Section 4 of the CAN-SPAM Act of 2003 imposes misdemeanor criminal liability for certain spam-related activities. See 18 U.S.C. § 1037. According to the Senate Commerce Committee Report, this section of the Act was intended to address situations where spammers hack their way into an innocent party's email, or gain access to an innocent party's email by fraudulent means, and use the innocent party's email to send out spam. See S. Rep. No. 108-102 (2003), at 16-17.
In 2007, these criminal prohibitions were challenged in the United States District Court for the Southern District of California as being unconstitutionally vague and overbroad. See U.S. v. Twombly, 475 F. Supp. 2d 1019 (S.D. Cal. 2007). The court rejected these challenges, however, denying the defendants' motions to dismiss indictments that were based on 18 U.S.C. §§ 1037(a)(3) and (4).
In 2009, these criminal prohibitions were again challenged as being unconstitutionally vague, this time in the United States Court of Appeals for the Ninth Circuit. See U.S. v. Kilbride, 584 F.3d 1240 (9th Cir. 2009). The Ninth Circuit also held that the criminal prohibitions of 18 U.S.C. §§ 1037(a)(3) and (4) are not unconstitutionally vague. See id. at 1256-59.
The United States Sentencing Commission's directive and requirements for enforcement of these criminal prohibitions are set forth at 15 U.S.C. § 7703(b).