This article will be dealing with the exact meaning of spam or spamming, along with its harmful or illegal consequences. It will also explore the methods for dealing spam. We shall also deal with the laws related to spamming in India along with India’s position in the category of spamming.
- 1 Introduction
- 2 What Is Spam Or Spamming?
- 3 Why Is Spam Illegal?
- 4 Is Spamming A Crime?
- 5 How To Deal With Spam?
- 5.1 Technical Methods
- 5.2 Legal Methods
- 6 Laws Against Spamming
- 7 India And Spam
- 8 Suggestions
- 9 Conclusion
“Spamming is truly the scourge of the Information Age. This problem has become so widespread that it has begun to burden our information infrastructure. Entire new networks have to be constructed to deal with it when resources would be far better spent on educational or commercial needs.”– The United States Senator Conrad Burns
Unrequested Electronic Mail, also known as “spam” is an alarming sign which is seen in companies and among individuals. Spamming, often described as a hassle, is now giving rise to some misfortune. In the year 2002, US Companies suffered a huge loss of $8.9 billion because of spamming. Later in 2003, an estimate of around $255 million loss was faced by Non- Corporation Internet users due to spam. As the number of people using the Internet in India is increasing daily, the absence of any rules and laws that prohibit spamming and inadequacy of other spam-controlling measures has led to a rise to crimes. It is now time for the Government to take serious note of this threat.
What Is Spam Or Spamming?
Spam is described as Unsolicited Bulk E-Mail (UBE) or Unrequested Commercial E-Mail (UCE). In both cases, it is important to note that Spam is “Unrequested” which means that there is no initial connection between the parties involved and the receiver. The receiver has not specifically agreed to receive the correspondence. Now, we will explore the opinions on the origin of such spam mails. One opinion suggests that unsolicited/unrequested messages are for ‘advertising the products and services.’ This perhaps could be the most common way to define spam. However, it could be deceptive as well.
Spamming is, however, pocket friendly for advertisers since it reduces the burden of operating costs apart from the management of their mailing lists, servers, infrastructures, IP Ranges and domain ranges. Because of this reason, it becomes awkward to hold senders responsible for their bulk mailings. Another important reason for the senders not to be held liable for spamming is that the entry of numerous spammers is hassle-free which leads to high flow of unsolicited emails. By the end of the year 2011, the round figure of spam messages was around seven trillion.
This affected the public at large in many ways, such as loss of productivity and fraud, which was sustained by the public and the Internet Service providers. Spamming is a matter of concern and an important issue which needs the attention of the legislature in many provinces all over the world.
Why Is Spam Illegal?
There are three main reasons for spam to be called illegal
Content is the primary and topmost reason for spam to protest against. Business messages, which encourage sceptical ventures and messages that contain sexually explicit material, are some of the reasons to describe SPAM as illegal. Besides this, one of the most important reasons is that few messages contain harmful codes and malicious files are sent as an attachment.
Consumption of Internet Resources
A serious and crucial part of all the emails communicated, extensive usage of network bandwidth, memory, storage space, and other resources are represented by Spam. Many web users and server admins spend a lot of time interpreting, deleting, sorting, and restricting spam which means they pay more for Internet access. Therefore, unnecessary costs are incurred in dealing with and handling spam mails.
The threat to Internet Security
Simple Mail Transfer Protocol (SMTP) Servers are often exploited and instructed to send copies of a message to a long list of recipients by the spammers. Spammers who are often termed as Third-party, usually represent a threat of service because it is an unauthorized appropriation of computing resources. A company’s goodwill may be at risk if it chose to associate itself with spam as many illegal details are mostly shared via spam.
Is Spamming A Crime?
After defining and describing Spam and Spamming, the top main issue is what is the basic element of cybercrime and can spam be termed as a misdemeanour in law.
Cybercrime has been defined comprehensively. The definition of cybercrime is ‘a criminal activity committed on the Internet’. The point of criminal activity embedded in the definition of cybercrime is a conclusive aspect as to whether spamming leads to cybercrime or is just a time killer.
The primary issue is to somehow criminalize spamming emails so that it is deemed as a cybercrime. In other words, how would it be feasible to decide whether or not there has been criminal activity in the case of email spamming?
Almost all of the old laws developed the idea that email spam should be handled in the very same way as junk mail as they possess similar traits. It should also be noted, however, that in the case of junk mail, the sender bears the cost of sending the email while in the case of a spam email, the recipient bears the expense through higher operating costs from their Internet Service Provider.
Criminal law, while coming across the problem of categorizing offences, usually refers to antiquated legislation that fits the modern crime. Hence, in the case of email spam, the line of attack is to label spam emails as an offence of trespass. Nevertheless, in so far as the Internet Service Provider is concerned, the crime of trespass will stay consistent, and in case of the receiver, will not be liable for the offence of trespassing.
A team of lawyers who encourage to incorporate spamming within the purview of criminal law advice that spamming is not only a business of losing hundreds of millions of dollars annually, but it has also been generally very dangerous in the form of malicious links which aim to cheat innocent people.
Most opponents not preferring criminal law enactment contend that to criminalize spamming would be confining the option to free speech. The contention set forth is that the use of the Internet is for sending and receiving messages and since it is an unregulated space, there is an option to free speech. This contention also cannot be ignored.
Formation of spamming includes two points: They are,
- The content of the spam mail.
- The mechanism by which the spam email has been broadcasted.
It should be noted that the Right to Freedom of Speech [Article 19(1)(a) and 19(2)] is not an absolute right, since it is obvious that the right to freedom of expression has certain limitations. So any spam email that contains content that is sexist, racist or inflammatory would violate criminal law.
How To Deal With Spam?
Usually, the primary way of defence against spam is self-help as well as other technological mechanisms. These methods can be enacted by independent Internet users, government agencies and other service providers, and also by different private entities, which are also specialized in spam combat.
Filtering and Blocking
End-User Filtering and Collaborative Filtering
End-user sorting helps the receiver by completely denying malicious emails while collaborative filtering involves the sorting done by the internet service providers (ISP) and proxy filtering services ( A proxy server is a server between you and the online world. It runs every request through a filter, searches every address in its database of sites which are authorized or prohibited, and enables or blocks any request relying on its internal database).
The system administrator can modify the proxy server to enable or restrict specific websites, and if there is a page that has been blocked and you don’t think it ought to be, you may be able to ask the IT department to reactivate that website on the proxy server. Such as Brightmail.
Blocking makes it possible for destination operators to stop spam delivery. Many databases are sometimes referred to as blacklists, or “blackhole lists,” which is often used by the spammers. These databases may be used by destination operators to locate and deny the delivery of selected incoming messages.
Hiding from Spammers
This method helps in hiding the beneficiaries’ e-mail addresses, thus making it more difficult for the spammers.
This process is to request the spammer to remove the beneficiary from the mailing list. Of all the above measures, this is the most inefficient because fraudsters rarely remove a mail address from their mailing lists.
Without appropriate technological security, strict legislation is essential for dealing with the spam problem. In the U.S. House of Representatives, several spam-related bills were introduced, of which only the 2003 CAN-SPAM Act (the Controlling the Assault of Non-Solicited Pornography and Marketing (“CAN-SPAM”) Act to set a national standard for the regulation of spam email)1[15 U.S.C. § 7701(a)(11); S. Rep. No. 108-102 (2003)] came into effect.
Anti-spam legislation has also been enacted by the European Union and other countries like Spam Control Act, 2007 (Singapore), Canada’s Anti-Spam Act, 2014 and the Privacy and Electronic Communications (EC Directive) Regulations, 2003. Australia, which reports for about 16 percent of the world ‘s overall spam, has the most strict spam laws (Spam Act, 2003) under which spammers can be penalized equivalent to $1.1 million a day. Although anti-spam legislation is found throughout the world, the methods used to combat spam are virtually similar, as is obvious from the following:
The state of Delaware in the United States has strict anti-spam laws and regulations that enforce a cyber restriction on unsolicited commercial advertising e-mail messages The European Union does not prohibit unsolicited commercial e-mails but allows individual governments to do so. Finland, Germany and Italy all have laws restricting UCE, while both UCE and UBE are expressly forbidden by Austria.
Enforcement of Anti-Spam policies
In general, internet providers and other destination operators have policies governing the use of their facilities for various purposes, and almost all of them prohibit spamming in general. As a result, some legislation focuses primarily on the follow-up of these policies.
Several laws, along with the US CAN-SPAM Act, provide for an opt-out method in which senders may communicate with anyone except those who have chosen to use the opt-out method.
Other Statutory Provisions
Data protection laws in some provinces govern the compilation, use as well as the transfer of personal information which may include email addresses and other details, and laws have been recommended in the United States House of Representatives to remove the right of spammers to acquire email addresses from domain name registration databases.
In addition to or in place of private actions, several jurisdictions provide for criminal sanctions or other government enforcement mechanisms.
A significant proportion of anti-spam laws enacted and severe penalties imposed on spammers are evident from the fact that the global community has recognized the threat of spam and is taking measures to combat it effectively. It’s time for India to join the truck.
Laws Against Spamming
At present, the Indian Government has yet to pass a law that directly talks about the concern of spam. Existing law in the form of the Information Technology Act 2000 doesn’t encompass any clause responsible for the regulation of spamming, even though it does curtail absurdity which applies to the publication, transmission or publication in digital form of any material which is sexually explicit or which is of main concern.
There are several reasons for having strict regulations to reduce, control and prosecute spammers–
The Hon’ble Delhi High Court noted the lack of adequate spam laws and regulations, in which it was observed that, in the absolute lack of substantive laws for the control of spam emails, the traditional principles of tort, trespass and nuisance had to be applied. [Tata Sons Ltd and its subsidiary Panatone Finvest Ltd vs McCoy Infosystems Pvt Ltd (2004)].
As the count of internet users are increasing daily, the scrap emails and spam are multiplying. It has now turned into a necessity that the required measures have to be taken to curb spam before it turns into a bigger disaster like in the United States.
The Ministry of Information Technology has started a dialogue on the incorporation of statutes against spammers. Even then, the Ministry has been unable to decide whether the penalties for spammers should be imposed after verification of the nature of spam, that is, whether the act of spamming has been done unintentionally or on purpose.
The ruling party is planning to set up a Communications Security Research and Monitoring Center to track the movement of criminal organizations on-line. The Nodal implementing agency would be the Center for the Development of Telematics for the same purpose. Research, a wing of the Center, would take into account different communication technologies and inspect all types of traffic, such as satellite, wireline, wireless, Internet, email, VoIP, encrypted communication for the decryption of net-based encryption techniques, regulatory standards to be adopted by telecommunications operators and systems analysis.
India And Spam
According to BBC News, India is at the top in leading the world to spew spam. Compiled by security firm Sophos, the report says: An estimate of 10% of all scrap emails sent all over the world was operated through computers in India. India was ranked 5th among all countries for spam calling and was placed 8th for sending unwanted messages or spamming messages, as claimed by the data report of Truecaller.
The legislature can think about having definitive provisions on the issue with the following:
- A comprehensive definition specifically showing what falls within the spectrum of spam, a standard concerning UBE and UCE.
- A knowledge of permission-based opt-in and opt-out protocol where institution must first ask for permission from the user to send e-mail/spam, the recipient must verify that he/she agrees to subscribe to these emails and, if subscribed by the user, have a switch-out option in which the recipient can unsubscribe at his / her needs.
- Criteria relating to:
- Adequate classifying of the information in the subject-matter of spam. E.g. adult content should be marked as “sexually explicit”;
- How the email writer obtained the e-mail address of the beneficiary;
- Proper identification of the spam sender, including postal address, telephone number and contact person information;
- Control on the quantity of UCE sent within 1 year; and
- An appropriate judicial method in the case of breach of any of the factors. The law will also allow for civil and criminal prosecution of infringements of the law.
- The parliament will allow for the extraterritorial application of the provisions in the scenario in which a firm which has violated the legal duty is established in a foreign country. This ability of extraterritoriality might become close to that written in the Criminal Code.
- The law may also provide for a ‘do not disturb service’ or spam preventing alternative, identical to the one embraced by the TRAI, in which the user does not receive any spam.
- Special provisions could be made, if at all, to the promotions conducted by the State or the various entities of the State in the performance of its sovereign functions.
- Another alternative to avoid spam might just be the inclusion of social interaction testimony through the email, which might prevent institutions from mailing bulk mail. Social interaction proof is a unique 5-digit code that appears on the computer, such as “ER5G1,” etc. containing various digits and alphabets, which is like a digital signature. This will avoid the institutions sending UBE’s and UCE’s because it would be time-consuming to type the human interaction proof to send through email.
- Establishing a rigorous and vigilant tribunal to impose the provisions of the code. In my opinion, Cyber Appellate Tribunal (Cybat) has always been a complete mess for the last 5 years.
Spam legislation is non-existent in India. The Information Technology Act of 2000, which had received appreciation, does not talk about the serious issue of spamming. It only refers to the punishment meted out to a person, who after having secured access to any electronic material without the consent of the person concerned, discloses such electronic material to any other person (Section 66, 66B, 66C, 66D, 66E & 66F of IT Act, 2000). It does not have any bearing on violation of an individual’s privacy in Cyberspace. The illegality of spamming is not considered.
The other effective reasons to introduce a broad set of rules to restrain, control and punish spammers are:
• The Delhi High Court acknowledged the absence of appropriate legislation concerning spam in a recent case wherein Tata Sons Ltd and its subsidiary Pantone Finwest Ltd filed a suit against McCoy Infosystems Pvt Ltd for channelling spam. It was then observed that the traditional tort law principles of trespass to goods as well as the law of nuisance would have to be used as there are no statutory provisions related to spamming.
• As the count of internet users are increasing daily, the scrap emails and spam are multiplying. It has now turned into a necessity that the required measures have to be taken to curb spam before it turns into an enormous dimension like in the United States.
After the enactment of the Indian Arm of the Coalition Against Unsolicited Commercial E-Mails (an International Organization against spam), several attempts have been made to combat the spam threat. Nevertheless, in the absence of powerful laws and technical improvements, the escalation in the growth of spam seems unavoidable.