Should Caller ID Spoofer Be Held Liable For Users Who Make Harassing Calls?

Spoofing phone numbers — the practice of making it appear to the caller ID system that you’re calling from a different number — is not illegal, so long as the spoofing is not done to commit fraud or otherwise perpetrate a crime. But even when the intent of the spoofing crosses the legal line, does the company providing the spoofing service bear any culpability?

That’s the question underlying a lawsuit originally filed in 2013 against TelTech, the makers of SpoofCard, a service that lets users pay to disguise their phone number and even modify their voice to “protect yourself or pull a prank.”

In the original complaint [PDF] filed in a U.S. District Court in Massachusetts, the plaintiff alleged that SpoofCard’s technology was being abused “to commit acts of domestic violence, falsely accuse others of crimes, fake kidnappings, interfere with personal relationships, avoid lawful commitments (including jury duty), make false police reports, make false emergency calls, obtain evidence for court cases in a fraudulent and illegal manner, and otherwise defame, harass, annoy and invade the privacy of others.”

More precisely with regard to this lawsuit, the plaintiff said she received numerous harassing phone calls from someone using SpoofCard to pretend to be her neighbor. The calls were graphic in nature, with the caller exhorting the woman to meet him in the laundry room of her building for anal intercourse.

Police subsequently investigated the harassment and arrested the neighbor on the belief that he was making the calls. After his release on bail, the plaintiff continued to receive threatening calls. Once again, having good reason to believe they were coming from her neighbor, additional charges of felony witness intimidation were brought against him.

It wasn’t until ten months later that police learned that it was not the neighbor who had been making these offending calls, but a husband and wife who had been using SpoofCard to hide their phone numbers and disguise their voices.

The couple was arrested and charged with criminal harassment, making threats to commit a crime, intimidation of a witness, and misleading a police officer, while charges against the neighbor were all dropped.

Meanwhile, the plaintiff had to move from her home out of fear about her living situation, changed her job out of concern about traveling alone at night, while also suffering through “sleeplessness and severe and debilitating emotional distress.”

The lawsuit alleged that TelTech had known for years that its SpoofCard technology was being used for illegal purposes, pointing not only to law enforcement statements about the service, but the company’s own marketing, which included “testimonials” of users who had spoofed their numbers to illicit ends.

For example, one charming anecdote explains how a SpoofCard user deceived a pal into thinking he’d won a lottery:

    “I spoofed a friend into thinking he won a million dollars, sh*t hit the fan when he bought a 600 dollar bottle of champagne, he was trying to get hold of his boss to tell him to shove his job up you know where, so i enjoyed the champagne with him and then spoofed him again by telling him he had to answer a skill testing question to claim the million dollars and off course he got it wrong, was he pissed and he was happy he didn’t get a hold of his boss, well the champagne was good. I still won’t tell him it was me hah hah.”

TelTech was accused of violating state law by “engaging in immoral, unethical, oppressive, or unscrupulous behavior and business practices” and by “aiding and abetting and directly profiting from the criminal activity” of the actual callers who had harassed her and misled the police into charging the wrong person.

However, in July 2015, the court granted summary judgment in favor of TelTech [PDF], saying that even if the plaintiff could show that TelTech promoted SpoofCard as a tool for illegal activities, that she could not establish a link between that marketing and its specific use against her.

The judge pointed out that the couple who harassed the plaintiff had heard about SpoofCard from friends at a party, and that there was no evidence demonstrating that these friends had seen or were aware of SpoofCard’s marketing.

Even though the couple had to visit the SpoofCard website to pay for the service, the judge says there is no way to show that they visited the sections of the SpoofCard site highlighting the testimonials. As such, the judge felt that “no reasonable jury could conclude that defendant’s conduct caused plaintiff’s injuries.”

The woman nonetheless appealed her case to the First Circuit Court of Appeals, which this week once again sided with TelTech.

In its ruling [PDF], the appeals panel takes issue with the plaintiff’s argument that SpoofCard can only be used for illegal purposes, noting that, for example, spoofing is used to protect the privacy of domestic violence victims who want to disguise their whereabouts.

Additionally, the court points out that while SpoofCard’s marketing may have played up the illegal aspects of the technology, its actual terms of service prohibit users from breaking the law or making “harmful, threatening, abusive, harassing, defamatory, vulgar, obscene, sexually explicit… or otherwise objectionable” calls.

The appeals court acknowledges that the plaintiff was the “victim of something far worse than a prank, and she was victimized by use of a service that facilitated such awful conduct. But the District Court properly ruled that, on this record, the provider of that service was entitled to summary judgment on her state law claim.”

[via CourthouseNews]