Feeds

UK anti-spam law goes live

Will it work?

  • alert
  • submit to reddit

3 Big data security analytics techniques

Analysis New UK anti-spam laws coming into effect tomorrow will have limited effect in turning the tide in the fight against junk mail, according to lawyers and security experts.

Revised UK regulations will mean online marketers can send e-mail pitches and SMS messages only to consumers who have agreed beforehand to receive them, except where users are existing customers of a particular company. So, for consumers at least, the UK government is applying the 'opt-in' approach to regulating spam.

Corporations can still be approached 'cold' with email pitches but in these instances emails must have an opt-out clause.

The Office of the Information Commissioner will enforce the new regulations. Any breaches of enforcement orders issued by the Information Commissioner will be an offence liable to a fine of up to £5,000 in a magistrate's court, or an unlimited fine if the trial is before a jury.

That's an inadequate deterrent, according to critics such as Spamhaus, which compare the anti-spam laws to tougher anti-spam laws in countries like Italy. Italy has enacted tough anti-spam legislation that makes spamming a criminal offence punishable by up to three years in jail and heavy fines for persistent spammers.

Figures vary but AV firms like Sophos and MessageLabs have both warned that between a third to two-thirds of spam is sent from 'hijacked' computers, a factor which makes tracing and prosecuting spammers far more difficult.

Meanwhile lawyers argue the new UK regulations might do more harm than good.

David Marchese, partner at West End law firm Davenport Lyons, said: “Although the new law is very significant it will have more of an effect for responsible email marketing companies than it will for those who are irresponsible. It may even help irresponsible spammers by making people confirm live email addresses."

Disunited Europe

The revised UK rules put regulations outlined in the EC's Directive on Privacy and Electronic Communications onto the statute books in this country. The directive obliged individual EC member states to introduce anti-spam laws by October 31.

However nine member nations of the 15 country European Union have so far failed to adopt anti-spam legislation. France, Germany, Belgium, Finland, Greece, Luxembourg, the Netherlands, Portugal and Sweden all face possible court action unless they provide an explanation on their lack of progress within the next two months.

Austria, Denmark, Ireland, Italy, Spain and the UK have already taken steps to adopt the EU law, which also requires firms using cookies and similar internet tracking devices to "provide information" on their use and an opportunity for users to refuse to accept cookies.

Jamie Cowper, technical consultant at email specialist Mirapoint, welcomes laws to combat spam, but questions the effectiveness of the EU Directive.

"The effectiveness of the Directive is hampered by the fact that it allows various interpretations of the law across the individual member states. This soft 'opt in' approach effectively hamstrings any power that the Directive might have," he said.

"Email users should not expect to see a huge impact on the volume of junk email they receive as a result of this kind of fragmented legislation. In fact, the impact will be minimal."

Global problem needs global co-operation

Spam volumes have increased to account for half of all emails sent over the latter months of this year.

Mirapoint estimates that 60 per cent of UK junk mail originates from outside the UK and Europe, primarily from the USA and Asia. So it is important that the EU member states lobby for this issue to be addressed on a global scale.

Security firm CipherTrust supports this assessment by arguing that anti-spam legislation will become effective and enforceable only through international cooperation. But the US anti-spam law (the CAN-SPAM Act) take a soft stance on spammers by placing the onus on the recipient to opt out of unsolicited communications, which raise serious doubts about the possibility of reaching international consensus on the problem.

Nonetheless CipherTrust reckons only a three-pronged approach - combining legislation, user education and technology - will stand any chance of bringing the spam problem under control.

The company draws an analogy between car thieves and spammers.

"It is illegal to steal cars. Still, cars have locks and alarms. Likewise, it is illegal to send spam, but to protect an email inbox, anti-spam technology will be required," according to CipherTrust. ®

Related Stories

Congress passes anti-spam bill
US anti-spam laws 'will legalise spam'
UK Govt fouls up anti-spam plans, say experts
Dangerous Mimail variant knocks over anti-spam sites
Microsoft aims to 'shift the tide' in war on spam
The conspiracy against our in-boxes
The economics of spam
US man threatens anthrax attack on spammers

High performance access to file storage

More from The Register

next story
Dropbox defends fantastically badly timed Condoleezza Rice appointment
'Nothing is going to change with Dr. Rice's appointment,' file sharer promises
Audio fans, prepare yourself for the Second Coming ... of Blu-ray
High Fidelity Pure Audio – is this what your ears have been waiting for?
Did a date calculation bug just cost hard-up Co-op Bank £110m?
And just when Brit banking org needs £400m to stay afloat
Sorry London, Europe's top tech city is Munich
New 'Atlas of ICT Activity' finds innovation isn't happening at Silicon Roundabout
MtGox chief Karpelès refuses to come to US for g-men's grilling
Bitcoin baron says he needs another lawyer for FinCEN chat
Zucker punched: Google gobbles Facebook-wooed Titan Aerospace
Up, up and away in my beautiful balloon flying broadband-bot
Apple DOMINATES the Valley, rakes in more profit than Google, HP, Intel, Cisco COMBINED
Cook & Co. also pay more taxes than those four worthies PLUS eBay and Oracle
prev story

Whitepapers

Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
SANS - Survey on application security programs
In this whitepaper learn about the state of application security programs and practices of 488 surveyed respondents, and discover how mature and effective these programs are.