More big-time spammers may find themselves doing longer stretches behind bars -- and wouldn't that be swell -- if a federal judge's first-of-its-kind sentencing decision in a Denver case becomes widely applied.

At issue in this case, which featured testimony from Microsoft antispam experts, was the thorny matter of determining the actual financial harm to ISPs done by a particular spammer over a particular period of time. When Congress enacted the CAN-SPAM Act of 2003 it anticipated this difficulty and included language allowing for a spammer's profits to be considered in sentencing when financial damages caused by his crimes could not reasonably be calculated.

---

Read the latest WhitePaper - A Good Mobile Experience: Balancing IT Requirements While Giving End-Users the Mobile Experience They Want

---

Last month, U.S. District Judge Lewis Babcock accepted a Colorado prosecutor's contention that this case, the United States vs. Min Kim, represented just such a situation. Microsoft says this is the first time a judge has applied CAN-SPAM sentencing guidelines in this manner.

If not for the use of Kim's profits -- an admitted $250,000 -- as a sentencing determinant, the 24-year-old spammer would have faced a prison stint of 24 to 30 months instead of 30 to 37 months. Citing Kim's first-time offender status, Babcock sentenced him to the minimum 30 months called for in the more punitive range. While that may appear generous, it likely represented a 20% stiffer penalty over what Kim would have received absent the profit-based calculation; and, it could have opened the door for as much as 13 months additional time had he been a recidivist.

"We're excited by the court's ruling," says Aaron Kornblum, senior attorney with Microsoft’s Internet Safety Enforcement Team. "In cases where there's a large amount of profit being realized, there is now the potential for a significant increase in sentences."

Investigators found 7.5 million e-mail addresses on Kim's computer, and he acknowledged having bought another 200 million back in 2004. Drawing particular attention from the prosecutor and judge were Kim’s sophisticated measures employed to avoid first-line spam defenses, including proxy servers, falsified subject lines and the use of DarkMailer, all of which increase the level of countermeasures that ISPs must deploy and the expenses they incur.