Firms 'overreact' to spam act
An anti-spam law that makes it illegal to send any unsolicited commercial e-mails comes into effect on Wednesday next week but Keith Norris, executive director of the Marketing Association, says most businesses have no need to panic.
Mr Norris says it is rumoured that Internal Affairs, which will police the Unsolicited Electronic Messages Act, will move quickly to bring some prosecutions for sending spam and that it may already have two possible targets in mind.
"I suspect they will try to prosecute somebody fairly quickly to show they are serious, but they are not going to prosecute people who are trying to apply best-practice marketing."
He says legitimate firms engaged in e-marketing should use their common sense if they are advised by lawyers that they should contact all the customers on their databases to check they have consent to send them electronic newsletters or e-mails.
Some companies are doing this, but it is usually unnecessary and it would be ironic if people were now bombarded with a deluge of e-mails from businesses seeking express consent to send them electronic communications, he says.
"All of a sudden people are realising the legislation is only a few days away and a lot of people are now looking very closely at their systems, and frankly there is an overreaction.
"If companies have been in the habit of communicating electronically with customers and prospects on a regular basis then they have inferred consent to send them e-mail, and there is no need for them to go out again and ask for it."
But organisations should make sure they give recipients the option of opting out of receiving e-mails each time they communicate, he says.
"They must do that in future. My advice, if they are really unsure they have consent to send an electronic communication, is to say, `We have been communicating with you for some time and we want to make sure you are comfortable with this, and if you are not, hit the unsubscribe button.'
"Human inertia will mean that if they take the `opt-in' route, they will lose half the people they are communicating with."
Internal Affairs anti-spam unit manager Joe Stewart says he will have two investigators, an IT technician and a data analyst at his disposal.
"We do not know what the volume of complaints is going to be until after the act comes into force. If the volume is higher than anticipated, we will re-evaluate our resourcing at that stage," he says.
"The act stipulates that we must deal with spam with sexual content so that will be a top priority for us. We also have received notification of spammers in New Zealand from overseas contacts and New Zealand sources.
"We will be proactively contacting these people to encourage their voluntary compliance."
Bradley Anstis, director of product management at international security software company Marshal, which has its worldwide development centre in Auckland, says the anti-spam act will not have much effect on spam volumes.
Just 0.1 per cent of spam is sent from within New Zealand - though he expects that proportion will now go down. Marshal is willing to provide technical assistance to Internal Affairs to help it enforce the act if requested, he says.
Mr Anstis says the law brings New Zealand into line with other countries, but efforts to coordinate between governments a global crackdown on spam appear to have lost momentum.
"That is where legislation could play a part and that is most disappointing."
Spam is at its highest level ever and 72 per cent of spam is now sent from computers owned by innocent individuals whose PCs have been infected with "botnets", making perpetrators hard to identify, he says.
The latest wave of spam comes in the form of e-mails that appear to come from legitimate organisations and ask recipients to log on to a website to confirm login details. The websites that people are directed to infect their PCs with the Storm Trojan, which turns their PCs into a vehicle for sending out more spam.
Mr Anstis says spam might be reduced if Internet service providers took more responsibility for blocking malware and notifying customers if they became aware that their PCs had been infected by botnets. That could have a greater effect than legislation, he says.
Those measures are touched on in a voluntary code of practice for ISPs that has been drafted by InternetNZ, but Mr Anstis says enforcement is required for such measures to be effective.
The Dominion Post