34
from their computers and the content may be objectionable (see
discussion of “unacceptable” content, below). One of the more recent
legislative initiatives is that of Australia, the Spam Act 2002. The Act
prohibits unsolicited electronic messages; in addition, commercial
electronic messages must contain accurate information about the sender
and a functional way for recipients to indicate that they do not wish to
receive such messages in the future. Address harvesting software is
forbidden. The Act does not impose any liabilities on Internet Service
Providers for the transmission of spam, but the Australian
Communications Authority is working with ISPs to develop industry
codes of practice regarding acceptable use policies for consumers and
the use of anti-spam filters. The Act applies to all Australian residents
and any person sending an electronic message to an address that has an
Australian link; the government recognises that extra-jurisdictional
enforcement will be weak in the absence of increased partnerships with
foreign countries and organisations to reduce spam.
4.3.20 In dealing with such matters as spam, it is important to make legislative
or other rule provisions as technically neutral as possible—mobile
phones, for example, are now capable of sending and receiving spam or
being used in other ways that invade privacy. The European
Commission’s Directive on Privacy and Electronic Communications
extends controls on unsolicited direct marketing to all forms of
electronic communications, including mobile phones, and introduces
controls on the use of cookies on websites. Cookies and similar tracking
devices will be subject to a new transparency requirement that provides
information and allows users to refuse to accept them if they wish. EC
Members were required to implement the Directive by December 2003.
4.3.21 The South African Electronic Communications and Transactions Act
regulates spam, among other matters; unsolicited electronic
communications are not illegal, but they must contain an opt-out and
disclose where they obtained the address when requested. The drafting
of the statute has been criticised for lack of specificity regarding opt-out
previsions, and lack of clarity regarding the definition of “sender” which
could leave ISPs liable for what is sent. In the U.K., the Privacy and
Electronic Communications (EC Directive) Regulations 2003 are also
aimed in part at spam, but have been criticised for weak and unwieldy
enforcement provisions, which require filling out a five-page form and
mailing it with a stamp to the Information Commissioner. In response to
the increasing problem of spam, the OECD has recently set up a Task
Force to co-ordinate the fight against spam and has called on
governments to step up their fight against spam.