Criminal Predicates Under §1037

Section summarySection 1037 sets out five distinct predicate offenses. Each addresses a different mechanism for evading the civil CAN-SPAM framework: unauthorized relays, header falsification, account-registration fraud, and IP-registration fraud.

The five predicates at §1037(a):

  • Accessing a protected computer without authorization, and intentionally sending multiple commercial electronic mail messages from or through such computer.
  • Using a protected computer to relay or retransmit multiple commercial electronic mail messages, with intent to deceive or mislead recipients as to the origin.
  • Materially falsifying header information in multiple commercial electronic mail messages and intentionally initiating transmission.
  • Registering, using information that materially falsifies the identity of the actual registrant, for five or more electronic mail accounts or two or more domain names, and intentionally initiating multiple commercial messages from any combination of such accounts.
  • Falsely representing oneself as the registrant of five or more internet protocol addresses, and intentionally initiating multiple commercial messages from such addresses.

Each predicate has its own scienter and conduct elements. The government must prove the specific predicate charged, not generic CAN-SPAM noncompliance.

Volume Thresholds

Section summaryVolume drives grading. Section 1037(b) escalates the offense from a one-year misdemeanor to five-year felony based on the number of commercial messages within defined windows.

Volume grading at §1037(b):

  • More than 2,500 commercial messages in any 24-hour period.
  • More than 25,000 in any 30-day period.
  • More than 250,000 in any 1-year period.
  • Loss to one or more persons aggregating $5,000 or more in any 1-year period.
  • Obtained anything of value aggregating $5,000 or more in any 1-year period.
  • Conducted in furtherance of a felony.
  • Prior conviction under §1037 or §1030.

The volume math is the most common litigation point. Government experts typically extrapolate from sample data, log evidence, and third-party email-service provider records. Defense counsel should examine the sampling methodology and demand foundation for any extrapolation.

Materially False Headers

Section summaryHeader falsification is the most heavily litigated §1037 element. "Material" falsification means falsification capable of misleading a recipient or law enforcement as to the source of the message.

Materiality analysis:

  • "From" line — purporting to be from a sender other than the actual sender.
  • "Reply-to" line — directing replies to a different address than the source.
  • Routing information — falsifying transmission path through relays.
  • Subject line — separately regulated under §7704(a)(2).
  • Domain registration — false registrant info supporting the sending domain.

Marketing-side email teams routinely use a single sending vendor that signs messages on behalf of clients. That practice is not falsification under §1037 when properly authenticated. The criminal predicate requires falsification — typically by spoofing, hijacking, or using throwaway domains designed to evade attribution.

Civil CAN-SPAM Enforcement

Section summaryThe CAN-SPAM Act itself is the civil framework. Enforcement is primarily handled by the Federal Trade Commission under 15 U.S.C. §7706, with concurrent enforcement authority for state attorneys general and certain ISPs.

Civil enforcement features:

  • FTC administrative and judicial enforcement under §7706.
  • State attorney-general enforcement for residents.
  • Internet access service provider private right of action.
  • Statutory damages up to $250 per violation, capped.
  • Aggravated damages for willful or knowing violations.
  • No private right of action for individual consumers.

Civil and criminal enforcement frequently run in parallel. A defendant facing FTC civil action should evaluate whether the same conduct triggers §1037 exposure and coordinate counsel accordingly.

Texas Bus. & Com. Code §321

Section summaryTexas Business & Commerce Code Chapter 321 creates state-law commercial-email obligations that parallel CAN-SPAM. Coverage includes false-header prohibitions and unsubscribe requirements.

Texas Chapter 321 framework:

  • Prohibition on transmission of unsolicited commercial email with falsified header information.
  • Mandatory functioning unsubscribe mechanism.
  • Civil cause of action for ISPs.
  • Attorney General enforcement authority.
  • Statutory damages and injunctive relief available.

The Texas statute is preempted by CAN-SPAM in part, but the false-header and trespass-style provisions generally survive preemption. Counsel handling Texas-resident defendants should evaluate both federal and state exposure.

Defense Considerations

Section summaryDefenses center on volume calculations, header materiality, authorization, and the scope of "commercial" messaging. Authentication of email-server logs is often a foundation battle.

Defense angles:

  • Volume extrapolation methodology — challenge sampling and inference.
  • Authentication of mail-server logs and ISP records.
  • Materiality of header information — was the recipient actually misled.
  • Authorization defense — sender was authorized account holder.
  • Commercial-vs-transactional message classification.
  • Statute of limitations.

Transactional and relationship messages are not commercial messages under CAN-SPAM. A defendant who genuinely sent account-related correspondence — even at high volume — falls outside the framework. The line between transactional and commercial is fact-specific and frequently disputed.

Need defense counsel?

L&L Law Group, PLLC handles Computer Crimes Defense cases throughout DFW. Initial consultations are free.

Call (972) 370-5060 →

Forensic Foundation

CAN-SPAM Act Criminal Cases cases turn on digital-forensic evidence: device images, file metadata, network logs, cloud-account records, malware reverse engineering, and attribution analysis. Counsel handling a CAN-SPAM Act prosecution must engage with the forensic record at a technical level, not just legal level.

The defense's threshold task is review of the government's forensic methodology. Was the device imaged using accepted procedures? Was the image hash-verified against the original? Did the examiner have appropriate certifications? Did the analysis follow the examiner's lab's standard operating procedures? Each step in the chain produces potential challenges at hearing and trial.

Where the case turns on contested forensic findings, the defense should retain an independent examiner. The defense expert reviews the government's work, performs parallel analysis where possible, and is available to testify if needed. Funding for defense experts is available in federal cases under the Criminal Justice Act (18 U.S.C. §3006A) and in Texas indigent cases under Code of Criminal Procedure Article 26.05.

Van Buren and Authorization Screen

The Supreme Court's decision in Van Buren v. United States, 593 U.S. 374 (2021), reshaped the CFAA "exceeds authorized access" analysis. The Court held that the statute applies only where the defendant accessed an area of a computer system they were not entitled to enter at all — not where they had credentials but used them for an improper purpose. The "gates-up-or-down" inquiry asks whether the user could or could not access the specific area, not why they accessed it.

For a CAN-SPAM Act prosecution (where authorization is in issue), the defense must screen the indictment against the post-Van Buren framework. Cases built on theories that the defendant misused authorized access — rather than entering a system they had no right to enter — should be evaluated for dismissal under Van Buren. Many CFAA charges filed before 2021 survived only because the law had not yet been clarified; charges filed since must satisfy the gates-up-or-down standard.

The defense should also consider whether parallel state charges (Texas Penal Code §33.02) provide the same protection. Texas "effective consent" analysis under Chapter 1 of the Penal Code is broad. A defendant who had colorable authorization — an unrevoked password, a shared account, an implied license — has a defense to the access element under state law that runs parallel to the federal Van Buren analysis.

The CAN-SPAM Act framework and the criminal provisions

The Controlling the Assault of Non-Solicited Pornography and Marketing Act, commonly called CAN-SPAM, was enacted in 2003 and codified at 15 U.S.C. Sections 7701-7713 with criminal enforcement provisions at 18 U.S.C. Section 1037. The Act establishes a comprehensive framework for commercial email regulation including content requirements, opt-out provisions, and criminal prohibitions on specific fraud-related conduct. The criminal provisions reach the most egregious commercial email schemes including those involving fraud, identity concealment, and unauthorized access.

The criminal provisions at 18 U.S.C. Section 1037 prohibit several specific categories of conduct. Section 1037(a)(1) reaches accessing protected computers without authorization and intentionally initiating commercial electronic mail messages from or through the computer. Section 1037(a)(2) reaches using protected computers to relay or retransmit commercial electronic mail messages with the intent to deceive recipients or providers about the origin. Section 1037(a)(3) reaches materially falsifying header information in multiple commercial electronic mail messages. Section 1037(a)(4) reaches registering email accounts or domain names through false identity. Section 1037(a)(5) reaches misrepresenting the right to use IP addresses through which commercial electronic mail messages are sent.

The penalty structure varies based on the specific provision violated and the scope of the conduct. The base offenses are misdemeanors, with felony enhancement to up to five years of imprisonment for various aggravating factors including conduct involving over 2,500 messages within a 24-hour period, over 25,000 messages within a 30-day period, or over 250,000 messages within a one-year period. Conduct involving over $50,000 in obtained value triggers similar enhancement. The aggregation thresholds can produce felony exposure for spam campaigns that meet the volume requirements regardless of individual transaction characteristics.

The volume and value thresholds for felony enhancement

The volume thresholds under Section 1037(b)(2)(C) create the primary pathway to felony enhancement for typical spam operations. The 2,500-messages-in-24-hours threshold is met by most commercial spam operations that achieve any meaningful scale. The 25,000-messages-in-30-days threshold is similarly easy to meet. The 250,000-messages-in-one-year threshold reaches more sustained operations. The thresholds reflect Congressional judgment that spam operations of significant scale warrant felony treatment.

The proof of volume in CAN-SPAM cases typically depends on technical evidence from email service providers, internet service providers, and forensic analysis of the defendant systems. The evidence can establish the number of messages sent, the time periods, and the connection to the defendant. The defense should review the technical evidence carefully because the volume calculation can sometimes overstate the actual number of unique messages sent.

The value threshold for felony enhancement under Section 1037(b)(2)(B)(ii) is reached by conduct involving over $50,000 in value. The value can include revenue generated from the spam, costs imposed on victims, or other measurable financial impact. The defense should challenge the value calculation through detailed analysis of the financial flows and the methodology used to calculate the alleged value. Expert testimony can sometimes substantially affect the value calculation.

The fraud and deception elements

The CAN-SPAM criminal provisions all involve elements of fraud, deception, or unauthorized access. Section 1037(a)(1) requires unauthorized access combined with sending commercial emails. Section 1037(a)(2) requires intent to deceive about the origin of messages. Section 1037(a)(3) requires material falsification of header information. Section 1037(a)(4) requires use of false identity in account registration. Section 1037(a)(5) requires misrepresentation about IP address use rights.

The deception elements provide significant scope for defense argument. The defense can challenge whether the alleged misrepresentations were material, whether the alleged identity concealment was actually deceptive, and whether the defendant had the required mens rea for each specific provision. The Van Buren framework affects the unauthorized access element under Section 1037(a)(1) and provides defense arguments in cases where the access was technically authorized but used for spam purposes.

The materiality element under Section 1037(a)(3) is particularly important. The provision reaches material falsification of header information, and the materiality determination considers whether the falsification was the type that would tend to influence the conduct of recipients or service providers. The defense can challenge materiality by showing that the alleged falsifications were technical irregularities rather than substantive deception, or that the falsifications would not have affected recipient or provider conduct.

Defense strategies and parallel charging considerations

The defense strategies in CAN-SPAM criminal cases include factual challenges to the specific provisions charged, challenges to the volume or value calculations that drive the felony enhancement, and challenges to the intent elements. The defense should evaluate each charged provision separately and should develop the specific factual and legal defenses applicable to each. The provisions have different elements and proof requirements, and a defense strong on one provision may not apply to others.

The parallel charging considerations include various other federal statutes that frequently accompany CAN-SPAM charges. Wire fraud under 18 U.S.C. Section 1343 reaches the use of interstate communications for fraud schemes connected to spam operations. CFAA charges may apply where the spam operations involved unauthorized access to computers. Identity theft charges may apply where the operations involved misuse of others identifying information. Money laundering charges may apply where the operations generated proceeds that were processed through complex financial structures.

The sentencing framework under USSG Section 2B1.1 produces high offense levels for CAN-SPAM cases involving substantial volume or value. The loss calculation can include the costs imposed on victims and the revenue generated by the defendant. The number of victims affects the offense level through specific characteristic enhancements. The sophistication and scope of the operations affect the offense level through additional enhancements. The combined factors can produce substantial sentencing exposure for significant spam operations, and the defense should evaluate the sentencing implications carefully in any plea negotiation.

Frequently Asked Questions

Is unsolicited email always illegal under CAN-SPAM?
No. CAN-SPAM allows unsolicited commercial email if the sender complies with the rules: accurate header information, accurate subject line, identification as an advertisement, valid physical postal address, and a functioning unsubscribe mechanism honored within ten business days.
Does §1037 reach legitimate marketing operations?
Generally no. Legitimate marketers using proper sending infrastructure and authentication do not falsify headers or evade attribution. Section 1037 targets evasive conduct — spoofing, account hijacking, and throwaway-domain campaigns.
What counts as a "commercial" message?
A message whose primary purpose is commercial advertisement or promotion of a product or service. Transactional or relationship messages — order confirmations, account statements, warranty information — are not commercial under the framework.
Can I be charged for forwarding spam to friends?
Almost certainly not. Section 1037 requires specific high-volume conduct with intent. Casual forwarding does not meet the statutory predicates or volume thresholds.
How does Texas Chapter 321 interact with CAN-SPAM preemption?
CAN-SPAM preempts state laws regulating commercial email except those that prohibit falsity or deception. Texas's false-header prohibitions generally survive preemption; opt-in registry or content regulations might not.
Part of a larger guide

Read the full Texas Computer Crimes Defense Guide

This article is one section of our comprehensive Texas Computer Crimes Defense Guide. The pillar guide covers recent developments, official resources, and the complete framework with deeper analysis.

Read the Pillar Guide →
⚖️
Texas Bar
Licensed
Bar Nos. 24043266 · 24043514
🏆
40+
Years Combined
Criminal Defense Experience
📞
Free
Consultation
Direct to Attorney
🔓
24/7
Jail Release
Available 7 Days a Week

Next Steps

If you are facing a situation described here, consult counsel promptly. Many issues in this area run on strict deadlines.

Reggie London & Njeri London

Co-Founding Partners · L&L Law Group, PLLC

Reggie London (Tex. Bar #24043514) and Njeri London (Tex. Bar #24043266) co-founded L&L Law Group in Frisco, Texas.

This guide was reviewed by Reggie London on May 30, 2026.

Cite this guide

Bluebook: Reggie London & Njeri London, CAN-SPAM Act Criminal Cases Under §1037, L&L Law Group (May 30, 2026), https://landllawgroup.com/insights/can-spam-act-criminal-cases/.

APA: London, R., & London, N. (2026, May 30). CAN-SPAM Act Criminal Cases Under §1037. L&L Law Group.