Closely related to consumer protection legislation is legislation against spam, or the sending of unsolicited, usually commercial, electronic messages. Spam is a recent phenomenon that has become more prevalent with the growth of Internet usage, although spam can also be carried out through other electronic means, such as facsimile, telephone, short message service (SMS) and instant messaging services. See Box 3-8 for the definition of spam. With the growth of ICT, a continually increasing number of countries have implemented legislation against spamming to supplement existing consumer protection laws (see Figure 3-D).
1 The problems associated with spam are magnified in developing countries, where high volumes of incoming and outgoing spam can cause a severe drain on the limited and costly bandwidth that is available for ICT.
2
Some countries, however, such as Bangladesh, Burkina Faso, El Salvador, Kuwait, Madagascar, Moldova and Lebanon have no spam legislation, while others such as Bulgaria, Chile, Costa Rica, Malaysia, Mexico, Peru, South Korea and Switzerland have no specific anti-spam legislation, but use alternative laws to address spam issues, such as consumer protection laws, telecommunications law, or data protection law. Several countries such as Argentina, Brazil, Canada, Hong Kong SAR, Russia, Singapore and New Zealand are in the process of enacting specific anti-spam laws, while others such as Australia, Austria, Belgium, China, Czech Republic, Hungary, Japan, Lithuania, the Netherlands, and the United States have already enacted specific spam legislation.3 In the EU, legislation against spam is codified in the Directive on Privacy and Electronic Communications which requires member states to prohibit unsolicited communications sent via e-mail, SMS, facsimile, or telephone.4 The Directive’s basic principles are that: (a) member states should take an opt-in approach, whereby they ensure under applicable legislation that businesses obtain prior consent before sending unsolicited e-mails for direct marketing; (b) senders must clearly indicate the use of cookies or other tracking devices, including spyware; and (c) the definition of spam is technology neutral.
Although national efforts are the main forces in combating spam, due to the “borderless” nature of spam, it is just as important to have international enforcement cooperation. For example, countries such as Australia, Korea, the United Kingdom and the United States have signed bilateral and multilateral memoranda of understanding to coordinate and improve spam enforcement activities. The OECD, to support the development of an inclusive response to spam, has launched an Anti-Spam Toolkit containing resources and information on anti-spam activities at the international level, to help policy-makers, regulators, and industry players formulate policies and find solutions to spam.5
Figure 3-D: Anti-Spam Legislation Worldwide
Source: ITU Global Survey on Anti-Spam Laws and Authorities, April 2005.6
|
Box 3-8: What is “Spam”?
There is no internationally agreed definition of what constitutes spam. The following are definitions provided by Australia, the European Union and the United States.
Australia: The legislation refers to the phrase “unsolicited commercial electronic messages” (the word “spam” is not specifically mentioned). There is no reference to bulk messaging; therefore a single unsolicited commercial electronic message could be spam. The judicial provisions are technologically neutral, and therefore apply to any unsolicited commercial messages delivered to the consumer via email, SMS, MMS and instant messaging. Faxes and voice-to-voice telemarketing are excluded.
European Union: The term spam is neither defined nor used. Rather, the Directive uses the term “electronic mail for the purposes of direct marketing.” The judicial provisions are technically neutral and therefore apply to direct marketing efforts made using e-mail, calling machines, faxes and SMS messages.
United States: The term spam is neither defined nor used. The Federal Trade Commission (FTC) refers to an “unsolicited commercial electronic mail message"; however, judicial provisions do not limit spam to e-mail. In addition, the FCC adopted new rules to protect consumers from receiving spam on their wireless devices, such as cellular phones and pagers.
Source: ITU Survey on Anti-Spam Legislation Worldwide 2005. |
Despite the enactment of anti-spam laws that are necessary tools for combating spam, such laws have been unsuccessful in abating spam.7 Therefore, in addition to enactment of anti-spam laws, which usually involve the sanctioning of spammers through an “opt-in” or “opt-out” approach (Box 3-9), it is also important to consider alternative legal mechanisms such as the establishment of industry-led enforceable codes of conduct for Internet Service Providers (ISPs). This proposed approach would require ISPs to establish and enforce codes of conduct that prohibit their users from using the ISP as a source of spamming and other prohibited acts such as spoofing and phishing and prohibiting users from entering into peering arrangements with ISPs that do not uphold similar codes of conduct. 8 The ultimate goal of such codes of conduct is to ensure that ISPs assist with the anti-spam efforts by taking adequate action to keep spammers off the Internet.9
|
Box 3-9: Opt-in or Opt-out?
Most anti-spam laws involve the “opt-in” versus the “opt-out” approach.
Opt-in: This approach, adopted by the EU Directive, prohibits marketers and senders of commercial electronic messages from sending messages to a recipient unless the recipient has affirmatively asked to receive them. Affirmative requests for messages can be delivered directly by a recipient or they can be constructively construed from an existing business relationship between the recipient and the sender. For example, under opt-in laws, if a person purchases a product from a merchant, that merchant may send that person offers in the future until the merchant receives a request to stop sending such offers.
Opt-out: This approach, adopted by the United States, Japan and South Korea, allows senders to send messages to a recipient even if there is no existing business relationship and the recipient has not specifically opted to receive the messages. However, senders must honor the requests of recipients to remove them from a sender’s mailing list.
Source: ITU Survey on Anti-Spam Legislation Worldwide 2005. |
ENDNOTES
1 For additional information, the OECD published a document to aid countries either considering the development of an anti-spam regime, wishing to review existing regulations, or looking to improve cross-border regulatory frameworks in the development and review of anti-spam regulation strategies. See Anti-Spam Regulation, OECD Task Force on Spam, 15 November 2005, available at http://www.oecd.org/dataoecd/29/12/35670414.pdf. The ITU has launched a cybersecurity gateway with additional resources and links to information on national and international cybersecurity related initiatives worldwide, available at http://www.itu.int/cybersecurity/index.html. A joint initiative to gather information and resources on combating spam known as the Stop Spam Alliance was undertaken by Asia-Pacific Economic Cooperation (APEC), the EU’s Contact Network of Spam Authorities (CNSA), the ITU, the London Action Plan, the OECD and the Seoul-Melbourne Anti-Spam group, available at http://stopspamalliance.org/.
2 Spam Issues in Developing Countries, OECD Task Force on Spam, 26 May 2005, at 7.
3 ITU Survey on Anti-Spam Legislation Worldwide, 2005, available at
http://www.itu.int/osg/spu/spam/legislation/Background_Paper_ITU_Bueti_Survey.pdf.
4 Directive 2002/58/EC of the European Parliament and of the Council of 12 July 2002 concerning the processing of personal data and the protection of privacy in the electronic communications sector (Directive on Privacy and Electronic Communications).
5 The OECD Anti-Spam Toolkit is available at www.oecd-antispam.org
6 The ITU survey was sent to 189 ITU member states, and these survey results are based on the 58 responses received.
See http://www.itu.int/osg/spu/newslog/ITU+Global+Survey+Of+AntiSpam+Laws+And+Authorities.aspx
7 John G. Palfrey, Chapter 7: Stemming the International Tide of Spam, in International Telecommunication Union, Trends in Telecommunication Reform: Regulating in the Broadband World, (2006), available at http://www.itu.int/ITU-D/treg/publications/Chap%207_Trends_2006_E.pdf.
8 Id.
9 Id.