The Council Working Group
on International Internet-Related Public Policy Issues invites all stakeholders
to provide input on international public policy issues related to effectively countering and combatting spam.
In responding to this consultation, the UK supports the approach that public policy
issues require engagement, input and decision making from all
stakeholders. The UK notes with concern
the apparent duplication that exists in various activities, and believes that
new issues should only be initiated if no other study or activity is already
The UK’s response was agreed using its
Multi-stakeholder Advisory Group (UK MAG) with involvement from Industry,
Academia, Civil Society as well as Government.
The issue of SPAM is multi-faceted and
spans various areas of responsibility, including those associated with legal
and operational activities. This is made
additionally complex when different technologies are used in its distribution,
and when considered from the aspect of a number of stakeholders. This latter point is based on the principle
identified above, namely that all stakeholders impacted by whatever is defined
as SPAM have a valid role to play.
International Public Policy issues
associated with SPAM must be discussed within the context of the technological,
legal and operational framework in which it may originate and terminate. Any discussion has to take full account of
both the technological and operational aspects of SPAM An approach that
considers either of those elements in isolation is not tenable.
Irrespective of the technology, and the
point in a communication channel (origin, termination or transit) where SPAM
occurs, it may be considered unsolicited and to occur in bulk. Sent without provision of a recipient’s
agreement to receive an email, is this an issue? One aspect that may raise
issues for the recipient could be the anonymity of the origin, although this
alone appears insufficient to declare text unwarranted. It appears that “bulk” also contributes – but
how is bulk defined? Is it 10 unsolicited
communications? a 100? a 1000? Until this question is answered in each context,
then what constitutes SPAM remains an issue.
Until now the issue has been referred to as
SPAM. However as indicated previously,
it is multi-faceted problem. . Each instance
needs to be clearly identified and understood before public policy issues
(national or international) can be considered.
A detailed examination of the issues
related to SPAM clearly shows the complexity of the problem, which a more
generalised assessment often conceals. One can describe numerous communications
using email that place the recipient at
risk by sharing personal information (phishing), alternatively one can describe
numerous communications using SMS offering access via a URL for the recipient
to claim a free gift (distributing malware), one can also describe numerous
scenarios which result in the perpetration of fraud. Each of these may be
considered “SPAM” but they are different and distinct.
In each description that can be developed,
the role and action of each party involved needs to be fully understood; the
originator of the message, the network operator across which the message
originates, the network operator across which the message transits, the entity
responsible for equipment that is used, as well as all legal and technical impositions
and limitations. In most cases, activity is already underway to address
specific issues. Two examples can be cited. GSMA is addressing the issue of
Malware being distributed through SMS.
IETF has provided guidance for email system administrators to address
their system being used without traceability.
Given that privacy and fraud in most
countries is already dealt with under national law, little appears to be
required under International policy aspects.
From our analysis there appear to be two
aspects that do require further discussion.
The first is to determine what is meant by the term ‘bulk’. The second is how to address problems that
currently prevent originators of email being able to ensure that they are doing
so in a manner in which they can assert that the intended recipient has given
their consent, in other words it has been solicited.
The nature of consent is defined in
national law and therefore Member States should be encouraged to ensure that
such consent is obtained prior to distribution of messages.