Caslon Analytics elephant logo link to home page title for Spam Regulation note

home | about | site use | services | guides | profiles | papers | timeline || Analysphere | Ketupa | Cinetext


messaging

- note












related pages icon
related
Guides:

Governance

Information
Economy

Security
& InfoCrime







related pages icon
related
Profiles:

Spam
regulation in Australia

Email &
Messaging

Wireless
access

Forgery &
Forensics

Identity
Theft

Forgery &
Forensics

Surveillance


This note supplements the broader discussion of electronic junk mail (spam, speam and spim) elsewhere in our Security & InfoCrime guide. 

It covers -

A more detailed profile discussing the regulation of spam in Australia and Zealand is here.

subsection heading icon     introduction

As discussed in our examination of spam issues, different nations have adopted varying approaches to regulation of spam. Those approaches range from laissez-faire through to tight restrictions on sending unsolicited messages.

A map of overseas anti-spam codes and laws is here.

For a global view we recommend Wye Keen Khong's 2001 JILT paper Spam Law for the Internet.

subsection heading icon     Australia

In December 2003 the national parliament in Australia passed two laws prohibiting spam. The regime is discussed in a detailed supplementary profile, which also examines industry codes.

The legislation reflects campaigning by community and industry groups (notably the Internet Industry Association, which held a national Anti-Spam Summit) for an effective national regime.

It also reflected developments such as the European Union 2002 Directive on Privacy & Electronic Communications, which built on the 2000 Electronic Commerce Directive, 1997 Distance Selling Directive and 1995 Data Protection Directive.

The legislation followed release in April 2003 by the Australian National Office for the Information Economy of a Final Report On Spam. The report noted arguments that email was now a "national communications channel" approaching the significance of post and voice/fax telecommunications.

In June 2003 the Australian Communications Authority (ACA) announced that the telecommunications industry was covered by a formal industry code covering bulk unsolicited Short Message Service (SMS) marketing, aka speam.

An additional code of practice is being developed by the Australian Direct Marketing Association (ADMA), "covering marketing by all mobile wireless technologies", including SMS, multimedia message services (MMS), Wireless Application Protocol (WAP) and 3G technologies.

In July 2003 the federal government announced that it had accepted recommendations in the report and was moving to develop a national regime characterised by

  • national legislation, to be enforced by the ACA, prohibiting the sending of "commercial electronic messaging" without the prior consent of end-users unless there is "an existing customer-business relationship (an opt-in regime)"
  • civil sanctions for unlawful conduct, including financial penalties, an infringement notice scheme and the ability to seek enforceable undertakings and injunctions
  • requirement for all commercial electronic messaging to contain accurate details of the sender's name and physical address/es and a functional 'unsubscribe' facility to enable people to opt-out
  • a ban on the distribution and use of e-mail 'harvesting' or list-generating software
  • working with international organisations to develop global guidelines and cooperative mechanisms

subsection heading icon     New Zealand

The New Zealand government, in contrast to that of Australia, was initially dismissive of calls for national regulation of spam. During 2004, reversing position, it announced that legislation would be developed.

We have examined the NZ regime in more detail here.

subsection heading icon     United Nations and ITU

The United Nations General Assembly and most specialist UN agencies have expressed little interest in spam or its regulation, despite comments that third world nations are disproportionately affected by junk mail.

The International Telecommunications Union (ITU) - profiled here - has recently sought a role in global action against spam. In July 2004 for example it held an international conference about global and national frameworks (PDF).

That event concided with announcement of a Memorandum of Understanding (MoU) between the Australian Competition & Consumer Commission (ACCC), US Federal Trade Commission, UK Department of Trade & Industry, UK Information Commissioner and UK Office of Fair Trading.

subsection heading icon     European Union

As we've noted in the detailed discussion of the Australian legislation, some European Union countries have enacted legislation and encouraged industry codes that anticipate comprehensive coverage by an EU Directive. Some analysts have suggested that the existing EU electronic commerce and privacy regime is adequate, given the existence of the major Directives regarding -

Data Protection (1995)

Distance Selling (1997)

Electronic Commerce (2000)

Privacy & Electronic Communications (2002)

The 2000 Directive (EECD) for example provides that any unsolicited commercial communication must be "identified clearly and unambiguously as soon as it is received", interpreted to encompass use of an ADV prefix in the subject line and consistent with telephone sales regulation mandating that the commercial nature of the call must be made clear from the outset. In July 2000 the Commission published a proposal that would prevent sending of unsolicited commercial email to potential consumers unless prior consent had been received, effectively introducing an opt-in scheme. the resulting 2002 Directive unfortunately restricted spam protection to natural persons.

Individual EU countries such as Austria, Italy, Germany and Sweden, have implemented 'opt-in' schemes, where the sender has to get permission from the recipient before sending a commercial email.

In the UK (as in New Zealand) there are currently no specific laws the prohibiting bulk email for direct marketing. In a mid-2000 review the UK Department of Trade & Industry (DTI) concluded that self-regulation is sufficient, given restrictions under the various EU Directives and associated legislation such as the 1998 Data Protection Act.

Derek Wyatt MP of the UK parliamentary All Party Internet Group suggested in 2003 that it would be practical to require a post code in all email addresses, with privacy concerns being handled through provision by the UK Information Commissioner of a code number in place of that geographical identifier.

A more cautious approach was adopted by the Group's 2003 report (PDF) on spam, which criticised the Australian legislation.The US, Canada and other countries already restrict sending inappropriate email to children.

subsection heading icon     United States

In the US debate about spam regulation has reflected tensions within and across the business and civil liberties communities.

Ssome telecommunications companies for example have locked horns with direct marketing interests. Civil society advocates split between those who characterise spam as threat to the future of the net and those who echo John Gilmore's claim that federal anti-spam legislation is "absolutely evil".

The federal Controlling the Assault of Non-Solicited Pornography and Marketing (aka CAN-SPAM) Act of 2003, passed by the Senate in December 2003, establishes a single national standard regulating commercial email. It replaces a patchwork of legislation in over 35 states, in particular preempting tough Californian legislation that was scheduled to take effect on 1 January 2004, and building on the 1991 federal Telephone Consumer Protection Act, primarily concerned with 'cold-calling' of residences.

The federal CAN-SPAM enactment gained the support of major direct marketers, in particular because it omits provisions in Californian and Washington state law permitting consumers to sue spammers. The Washington legislation had resulted in several high-profile suits in which spammers were found guilty and ordered to pay significant damages.

The national legislation prohibits common spamming practices such as address harvesting and false headers and sender details. It imposes regulations on all commercial email. In contrast to the Australian regime, it does not ban unsolicited commercial email, instead simply requiring that marketers remove customers from their lists on request. It mandates that senders must include a physical address and valid opt-out mechanism, along with an "honest subject line" and notice that the messages are ads. Advertisers are responsible for commercial messages sent on their behalf.

Activist group Spamhaus has accordingly commented that

Anyone with any sense would of course realise than if CAN-Spam becomes law, opting out of spammers' lists will very likely become the main daytime activity for most US email users

The Federal Trade Commission is required to report on the feasibility of a national Do Not Email registry, presumably modelled on the contentious national Do Not Call Registry (established in 2003 so that US consumers can opt out of temarketing to home numbers, strongly supported by consumers but decried by telemarketers).

In 2004 the FTC's A CAN-SPAM Informant Reward System: A Federal Trade Commission Report to Congress (PDF) asked whether rewards to whistleblowers are necessary for effective operation of US ant-spam legislation, commenting that

potential whistleblowers would weigh the possibility of a reward against a number of opposing considerations: the likelihood of information they submitted actually being used, and whether the use would result in a successful legal proceeding; whether they would lose their own income; whether they would incur personal legal liability for their own part in the scheme; whether they would lose their anonymity; and whether they would become a target of retaliation by the spammer.

CAUCE, the US equivalent of CAUBE.AU, criticised the CAN-SPAM Act for limiting enforcement "to overworked regulatory and law enforcement agencies, rather than giving consumers legal tools with which to protect their own inboxes", having earlier noted the importance of consumers being able to sue spammers for exemplary damages.

An advocated for the Californian regime argued that

Spam isn't legitimate advertising and it's not free speech. It's basically high-tech junk faxing that forces e-mail users to pay for someone else's advertising campaign through slower computer service and higher Internet access fees.

The federal legislation reflects growing regulation of fax and telephone junk mail, including the Telephone Consumer Protection Act. In December 2000 fax mailer 20th Century Fax was fined US$1 million under that enactment and Yan Shtok was sentenced to two years in a Californian prison for a scam that used 50 million emails. 

 



icon for link to next page    back  (messaging)



any word
all words
 phrase
 





version of July 2004
© Caslon Analytics