In this section

• Home
• Press office
• News archive
• Articles
• 2004
• 12

• Journalists' guide
• News archive

Talk to our experts

• Press contacts

Resources

• Sophos Podcasts
• Image gallery
• Customer case studies
• Free anti-virus
• White papers
• Awards and reviews
• Industry affiliations

Sophos blogs

• SophosLabs blog
• Graham Cluley's blog
• Paul Ducklin's blog
• Chet's blog

Info feeds

• Security news
• Company news
• More...

What are info feeds?

22 December 2004

Judge rejects guilty plea of AOL spam case suspect said to have stolen 92 million email addresses, Sophos reports

Former AOL employee Jason Smathers did not have his guilty plea accepted by the judge.

A US District Judge has refused to accept a guilty plea from Jason Smathers, the former AOL employee, suspected of having stolen 92 million email addresses from the ISP and sell their details onto spammers.

Judge Alvin Hellerstein postponed the hearing until 28 January 2005 as he was not convinced that 24-year-old Smathers had actually committed a crime under the federal CAN-SPAM legislation that took effect earlier in 2004.

It was earlier reported that Smathers had made a plea bargain agreement with prosecutors that would mean he would face a fine and up to two years in prison.

The judge, who told the court that he had cancelled his own membership of AOL after he received too much spam, said it was not clear that Smathers had been guilty of deception - a requirement of the CAN-SPAM act. He has asked government lawyers to file documents by 12 January 2005 explaining why Smathers can be prosecuted under the CAN-SPAM law, and why his conduct was deceptive and not just fraudulent.

"Everybody hates spamsters, there's no question about that," Judge Hellerstein told prosecutors. "I'm not prepared to go ahead.. I need to be independently satisfied that a crime has been created."

Lawyers for Smathers said there was a chance their client would withdraw his guilty plea altogether.

"To take effective action in the courtroom against spammers, and those who support spammers by breaking the law, the right legislation must be in place and found to be workable," said Graham Cluley, senior technology consultant for Sophos. "Although this may appear to be a strange twist in the case of the 92 million stolen email addresses, it may help clarify how best to bring to book those suspected of involvement in spamming in future."

The CAN-SPAM ("Controlling the Assault of Non-Solicited Pornography and Marketing") Act became law in the United States in January 2004, amongst much criticism that it would not be stringent enough to have an impact on the activities of many spammers.

• Bookmark with del.icio.us
• Submit this story to digg
• Submit this story to slashdot

See also:

• AOL engineer charged with selling 92 million email addresses to spammers
• White papers about spam
• Best practice advice for minimising exposure to spam
• Sophos PureMessage - protecting your email servers and gateways against spam and viruses