Feeds

UK anti-spam law goes live

Will it work?

  • alert
  • submit to reddit

Beginner's guide to SSL certificates

Analysis New UK anti-spam laws coming into effect tomorrow will have limited effect in turning the tide in the fight against junk mail, according to lawyers and security experts.

Revised UK regulations will mean online marketers can send e-mail pitches and SMS messages only to consumers who have agreed beforehand to receive them, except where users are existing customers of a particular company. So, for consumers at least, the UK government is applying the 'opt-in' approach to regulating spam.

Corporations can still be approached 'cold' with email pitches but in these instances emails must have an opt-out clause.

The Office of the Information Commissioner will enforce the new regulations. Any breaches of enforcement orders issued by the Information Commissioner will be an offence liable to a fine of up to £5,000 in a magistrate's court, or an unlimited fine if the trial is before a jury.

That's an inadequate deterrent, according to critics such as Spamhaus, which compare the anti-spam laws to tougher anti-spam laws in countries like Italy. Italy has enacted tough anti-spam legislation that makes spamming a criminal offence punishable by up to three years in jail and heavy fines for persistent spammers.

Figures vary but AV firms like Sophos and MessageLabs have both warned that between a third to two-thirds of spam is sent from 'hijacked' computers, a factor which makes tracing and prosecuting spammers far more difficult.

Meanwhile lawyers argue the new UK regulations might do more harm than good.

David Marchese, partner at West End law firm Davenport Lyons, said: “Although the new law is very significant it will have more of an effect for responsible email marketing companies than it will for those who are irresponsible. It may even help irresponsible spammers by making people confirm live email addresses."

Disunited Europe

The revised UK rules put regulations outlined in the EC's Directive on Privacy and Electronic Communications onto the statute books in this country. The directive obliged individual EC member states to introduce anti-spam laws by October 31.

However nine member nations of the 15 country European Union have so far failed to adopt anti-spam legislation. France, Germany, Belgium, Finland, Greece, Luxembourg, the Netherlands, Portugal and Sweden all face possible court action unless they provide an explanation on their lack of progress within the next two months.

Austria, Denmark, Ireland, Italy, Spain and the UK have already taken steps to adopt the EU law, which also requires firms using cookies and similar internet tracking devices to "provide information" on their use and an opportunity for users to refuse to accept cookies.

Jamie Cowper, technical consultant at email specialist Mirapoint, welcomes laws to combat spam, but questions the effectiveness of the EU Directive.

"The effectiveness of the Directive is hampered by the fact that it allows various interpretations of the law across the individual member states. This soft 'opt in' approach effectively hamstrings any power that the Directive might have," he said.

"Email users should not expect to see a huge impact on the volume of junk email they receive as a result of this kind of fragmented legislation. In fact, the impact will be minimal."

Global problem needs global co-operation

Spam volumes have increased to account for half of all emails sent over the latter months of this year.

Mirapoint estimates that 60 per cent of UK junk mail originates from outside the UK and Europe, primarily from the USA and Asia. So it is important that the EU member states lobby for this issue to be addressed on a global scale.

Security firm CipherTrust supports this assessment by arguing that anti-spam legislation will become effective and enforceable only through international cooperation. But the US anti-spam law (the CAN-SPAM Act) take a soft stance on spammers by placing the onus on the recipient to opt out of unsolicited communications, which raise serious doubts about the possibility of reaching international consensus on the problem.

Nonetheless CipherTrust reckons only a three-pronged approach - combining legislation, user education and technology - will stand any chance of bringing the spam problem under control.

The company draws an analogy between car thieves and spammers.

"It is illegal to steal cars. Still, cars have locks and alarms. Likewise, it is illegal to send spam, but to protect an email inbox, anti-spam technology will be required," according to CipherTrust. ®

Related Stories

Congress passes anti-spam bill
US anti-spam laws 'will legalise spam'
UK Govt fouls up anti-spam plans, say experts
Dangerous Mimail variant knocks over anti-spam sites
Microsoft aims to 'shift the tide' in war on spam
The conspiracy against our in-boxes
The economics of spam
US man threatens anthrax attack on spammers

Security for virtualized datacentres

More from The Register

next story
Phones 4u slips into administration after EE cuts ties with Brit mobe retailer
More than 5,500 jobs could be axed if rescue mission fails
Hey, Scots. Microsoft's Bing thinks you'll vote NO to independence
World's top Google-finding website calls it for the UK
Apple CEO Tim Cook: TV is TERRIBLE and stuck in the 1970s
The iKing thinks telly is far too fiddly and ugly – basically, iTunes
Israeli spies rebel over mass-snooping on innocent Palestinians
'Disciplinary treatment will be sharp and clear' vow spy-chiefs
Huawei ditches new Windows Phone mobe plans, blames poor sales
Giganto mobe firm slams door shut on Microsoft. OH DEAR
Phones 4u website DIES as wounded mobe retailer struggles to stay above water
Founder blames 'ruthless network partners' for implosion
Found inside ISIS terror chap's laptop: CELINE DION tunes
REPORT: Stash of terrorist material found in Syria Dell box
OECD lashes out at tax avoiding globocorps' location-flipping antics
You hear that, Amazon, Google, Microsoft et al?
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.
Security and trust: The backbone of doing business over the internet
Explores the current state of website security and the contributions Symantec is making to help organizations protect critical data and build trust with customers.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.