Aussies give a damn about spam

Aussie Spam Act 2003
Australia has a Spam Act which is regarded as an elegant legal framework for regulating undesirable electronic correspondence (at least by those who see beauty in criminal law), firstly for taking a strict opt-in approach, and secondly for covering all sorts of messaging, not just email.

In fact, here at Sophos Australia we’ve added a whole load of acronyms to extend the word spam to cover new sorts of electronic abuse, including:

  • SPIT – spam using internet telephony
  • SPIM – spam over instant messaging
  • SPASMS – spam via SMS
  • SPATTER – spam via Twitter
  • SPEWS – spam through electronic web submissions

(SPEWS refers to messages which come into your company via forms on your own website. If your website generates email on the basis of content submitted by outsiders, make sure you put those emails through your spam gateway as if they were external. This stops automated form-fillers from using your website to sneak unsolicited messages past your spam filter.)

We are, of course, being slightly tongue-in-cheek above, but unsolicited messages of all these sorts are regulated by the Australian Spam Act, which is enforced by the Australian Communications and Media Authority.

ACMA is often dismissed as a toothless tiger which has done little to reduce overall spam volumes, notably from outside Australia. But there is little or nothing ACMA can do about spam from companies it cannot legally touch, or from senders it cannot identify. Inside Australia, however, AMCA has at least made some headway in several of the categories above, including, this month, against both unwanted email and misuse of SMS.

Though hardly major victories, these results make two clear points.

The first is that you may as well report infringing messages to your country’s regulator (if you have one, of course). The regulator may not be able to do much if you do report spam, but that beats the certain nothing it can do if you report nothing.

The second point is that by gradually making it clear what your local internet community expects in terms of good netizenship, your regulator can help to create an environment in which you can be increasingly willing not just to block the stuff you are sure is bad (and take a chance on the rest, just in case you miss some possible business messages), but instead to accept only the stuff you know you want (and actively say no to those who don’t clearly and visibly play by the rules, even though they may be existing business acquaintances).

Make yourself one of those people who does give a damn about spam!