New laws to tackle the spammers

Lawyer Sarah Ahmad explains how new legislation could help fight spam.

Lawyer Sarah Ahmad explains how new legislation could help fight spam.

Unsolicited commercial e-mail, or spam, is a growing problem for companies that rely on e-mail for business operations. Daily, millions of pounds are lost as a result of the extra staff hours, lower productivity and lost business opportunities that arise from attempting to stem the tide of this seemingly unstoppable flow of junk mail.

Despite the growing sophistication of spam filters, research suggests that the problem is getting worse. Statistics from e-mail security firm MessageLabs show that the ratio of spam to legitimate e-mail in the UK rocketed from 24.5% in January to 36.3% by March, and it is likely to exceed 50% this month.

MessageLabs has also revealed that the IT and telecoms industry has been one of the hardest hit, with one in every 2.66 e-mails received in May being spam.

In the US, where the problem has reached epidemic proportions, government and industry have been fighting back with lawsuits and tough anti-spam laws. AOL was awarded £4.3m in damages in December 2002 against a Florida-based spamming company that sent one billion unwanted e-mails to AOL members touting adult websites. Many states have introduced anti-spam legislation. In Virginia, for example, it is illegal for anyone to send more than 10,000 unsolicited messages a day.

The European Union has also sought to address this problem by adopting the European Directive on Privacy and Electronic Communications. This will make unsolicited e-mails illegal across member states and must be implemented in the UK by 31 October.

The directive prevents the use of e-mail for direct marketing purposes, except with prior consent or where there is an existing customer relationship. In addition, the use of cookies and other such tracking devices must be clearly identified and consumers given the choice to refuse or accept them.

Even though UK legislation to implement the directive has yet to be enacted, businesses can still take action against the menace of spam. Last month, the Advertising Standards Authority (ASA), introduced amendments to the British Code of Advertising, Sales Promotion and Direct Marketing to take account of the provisions of the European directive. The amendments state that before unsolicited e-mail can be sent, explicit consent is required unless there is an existing customer relationship.

UK businesses therefore, at last, have an immediate weapon at their disposal through the ASA and the promise of tougher laws before the end of October. Complaints to the ASA must be made in writing within three months of the appearance of the unsolicited communication and are investigated free of charge.

The ASA can take interim action to ensure that unsolicited communications are amended or withdrawn and can impose sanctions or refer the matter to the Office of Fair Trading.

Claire Forbes of the ASA said the organisation expects to receive more complaints in light of the new amendments. However, she warned against interpreting the recent amendments as a total solution. "This is not about stopping spam," she said. "However, the amendments will make sure that UK consumers receive less unsolicited e-mail."

Sceptics have said that since most spam is untraceable or originates from outside the EU, the upcoming legislation will have little effect. Spamming is a lucrative business and professional spammers are unlikely to see compliance with legislation as a major distraction. However, the legislation may at least provide the IT industry with the means for bringing a substantial financial claim against spammers, which should help focus their minds and deter would-be junk-mailers.

Sarah Ahmad is a senior associate at international law firm Allen &Overy.

Read more on IT risk management