duties, such as gathering tapes and job tickets for batch runs, handling payslips, "basically anything involving a bit of leg work," he told us.

    Continue reading
  • Tropical island paradise ponders tax-free 'Digital Nomad Visa'
    Live and work in Bali, pay tax at home

    The government of Indonesia has once again raised the idea of creating a "digital nomad visa" that would allow foreign workers to live and work in the tropical paradise of Bali, tax free, for five years.

    The idea was raised before the COVID-19 pandemic, but understandably shelved as borders closed and the prospect of any digital nomads showing up dropped to zero.

    But in recent interviews Sandiaga Uno, Indonesia's minister for Tourism and the Creative Economy, said the visa was back on the drawing board.

    Continue reading
  • Small in Japan: Hitachi creates its own (modest) cloud
    VMware-powered sovereign cloud not going to challenge hyperscalers, but probably won't be the last such venture

    Hitachi has taken a modest step towards becoming a public cloud provider, with the launch of a VMware-powered cloud in Japan that The Register understands may not be its only such venture.

    The Japanese giant has styled the service a "sovereign cloud" – a term that VMware introduced to distinguish some of its 4,000-plus partners that operate small clouds and can attest to their operations being subject to privacy laws and governance structures within the nation in which they operate.

    Public cloud heavyweights AWS, Azure, Google, Oracle, IBM, and Alibaba also offer VMware-powered clouds, at hyperscale. But some organizations worry that their US or Chinese roots make them vulnerable to laws that might allow Washington or Beijing to exercise extraterritorial oversight.

    Continue reading
  • Beijing probes security at academic journal database
    It's easy to see why – the question is, why now?

    China's internet regulator has launched an investigation into the security regime protecting academic journal database China National Knowledge Infrastructure (CNKI), citing national security concerns.

    In its announcement of the investigation, the China Cyberspace Administration (CAC) said:

    Continue reading
  • Cerebras sets record for 'largest AI model' on a single chip
    Plus: Yandex releases 100-billion-parameter language model for free, and more

    In brief US hardware startup Cerebras claims to have trained the largest AI model on a single device powered by the world's largest Wafer Scale Engine 2 chip the size of a plate.

    "Using the Cerebras Software Platform (CSoft), our customers can easily train state-of-the-art GPT language models (such as GPT-3 and GPT-J) with up to 20 billion parameters on a single CS-2 system," the company claimed this week. "Running on a single CS-2, these models take minutes to set up and users can quickly move between models with just a few keystrokes."

    The CS-2 packs a whopping 850,000 cores, and has 40GB of on-chip memory capable of reaching 20 PB/sec memory bandwidth. The specs on other types of AI accelerators and GPUs pale in comparison, meaning machine learning engineers have to train huge AI models with billions of parameters across more servers.

    Continue reading
  • Zendesk sold to private investors two weeks after saying it would stay public
    Private offer 34 percent above share price is just the thing to change minds

    Customer service as-a-service vendor Zendesk has announced it will allow itself to be acquired for $10.2 billion by a group of investors led by private equity firm Hellman & Friedman, investment company Permira, and a wholly-owned subsidiary of the Abu Dhabi Investment Authority.

    The decision is a little odd, in light of the company's recent strategic review, announced on June, which saw the board unanimously conclude "that continuing to execute on the Company's strategic plan as an independent, public company is in the best interest of the Company and its stockholders at this time."

    That process saw Zendesk chat to 16 potential strategic partners and ten financial sponsors, including a group of investors who had previously expressed conditional interest in acquiring the company. Zendesk even extended its discussions with some parties but eventually walked away after "no actionable proposals were submitted, with the final bidders citing adverse market conditions and financing difficulties at the end of the process."

    Continue reading

Biting the hand that feeds IT © 1998–2022