1 / 19

Spam laws in Australia and surveillance

Spam laws in Australia and surveillance. Does our Spam Act stop Spam, or invite routine email surveillance at work?. David Vaile Executive Director Baker & McKenzie Cyberspace Law and Policy Centre Faculty of Law, University of NSW www.bakercyberlawcentre.org. Promise more than deliver?.

raziya
Download Presentation

Spam laws in Australia and surveillance

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Spam laws in Australia and surveillance Does our Spam Act stop Spam, or invite routine email surveillance at work? David Vaile Executive Director Baker & McKenzie Cyberspace Law and Policy Centre Faculty of Law, University of NSW www.bakercyberlawcentre.org

  2. Promise more than deliver? • Internet: strange beast to regulate • ‘Cyberspace’ out there • Jurisdiction: none or too much? • Brave attempts to legislate • Good intentions and ingenuity • But often undermined by a flaw • Fails to deliver on promise • Side effects can swamp intended effects

  3. Email surveillance and Spam • Spam threatens viability of email system • Legislation in 2003, each flawed • IT security seen as ultimate Spam solution • Workplace surveillance as the answer? • Threat to privacy of email • Misses the target • Won’t work • Erosion of trust, collateral damage • Undermine training, organisation intelligence

  4. Spam threatens email’s viability • Spam is 2/3 of all email (Messagecare) • Technical load on infrastructure • Threat to trust, Internet social bonds • People begin to abandon email • Network effect declines • ‘Tragedy of the Commons’ (Catlett) • Market and technical failure

  5. Some problems with real Spam • ‘Epidemic’ of asymmetric attacks • Sender is hidden • Sender is out of jurisdiction • Spam bots • Address harvesting • Hybrid worms with built-in mail servers! • Arms race, cheap technical advances • Eg, Anti-filtering content

  6. A tale of 2003 Spam laws • Reaction to threat to Email system • California’s Spam law • US Federal ‘CAN-SPAM’ Act • Australian Spam Act • EU Directive (not covered) • Spot the crippling flaws…

  7. Californian Spam laws of 2003 • Stricter legislation than Australia • Requires prior consent (‘Opt in’) • Can’t rely on ‘Unsubscribe’ • Unsubscribe is too late • ‘Private right of action’ • Anyone could have sued; but … • Overridden by CAN SPAM (federal)

  8. US CAN SPAM Act 2003 • ‘Opt out’ not ‘opt in’ • Requires only: • Good return address • Honour opt out request • Over-rides Californian law • Weakens protection drastically • Triumph of Direct Marketers

  9. Australia’s Spam Act 2003 • A different political balance • ADMA accepted ‘Opt in’ (unlike US) • Loopholes to drive a truck through? • Exempt bodies, Purely factual messages • Dragnet to catch slippery spammers • Single message can be Spam! • Harsh ‘search and seizure’ powers

  10. Concepts • ‘Commercial electronic messages’ • Banned if not solicited • Explicit or implicit consent • Covers individual emails • Drastic fines for repeat offenders • Complex exemptions • Relationships relevant to the test

  11. Enforcement of Spam Act • ACA under-resourced • ‘Softly softly’ policy • Target the extreme abusers • Liability net is wide and complex • Many offences not prosecuted • Wide discretion, uncertainty

  12. Risk of Spam Act prosecution • Liability v. risk of prosecution? • Serious Offences • Huge Penalties • But ACA policy, resources • Intention needed for offence? • Practical risk of single message Spam • Difficult to frame legal advice

  13. Problems of email at work • Complex Spam liability rules • Other legal issues • Viruses and security • Pornography etc. • Temptation to track everything?

  14. NSW workplace surveillance law • Announced 30 March 2004 • Workplace surveillance already regulated • ‘Strict laws & protocols to restrict employer snooping on workers phone’ • Workplace Video Surveillance Act • To be amended to cover email, other tech. • Prohibits email surveillance • Without court order or consent • Challenges IT control, Spam monitoring

  15. Issues • Industrial opposition to monitoring • Balance of interests • ‘Mutually respectable workplace’ • Privacy rights protected in a new sphere • See Privacy Acts Federal and State • Focus on consent

  16. Bark worse than bite? • Act is not passed yet • Unclear real intention • Reduce secret surveillance • May just result in forced consent • Potential to be stricter - details! • Any practical effect? • Precedent for other safeguards?

  17. Surveillance stops Spam? • Divergence of views • IT solution v people solution • What is the problem? • After the fact – too late • Not reveal the basis of exemptions • Inadvertent breaches of the Act

  18. A better solution? • Trust and respect • Training and peer support • Sensible policies & goodwill • Cooperation with ACA, ACCC, TIO … • Complaint-based approach • Review marketing and PR • Seeking consent is good business

  19. Conclusion • Spam law unintended consequences • Surveillance culture • New awareness of privacy • NSW anti-email surveillance law • Effective risk management • Low risk of prosecution • Better solution

More Related