I received the question yet again today: Who's been sued under CAN-SPAM? Let's take a look and see what our good friend, the Internet, has to say on the subject:
Just last month, Earthlink won an $11 million judgement against a Nevada-based Internet marketing company called KSTM. EarthLink claimed in the lawsuit that the company used false and misleading header information in its emails, explicitly alleging that KSTM violated CAN-SPAM.
San Francisco-based Jumpstart Technologies was fined $900,000 by the Federal Trade Commission in March 2006, for violating CAN-SPAM. The FTC says that Jumpstart sent commercial emails with false or misleading headers, and that they failed to clearly identify the messages as advertising. The FTC also indicated that Jumpstart did not process opt-out requests in the timeframe required by law, nor did they clearly inform recipients that they could opt out of receiving emails. Even worse, Jumpstart was accused by the FTC of disguising its commercial advertisements as personal messages.
In January, 2006 Christopher William Smith was ordered to pay more than $5 million in penalties and legal fees to AOL, a federal judge ruled. AOL spokesman Nicholas Graham said Smith "was the poster child for the CAN-SPAM Act." Smith's emails advertised things like Viagra, porn, and cable TV descramblers. According to this article, as of March, 2006, he's in prison in Minnesota, where he has apparently earned the nickname "Crybaby." Ouch.
In 2004, Internet service provider (ISP) Hypertouch.com sued BlueStream Media and BVWebTies LLC, owner of BobVila.com, alleging that they violated CAN-SPAM by sending Hypertouch and its customers unsolicited email ads. As of the end of 2005, Hypertouch, BlueStream Media and BVWebTies (BobVila.com) appear to have resolved the suit. The website states, "The parties continue to disagree as to the merits of the lawsuit, although all parties agree that BobVila.com was informed by BlueStream that BlueStream did not spam. Hypertouch had alleged that the mail in question was sent using "fake company names, fake addresses, and false headers." The site further states that "the preliminary settlement agreement requires BlueStream to 'use either an actual company name or an individual name and an actual physical postal address in registering domain names.'"
Can't forget Scott Richter. Microsoft sued Richter in December 2003. Since CAN-SPAM took effect on January 1, 2004, I'm not sure you can count this. But, the article points out the terms of the $7 million settlement with Microsoft require that he comply with "US federal and state anti-spam laws, such as the CAN-SPAM Act." The article states that in July 2004, he settled a lawsuit brought against him by New York State Attorney General Eliot Spitzer. There again he agreed to comply with CAN-SPAM. He also was required to pay a $50,000 fine.
November 7 update: Today DMNews announced that Yesmail has settled with the FTC over allegations that the mailer continued to serve messages more than ten days after receiving an opt-out request from individual recipients. That would seem to be a clear violation of CAN-SPAM.