Stay networked. Get informed. Broadcast your projects.
OECD is one of the leading organizations when it comes to anti-spam initiatives. The anti-spam initiative was ignited in early 2003 when its members considered spam to be one of the latest challenges facing the economics of developed countries, especially in the information society sector which revolves closely around the future of the world economy. The OECD efforts were not aimed to serve the interests any of particular one of its member countries; rather, they were trying to develop their strategic plan to ban spam. Thus, the ICCP Committee and the committee of Consumer Policy jointly created "ICCP-CCP Task Force on spam." The purpose of the Task Force was to create a universal, effective, rapid, and harmonized framework or plan to combat spam. The Anti-spam Toolkit of recommended policies and measures is the only central toolkit has ever been introduced internationally.
The toolkit proposed eight main elements for a successful national strategic plan, which include anti-spam legislation, enforcement, industry driven initiative, anti-spam technologies, public education, awareness, spam measurement, and national and international co-operation It is important to note that no one single element will ever solve the problem that the information society is facing; instead, all elements should be jointly implemented to attain the best results.
Although the Toolkit identifies anti-spam legislation as the first element of its proposed strategy to combat spam, the design method to achieve legislation's objectives and goals is no less of an important element in the Toolkit's proposed task force. Anti-spam enforcement should set procedures and processes to ensure effective implementation of anti-spam legislation.
It has been highlighted in the Toolkit that anti-spam enforcement can include the practices of conducting investigation, gathering information and evidence, supervising communication operators and providers, panelizing violators, and implementing anti-spam legislation provisions in general. Anti-spam enforcement is different, unusual in nature, and needs a greater amount of effort in order to reach its full effective potential. For those reasons, policy makers should ensure four main areas of enforcement: empowering enforcement authority, sanction, national co-ordination, and cross-border enforcement cooperation.
Empower Enforcement Authority
It is highly recommended in the Toolkit to clearly identify the responsible enforcement authority and its objectives. It is also important to grant authority to those who have the means to promote anti-spam enforcement. Such an authority, in order to conduct a simple daily investigation in a simple spam case, might to undergo certain processes including the accession, interception, search, and seizure of electronic evidence. Such evidence could entail more than a single electronic message or a record of its transmission; it may also include financial records and any other related correspondence. Also, such evidence might be located within a house, which cannot be searched without especial inspection warrant, which in many jurisdictions must be granted from the court or public prosecution. However, since it is agreed that immediate action is essential to seizing spammers—time is a critical factor when finding and gathering the evidence against them—the Toolkit recommends that it may be useful to include delayed notice provisions for search warrants.
The main objective of the spammer is to gain economic profit. Thus, if the anti-spam legislation has not contained heavy sanctions, it will be difficult to prevent a spammer from violating the legislation. Hence, the Toolkit recommends introducing three main types of sanctions into anti-spam legislation or any related legislation. First, adding administrative sanctions which can be imposed by the enforcement authority itself and directly based on several aspects such as whether the violation has been repeated over time, if a hidden or false identify, or if harvested addresses have been used. The second type of sanction to add is that of criminal sanctions; such sanctions should be applied by the criminal court in case of any criminal violations such as misleading, unauthorized access, or fraud. Penalties usually range from a criminal fine to detention.
The third type is civil sanction; this is what individuals request as compensation for the damages caused by the spammer. The question posed by the Toolkit is whether a private right of action is available to individuals to obtain statutory damages, and if the answer is yes then how can such a civil right be applied to a spam case. The Toolkit highlights the fact that action against the spammer is usually time- and resource-intensive and consequently individual actors will eventually have no interest in pursuing the spammer unless their efforts result in a satisfactory end.
An issue of quantifying the damage caused by spam is one of the challenges facing the private right of action. It is not that easy a process to quantify the damage that is caused by sending a huge amount of spam to a certain individual, although it is easier to quantify such damage when it effects a larger network (such as that of all ISPs, for example). Thus, to overcome the above difficulties and problems, anti-spam legislation could reflect the damage caused by spam and could facilitate restitution of cost to the damaged parties.
Even though it was recommended to designate a single authority to implement anti-spam legislation and other related matters, several other authorities may have different functions in implementing anti-spam legislation or may deal directly or indirectly with spam and spammer (these include the central bank, security agencies, and trade commissions, for instance). While conflicts tend to occur within the ruling authorities–especially in the civil, administrative, and criminal proceedings against the same spammer—national coordination between such authorities is essential and recommended by the Toolkit. A clear coordination mechanism between those governmental authorities will overcome the problem as proposed by the Toolkit. The mechanism could be adopted as a mutual agreement or task force or guidelines; different countries worldwide such as the USA, France, Italy, and Germany have adopted this approach.
Moreover, the policymakers must designate a single responsible authority for cross-border cooperation, especially since spam in most cases is an international matter that knows no physical boundaries and needs cross-border cooperation in order for the countries to facilitate the enforcement of national anti-spam strategic plan and its legislation, to seize the spammers, and to impose effective sanctions.
Cross-border enforcement co-operation
It’s as much of a cross-national as it is a national challenge to implement and enforce anti-spam legislation; for example while the spammer might breach the British law, he might be located in India. In this situation cooperation between the British and Indian authorities is essential so as to gather the necessary information and evidence, to seize the spammer along with any evidence and other related documentation, or to even enforce any sanction that might be imposed by the British authorities. Hence, many authorities in both countries will have powers at different stages and that should be through a clear mechanism that encourages cooperation by identifying national focal points, methods, and techniques in gathering, seizing and providing electronic evidences to other countries, with particular emphasis on privacy issues involved in the cross-border transmission of evidence, and any other related issues.
Taking into account the facts above, the Toolkit presents some alternatives to facilitate cross-border cooperation, such as Memoranda of Understanding, informal cooperation agreements, research centers like "Spot-Spam" and "Signal-Spam," and establishing a contact network of spam enforcement authorities, pro form and guidelines. Moreover, the Toolkit refers to existing criminal law enforcement cooperation networks and mutual legal assistance instruments, which already allow countries to cooperate and share information in case of criminal investigation and prosecution involving criminal spam and other forms of cybercrime. Hence, the policymakers should encourage authorities concerned with spam to cooperate on an international basis through MOU or by entering into agreement with other countries or international organizations.
These powers will not just improve the enforcement of the national legislation, but will also improve the national ability of a country to investigate and seize spam, impose sanction, share information and experience, train national enforcement employees, improve cooperation, request for assistance, and develop new cooperative models between enforcement authorities.