Is The Spam Act 2003 in Protecting the Public Against Spam or Are Other Solutions Required - Research Paper Example

Spam is ………………? Is the spam Act 2003(cth) ………in protecting the public against spam, or are other solutions required? Internet has made the world virtually a global village undreamt of fifteen years ago. Electronic messages have enabled instant communication among the people of the world with such a lightning speed making the people a close-knit community. Besides, it has made the commerce with the people sitting at the extreme ends of the globe concluding deals as if doing it across the table without time loss. Not only has the trade been benefited a lot by the faster communication but also the people’s well being has improved phenomenally. Earlier the density of telephonic network in a country used to be the index of its wealth. It has been replaced by the internet and E-mail which are even more flexible, far less costly and far easier to install. Because of the free availability like air and water, the internet and e-mail have come to be abused with the result one gets more (innumerable) unsolicited E-mails than one actually looks for. The indiscriminate sending of unsolicited email is known as spamming in the internet industry. The spamming activity is a global phenomenon with spammers choosing to send unsolicited e-mails through a global network of computers affected by virus without the knowledge of the owners of the computers. Governments all over the world have realised the importance of the internet and acting together to contain the menace of unsolicited e-mails which not only create congestion in the internet traffic but also intrude into the privacy of email account holders by sending them unwanted and undesirable including obscene emails. Australia is not alone. As early as in 2004, the Government of Australia took steps in containing this menace with the objective of not losing the benefits of the Golden Goose of the internet by abuse of the spammers (Haydon, 2004) Electronic messages sent indiscriminately without receiver’s consent clog the mailboxes at the workplace and the employees’ time and productivity are wasted in clearing the unwanted mails. It has been estimated by Nucleus Research spamming affects 1.4 % of employee productivity equivalent to $ 874 per employee in one year (Australian Computer Society, 2004). How Australia has been tackling this problem will be seen below. Australian approach As a part of its five stage strategy, Australia enacted its Spam Act 2003 which came into force from April 2004. It makes illegal to send commercial electronic messages with an Australian link. The mediums of sending the messages such as email, instant messages, SMS and MMS are prohibited by this legislation Thus, messages through facsimile or voice telephones are not prohibited. The commercial electronic messages must include correct address of the sender and should have an unsubscribing feature in place. As there is no measure of volume of a spam message, even a single electronic message can be treated as a spam. The Spam Act also does not allow supply, use and acquisition of address-harvesting software for the use of sending spam message. Violation of Spam Act 2003 and Spam Act (Consequential Amendments Act 2003 entails civil penalties (Haydon, 2004) Five stages strategy are 1) Legislation at the national level to contain spam with Australian link; 2) Apprising email users who are consumers and businesses to comply with the Spam Act and to reduce the volume of spam mails or messages they receive. 3) Encouraging development of technological solutions to contain spam by proper support; 4) Collaboration with e-marketing and internet service providing industries; and 5) Cooperation at the international level (Haydon, 2004) Australia’s Stand on Spam Estimates by the Message Labs puts spam volumes at 76 % of the incoming mails. The report of 2004 says that the volume of spam has increased four times in the previous two years. At this rate, the spamming levels are expected to increase to 90% of the incoming mail. Spam must be combated both by legal means as well as technological means. First, the technical measures are taken up. Four technical measures against spam are prevention, SPF, blacklisting and filtering (Malcolm, 2004, p 39). Prevention can be implemented by the end users and ISPs. While “end users can patch their Windows systems and open relays or proxies and also install antivirus software, ISPs can do the same on their networks, and contain the suspicious stream of outgoing mails form their users and block the SMTP port of their users’ own machines.”(Malcolm, 2004, p 39). Secondly, the technique SPF i.e Sender Policy Framework has been suggested. It is a method of countering forgery of email domains by the spammers. Anti-Spam technical Alliance having the membership of Microsoft, Yahoo, EarthLink, AOL have already been supporting its implementation. Just like Microsoft’s Caller-ID email scheme, this method will reject the mail if it comes from a different IP address from what has already been stored in the receiver’s server. However SPF can only prevent a forged IP address (Malcolm, 2004, p 39). The third technical measure is Blacklisting intended to block spam mails from the known spammer owned servers. However, since the spammers use prepaid Internet accounts for sending spam they cannot be black listed without producing false positives. To make it harder on the spammers, the ISPs and email servers are making the process of registration for disposable internet accounts more stringent. The fourth being Filtering, it can be done by four methods known as heuristic, bayesian, dictionary and finger printing. Heuristic method copies the headers of email messages to check for the likelihood of being spam mails. Bayesian filtering uses statistical method to enable the system to distinguish spam from legitimate email. Dictionary method filters against specified words in the headers or body of emails. Lastly, the fingerprinting method creates a hash to identify known spam messages. But all these methods could be easily tackled by the spammers by adding legitimate text to the messages. Hence filtering can only be a short-term solution (Malcolm, 2004, p40). Legal means of the countering the spam menace through Spam Act 2003 has already been seen above. According to the Act, sending unsolicited electronic messages in violation of the Act can lead to penalties of $ 220,000 per day, or up to $ 1.1 million for other infringements. As already mentioned, there is no minimum number of messages for being qualified as spam and as such even a single message is sufficient. The Australian Communication Authority (ACA) is the authority for enforcement of the Act subject to review after two years (Malcolm, 2004, p 40). Australian Trade Practices Act Spamming activity can attract provisions of sections 52 of the Trade Practices Act. In the United States, Federal Trade Commission has invoked similar legislation against the spammers in that country (Malcolm, 2004, p 40). Corporations Law A spammer who promoted an unlicensed investment scheme was booked under Corporations Law by the Australian Securities and Investments Commission and the spammer pleaded guilty of interfering with lawful use of computer in contravention of Crimes Act. The same spammer was also tried by the U.S. District Court of Colorado and was fined US $ 15,800 under an equivalent legislation (Malcolm, 2004, p 40). Privacy Act Spammers who send messages without consent are supposed to be intruding into the privacy of recipients. But to due to loopholes, the spammers can avoid being booked under this Act (Malcolm, 2004, p 40). Criminal Code Act The abuse of open relay mail servers is now an offence under the Criminal Code Act 1995.of the Commonwealth. It can even attract abuse of servers from overseas. (Malcolm, 2004, p 40). More of Spam Act As part of educating the businesses, the National Office for the Information Economy (NOIE) has coined a mantra for their obligations under the Act as “consent, identify and subscribe”. Consent signifies that there must be a consent or inferred consent for receiving the message. Inference may be from the previous contacts with a person who might have furnished his e mail address implying that he can be contacted or communicated via the given e ail address. At the same time, mere furnishing of the email address cannot be considered for sending emails for unrelated products or services or the e mil address can be given to anyone else. Identify signifies that the sender should be readily identifiable or contactable and the contact details should be available for at least thirty days of sending the message. Subscribe signifies that the message receiver should have an option for unsubscribing from future communications even though the recipient had consented or allowed an inference earlier. The unsubscription details must remain accurate for at least 30 days. The unsubscription facility should be inbuilt in the original message itself and should not be chargeable (Malcolm, 2004, p 40). Exemptions Some exemptions from the Spam Act’s restrictions can be potential loopholes. Firstly, “purely factual information” is exempted from unsolicited electronic messages and consequently vendors can send unsolicited newsletters on factual information without any hint of requesting the recipient to buy. The dividing line is still blurred since newsletters carry unwritten and implicit solicitation. As such, the Act provides such newsletters being unsubscribed mandatorily at the recipient’s request and hence should contains links for unsubscription. Secondly, government bodies, political parties, religious organizations and charities are totally exempted from the act and such they can make unsolicited mails for buying goods or services. Educational institutions are also exempted but the exemption is confined to their present and former students. Thirdly, carriage service providers are exempted since they have to inevitably deliver the spam content. But they are liable, if they authorize spam messages. Faxes are exempted as they would fall within the definition of electronic message. However as already mentioned, SMS and MMS sent across the mobile phone network are not exempted (Malcolm, 2004, p 40). Enforcement Action can be taken only against complaints received from the public about spam originating from Australia and any other country with which Australia has agreement on spam. Nevertheless, spam sent from any part of the world to Australia and from Australia to any other parts of the world is also covered by the Spam Act. Australian Communication Authority (ACA) has powers to deal with the complaints such as warnings and fines. However, if a spam complaint goes to the Federal Court, it can levy penalties up to $ 220,000 as already mentioned elsewhere for the first time corporate offender (spammer) and $ 1.1 m for repeat offender. Orders can also be passed for compensation to the affected parties and confiscation of profits earned by the offender. The offender can be ordered not to continue the practice of spamming and search and seizure orders can also be made. And in the case of injunctions on spammer being withdrawn later, the spammer need not be compensated (Malcolm, 2004, p 42). International measures Since the Spamming is to be globally tackled, domestic actions alone are not sufficient. Hence the ACA is empowered by the Spam Act to coordinate with international agencies and foreign countries in its efforts to educate the users to fight against the spam. MOUs have already been signed with South Korea, Thailand, the U.K.and the U.S.A. for exchange of information on their anti-spam strategies. In fact Australia has the strongest Anti-spam legislation and the U.S.A’s Can Spam Act is weaker than Australia’s Act even though the former requires all emails to mention even street addresses in their messages. It is considered weaker because it allows spam for the first instance if there is opt-out option available. It is felt that unless Russia and China also join, containment of spam will be very minimal. However International Telecommunications Union (ITU) is seized of the matter and a number of anti-spam measures are in the offing (Malcolm, 2004, p 42). Co-regulatory codes Co-regulatory codes are codes of industry wise practice to be registered with the government authority i.e ACA so that it can apply to the respective industries and those who are not signatories to the codes of practice can be directed to comply with it. Some of the codes already in use are codes developed by Australian Communications Industry Forum (ACIF) on topics such as billing and customer complaints registered with the ACA. Australian Direct Marketing Association has also developed a code to bind the email and mobile marketing industry. Internet Industry Association has also developed code of practice to bind the ISPs and Email Service Providers (ESPs) (Malcolm, 2004, p 42-43). Is the spam Act 2003(cth) effective in protecting the public against spam, or are other solutions required? An official review of 2006 says that since passing of the Spam Act 2003, number of complaints relating to span reduced from 30 in 2002 to just 2 in 2005. Written complaints from 40 in 2002 to 25 in 2005. Telephonic enquiries about spam increased from 130 in 2002 to 165 in 2005 (Spam Act 2003 Review) ACMA v Clarity1 Pty Ltd [2006] represents first ever prosecution of a global professional spammer by the ACMA. The action was on Clarity1 Pty Ltd for its sole owner and shareholder having collected e mail addresses by means of a harvesting software, transmitted unsolicited electronic messages to these addresses and for not having obtained consent from the email addressees. Clarity 1 informed that it did not use the harvesting software since coming into force of the Spam Act. Court rejected this stand since Span Act covered addresses harvested prior to coming of the Span Act. (Bender, 2006) Claity1 had sent 213 million commercial electronic messages. Apart from the defence in regard harvested addresses prior to Spam Act’s coming to into force, Clarity 1 also raised the defence of inferred consent as in the mails, the recipients had been given the option of withdrawing of their consent. Silence or non-reply by them did not amount to consent as held by the court and consequently Clarity 1 was awarded a penalty of four and half million dollars and the individual Mansfield $ one million. SpamMatters forensic data served as important source to be relied upon for successful prosecution of this case (ACMA). In another case an individual from South Australia was found to be in possession of 20,000 email addresses, mass mailing software and email address harvesting software. He also had receipts for purchase of 5.5 million email addresses. This was part of his activity in pyramid-style marketing scheme which he joined as a down line. However the pyramid scheme was not owned by him. As the textual messages he had sent using the addresses he purchased clearly were covered by the definition of commercial electronic message as per section 6 of the Spam Act and as he admitted having sent unsolicited e mails, he was fined $ 660 after issue of infringement notices to him. In yet another case that occurred between June 2004 and January 2005, a company and specialist e-marketing company had sent more than 50,000 SMS messages in violation of the Spam Act. He had obtained telephone numbers from telephone directories. As these were again unsolicited commercial electronic messages, infringement notices were issued to the companies which had engaged a third party offshore SMS messaging firm and levied with a penalty of $ 13,200 as the messages had Australian link. Besides, an undertaking was obtained from the e-marketing specialist company to comply with the Australian e-Marketing code of practice. In one more instance, the offender had sent SMS messages to the phone numbers which the complainants had given in their advertisements for sale of cars. The offender who was a car trading company argued that the furnishing of phone numbers was an invitation to potential marketers who wanted to contact them. It was held that telephone numbers were given for potential buyers to make enquiries and not for sending unsolicited SMS messages which was prohibited by the Spam Act. Therefore the company was issued with infringement notice with a penalty of $ 6,600 (ACMA). The authorities for regulating and the enforcement agencies for infringement of Spam law in Australia are Australian Communication Authority, Department of Communications, Information Technology and the Arts (DCITA), Australian Communications and Media Authority, Australian Federal Police/Australian High Tech Crime Centre and Australian Security Investment Commission (OECD). Conclusion From the foregoing account of Spam law’s enforcement in Australia, it becomes clear that the country and the authorities have to go a long way in containing the menace of Spam. The few cases of prosecution for the infringement show how serious the consequences can be. Yet, the Spamming continues to be all pervasive. One reason could be that the authorities can act only on receipt of complaint. Thus the potential complainants must be serious and persevering in pursuing their complaints. As internet is a free resource, its value is not being realised. If only spamming activity is stopped altogether, the speed of the Internet can definitely increase and e commerce can develop faster. The ban on unsolicited electronic message which are commercial alone is not sufficient. It should even more broad based to cover even personal messages in order to preserve the value and utility of internet as a valuable resource and not based on intrusion of privacy alone. Moreover, there must be some taxing mechanism so that it would be sparingly used. Keeping in view of future growth of e-commerce, the Government must make the internet spam-free for free flow of traffic. Economic considerations should weigh more than the privacy impact considerations. Works Cited ACMA. Case studies, How the ACMA is fighting spam. Web. 25 March 2010. Australian Computer Society. Policy Statement on Internet Use. 2004. Web. 25 March 2010. Australian Communications and Media Authority v Clarity1 Pty Ltd [2006] FCA 410 Bender Mark Robert. Monash University, Australia’s Spam Legislation: A Modern-day King Canute? Working Paper. 2006. Web. 25 March 2010. Haydon John. Consumer and Universal Service Obligation Group, Australian Communications Authority. May 2004. Web 25 March 2010. OECD. Task Force On Spam. Australia Law and regulation. Web. 25 March 2010. Malcolm Jeremy. Australia’s Stand on Spam, Who Are You, Conference Proceedings, Melbourne. AUUGN, September 2004 Print Spam Act 2003 Review. Submission by the office of the Privacy Commissioner. Feb 2006. Web 25 March 2010 Read More