Feeds

Telecoms reform tabled as EU plots spam clampdown

Italy praised and UK shamed over enforcement

3 Big data security analytics techniques

The European Commission is calling on tougher action to fight spammers and protect online privacy.

A Commission-funded study found that enforcement action against junk mailers across the EU is inconsistent. It wants to see spam laws tightened up, alongside "clearer and more consistent enforcement rules", funds to support national privacy watchdogs and better cross-border cooperation.

Brussels securitycrats also want to see spammers and spyware slingers dragged into market squares, put in stocks and pelted with rotten vegetables to face tougher sanctions.

"Although since 2002, European law has prohibited spam and spyware, on average 65 per cent of EU citizens are still affected by spam on a regular basis," said Viviane Reding, EU commissioner for information society and media. "We need to step up our fight against spammers and make sure that the EU adopts legislation that provides for strong civil and criminal sanctions against spammers. I call on EU countries to reinforce their national efforts to fight on-line privacy threats such as spam, spyware and malicious software."

An EU-funded study, published on Thursday, included an analysis of more than 140 enforcement cases from 22 Member States, and demonstrated big differences between in spam enforcement. The largest numbers of cases were reported in Spain (39), Slovakia (39) and Romania (20). The highest fines were imposed in the Netherlands (€1,000,000), Italy (€570,000) and Spain (€30,000). By contrast, convicted spammers in countries such as Romania, Ireland, and Latvia received paltry fines ranging from hundreds to several thousand Euros.

Zul ponts

From the point when national anti-spam laws were on the drawing board it was clear that Italy and The Netherlands, for example, had decent enforcement regimes while the UK's proposals had been watered down by direct marketing lobbyists. Experts like Spamhaus were ignored, and the UK ended up with a law that didn't apply to spam messages sent to business email addresses and existed without adequate enforcement.

The EU release lists the number of enforcement actions across 14 European countries. Britain doesn't merit a mention because there's nothing to report on spam prosecutions.

UK spammers have been prosecuted for other crimes carried out while spamming, but not for the act of simply sending out junk mail. For example, Peter Francis-Macrae - reputedly the UK's biggest spammer - was jailed for six years back in 2006 after he was convicted on a variety of charges, ranging from fraud and blackmail to making threats to kill.

United front

The battle against online threats is assisted by a combination of prevention, enforcement and raising public awareness. Regulators have the key role of coordinating efforts across borders and stimulating cooperation between public and private organisations.

The EU study found the level of cooperation differed markedly between different EU countries. Cooperation agreements exist in Belgium, Cyprus, Estonia, France, Germany, Italy, Latvia, Lithuania, the Netherlands, Romania and the UK, while Luxembourg and Malta, for example, rely on informal ties.

Reform of the EU's telecoms rules proposed by the Commission (under consideration by the European Parliament and the Council) aims to tighten up enforcement of privacy rules. According to these rules, "penalties for breaking national laws on online privacy should be effective, proportionate and dissuasive". Providing the rules pass, EU countries would also be obliged to allocate adequate resources to national enforcement authorities. The new rules also entitle ISPs to take legal action against spammers that abuse their networks.

Separately, the European Commission is negotiating an agreement with the US on cross border cooperation for the enforcement of consumer protection laws. Spam enforcement would form part of this agreement and is important, because industry figures cited by the EU suggest one in six spam emails are sent from the US.

More information on the study, including assessments of progress in each EU country, can be found here, and via links in a press statement here. ®

3 Big data security analytics techniques

More from The Register

next story
Obama allows NSA to exploit 0-days: report
If the spooks say they need it, they get it
Samsung Galaxy S5 fingerprint scanner hacked in just 4 DAYS
Sammy's newbie cooked slower than iPhone, also costs more to build
Putin tells Snowden: Russia conducts no US-style mass surveillance
Gov't is too broke for that, Russian prez says
Snowden-inspired crypto-email service Lavaboom launches
German service pays tribute to Lavabit
Mounties always get their man: Heartbleed 'hacker', 19, CUFFED
Canadian teen accused of raiding tax computers using OpenSSL bug
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
Call of Duty 'fragged using OpenSSL's Heartbleed exploit'
So it begins ... or maybe not, says one analyst
Heartbleed exploit, inoculation, both released
File under 'this is going to hurt you more than it hurts me'
prev story

Whitepapers

Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.