LawMeme LawMeme Yale Law School  
LawMeme
Search LawMeme [ Advanced Search ]
 
 
 
 
Spam Laws Worldwide: UK
Posted by Rebecca Bolin on Wednesday, June 16 @ 02:15:56 EDT Spam
Many people (including myself) have been watching how the UK’s December 2003 spam legislation has developed. Though there was little hope for it at the time, it seems the situation is now out of control, and no one believes the UK legislation (though based on the strong EC Directive) will do much at all.
(continued. . .)

The UK passed its Privacy and Electronic Communications (EC Directive) Regulations 2003 in September 2003. They went into effect in December 2003, only slightly after the deadline established by the Directive on Privacy and Electric Communications, Council Directive 2002/58/EC, art. 13, 2002 O.J. (201) 37 (previously covered here).

This legislation, like the directive, covers many issues including faxes, security, itemized billing and more. The EC directive was strong, requiring an opt-out for existing relationships and opt-in for others. Section 22(2) codifies the opt-in requirement, and22(3) codifies the opt-out for marketers who obtained the address through a sale and markets "in respect of that person's similar products and services only." Section 23 forbids forged headers for messages sent under Section 22 and requires a valid opt-out address, though it is unclear if this address is physical.

There is no doubt that the UK requirements are strong on paper. They are, after all, based on the restrictive EC directive. The problems seem to stem from enforcement and interpretation.

Section 30(1) has a vague private right of action. "A person who suffers damage by reason of any contravention of any of the requirements of these Regulations by any other person shall be entitled to bring proceedings for compensation from that other person for that damage." Since a person must bring proceedings, an ISP cannot sue, but it is unclear whether an individual could. This debate is solved, however, by Section 30(2), which offers an affirmative defense of "such care as in all the circumstances was reasonably required to comply with the relevant requirement." In this case, care to keep to only business addresses, which aren’t received by "individuals" under the statute could be enough to defend any claim. The statute only offers compensation for damages, which to any individual person will be low.

Section 32 offers the preferred method of enforcement. Persons or the Office of Communications can request that the Information Commissioner enforce the regulations.

A person’s Section 32 rights to request enforcement can be exercised using the Information Commisioner’s Office’s online form to report violations, but it must be completed on paper and mailed in, even requiring a stamp. This five page beast of a form helpfully notes that "[i]n most instances we cannot pursue a complaint if we are unable to identify the sender." It then asks for the name, address, phone number, website, and e-mail address of the alleged offender. It does not, however, ask for the actual mail received, not to mention, say, the header or routing information. These complaints most likely accomplish nothing for the dedicated folks who fill it out or for the poor folks who have to process them. Compare this system to the sleek Australian complaint form, complete with stellar guide to what is legal. Even the vague FTC multi-purpose CAN-SPAM-and-all-other-complaint form is better; at least it is electronic.

In the UK, it looks like some dedicated bloke must transcribe an entire e-mail or set of e-mails and them wait for the Information Commissioner to get around to issuing a warning and then some sort of fine. We're all still waiting.

Even before the regulations, the Commissioner warned that it did not have enough funding to carry out responsibilities under the new laws. These predictions were correct. Though the law threatens fines for non-compliance, seven months later, none have been issued.

Now, spam operations are shifting to the UK, where spam policy is perceived as lax. At least one Italian spam operation has already made the switch after Italy made spam a criminal offense. After the UK’s regulations went into effect in Decmeber 2003, it edged out unregulated India for the #10 spot in global spam, where it still ranks. UK users are frustrated that their legal solution is doing nothing to stop even domestic or other European spam. Many are second-guessing the policies of delegating enforcement to a failing agency and allowing spam directed at business addresses, which are not statutorily individuals. Reform to UK spam policy is likely to start with these issues, especially if the Information Commissioner does not act soon.

For more countries, see the Spam Around the World index.

 
Related Links
· More about Spam
· News by Rebecca Bolin


Most read story about Spam:
Consenting to Gmail Spam

Options

 Printer Friendly Page  Printer Friendly Page

 Send to a Friend  Send to a Friend

Threshold
  
The comments are owned by the poster. We aren't responsible for their content.

Leges humanae nascuntur, vivunt, moriuntur
Human laws are born, live, and die

Contributors retain copyright interests in all stories, comments and submissions.
The PHP-Nuke engine on which LawMeme runs is copyright by PHP-Nuke, and is freely available under the GNU GPL.
Everything else is copyright copyright 2002-04 by the Information Society Project.

This material may be distributed only subject to the terms and conditions
set forth in the Open Publication License, v1.0 or later.
The latest version is currently available at http://www.opencontent.org/openpub/.

You can syndicate our news with backend.php



Page Generation: 0.073 Seconds