Ask HN: Abusive-seeming legal threat from Semalt
I run AbuseIPDB, a free distributed IP threat analysis database that allows users to report abusive IPs (spammers, bruteforcers, etc) through an API, webform, or Fail2Ban integration. We have over 30,000 users and almost 50k IPs reported per day.
I received a legal letter today from Semalt, a company that is probably familiar to many of you as a shady SEO company. They're mad because one of our users flagged one of their IPs on our site with the following comment:
https://www.abuseipdb.com/check/196.216.49.242
"Bot that promotes semalt.com SEO through web log referrer click bait spam with fix-website-errors.com, keywords-monitoring-success.com and keywords-monitoring-your-success.com. Does not identify itself as a bot, nor does it follow robots.txt. Clickbait link includes your domain name to let the bot's master know they got through. Primary site has form to gather domain names."
Semalt says this:
"The above mentioned materials do not contain any truthful information, and you ignore our attempts to clarify the issues related to your abusive comments and articles. You choose to ignore us and continue spreading false information. Our company has never been involved into the distribution of referral spam.
On the contrary, we often suffer from fake referral traffic on our website. The Semalt company has no doubt that you have used the trademark of our company in your publications not by accident but on purpose hoping to attract customers (readers) by using the popular brand/product name. [...]"
Full legal letter is here, including all of the threats of suing for damages, invoking GDPR, etc etc. For what it's worth, they didn't even bother contacting us through the website before sending this.
https://www.scribd.com/document/381802760/Abuseipdb-com-Abuse-Letter
Has anyone else crossed paths with these guys before? It it worth responding to or acting on?
Thanks for your input!
20 comments
[ 2.2 ms ] story [ 69.1 ms ] threadJust in case, I contacted a lawyer – I'll fight it if it goes further since I don't appreciate being bullied by a company like this, and nothing I said was false.
I feel a bit bad that I deleted the article as everything in it was truthful and helpful to people looking for that info. However, I don't want to get into a legal fight (although that's probably unlikely).
The only thing I can think of that I could possibly be in trouble for legally is that I called these sites referrer spam and ghost spam. However, so have a thousand other sites and what they did really seems to fit the definition of that exactly.
I read online that these sort of letters are supposed to be delivered by mail, not electronically. Additionally, I wonder about the statute of limitations is on this.
Anybody have any free, anonymous legal advice?
Some even tracked down the Semalt botnet that was doing this referral spam and ghost spam. So you're absolutely in the right by calling it what it is. What semalt did was absolutely referral spam. They claim it wasn't them, but they certainly profited from it.
The letters claim trademark infringement. They own no trademark in the USA, and there is one in pending status in their own country. Would claiming you own a trademark (yet you don't officially own one yet) be an issue?
If you've written about how to block Semalt referrer spam, you're just informing your readers about how to block referral spam (the domain doesn't really matter). So that falls under fair use.
We contacted our lawyer and he said that the reasons mentioned in the letter are rubbish. Our blog-article doesn't concern any trademark-violations and it certainly has nothing to do with GDPR.
The only critical point might be, if we said something wrong about them. But we have the facts and there are lots of other sites that say the same thing. So we won't delete or edit our article and we'll see if they really go to court and risk losing.
I hope some of you will do the same - that will make it easier for all of us!
Everything I wrote was the truth, and I can back up everything I said, so I'm not concerned.
A legal letter should be very precise but their letter could not even get their dates right. On top of that it says to Sir/ Madam when my full name is clearly shown on my website. I can't take that seriously. They cannot even take the time to write my name?
http://blog.analytics-toolkit.com/2015/guide-referrer-spam-g...
We got the same letters, sent to our ISP, instead of us, and we are a legal entity, easy to identify and contact in multiple ways. Legalese is shit, of course, we will stand our ground for sure. Unfortunately, due to procedures by our ISP we might need to temporarily remove a part of the content until the issue is resolved.
The following google search shows what I mean: semalt site:medium.com
I'm not sure about medium's usual response to legal threats but if a big company like that probably with their own legal department has complied, one has to wonder...
For a number of reasons the letter is useless, and you shouldn't really do anything.
1. It's an email letter, legal letters for any court action need to delivered Registered post, so proof you have received it. This is relatively expensive to do. Especially at the scale they would like to do it at.
Just like with any claim troll without merits, the best course of action is to ignore them.