UK Anti-Spam Laws Criticised

stripyd writes "The Guardian has an article about the ineffectiveness of British anti-spam regulations. Asside from the limited penalties, the Office of the Information Commissioner have yet to actually hand out a fine. From personal experience, the OIC aren't good at answering email on queries regarding the law, their web site, or suggestions that the current procedure of tracking down, printing out and mailing off (with a stamp!) a five-page pdf form to report miscreants be streamlined. The form itself is good for a few yuks, until you remember your taxes are paying for it to be outsourced to private sector hosting."

Limited scope

[pjt33]

It's not just limited penalties: it's also limited scope, in that the only spam prohibited is spam to personal addresses. I actually get more spam to my work address than my personal addresses, and am rather unamused by this... cop-out. ("Loophole" isn't quite the right word, because it's intentional).

Also in The Netherlands

[ControlFreal]

In The Netherlands, you can report spam on-line as well at the Spam Klacht (lit.: "spam complaint") website. This is an official website of the OPTA organization, which monitors and control telecommication in The Netherlands. Note that the link to the Spam Klacht website is even an SSL link.

Re:Outmanned, Outgunned

[dazed-n-confused]

As for the site, it says nothing about the Reg 22 in question

Here's the Information Commissioner's Guidance on Regulation 22 [informatio...ner.gov.uk] (you have to scroll down to p.24 of the pdf). What, you expected something accessible from that bunch of clowns? Think again...

Re:Outmanned, Outgunned

[murky_lurker]

If it's the one I think it is, it's part of an EU directive. There's details of it here [dti.gov.uk], the chapter relevant to spam is here [dti.gov.uk] , albeit in .doc format. I've only had a chance to skim but the legislation seems to be mostly aimed at legitimate businesses who have over-zealous customer newsletter runs, rather than preventing mass mailing spammers. I have to say, though, that the form linked in the article is completely asinine.

Re:What's the point?

[Andy_R]

Actually, I've found the threat of the law to be quite effective in cutting down the spam that I get. I have quite often I've mailed the head of legitimate organisations that have spammed me because some random 3rd party has mistakenly signed up an address in my domain to their lists, and got some pretty grovelling replies.

I'm just about to send of my first dozen forms to the OIC, and as with any UK government department, all you need to do to get action is threaten them with their own regulatory body to get action.

Also, I've picked my targets carefully, some big names that have ignored written warnings.

Top of my hit list are:

xmr3.com (uk bulk mailer that pretends it's legitimate)

Yahoo.co.uk (those adverts at the top and bottom of yahoogroups mails are illegal, but Yahoo think they are above the law)

Ticketweb.co.uk (claim that every time you buy from them they have thr right to start samming you again)

- Andy_R

The Office of the Information Commissioner

[BillsPetMonkey]

Is a paper tiger. It was designed that way. You only really find this out when you try to invoke the Data Protection Act 1998 against a data conroller company, and find that it's not designed to protect you, it's designed to safeguard companies holding your data from you.

The reason the UK spam laws are weak is not a coincidence either. The UK government uses the electoral register to sell your data (regardless of whether you "opt out") to third party marketing companies to get revenue.

It's not freedom of information as you might know it, it's a case of "do as I say, not as I do".

Re:Also in The Netherlands

[Animaether]

SpamKlacht website [spamklacht.nl]

I read through some of the tidbits there, and it appears to be setup pretty well. And it appears our legislation is very nice too... "opt-in" conditions including
- If it's a checkbox form, then the user has to check it - it can't be pre-checked for the user.
- The opt-in description is not allowed to be 'vague' where "I hereby give permission for company X and partners to send me e-mail" is declared 'vague' enough.
- You cannot implicitly re-use old contact lists such as those acquired from other companies or through company take-overs; one has to first contact the user again and ask them if it's okay to establish a NEW relationship. Only if the user agrees to this they can start to 'spam' again.

However, I was also quite baffled to find that the OPTA :
1. Excludes all these rules when it is spam sent to a company.
2. Excludes all these rules when it is spam sent to a fax machine!

Now #1 I could rationalize if I tried hard.
#2, however, is just ridiculous. Apparently it is not illegal as it was at some point judged to be the same as 'colportage' (door-to-door sales). yish. I can only hope that at least there's a law against sending a looped-back black fax :/

Re:The Office of the Information Commissioner

[jeremyp]

The UK government uses the electoral register to sell your data (regardless of whether you "opt out") to third party marketing companies to get revenue.

This is a lie. It's not even maintained at the national level, but at the district council level. By law, anybody can see a copy of the register (under supervised conditions) and certain companies are allowed to use the register for restricted purposes. For example, credit agencies can use it to verify your address. It is illegal for them to pass the data on to anyone else or use it for any but a set of restricted purposes.

The editted version of the register may be bought by anybody, but you can opt out of that. See here [electoralc...ion.org.uk] for more details.

Re:Also in The Netherlands

[tuxzone]

You must have misread.
Point 1: You are right, but law is to be changed.
Point 2: You are wrong. Spam by fax van be reported online too!

Re:The Office of the Information Commissioner

[BillsPetMonkey]

OK, there's a lot of misunderstanding about this. The edited register cannot be sold without the authorisation of the local council. But if you happen to be an "approved" subscriber to this information (ie. you happen to be MBNA Europe or a number of other data controllers), you will have free access to the information regardless of whether voters have opted in or out.

Yeah, it's an uncomfortable reality. Because the illusion of censure on your own information is important, but it's completely non-existent. Remember when you were a student or when you lived in your parents' house? You didn't get half as much junk mail as now, as a separate voting entity with your own entry in the electoral register. Why do you think that is?