Regulators aim to turn the tide on spam

Net regulators from around the globe ended last week's antispam conference in Geneva with a pledge to try to turn the tide of...

Net regulators from around the globe ended last week's anti spam conference in Geneva with a pledge to try to turn the tide of unsolicited commercial e-mail into a trickle - if not dam it altogether.

At the first global meeting of government representatives to address spam, sponsored by the International Telecommunication Union (ITU), regulators from 60 countries agreed on the need to introduce legislation and embrace technology designed to curb unwanted e-mail, phishing and other forms of electronic fraud.

"We have a resolve to move forward on a global basis to attack spam and abuse of the internet," said Robert Horton, of the Australian Communications Authority and chairman of the meeting, a unit of the United Nations.

"This is an important start to solving a problem that is costing businesses and consumers over $25bn (£13.4bn) a year and could easily reach into the trillions if it destroys the internet methods of the banking industry."

Around 80% of all e-mail today is estimated to be spam, according to the ITU.

A key first step, Horton said, is to have all countries introduce some form of anti spam legislation and appoint a regulator.

"If we can achieve this around the world, then we will have the foundation for a future global Memorandum of Understanding," he said. Only about 35 countries, primarily English-speaking developed nations, have introduced anti-spam laws, he said.

However, almost all countries, including Africa, have shown interest in stemming the tide of spam and the use of e-mail to install spyware, spread viruses and steal sensitive information through phishing scams.

"Even the poorest countries in the world see the internet as their passport into a better life, in terms of the social, economic and educational opportunities that it brings," Horton said.

"Spam is weighing down on these countries because they don't have the economic investment available to control this problem to the same extent as developed countries."

Delegates at the three-day conference asked the ITU's development sector to help to draft model legislation from different case studies, according to Horton.

"We don't know which legislation is best but that doesn't really matter; as long as some remedial action is available," he said. "In time, we will learn what is the best regulatory solution."

While the ITU maintains relations with 189 countries, including all developing countries, the OECD already has compiled some "useful resource material" and put together a "tool kit" on implementing legislation

Horton referred to recent remarks by Bill Gates, chairman and chief software architect of Microsoft, that it aims to include spam filters and other security features in its e-mail technology within two years. The Australian regulator pointed to anti-spam announcements from other IT suppliers as well.

Within the same two-year period, a regulatory infrastructure should also be in place, Horton said, so that together with a technical  fix, a basis will exist to help "eradicate a fundamental threat to the information age".

However, several flanking measures are also needed in the battle against spam, he added. These include:

  • support from industry players, such as ISPs and mobile phone companies offering new e-mail services
  • consumer education to prevent users from clicking on URLs in e-mail messages that ask for confidential information
  • international co-operation at all levels, from government and industry to consumer, business and anti spam groups.

"We need ISPs to come together with ethical codes of conduct, which they can supervise because they are the control merchants in this international network - their co-operation is essential," Horton said.

As for international co-operation, Horton has called the ITU and OECD to collaborate in developing a global framework with numerous other global groups, including the International Consumer Protection and Enforcement Network (ICPEN) and the Internet Society.

Measures recommended by officials at the conference will be published in a report that will be forwarded to the working group on spam preparing for the second World Summit on the Information Society (WSIS) in Tunisia in November 2005.

John Blau writes for IDG News Service

Read more on IT risk management