|What is the Government doing about SPAM?
8 Apr 2003
This is the letter Sir George was sent by Stephen Timms, the Minister for E-Commerce and Competitiveness.
Stephen Timms MP
Minister for E-Commerce and Competitiveness
Department of Trade and Industry
1 Victoria Street
London SWIH OET
31 March 2003
Thank you for your letter of 10 March 2003, requesting a note of the current situation with regard to encouraging Internet Service Providers (ISPs) to take action to protect their subscribers from unsolicited commercial email (UCE), to help with constituent enquiries.
ISPs may be able to help stop unwanted UCE -complaints should be sent to the sender's ISP in the first instance. In the case of difficulties in identifying the sender of the email or the ISP concerned, the email can be forwarded (complete with all the tracing header lines) to the receiver's own ISP, whose technical staff will be able to assist in identifying the sender and the relevant ISP to send complaints to. If the ISP is a member of the Internet Service Providers Association (ISP A) they are bound to deal with the complaint as outlined in the ISPA Code of Practice.
Further information on the ISPA Code of Practice, the complaints procedure and a list of members is available on the ISPA website at http://www.ispa.org.uk (the relevant information can be found in the consumers section). Full contact details for ISPA are: ISPA UK, 23 Palace Street, London, SWIE 5HW, Tel: (020) 7233 7234, Fax: (020) 7233 7294, Email: firstname.lastname@example.org
The sender's ISP is likely to take action against their customer, not least because their own obligations to the rest of the Internet require them to prevent abuse. In the first instance, education may be an appropriate response, but it is usual that if a second infringement occurs the sender will lose their Internet connectivity on a permanent basis.
In addition to the efforts being made by ISPs, there are some other controls in place that your constituents should be aware of.
The Direct Marketing Association (DMA) run a voluntary scheme to avoid UCE called the Email Preference Service (E-MPS). Further details are available on the following website: http:/ /www.e-mps.org
Your constituents should note that as the E-MPS is established in the US, UK data protection legislation would not apply to the use of their personal data.
Additionally, two European Directives introduce controls on UCE: the E-Commerce Directive which has recently been implemented in the UK, and the Directive on Privacy and Electronic Communications which requires implementation by October 2003.
Under the Electronic Commerce (EC Directive) Regulations, implementing the E-Commerce Directive, the originator of UCE must ensure that it is clearly and unambiguously identifiable as such as soon as it is received. The purpose of this is that users or their ISP can delete such communications (or use filtering software to block or delete them) without the need to read them. Under the Stop Now Orders (E.C. Directive) Regulations 2001 Trading Standards Departments are able to take action to stop an infringement of this requirement where it is in the collective consumer interest. Further information is available on the DTI website at the following URL: http:www.dti.gov.uk/cii/ecommerce/europeanpolicy/ecommerce_directive.shtml
Under the new Directive on Privacy and Electronic Communications, UCE will only be allowed to be sent with the prior consent of the addressee, but with a derogation for UCE where the addressee has already given his or her email address direct to the sender in the context of the purchase of a product or service. A company would be entitled to email its customer list with, for example, details of its latest catalogue, as long as addressees are given a clear opportunity to refuse such emails. This should provide a safeguard against the kind of UCE that many people object to, where they have no knowledge of the advertiser or of the products being marketed, but will allow responsible marketing by UCE where the advertiser has legitimately obtained an e- mall address from a customer or potential customer.
We will be running a full consultation exercise in advance of UK implementation -further information is available on the DTI website at the following URL: http://www.dti.gov.uk/cii/regulatory/telecomms/telecommsregulations/comms_dpd.shtml
Finally, under the Data Protection Act 1998, many email addresses constitute personal data under the Act because the address incorporates an individual's name and must, therefore, be processed in compliance with the requirements of the Act. This means, for example, that companies collecting the email addresses of those that visit their websites should make clear any intention to use or disclose the address for marketing purposes. It also means that any company that continues to process an email address that constitutes personal data for the purpose of direct marketing, after being advised by the individual concerned to stop, may breach the fair processing requirements of the Act. Further information on the Act is available from the Information Commissioner's Office, via their website at www.dataprotection.gov.uk