ITU WSIS Thematic Meeting on Countering Spam
John Palfrey, jpalfrey at law.harvard.edu, Session Chair
Legislation at the national level is one of several tools – alongside
technical measures and consumer-based action – to fight spam.
National laws, while potentially helpful, require strong, targeted
enforcement in order to be effective. Given the fact that spam
observes no national boundary markings, and the cross-border nature of
the internet generally, it is essential that those who seek to enforce
anti-spam laws cooperate with those in other nations to make anti-spam
laws have a serious impact.
Law enforcement officials taking on spam face a number of substantial
challenges in getting their job done. First, there is little
agreement across jurisdictions as to what anti-spam laws prohibit (for
instance, opt-in v. opt-out). Disagreement remains even as to
what spam is (for instance, must it be commercial to be
prohibited?). Second, there is clearly widespread disregard for
existing anti-spam laws (the “sense of impunity” among spammers).
Violators today have substantial ability to evade prosecution, at least
for a while. Third, nations wishing to cooperate have varying
legal regimes and methods of enforcement from one to the next.
These differences among prospective partners may present problems for
the implementation of any enforcement-related MoUs or treaties.
Other challenges include identifying spammers, obtaining evidence,
recovering assets, sharing evidence, and preventing further misconduct.
There are rays of hope in terms of law enforcement and cross-border
cooperation in the struggle against spam. The French regulators
have had success by seeking first to clean up the French market and by
sharing information with other European colleagues. The Koreans
have made progress through working in partnership with industry and
others, including the Australians (who are lauded more than any other
country here at this meeting for their anti-spam leadership) through a
The Italians have adopted a multi-faceted anti-spam regime, including
technical, education, and law enforcement strategies. The United
States, both before and since the CAN SPAM Act took effect, had
successfully prosecuted 62 major spam cases and has handled thousands
of consumer complaints. In many of these enforcement efforts,
other countries have provided valuable information and cooperated in
helping to bring the wrong-doers to justice. The private bar in
the United States has also contributed to the fight against spam by
bringing large civil actions against spammers over the past several
years, even absent specific anti-spam legislation in some cases.
However, these early results have made only a modest dent in the worst
spamming activity. Enforcement is a long way from reversing the
clear trend toward more, and more pernicious, spamming on a global
The panel and the audience offered a number of insights for moving
forward. Law enforcement should alone is not the solution; it
should be regarded as one of several tools in the anti-spam tool-box,
in light of the breadth of the problem, the failure to date of most
anti-spam laws, and the comparative advantage of sovereigns. Most
agreed that law enforcement should focus its efforts on the worst
cases: fraud and other computer crimes. In addition, there are
countries present – Syria spoke up, in particular, with a big second
from Labour MP Derek Wyatt of the United Kingdom, who hopes to see an
international treaty on the table within the next year – that would
know how best to participate in the global anti-spam efforts and seek
guidance. The panel ended with a strong sense that there is
indeed the energy and the determination among multiple players in the
room to collaborate in turning back the tide of spam. It is plain
that there is an opportunity for leadership in this space.