iCal 1.5.1 and iSync 1.2.1 Released — Apple updated its calendar and synchronization utilities last week, improving performance and adding support for more devices. iCal 1.5.1 tweaks the calendar’s interface slightly, turning the Info window into a sliding drawer and adding the capability to set custom category colors. The new version also adds notes and alarms to To Do items, supports events in multiple time zones, and can publish or subscribe to calendars served behind firewalls. The update is a 6.2 MB download, and requires Mac OS X 10.2.3 or higher.

<http://www.apple.com/ical/>

iSync 1.2.1 adds calendar synchronization for Sony Ericsson P800, Nokia 3650 and Nokia 7650 phones, plus the capability to transfer pictures associated with Address Book records that appear when calls come in from those contacts. Additional synchronization support has been added for Sony Ericsson T616 and Z600 phones. If you’re a .Mac subscriber and use iSync to synchronize your Safari bookmarks, iSync can synchronize them for viewing and editing at bookmarks.mac.com. iSync 1.2.1 is a free 5.5 MB download and requires Mac OS X 10.2.3 or higher, and iCal 1.5.1 for synchronizing calendars. Palm handheld device users must install the iSync 1.2 Palm Conduit, an 892K download (an obscure direct download link is provided at the bottom of the iSync download page). [JLC]

<http://www.apple.com/isync/>

<http://www.apple.com/isync/download/>

<http://bookmarks.mac.com/>

StuffIt Standard Edition 8.0 and StuffIt Engine 8.0.1 — Aladdin Systems has released StuffIt Standard Edition 8.0, the most recent version of the bundle containing DropStuff, DropZip, DropTar, and the free StuffIt Expander. New features include faster compression, interface improvements to DropStuff, and support for more file formats (see "What’s New in StuffIt Deluxe 8.0" in TidBITS-698 for details). StuffIt Standard Edition 8.0 costs $50, with upgrades for registered users at $15. A free 15-day trial version is available as a 7.2 MB download, and remember, downloading StuffIt Standard Edition is how you get the free StuffIt Expander.

<http://www.stuffit.com/mac/standard/>

<https://tidbits.com/getbits.acgi?tbart=07365>

Don’t stop downloading, though, since Aladdin has also released the free StuffIt Engine 8.0.1 Updater for all versions of StuffIt. It addresses an issue where a bundled Mac OS X application (as opposed to a Classic application or a single-file application) compressed in a .sit file (as opposed to StuffIt’s more modern .sitx file format), won’t launch after being expanded. The problem stems from the fact that the .sit file format predates (and thus can’t store) Unix file permissions that are necessary for bundled Mac OS X applications to launch. To work around this limitation, Aladdin previously set the execution bit on all expanded files, but Apple warned against that approach, so Aladdin removed the workaround in StuffIt 8.0. Unfortunately, failing to set the execution bit properly proved too inconvenient for users, so the StuffIt Engine 8.0.1 Updater restores the previous workaround until Aladdin can develop a more elegant solution. You can avoid the problem with bundled Mac OS X applications by using the .sitx file format (everyone who has StuffIt Expander 7.0, which shipped with Mac OS X 10.2 and the last security update for Mac OS X 10.1.5, can expand .sitx files). The StuffIt Engine 8.0.1 Updater is a 3.9 MB download. [ACE]

<http://www.stuffit.com/mac/deluxe/updates.html>

<http://www.aladdinsys.com/support/techsupport/ qanda.php?id=534>

ConceptDraw V Released — CS Odessa has released ConceptDraw V, a major revision to their powerful business diagramming package (see "Make the Connection with ConceptDraw" in TidBITS-553 for a full review of an earlier version). New features include XML for Visio support (enabling document exchange with Microsoft Visio), a BASIC-compatible built-in scripting language, more-capable connectors, named styles, new shape collections, document preview in the Open dialog, automatic saving and recovery, database integration via the scripting language, and user authorization. CS Odessa also completely rewrote ConceptDraw’s graphics engine to provide anti-aliased text and WYSIWYG text editing. Finally, ConceptDraw V received a complete interface overhaul to add floating palettes and customizable toolbars, enhanced PowerPoint import/export, and support for more graphic file formats. ConceptDraw V Standard costs $150, with upgrades at $80. The Professional version costs $350 with $100 upgrades. [ACE]

<http://www.conceptdraw.com/>

<https://tidbits.com/getbits.acgi?tbart=06179>

Apple Computer announced last week that Mac OS X 10.3 Panther, this year’s new version of the Mac OS X operating system, will be available at Apple’s retail stores and authorized resellers at 8:00 PM on Friday, 24-Oct-03. Panther Server, or Mac OS X Server 10.3, will be released at the same time. Panther boasts a completely rewritten and redesigned Finder, offering faster searching and a user interface showing its first major evolution away from the remnants of the NeXT user interface. New features include Expose, a clever way of selecting from among all open windows; iChat AV, an audio- and video-enabled version of Apple’s chat software; fast user switching; FileVault home directory encryption and other security enhancements; and behind-the-scenes synchronization of the user’s iDisk to a local folder for offline work. (See "Mac OS X Panther Springs at WWDC" in TidBITS-685.)

<http://www.apple.com/macosx/overview/>

<http://www.apple.com/server/macosx/>

<https://tidbits.com/getbits.acgi?tbart=07242>

Panther supports all PowerPC G3- and G4-based Macs that shipped with USB ports (which eliminates a few older PowerPC G3 models that worked with Mac OS X 10.2 Jaguar), plus the new Power Mac G5s. It is available for pre-order immediately from the Apple Store or other Apple retailers like Small Dog Electronics at a single-user price of $130 or a "family pack" price (for up to five users at the same residence) of $200. Panther Server costs $500 for the 10-client edition and $1,000 for the unlimited-client edition.

<https://tidbits.com/getbits.acgi?tlkthrd=2084>

<http://store.apple.com/>

<http://www.smalldog.com/category/x/x/ Productivity/Software+Operating/wag201/ wag100201/>

Anyone purchasing Mac OS X or a new Mac on or after 08-Oct-03, or anyone who’s purchased a Power Mac G5 at all, is entitled to a Mac OS Up-To-Date upgrade to Panther for a $20 shipping and handling fee; a corresponding Panther Server offer is available to anyone who purchases Mac OS X Server or an Xserve today or later. The Up-To-Date policy of favoring Power Mac G5 owners, regardless of purchase date, has rankled users who ordered new PowerBooks when they were announced only a few weeks before the Panther announcement. Although Apple’s official line is that non-G5 Macs are eligible for the Up-To-Date pricing only if bought after 08-Oct-03, many PowerBook owners (including TidBITS readers and staffers) are reporting mixed success when entering their machines’ serial numbers in Apple’s online form; in a few cases, attempts late last week failed, but retries over the weekend were successful.

<http://www.apple.com/macosx/uptodate/>

Not only am I a huge fan of Netflix, the popular online DVD rental service, it turns out that I’m one of its better customers. For $20 per month, Netflix sends me three DVD movies from a list of titles that I set up, which I can watch at my leisure without worrying about incurring late fees. After I’ve watched a movie, I slide the disc into a prepaid envelope, drop it into the mail, and wait a couple of days for the next movie on my list to arrive. Although I’m limited to checking three movies out at a time (you can pay more to get more movies at once), thanks to the fast turnaround I can watch potentially dozens of movies per month and still pay only $20. (For a more comprehensive look at Netflix, see "Worthy Web Sites: Get Your Kicks with Netflix" in TidBITS-604.)

<http://www.netflix.com/>

<https://tidbits.com/getbits.acgi?tbart=06622>

However, I’ve found that I don’t churn through all that many movies in a month. In fact, during especially hectic work periods I’ve been known to hang onto the same two or three movies for a month or two – which totally blows the cost benefit for me, and no doubt makes me a prized catch for Netflix. With no late fees, we both win: I can still watch a movie when I get the chance, and Netflix doesn’t have to pay delivery or stocking costs for my orders.

Before you shake your head and wonder how I managed to pass basic high school math and economics classes, you must understand that only part of my monthly cost, in my view, is going toward supplying me with movies on a regular basis. I’m more than happy to pay because Netflix gives me what I’ve otherwise been unable to keep consistent: an ongoing list of movies to watch.

When someone recommends a movie to me, it goes into my Netflix Queue. This is especially good for those classic movies that everyone I know has seen, but which I’ve somehow missed. With my persistent Netflix Queue, I no longer have to stand in Big Corporate Video Rental Store at 10:00 PM racking my brain to remember the title of the Oscar-winning film directed by that guy and starring what’s-her-name.

The problem with this system is that those worthwhile movies are often pushed aside by new releases or other movies that I’d rather see sooner. I can rearrange my Netflix Queue online, but it’s a bit of a hassle: I need to renumber the items in text fields, apply the change, and hope I didn’t mark two entries with the same number.

Becoming a Netflix Fanatic — I’m obviously not the only one to find this process annoying, which is why I was intrigued to download the $10 shareware Netflix Fanatic, a Mac OS X application from Cricket Media that helps you manage your Netflix Queue without using a Web browser. You can use it to search for movies and add them to your list, see which movies you have checked out, view a list of movies you’ve selected but which haven’t been released, and scroll through your rental history. Netflix Fanatic reads the cookie information from your Web browser, so you don’t even need to configure it with login information.

In Netflix Fanatic’s Queue tab, you can simply drag titles to change their order, Shift-click to select multiple titles before rearranging them, and add personal notes to a title’s text field.

But what makes me slightly giddy is the capability to shuffle (randomize) the Netflix Queue at the click of a button. With dozens of movies in my list, I can hit Shuffle, close the application, and see what arrives next. It’s a great way to get out of a movie rut (for example, it’s easy to go on a science fiction bender).

Here Today… Sadly, Netflix Fanatic turned out to be too good to be true. As I started to write this article, I was surprised and dismayed to discover that the developer has been forced to stop distributing it due to a dispute with his employer (which is not Netflix) over who owns the program. Based on the note at the program’s home page, the developer believes his employer has no ownership over software created during personal time and on personal equipment, but that he doesn’t have the financial resources to fight back or become a full-time freelance programmer.

<http://www.cricketmedia.com/software/netflix/>

However, existing copies of the program remain $10 shareware, and even though Cricket Media no longer distributes the program, you can still download Netflix Fanatic 1.1.4 from a mirror site in the Info-Mac Archive. It’s also possible that another developer may rewrite Netflix Fanatic to avoid the problem.

<ftp://ftp.tidbits.com/info-mac/app/netflix- fanatic-114.hqx>

I don’t know anything more about the situation other than what the author has posted, so I can’t speculate as to who’s in the right here. But the end result is that a novel program that enhanced a popular service won’t see any further development, which is a shame. I’ll still use my copy, and enjoy the way it has broadened my movie viewing experience. If you use Netflix and run Mac OS X, you should grab a copy as well.

Spam is known to the law as "unsolicited commercial electronic mail," or UCE, and is usually defined as email in which someone is trying to sell someone else a product or service, or otherwise part recipients from their money. Recently, the State of California passed a tough new anti-spam statute that goes into effect on 01-Jan-04. The new California statute departs from others of its kind in a number of respects (something California is becoming increasingly good at doing). One of the more telling departures is that it uses the legally informal term "spam" throughout, although it does use the more legalistic "UCE" where a more specific definition is needed.

I don’t need to tell TidBITS readers that spam is a worsening problem afflicting the Internet. According to Brightmail, spam has increased from only 7 percent of total email traffic in April 2001 to a whopping 54 percent in September 2003.

<http://www.brightmail.com/spamstats.html>

<http://www.brightmail.com/pressreleases/070103_ uk_spam_summit.html>

Sending spam carries very little cost to the spammer because the costs are borne by ISPs, which pass them on to consumers in the form of increased access charges. According to a report from San Francisco-based Ferris Research, spam cost companies in the United States over $10 billion last year – just imagine the late Carl Sagan saying "billions and billions" and you’ll get the picture – in lost worker productivity, technical solutions, and wasted bandwidth. An abstract of the study is available free. The full study requires a subscription.

<http://www.ferris.com/offer/spam.html>

Users are mad as hell about spam. A Harris poll taken two and a half years ago showed that 49 percent of users wanted an outright ban on spam. In a followup, titled "Large Majority of Those Online Wants Spamming Banned," Harris found that that number jumped to 80 percent by late 2002, and it’s probably even higher now.

<http://www.harrisinteractive.com/harris_poll/ index.asp?PID=348>

The number of complaints received by state Attorneys General and the U.S. Federal Trade Commission has skyrocketed, and consumer pressure to control spam is being felt at all levels of state and federal government. To date, 36 states have passed laws dealing with spam.

<http://www.spamlaws.com/state/>

The Washington and California statutes are the most aggressive of the batch. Both have been vigorously challenged in the courts on various grounds, and both have ultimately been upheld. Heartened by these judicial affirmations, California has now enacted an even stronger statute that is already generating renewed controversy.

A New Model — In 1998 California enacted one of the first and strongest anti-spam statutes in the nation (see "California Outlaws Spam" in TidBITS-448). Defining spam as unwanted commercial email intended to sell a product or service, the law required spammers to identify their email by putting "ADV:" in the subject line or "ADV:ADLT" for adult-oriented email. While individuals were not granted the right to sue, ISPs were empowered to sue spammers for violations and to obtain a judgment for significant penalties. The law was promptly challenged. In Ferguson v. FriendFinders, Inc. a lower court found it to be an unconstitutional violation of the U.S. Constitution’s interstate commerce clause. The California appellate court disagreed and the law remained in force.

<https://tidbits.com/getbits.acgi?tbart=05109>

<http://www.spamlaws.com/cases/ferguson.html>

There is no indication that California’s law has stemmed the tide of spam or even caused much spam to be labeled. Indeed, the volume of spam flooding the Internet has steadily increased despite such laws. Undaunted by failure, in September 2003 the California legislature enacted an even more sweeping statute.

<http://www.spamlaws.com/state/ca1.html>

The new law keeps certain features of the old one. For example, spammers must still include "ADV" or "ADV:ADLT" in the subject line, and must provide an 800 number or valid email address allowing recipients to request removal. But the changes in the new law are very significant.

The new statute completely bans all UCE unless specifically requested or authorized by the recipient. Like the old law, it is still limited to spammers using equipment in California or sending to recipients in California. But individuals now have the right to sue spammers for violating the law and to collect either actual damages or $500 per spam up to a limit of $1 million per "incident." An "incident" is "a single transmission or delivery to a single recipient or to multiple recipients of unsolicited commercial email advertisement containing substantially similar content."

One of the more sweeping provisions of the new statute prohibits anyone from collecting email addresses from the Internet for the purpose of sending spam to Californians or from California. In short, California is targeting address harvesting regardless of where the acts occur if the intent is to use the addresses to spam Californians.

There are a number of legal and practical hurdles this new statute will have to overcome. The following are some examples.

Commerce Clause — The commerce clause is found in the U.S. Constitution, Article I, Section 8, Clause 3.

<http://www.house.gov/Constitution/ Constitution.html>

On its face, the commerce clause merely gives Congress the authority to "regulate Commerce with foreign Nations, and among the several States, and with the Indian Tribes." However, a huge body of law has grown up around this short phrase. The commerce clause issues are fascinating (well, to me anyway). Unfortunately, they are also incredibly complex and far beyond the scope of this article. So I will simply point out that the issue exists, that there is a lot of debate over how the commerce clause should be applied to Internet commerce, and that the issues are far from resolved. Partly because of the commerce clause issues, when Congress enacts legislation on spam it may abrogate state laws either entirely or in part.

Implicit in the commerce clause is the "dormant commerce clause." That doctrine holds that there are certain areas in which states cannot legislate even if Congress has not acted. The principle commerce clause challenges to spam arise under the dormant commerce clause doctrine. The argument runs like this:

State boundaries are irrelevant to the Internet, and thus to spam. All Internet email is necessarily interstate. It travels across interstate lines and is relayed via servers that could be anywhere in the world. Any regulation by any state necessarily affects interstate commerce, and one state’s laws will necessarily affect spammers in other states. Thus, argue opponents of spam legislation, no state regulation of spam is possible without violating the commerce clause. Only Congress can legislate over such an inherently interstate activity.

The previous California statute survived a dormant commerce clause challenge because the court found that the statute applied only to (a) spammers using equipment located in California; and (b) spammers sending email to California residents. Because the effect of the law restricted only California-specific conduct, the court found that the commerce clause was not violated.

I anticipate a renewed challenge to the new statute under the commerce clause. I suspect that at least one clause in the new statute will not fare so well under a commerce clause analysis, and will be stricken. The new statute makes it "unlawful for any person or entity to collect electronic mail addresses posted on the Internet if the purpose of the collection is for the electronic mail addresses to be used" to initiate or advertise in an unsolicited commercial email advertisement to or from California. This provision applies to everyone, everywhere, who is collecting email addresses if the purpose is to spam Californians – regardless of whether they actually carry through on it.

First Amendment — There has been much hoopla recently over a Colorado federal court decision blocking the Federal Trade Commission’s (FTC) "Do Not Call" list because it may violate telemarketers’ free speech rights. Telemarketing is similar to spam in a number of respects, and the arguments leveled against the "Do Not Call" list can easily be applied to spam laws. Indeed, advocates of spam have consistently argued to state legislatures that anti-spam laws violate the First Amendment. However, to date those arguments have not been a key part of the court decisions upholding the statutes.

The federal court of appeals has now stayed the Colorado federal court’s decision and the "Do Not Call" list is moving forward. However, I anticipate that we will see additional First Amendment challenges to spam laws, and the California statute is ripe for challenge.

Jurisdiction — Most of the complaints about the jurisdiction of a state to go after spammers in another state or abroad are actually enforcement issues. The legal issues of when a state has jurisdiction over out-of-state entities are fairly well established.

I believe that all states have enacted a form of law called a "long arm statute." In essence, long arm jurisdiction extends to any person or entity who takes advantage of the benefits of a state’s laws. Even minimum contact with a state confers jurisdiction if the contact is enough to invoke the protections of state law. So, for example, a company that sells products via a catalog and has customers in a particular state can sue a customer under state law for failing to pay. But that company can also be sued by the customer under state law for failure to deliver or other breaches.

There is little question that a spammer soliciting sales in California is subject to California law. But this is a good point to segue from the legal challenges to the practical ones. A big practical question is: how do you find spammers?

In order to start a lawsuit, the plaintiff must physically hand the defendant a copy of the complaint. This is known as "service of process." It is difficult to serve someone unless you can find them. In the 1998 case that I helped Adam and his fellow TidBITS editors bring, the defendant played a shell game with false company offices, at least two fake names, and multiple fictitious addresses. After the litigation started, he actually changed his business address once a month. (See "TidBITS Sues Spammer" in TidBITS-439, and "Spam Damned in Washington State" in TidBITS-583.)

<https://tidbits.com/getbits.acgi?tbart=05000>

<https://tidbits.com/getbits.acgi?tbart=06458>

[This paragraph currently unavailable]

The solution to not being able to find someone to serve papers is to use a process called "service by publication," in which the court approves publication of the complaint in the local papers. After a period of time, the complaint is considered to have been served and the case can proceed.

That may solve the legal issue, but it does nothing to solve the practical problem. After all, if you can’t find the defendant, how are you going to collect on your judgment? At some point, it becomes necessary to identify and locate the defendant physically.

Enforcement — Under long-arm statutes, even off-shore merchants doing business in the U.S. are subject to U.S. law, including the laws of the states they sell in. If the spammer is a legitimate business that values its reputation and customers, there is little problem enforcing a judgment. But most spammers are anything but legitimate business. They do everything possible to mask their identities and location, including hiding in other countries that don’t have or enforce spam laws. If you obtain a judgment in a California court, will you try enforcing it in China? The Bahamas? It is highly unlikely. Even in countries that have reciprocal enforcement of judgments treaties with the U.S., the costs of enforcing a judgment abroad are usually prohibitive for the average spam victim.

Collection — But let’s say that you are one of the fortunate ones who locates, serves and gets a judgment against a spammer. Will you collect your riches? Again we run into the disparity between legitimate businesses who care about their reputation and customers, and the majority of spammers who care nothing for either. It is likely that even having identified the live body of the spammer, a plaintiff will have to pursue execution of the judgment. No, that doesn’t mean executing the spammer (popular though that option might be with some people). "Execution" is legalese for the court procedures that include garnishing wages, bank accounts, and the like. Execution can be costly, time consuming, and often will net the plaintiff only a portion of the judgment. Of course, that will be further reduced by the amount of attorney fees racked up in the course of executing on the judgment.

Conclusion — The new California statute definitely pushes the envelope. It bans all unsolicited commercial email unless the recipient has agreed to receive it. It creates a private right of action allowing individuals to sue for damages for each item or incident, and it bans harvesting email addresses for the purpose of spamming Californians.

The new statute will inevitably draw court challenges. While some of the statute may be stricken as overbroad or violating federal law or the Constitution, most of it appears to be in line with law that has already survived such challenges. The law is deliberately modular, or in legalese "severable," so that portions can be excised if a challenge is successful, while leaving the rest of the statute intact.

Unfortunately, spam laws won’t stop spam, nor will they even stem the tide, if experience so far is any guide. The old California statute did not reduce or even noticeably slow the increase in spam. I hold no great hope that the new statute will do any better. Legitimate businesses have already altered their practices to comply with existing spam law, and will no doubt do their best to comply with the new one. But legitimate business accounts for only a small amount of the spam we receive. Most spammers will simply keep on spamming. The new law will doubtless create a flurry of new court actions against spammers, resulting in more default judgments that can’t be collected. And the spammers will keep spamming.

Lest I sound unduly bleak, I am not suggesting that there is no solution to the spam problem. However I do not believe that the law will stop or reduce spam.

Legal remedies are great for deceptive, misleading and fraudulent marketing practices – but those things have been illegal for a long time. Spam laws should be able to give law enforcement needed tools to go after spammers (focusing on the most egregious ones), and to allow individuals who are so inclined to go after them as well. But the Internet is a global phenomenon. State boundaries are largely irrelevant to the Internet, and state spam laws will do little or nothing to solve the larger problem. On the other hand, passing more laws amounts to more regulation of the Internet, and sets an increasingly popular precedent for further regulation. Be careful what you wish for!

I believe that the solution to the problem of spam is technological. For example, I receive between 100 and 200 spam messages each day, but 98 percent of those are filtered out by Eudora 6.0’s Bayesian spam filter. True, I must regularly review the collected mess of Nigerian political refugees looking for a kind stranger to help launder a few million dollars, the offers to enlarge various body parts (some of which I don’t have), and the ever popular get-rich-quick schemes so that I can find any false hits and rescue them. But as annoying as this is, it is currently the cost of using a largely unregulated forum such as the Internet in a capitalist society that values free speech and privacy.

[Brady Johnson is a grouchy attorney in Seattle who really, really hates spam.]

Early G3s and Panther — Readers speculate about which machines Mac OS X 10.3 will support. Although early beige Power Mac G3s aren’t officially supported, will Panther run on them anyway? (2 messages)

<https://tidbits.com/getbits.acgi?tlkthrd=2084>

Palm and Mac compatibility — Palm’s new handhelds include updated built-in applications, but how well do they synchronize to the Mac? (8 messages)

<https://tidbits.com/getbits.acgi?tlkthrd=2081>

Mac OS X 10.2.8 problems — Even though Apple pulled its problematic Mac OS X 10.2.8 update and replaced it with a "fixed" version, some people report problems with the new revision. (6 messages)

<https://tidbits.com/getbits.acgi?tlkthrd=2083>

Praise for TidBITS in HTML — See, it is possible to make HTML-formatted email that isn’t revolting. (3 messages)

<https://tidbits.com/getbits.acgi?tlkthrd=2080>