EurActiv Logo
 
24 November 2009
Breaking News:
News

Commission draws knives on spam[fr][de

Published: Monday 27 November 2006    | Updated: Monday 4 December 2006   

In spite of legislation outlawing unsolicited commercial email, almost a third of the world's spam originates in the EU. Time for enforcement, says the Commission.

Background:

Conservative estimates say that 54% to 85% of the 6 billion emails sent worldwide every day are spam. In business environments, where email addresses are hard to withhold, it has become common for the spam rate to exceed 90%. Five years earlier, spam accounted for just 7% of global email traffic. 

The worldwide damage caused by spam due to decreased worker and computer equipment productivity and costs for filtering software and its maintenance is estimated to be around €39 billion worldwide a year. Germany alone reported costs of €3.5 billion in 2005. 

In the EU, the 2002 Directive on the processing of personal data and the protection of privacy in the electronic communications sector (the 'e-Privacy DirectivePdf external ') introduced the 'opt-in' principle, according to which "the use of automated calling systems without human intervention (automatic calling machines), facsimile machines (fax) or electronic mail for the purposes of direct marketing may only be allowed in respect of subscribers who have given their prior consent". Spam, defined as "unsolicited commercial email" was thus outlawed. The same applies to all emails trying to disguise the true identity of the sender. Member states have an obligation to enforce the ban. 

Nevertheless, according to recent figuresexternal , 32% of the world's spam originates in one of the 25 EU countries, with France (6.3%) taking the lead before Spain (5.8%), Poland (4.8%) and Italy (4.3%). Only Asia produces slightly more spam (34.1%) than Europe, North America is at the origin of 24.2% of worldwide spam. 

Spammers use numerous tricks to fool spam-detection software, the latest tendency being picture spam, which now accounts for around one third of all spam. Spam is also getting more malicious, with the number of 'phishing' attacks, which attempt to harvest users' bank or credit-card account details, on the rise. Increasingly, spammers 'hijack' computers by infecting them with malware, which is then used to send out spam, hiding the spammer's true identity. Over 50% of spam is being sent out over 'botnets' made up of infected computers termed 'zombies'. 

The Commission adopted, on 15 November 2006, a CommunicationPdf external on fighting spam, spyware and malicious software. In the document, the Commission says that enforcement of existing legislation is the crucial step to be taken to reduce spam. 

These claims are supported by the examples of Finland and the Netherlands, both of which countries have brought spam down from around 80% to around 30%, using strict enforcement against spammers. The Commission stressed especially the relatively small investment of just five dedicated employees and €570,000 in new equipment that was needed in OPTAexternal , the Dutch regulatory authority, to significantly reduce spam. 

Other countries, and notably the five EU countries which are on the list of the top twelve spam originator countries in the worldexternal , have done little, and in some cases even nothing at all, to stop spam.

The Commission considers 

  • a strong commitment by central government to fight on-line malpractices;
  • clear organisational responsibility for enforcement activities, and; 
  • adequate resources for the enforcement authority 

to be critical success factors in combating spam, adding that "actions should in particular address 'professional' spammers, phishers and the spreading of spyware and malware". It says that the cited success factors "are not present in all member states". 

The Commission recalled that some actions by spammers, such as the creation of zombies and botnets and setting up fraudulent websites for phishing attacks fall under criminal law. It criticised that "to date, the increasingly entwined criminal and administrative aspects of spam and other threats have not been reflected in a corresponding growth of cooperation procedures in member states that brings together the technical and investigative skills of different agencies".

The Commission called on member states and competent authorities to: 

  • lay down clear lines of responsibility for national agencies involved in fighting spam - ensure effective coordination between competent authorities; 
  • involve market players at national level, drawing on their expertise and available information; 
  • ensure that adequate resources are made available to enforcement efforts - subscribe to international cooperation procedures and act on requests for cross border assistance;

on companies to:

  • ensure that the standard of information for the purchase of software applications is in accordance with data protection law; 
  • contractually prohibit illegal use of software in advertisements, monitor how advertisements reach consumers and follow up on malpractice, and;

on e-mail service providers:

 

  • to apply a filtering policy which ensures compliance with the recommendation and guidance on e-mail filtering.

It committed to

  • continue efforts to raise awareness and foster co-operation between stakeholders;
  • continue to develop agreements with third countries including the issue of the fight against spam, spyware and malware;
  • aim to introduce new legislative proposals at the beginning of 2007 that strengthen the rules in the area of privacy and security in the communications sector and present a policy on cyber crime;
  • involve ENISA expertise in security matters, and;
  • support research and development on combating spam, spyware and malicious software in its FP7 program. 

Links

Advertising
Agenda
  1. 7 - 9 December 2009
    ECTA's 10th anniversary Regulatory Conference
  2. 9 December 2009
    ETNO Cool Connections event – Brussels, Marivaux Hotel
Communicate your event
Advertising