EU to Require Opt-In for Commercial Email

D4C5CE writes "EuroCAUCE (Usenet message below) and Heise (in German) report that the European Parliament has voted to ban spam by adopting the "opt-in" system for unsolicited commercial email, finally freeing the way for the entry into force of a "European Parliament and Council directive concerning the processing of personal data and the protection of privacy in the electronic communications sector". The news of the parliamentary U-turn comes after a recommendation by the "Committee on Citizens' Freedoms and Rights, Justice and Home Affairs" to permit "opt-out" marketing had received critical coverage, causing countless spam victims world-wide to alert the Members of the European Parliament to the big mistake they were about to make, and it is hoped to become the useful precedent of a workable approach for US lawmakers currently evaluating means to regulate spam as well." The Parliament's daily notebook has an overview. Individual EU countries still have to implement this with legislation before it is effective.

From: Beebit <beebit-u03@euro.cauce.org>
Newsgroups: news.admin.net-abuse.email, talk.politics.european-union
Subject: European Parliament Supports 'Opt-In' for Commercial Email
Date: Thu, 30 May 2002 13:08:11 +0200

The European Parliament has decided to accept the Council's Common Position which would require senders of advertisements by "electronic mail" to have the recipient's prior consent. "Electronic mail" is defined broadly enough so as to include text messaging systems based on mobile telephony in addition to email.

The 'opt-in' requirement for electronic mail will be in Article 13, Paragraph 1 of the new Directive concerning the processing of personal data and the protection of privacy in the electronic communications sector which will enter into force following its publication in the Official Journal. The Directive will guide the enactment of legislation throughout the European Economic Area, which includes the 15 EU Member States and European Free Trade Association members Norway, Iceland, and Liechtenstein. EU Members Austria, Denmark, Finland, Germany, Greece, and Italy as well as EFTA member Norway had already implemented 'opt-in' in their national legislation.

Further provisions in the same Article would allow companies to send advertising via email for their own products or services of a similar category to addresses which they had obtained in the course of a sale, unless and until the customer has registered an objection. Customers are to be given the opportunity to object "free of charge and in an easy manner" both at the time the contact details are collected and with each advertising message.

All in all, is an extremely welcome development, and should serve as an example and inspiration for legislators in other territories. We are absolutely delighted to see Parliament joining the Commission and the Council in taking a stand to protect European consumers and network users. It only remains to extend similar protection to corporate citizens. This will probably have to be within the framework of other legislation than that pertaining to the processing of "personal data".

~~~
The European Coalition Against Unsolicited Commercial Email is an all-volunteer, ad-hoc grouping of Internet users and professionals dedicated to bringing about an end to an unethical practice by technical and legislative means. http://www.euro.cauce.org/en/

damned america

[Anonymous Cowrad]

Why must we be so behind the times when it comes to things like this?

Oh, right. We don't want to interfere with business' right to annoy the hell out of us.

I can't see this ever working in the US

[delphin42]

As much as I hate spam, I can't help but think that this would have to be percieved as an unconstitutional restriction on speech. I don't think that requiring an opt-in policy in all cases would fly here.

Requiring OptIn isn't going to change a damn thing

[UnhandledException]

Almost every piece of spam I get (that I've read) tells me that I've "elected to recieve special offers." So as far as they're concerned, I've opted in. (The actual truth is, of course, irrelevant.) If they can lie about me not opting out, they can lie about me opting in. What's changed?

Re:I can't see this ever working in the US

[PhxBlue]

How is keeping mail that I didn't ask for, don't want, and have to pay for out of my inbox an "unconstitutional restriction on speech"? If they want to put their shit in my mailbox, they can at least have the good graces to pay the (e-)postage themselves.

The right of someone else to spend my money without my permission is exactly nil.

Can you still opt out?

[GnomeKing]

I have seen several opt in schemes which have tricked users into opting in, or have been fraudulantly opted in, and its then a pain in the backside to opt out again...

Is it gonna be mandatory that if someone wants to get away from something they opted in to that they can quickly and easily?

Re:I can't see this ever working in the US

[seizer]

As has been said many times before, but which is obviously worth repeating here:

It is NOT a restriction on speech, because unsolicitied commercial email places a financial burdern upon the recipient, where the recipient has NOT consented to undertake that burden.

That is, they often have to directly pay to receive what they never requested. It is somewhat akin to having someone send you a magazine in the mail, and then bill you for it.

It's gotta be done right

[teslatug]

They should have to show in some way that you have opted in in the e-mail itself. Some sort of unique number that you gave them (or even an IP address, but this wouldn't be good enough). They would then have to have an e-mail AND some number to match up. There must also be a huge fine to back this up. This way, any business that sends an e-mail that says you opted in, can be automatically fined.

Not a solution

[CathedralRulz]

I think the beneficents of this will be lawyers who target the deep pockets - ISPs - and try to hold them liable.

Spam is nearly impossible to stop via laws - I think the market will and is solving this problem with more intelligent filters that will make it un-rewarding.

Re:I can't see this ever working in the US

[PepsiProgrammer]

One must ask oneself, if an unsolicited email system is completely opt-in, is it still unsolicited?

Re:Requiring OptIn isn't going to change a damn th

[peddrenth]

Why is that insightful? If someone claims to have your permission, or that you've opted in, challenge them on it. It'll soon be illegal to send spam without permission, so if they can't prove it, they get fined.

The type of emails you're taking about also tend to claim compliance with a fake US statute, and refer to various laws which were never passed. This is known as lying, or "fraud" on a commercial scale, which is presumably illegal anyway for legitimate companies emailing from Europe.

(In the US it doesn't really matter what's illegal anyway, just because of the cost of legal action to get anything done)

We'll still have to block CH/TW/KO/JP, because they'll keep sending the "you have elected to receive..." emails (hint: that's a good phrase to regexp on and delete the email)

Otherwise a pity there're so many people I need to talk to in the US, otherwise I'd be able to block email from America too, and live in a spam-free virtual Europe.

Re:I can't see this ever working in the US

[Coward, Anonymous]

What you say is protected by the constituion, how you say it is not. I am legally forbidden from spraypainting words onto your car, nor can I shout them through a megaphone at 3:00 AM into your bedroom window. I'm not even allowed to urinate a speech into the sidewalk or tap morse code into your forehead. There's nothing unconstitutional about banning spam. We already ban methods of communication which are annoying, the above being only a partial list of illegal methods of communication.

Re:Not a solution

[azadrozny]

That's just it. Spam will always be worth it, because you can send it to tens of thousands instantly and free. All you need is one nitwit to but the latest get-rich-quick scheme and the ad is paid for.

Re:*OPT* in

[jonasj]

I've started taking the email addresses of the spammers and signing them up for "opt-in" email. Whether this is enough to keep them busy is anyone's guess.

Hopefully you don't just use the From-address? Spammers often pick their From-addresses randomly from their list of email addresses to spam. The innocent individual whose email address is used as From-address is harmed much more than the other spam recipients since lots of people will report them to their ISPs, send them angry mails, or... sign them up for opt-in email.

Never complain about spam unless you can verify with 100% certainty that the address you are complaining about is the actual address of the spammer. Doing otherwise will just harm innocent spam victims.

Re:I can't see this ever working in the US

[1010011010]

Face it, by putting up an email server, you are consenting to receive email.

Yeah, and she dressed like a slut, too.

Re:damned america

[Anonymous Coward]

Why must we be so behind the times when it comes to things like this?

Oh, right. We don't want to interfere with business' right to annoy the hell out of us.

Where are your manners? That's no way to talk about your masters, now get back to work and remember to tithe a substantial amount of your income to business approves products and services. Opinions like yours get in the way of buying elected officials and key appointments.

If anything, the EU is years behind the USA in selling out to business and the wealthy. Now if you'll excuse me, I have to go sell guns to school children.

Re:I can't see this ever working in the US

[mixbsd]

See cell phones

Not forgetting that with WAP handsets, you can collect your email on your mobile. For example, on my T68i, that involves downloading the headers and disconnecting, then reconnecting if you wish to collect the body of the message(s). By the time you've downloaded the headers, even if the subject line is obviously spam, you've still wasted airtime charges in collecting the spam mail header(s).

Re:SPAMMERS MUST DIE

[Anonymous Coward]

I often wonder who these spammers are. What made then see thier souls?

They're mostly poor..err, rich college and highschool kids. What made them turn to spam? Where else can they make > $1,000-$2,000 a week sitting on their rump? Sure we hate spam too (we also see it everyday). But quite frankly we don't care about the pissed off people who whine about the 2 seconds it takes them to hit the delete button. There ARE people who buy the "make my penis 4324 inches longer" and "sexy teens are waiting for you" stuff.. and we make a living off of it instead of the $6.00/hr at the local McDonalds.

Re:I can't see this ever working in the US

[neuroticia]

Spam, while obnoxious (especially HTML emails) is not the biggest unsolicited waste of money/bandwidth, at least not that I'm experiencing.

Byte for byte, the largest wastes of bandwidth I'm experiencing can be attributed to two categories: 1: Windows SysAdmins who refuse/don't know how to patch their systems against the likes of nimda and code red. They also waste space in /var with their own little morons_log which seems to update every second. 2: Klez. Average number of klez-bearing emails recieved per day across the network-15.(And it's a SMALL network.) Klez contains attachments of variable sizes. Average number of minutes spent per day reassuring panic-stricken family members/co-workers/non-techie friends: 5. Cost of antivirus software per Windows compuer on network: $50. Time spent downloading antivirus updates--too much.

Spam can be blood-boilingly infuriating and push us to the point of wanting to ressurect public hangings, but I think that by and large the two categories I list are the biggest wastes of everything... And I'll be damned if I can find a way to opt out.

-Sara

Spam used to get me mad

[ansible]

Spam used to get me really mad and/or annoyed. I thought about the scammers out there, I thought about my wasted time, I thought about wasted resources, etc.

Recently, I've installed Spamassassin [spamassassin.org], and I've been running it for a few months.

Nowdays, spam doesn't bother me too much. Spamassassin tags nearly all of it. Deleted without much trouble or effort on my part. I still report the ones that get through the filter. I haven't had much of a problem with false positives either.

These days I'm thinking that passing more laws to stop spam isn't the answer. I'd rather we use technological solutions for now. If/when we finally all start using authenticated, encrypted e-mail, spam will cease to be a problem at all. In the mean time, a good filter aleviates the need for legislative solutions, in my opinion.

Comment removed

[account_deleted]

Comment removed based on user account deletion

Re:damned america

[base2op]

Why does it seem that the US government exists to protect the rights of businesses over citizens? I don't mean just with this issue, but like the DMCA, etc...
It's a tad unsettling.

Re:Requiring OptIn isn't going to change a damn th

[(trb001)]

How, exactly, do you prove that you didn't opt-in? Just as easily as you can say "I didn't click on that page/button/checkbox" they can come up with a new page that DOES have that button on it when they have to defend themselves.

This is not a law that will be easily enforced. Opting in will become as easy as going to a website.

--trb

Two *wrong* things

[Anonymous Brave Guy]

Unless you're paying for your dialup "by-the-byte" (does anyone still operate that way anymore?), they're not spending your money. You've already spent it. Internet is flat-fee in the vast majority of areas.

No, actually, it's not.

1. Many places outside the US don't have flat rate access.
2. Most flat-rate packages cost more than the equivalent metered account for low-bandwidth users.
3. Many ISPs offering flat rate connections do actually cap your time on-line and/or bandwidth. Always on is something else, but most people don't have that.
4. If you've been following the news, you'll notice that many flat rate and always-on providers are either changing their conditions just now, either capping transfer volumes or putting up prices. Gee, I wonder why that could be? Here's a clue: half of it's people downloading illegal music and movies, and the other half is spam mails going out to half a million unwilling recipients at a time.

If you're out of town, and I call you, YOU pay a long distance charge, just for answering your phone.

But I have the option not to answer, and thus not to pay.

By the way, have you heard the latest ruse with cell phones? Some packages now let you subscribe to information services that charge you for using them, and apparently most mobiles are vulnerable to having someone dial you and then bill your account as if you'd subscribed to such a service, without any consent on your part at all. This is already happening, and is where unsolicited commercial messages are headed. Do you really, really think this is a good thing, and just like answering a long-distance call?

I don't want SPAM to be illegal.

[dbc001]

But I do want an easy way to inflict a large burden on those who send it to me repeatedly, especially if they continue to do so after I request that they stop.

The problem right now with SPAM is that the SPAMMERS are preying on morons who think that SPAM works. These poor home-based business owners really think that SPAM companies are going to send their adverts to 5 million real people, as opposed to 1 million dead addresses, 1 million duplicate addresses, 1 million domain-name registrants (or ex-registrants), and 2 million people who will instantly trash the message. Maybe the best course of action is a crackdown on fraud laws?

I just had to cancel my email address of 5 years due to being overspammed. I was deleting mail that I needed because I was deleting blocks of 10, 20, 30 at a time. And now I will lose contact with old friends for a while. I would really like to be able to make some of those cocksucker spammers pay for it.

-dbc

Re:I can't see this ever working in the US

[Spoobie]

All my spam is downloaded. None of it is sent to my computer directly. If you happen to own your own mail server, then you are accepting mail just as slashdot accepts posts.

Not true. Slashdot openly invites posts from anyone and everyone. They advertize themselves as a public venue. An email server which only services its own subscribers, whether it is connected to the Internet or not, is still private. Simply being connected to the Internet does not make a system fair game for any and all activity.

But the government does not have the power to decide for all of us which emails are acceptable and which are not, based on content. That is prior restraint of free speech.

No, it isn't. The government is not deciding which emails are accptable and which are not. You can still opt-in to receive the emails. What the government is (would be) saying is that the sender of a certain type of message has to have the recipient's permission before sending that message. Here's an analogy: I tell my best friend he is welcome to come over any time and have a beer at my place. I have given him permission to enter and have accepted financial responsibility for any beer he might drink. But if a solicitor comes over, he has to obtain my permission to enter my house, otherwise he's tresspassing or burglarizing (which one depends on local laws). If the solicitor then proceeds to drink one of my beers, that's theft. The government hasn't prohibited the solicitor from attempting to sell his wares or from drinking beer, it has simply required him to obtain permission from the parties he may adversely affect.

Another analogy: I have CallNotes from the phone company, so when I'm not home and someone leaves me a message they're using the telco's eqiupment on which to store the message. It's a service I pay for, just as my email account is a service for which I pay my ISP. The message doesn't go directly to an answering machine in my house. However, the fact that I don't own or directly control the equipment on which the message is left does not circumvent the law(s) that say someone can not leave a message threatening my life. The caller is responsible for the message which is intended for me, whether or not the message is left on equipment I own.

Simply put, requiring opt-in for spam is not prior restraint. Prohibiting all spam under all circumstances would be.

Focus of Lawsuits

[Anonymous Coward]

Why focus on small, itinerant spam senders? We may never know who sent a given spam, but it is always clear what is being advertised in that spam. Spam lawsuits should hit the parent companies hawking products and their partners.

Kill the companies upstream to stop the revenue stream. No money, no spam.

Re:I can't see this ever working in the US

[Anonymous Coward]

Then you find a better way that's non-regulatory.

People want government to step in ALL THE TIME near completely instead of in stages or to encourage steps and stages to fix messed up so-called public good or societal issues. I'm damn sick of it. I don't want social security taking 15% of my income before taxes (self-employed). I want to invest that money myself at a rate above 2.2%. I don't want government in health care. I don't want government regulating what can be seen over the airwaves. I DO NOT WANT GOVERNMENT IN MY EMAIL.

Yes, face it. If you plug in a phone, and hand out that number, you face getting obscene phone calls. If you don't want it, unplug the phone. Or plug in a damn secondary stage e.g. an extension which if they lack, it goes to voicemail. Does anyone? Hardly. They bitch and whine about telemarketers.

Re a pool, there is something reasonable--you put up a stinkin fence with cameras. We have laws if they encrouch on your property, you get them for trespassing, disorderly conduct, etc.

Re the lawn mower, duh. Get a lock and key.

Put up a mail server? Use SSL authentication. Procmail/filter out. Use several addresses. Block multiple connections. Yes, when you put up a mail server, it's going to get connected to. The internet is not yours. It's PUBLIC. You ACCEPTED that when you had the choice to or not. You further had the choice whether to authenticate or use VPN. Did you? No. If it's truly for your friends and specific organizations, filter.

But no, you want government to pass a damn law.

It's silly to expect when you hand out party invitations in a public manner (and yes, it's public--network traffic is considered public) that there won't be a party crasher.

It's silly to complain and cite a privacy violation hen you walk out in public naked an someone takes a freakin picture of your ugly nakedness.

Reality check--by putting yourself with spam protection, you are equating yourself to the same level as people who use AOL and have shit for brains in the stupidity in which they pick an isp, hand out their address, etc. You are cows who needs the farmer to feed them. You want the government to stop this because you are too stupid, not careful enough, to handle this on your own. AND IT SHOULD NOT BE THE ROLE OF GOVERNMENT TO TAKE CARE OF YOUR DAY TO DAY ACTIVITIES UNLESS YOU WANT THEM TO CONTINUE THIS INVASIVE PROCESS IN THE FUTURE.