Search

Newsletter

Get our latest updates. Sign up with your email.

Popular Posts

Microsoft To Continue Legal Strike Against Richter

2 min read
1 views
Microsoft To Continue Legal Strike Against Richter

Microsoft’s Persistent Legal Campaign Against Scott Richter

Microsoft Corp. has entered a second round of legal action against Scott Richter, the chief executive of OptInRealBig.com, LLC. The company’s lawyers are arguing that Richter’s business model continues to violate state fraud statutes, despite a prior settlement that was still pending court approval. In March 2023, the company filed new complaints in both New York and Washington state, citing the same allegations that first surfaced in December when a lawsuit was filed by New York Attorney General Eliot Spitzer.

Richter has earned a notorious reputation in the spam‑tracking community, being listed as the world’s third‑largest spammer by the Register of Known Spam Operations (ROKSO). ROKSO, which is hosted on the well‑known anti‑spam platform Spamhaus, assigns a numerical score to senders based on their volume, persistence, and the nature of their email campaigns. The score for OptInRealBig.com tops 90, placing it alongside the most aggressive commercial spammers in the United States. Microsoft’s attorneys point out that the company’s continued use of aggressive mailing lists has caused measurable damage to legitimate businesses and to the email ecosystem at large.

In the newest filing, Microsoft’s internet safety enforcement attorney, Aaron Kornblum, reiterated the company’s stance that the settlement reached with Spitzer was “necessary to protect consumers and businesses from illegal spamming.” Kornblum described the settlement as containing “strong requirements designed to prevent illegal spamming.” Microsoft also maintained that its anti‑spam enforcement measures have had a demonstrable negative financial impact on spammers, including Richter. The company’s spokesperson emphasized that Microsoft is “not looking to settle but to see that the laws are enforced in a meaningful way.”

While the previous settlement was signed in 2022, the court has not yet granted approval. The settlement stipulates that Richter must comply with a range of conduct restrictions, including a prohibition on sending unsolicited commercial email, an obligation to honor opt‑out requests within a specific time frame, and the implementation of an internal compliance audit. Microsoft’s latest complaint asserts that Richter has failed to adhere to these conditions, thereby warranting renewed legal action. The company claims that, as a result of Richter’s non‑compliance, consumers continue to receive unwanted emails and that the business continues to accrue revenue through the same dubious practices that the settlement was intended to eliminate.

The legal battle also touches on broader questions about the effectiveness of state‑level anti‑spam laws in the digital age. Microsoft has long argued that its policies against phishing and other cyber threats must be backed by enforceable statutes that hold senders accountable. The company’s insistence on continuing the lawsuit underscores its belief that the legal system is still the most reliable tool for curbing large‑scale spam operations. By re‑filing the complaint, Microsoft aims to send a clear message that it will not let any entity evade the consequences of violating consumer protection laws, even if they try to do so through settlement loopholes or technical compliance measures that fall short of the law’s intent.

In short, Microsoft’s continued legal push against Richter reflects the company’s broader strategy of defending its users from aggressive email marketing. It also highlights a critical point in the ongoing debate over how to regulate the rapidly evolving digital advertising landscape, especially when large senders exploit loopholes in existing legislation.

Microsoft vs Richter' /> <h2>Settlement Status and Court Approval Requirements</h2> <p>The settlement that Microsoft and Richter reached with New York Attorney General Eliot Spitzer was signed in early 2022, but it remains in a pending state until a federal judge issues formal approval. The settlement document, which was made public through the court docket, outlines a series of conditions that Richter must meet to avoid further litigation. Among these conditions, Richter is required to cease all unsolicited commercial email campaigns, to maintain a verifiable opt‑out mechanism that complies with the CAN‑SPAM Act, and to provide monthly reports to the state attorney general’s office detailing his compliance status.</p> <p>One of the settlement’s most controversial aspects is the requirement that Richter undergo a “conduct restrictions” program. The program involves a mandatory training course on consumer protection laws, an external audit by a certified compliance firm, and a strict monitoring regime that follows every email sent by OptInRealBig.com. Microsoft’s attorneys have been quick to point out that Richter’s previous attempts at compliance - such as offering a simple “unsubscribe” link - were superficial and did not address the underlying problem of sending large volumes of unsolicited emails. The court’s pending approval hinges on Richter’s ability to demonstrate a tangible shift in business practices.</p> <p>Meanwhile, Microsoft’s legal team has filed a motion requesting a new hearing to review Richter’s progress. In that motion, Aaron Kornblum emphasized that the settlement’s “conduct restrictions” are designed to create a permanent change in how Richter operates. He argued that Richter’s past behavior, coupled with the lack of substantive changes, creates a high risk of continued violations. Microsoft’s complaint cites specific instances where Richter’s emails were found on Spamhaus blacklist updates following the settlement. The company also highlights that, despite the settlement, Richter’s emails continued to land in spam folders for millions of subscribers who had explicitly opted out in the past year.</p> <p>The court’s review process involves a thorough examination of Richter’s compliance logs, email delivery metrics, and any third‑party audit reports. In order to secure approval, Richter must submit a detailed compliance plan that addresses each of the settlement’s provisions. The plan must be approved by the court, which means it must demonstrate that the restrictions are enforceable, specific, and measurable. Microsoft’s attorneys have made it clear that they will not allow the settlement to be considered “satisfied” until these conditions are fully met. The court’s decision will set a precedent for how settlements involving spam and email fraud are enforced in the future.</p> <p>In addition to the legal implications, the settlement’s pending status has business consequences for OptInRealBig.com. Until the court approves the settlement, Richter remains legally exposed to both civil and criminal penalties. The company’s public image is also at risk, as potential partners and clients become wary of associating with a firm that has not proven its commitment to ethical marketing practices. Microsoft’s legal campaign aims to accelerate the settlement’s approval process and ensure that Richter complies fully, thereby protecting consumers and maintaining the integrity of the email market.</p> <p>Ultimately, the settlement’s pending approval is a pivotal moment in this legal saga. Microsoft’s insistence on enforcing the settlement’s terms underscores the company’s broader mission to protect users from spam while also signaling that settlements can only be considered valid when they result in real, enforceable changes to a defendant’s business model.</p> <h2>CAN‑SPAM Compliance and the Legal Landscape</h2> <p>The CAN‑SPAM Act of 2003 established a federal framework for commercial email, setting rules around message content, opt‑out mechanisms, and sender identification. Since its enactment, the act has become the standard reference point for both regulators and businesses that send marketing emails. Microsoft’s lawsuits against Richter highlight the ongoing debate over whether state-level fraud laws, such as the New York Consumer Fraud Act, provide stronger enforcement power than the federal law. The company’s attorneys argue that the state laws cover a broader range of deceptive practices, including those that the CAN‑SPAM Act does not explicitly address.</p> <p>Richter’s defense centers on the claim that his email campaigns are CAN‑SPAM compliant. In an interview with PCWorld, he asserted that “all our messages are CAN‑SPAM compliant. We honor opt‑out requests. We take what we do very seriously.” While the statement appears to satisfy the letter of the law, Microsoft’s legal team counters that the act’s compliance requirement goes beyond mere opt‑out links. The act mandates that commercial emails include a clear and unambiguous way to opt out, a legitimate physical address, and a truthful subject line. Microsoft’s attorneys point to the repeated appearance of OptInRealBig.com on Spamhaus blacklist updates as evidence that the company’s email content often violates these provisions, even if the company believes it is compliant.</p> <p>The legal landscape surrounding spam is further complicated by the fact that many spam operations use “gray‑mail” tactics - emails that are technically compliant with the act’s wording but are designed to deceive recipients. In these cases, the court has sometimes leaned on state fraud laws to hold senders accountable. The current lawsuit uses that precedent, arguing that Richter’s practices amount to fraud and misrepresentation, which the CAN‑SPAM Act does not directly cover. Microsoft’s case demonstrates how companies can rely on a multi‑layered regulatory approach to pursue more stringent enforcement when federal law appears insufficient.</p> <p>On the other hand, state regulators have begun to take a more active role in enforcing email compliance. The New York Attorney General’s office has increased its focus on digital advertising, and its recent action against Richter shows that state agencies can collaborate with large technology firms to target spam operations. The settlement also highlights the role that third‑party data services, such as Spamhaus, play in the enforcement process. Spamhaus’s real‑time blacklist updates serve as a public record of non‑compliant senders, and the data it collects can be used in court filings to demonstrate patterns of wrongdoing.</p> <p>For marketers and email practitioners, the Microsoft vs. Richter case underscores the importance of not only meeting the minimum legal requirements of CAN‑SPAM but also implementing robust internal controls that ensure compliance over time. This includes maintaining accurate opt‑out logs, performing regular content reviews, and ensuring that all email traffic is monitored against blacklists. The case also serves as a reminder that failure to comply can result in civil lawsuits, settlement costs, and court-ordered compliance programs that may be costly to implement.</p> <p>Beyond the immediate legal consequences, the case has implications for the broader email marketing ecosystem. The legal actions taken by Microsoft, coupled with state-level enforcement, set a higher bar for ethical email practices. They also create an environment where compliance is not merely a checkbox but an ongoing process that involves cooperation between industry players, regulators, and consumer advocacy groups. The settlement’s pending approval, in particular, will be closely watched by businesses to see how enforceable compliance programs are structured and how they can be integrated into day‑to‑day operations.</p> <h2>Richter’s Defense and Business Strategy</h2> <p>In response to the legal pressure, Scott Richter has positioned himself as a business that follows the law and values consumer choice. In an interview with PCWorld, he explained that settling with Spitzer “was cheaper than spending millions of dollars fighting a lawsuit for years.” This statement reflects a classic risk‑management calculation: paying a settlement fee is often more predictable than enduring a prolonged legal battle with uncertain outcomes. However, the settlement’s conditions - particularly the conduct restrictions - seem to have been designed to prevent Richter from resuming his previous practices, which could create a new cycle of litigation if he failed to comply.</p> <p>Richter’s public narrative also focuses on the company’s commitment to “honor opt‑out requests.” While this aligns with the letter of CAN‑SPAM, Microsoft’s allegations that Richter’s emails continue to bypass opt‑out requests suggest a disconnect between policy and practice. In a press release, Microsoft’s Aaron Kornblum noted that Richter’s emails were still arriving in spam folders even after recipients clicked “unsubscribe.” The fact that the company’s own data, as reported by Spamhaus, shows that OptInRealBig.com remains on their blacklist indicates that the compliance measures in place are not effective. This disconnect has fueled speculation that Richter’s email operations may be operating under a façade of compliance while still exploiting loopholes for revenue generation.</p> <p>From a strategic standpoint, Richter has historically relied on high-volume email campaigns that target mass audiences, often with questionable list‑building practices. The settlement’s conduct restrictions force him to re‑evaluate this approach. The required internal audit and external compliance firm oversight mean that Richter’s company will need to establish new processes for building and maintaining email lists, ensuring that all contacts are opt‑in and that opt‑out mechanisms are functional. The legal risk of non‑compliance is significant: failure to meet the settlement’s requirements could trigger civil penalties, injunctions, and potentially criminal charges under state fraud statutes.</p> <p>In addition to the legal risk, the settlement could affect OptInRealBig.com’s bottom line. By shifting from aggressive spam tactics to a more regulated approach, the company may lose some of its most lucrative revenue streams. On the other hand, compliance could open new opportunities for partnership with reputable companies that require stringent email standards. However, this would require a significant cultural shift within the organization, moving away from a purely volume‑driven model to a data‑driven, compliance‑centric strategy.</p> <p>Richter has also pointed to the lack of transparency in how email compliance is measured. While Spamhaus provides a blacklist, it does not offer a clear benchmark for what constitutes a “clean” sender. Richter’s defense has highlighted that the company’s compliance is in line with the industry’s standard practices, even if they fall short of the court’s interpretation. This argument underscores a broader industry debate about whether compliance should be measured against a set of hard, enforceable rules or a more flexible standard that takes into account the nuances of email marketing tactics.</p> <p>In the end, Richter’s strategy appears to be one of minimizing legal exposure while attempting to maintain revenue. By settling early and agreeing to conduct restrictions, he hopes to avoid a more damaging lawsuit that could lead to harsher penalties or a forced shutdown of his business. The success of this strategy, however, will hinge on his ability to genuinely transform his operations and prove to the court that he is now fully compliant with both state fraud laws and the CAN‑SPAM Act.</p> <h2>Broader Implications for the Direct Marketing Industry</h2> <p>The Microsoft vs. Richter case illustrates a growing trend in the digital advertising world: large technology firms are increasingly partnering with state regulators to hold high‑volume marketers accountable. Microsoft’s role in this case highlights how a tech giant can use its resources and legal expertise to enforce compliance in an industry that traditionally has operated in a gray area. The outcome of this lawsuit could set a precedent for how future spam operations are regulated, particularly those that rely on mass‑mailing tactics that skirt the edges of the law.</p> <p>One of the key lessons for marketers is the importance of transparent compliance processes. The settlement’s conduct restrictions forced OptInRealBig.com to document every step of its email handling practices. This level of transparency is not only beneficial for meeting legal requirements but also builds trust with consumers and potential partners. The industry will likely see an increase in the adoption of third‑party compliance audit services, as companies realize that internal checks alone may not be sufficient to satisfy regulators or avoid costly lawsuits.</p> <p>Another significant implication lies in how email lists are built and maintained. The court’s focus on opt‑out requests underscores the need for clear consent and the importance of keeping accurate records. Marketers will need to invest in tools that track opt‑ins and opt‑outs in real time, and they may have to reevaluate the data sources they use for list building. The legal pressure exerted by Microsoft and the New York Attorney General may also lead to stricter verification processes for acquiring contact lists, potentially affecting the cost structure for direct marketing agencies.</p> <p>For the broader consumer base, the case may bring about a cleaner email experience. If companies like OptInRealBig.com are forced to reduce their aggressive email tactics, consumers could see fewer unsolicited messages. The increased scrutiny could also encourage the adoption of better anti‑spam technologies by ISPs and email providers, making it harder for spammers to bypass filters. As a result, the overall spam ecosystem may see a gradual decline in volume, which could be a positive development for both consumers and legitimate marketers.</p> <p>From a regulatory standpoint, the Microsoft lawsuit is an example of how state and federal agencies can collaborate to address digital misconduct. The partnership between Microsoft’s legal team and the New York Attorney General’s office demonstrates that private companies can play a proactive role in enforcing consumer protection laws. This collaborative model may be replicated in other jurisdictions, leading to a more unified approach to combating spam and other email‑based fraud.</p> <p>In terms of future industry dynamics, companies that can demonstrate robust compliance programs are likely to gain a competitive advantage. As consumers become more wary of email marketing, businesses that invest in ethical practices may attract higher engagement rates. Moreover, the legal risks associated with non‑compliance could drive a wave of consolidation, as smaller or less compliant marketers are either forced to adapt or exit the market. This could lead to a more mature direct marketing sector, where best practices are codified and enforced through both regulatory and market mechanisms.</p> <p>Ultimately, the Microsoft vs. Richter case serves as a cautionary tale for any company that relies on high‑volume email campaigns. It shows that the legal and reputational costs of non‑compliance can outweigh the short‑term gains from aggressive marketing tactics. For those in the industry, the case is a reminder that sustainability in direct marketing requires a solid foundation of ethical practices and regulatory awareness.</p> </div> <script> (function() { function initCopyableSections() { document.querySelectorAll('.article-content .copyable-section').forEach(function(section) { if (section.querySelector('.copyable-section__btn')) return; var btn = document.createElement('button'); btn.type = 'button'; btn.className = 'copyable-section__btn'; btn.setAttribute('aria-label', 'Copy to clipboard'); var label = section.getAttribute('data-copy-label'); btn.textContent = label ? 'Copy ' + label : 'Copy'; section.appendChild(btn); btn.addEventListener('click', function() { var contentEl = section.querySelector('.copyable-section__content'); var text; if (contentEl) { text = contentEl.textContent.trim(); } else { var clone = section.cloneNode(true); var btnClone = clone.querySelector('.copyable-section__btn'); if (btnClone) btnClone.parentNode.removeChild(btnClone); text = clone.textContent.trim(); } if (!text) return; navigator.clipboard.writeText(text).then(function() { var t = btn.textContent; btn.textContent = 'Copied!'; btn.classList.add('copied'); setTimeout(function() { btn.textContent = t; btn.classList.remove('copied'); }, 2000); }); }); }); } if (document.readyState === 'loading') { document.addEventListener('DOMContentLoaded', initCopyableSections); } else { initCopyableSections(); } })(); </script> <!-- Tags --> <div class=

Tags

Suggest a Correction

Found an error or have a suggestion? Let us know and we'll review it.

Share this article

Comments (0)

Please sign in to leave a comment.

No comments yet. Be the first to comment!

Related Articles

Latest News