ISP Host to Spam, Viruses, and Spyware Shuttered by FTC Enforcement Action

By Ronnie London & Micah Ratner

The FTC announced on May 19, 2010, that on April 8, a Northern District of California judge issued a permanent injunction shutting down an ISP—Pricewert LLC—that primarily hosted spam, botnets, trojan horses, viruses, child pornography, and spyware.  ICANN and other industry standards bodies have shut down ISPs that host illegal content, but the FTC’s enforcement action against Pricewert LLP marked the first instance where a federal district court permanently shut down a “rogue” ISP.

The FTC’s June 2009 complaint alleged that Pricewert “recruits, knowingly hosts, and actively participates in the distribution of illegal, malicious, and harmful electronic content” and “actively colludes with its criminal clientele in several areas, including the maintenance and deployment of botnets.”  The FTC’s evidence included transcripts of instance messages that showed senior Pricewert employees colluding with bot-herders to create and configure a botnet.  Pricewert also allegedly marketed its services on chat rooms for spammers, ignored take-down requests from the online security community, and shifted IP addresses for its criminal clients to evade detection.  The same month, the federal court issued a TRO and then a preliminary injunction against Pricewert based on the FTC’s allegations of unfair and deceptive practices under Section 5 of the FTC Act.

Also on April 8, the district court appointed a permanent receiver and determined the amount of disgorgement of profits.  The FTC reports that the ISP’s servers and assets were seized and will be liquidated.  The court cut an award of ill-gotten profits from $2.16 million to $1.08 million because the FTC was unable to submit sufficient evidence to show the percentage of Pricewert’s legitimate versus illegal activity.