Court prohibits dialer hijacking

16 August 2005

Fredrik Malm

Modem hijacking – also known as dialer hijacking or internet dumping - is a scam that has become alarmingly common recently. The practice involves inviting internet users to click on pop-up windows which are presented to the user, thereby authorising the downloading of a modem program. This program, a so-called dialer, uses the user’s regular modem to dial long distance telephone numbers, which can lead to enormous charges on customer’s telephone bills. Some programs operate while surfing the web, dropping the user’s legitimate dial-up connection and then secretly reconnecting through a new number. Other programs operate when the computer user is away from the computer, dialing numbers after the system has sat idle for a long period of time.

A recent judgment by the Swedish Market Court (“Marknadsdomstolen”) has established that specific agreements are needed where payment services are provided on the Internet. The Swedish Consumer Ombudsman (Sw “Konsumentombudsmannen”) won the case it had brought against a Swedish telephone operator which sent invoices for internet services to people who had not actually ordered the services. The court also made it clear that the company had carried on marketing in conflict with Swedish e-commerce legislation and that the terms it was seeking to enforce against consumers were in fact unreasonable.

The telephone company had, among other things, tricked internet users into taking a payment service using a pop-up icon on its site which the user had to click ‘Yes’ in order to escape. The users did not have a genuine opportunity to decide whether or not they wanted to order the service. The telephone company then sent the users invoices, claiming that the consumer had an obligation to pay the charges. The consumer was charged 99 SEK as a start-up fee and 30 SEK per minute for surfing the web. The court’s conclusion was that this could not be considered an express order and that consumers were therefore being mislead as to their payment obligations.

According to section 12 of the Swedish Marketing Practices Act, an undertaking may not, in the course of its marketing, issue any invoices, payment deposit slips or similar notices relating to products which have not been expressly ordered, and thereby mislead the recipients as to their payment obligations. The regulation concerns marketing methods that, without being directly associated with the delivery of a product, are likely to convey the false impression that the recipient is under an obligation to make payment. The Market Court has accepted the Swedish Mail Order Association’s (Sw: “Svenska Postorderföreningen”) trade regulations as guiding principles when determining whether an order made on the internet is consistent with accepted marketing practices. These trade regulations provide that where a service provider transacts with consumers via its internet homepage the existence of a valid order is conditional on the buyer being at least free to expressly indicate his/her interest by “clicking” acceptance. Moreover, he/she needs to be given the opportunity to read through both the details in the order and the terms of the agreement and to confirm this with another “click”. With a third “click” the customer then needs to be given a final opportunity to confirm the order and to accept the terms of the agreement.

Proposal for implementing a new law against the use of dialers etc.

The Swedish Department of Justice presented a proposal for a new law imposing restrictions against the use of dialer programs which can be used for modem hijacking. The proposal forbids the placing of a dialer program on a web page, unless it is limited to dialing certain pay numbers within a certain number series agreed by the National Post and Telecom Agency (Sw: “Post och Telestyrelsen”). All numbers within the number series are blocked in advance. Dialer programsmay only be used to dial up numbers in the blocked number series if the user requests in advance that a number in the blocked number series should be unlocked, in accordance with a so-called “opt-in” model.

The result of this is that an internet user will not be liable for payment of dialled numbers outside the blocked number series. A telephone subscriber shall also have the right to block his/her telephone subscription against dialling certain numbers, such as overseas numbers etc.

The new law is expected to be adopted on 1 April 2006.