The Australian Communications and Media Authority today reflects on 10 years of anti-spam regulation in Australia. The Spam Act, which regulates the sending of marketing emails, SMS and instant messages, was enacted on 12 December 2003.
‘This was ground-breaking legislation—one of the first of its type in the world—and the ACMA has become a world leader in the global fight against spam,’ said ACMA Chairman, Chris Chapman.
The ACMA takes a multi-layered approach to minimising the impact of spam on Australians through education, global and industry partnerships, technology, and compliance and enforcement.
‘A decade ago everyone’s in-boxes were filled to the brim with offers of fake pharmaceuticals and luxury goods, amongst other unmentionables. As a result of consumer education, industry innovation and advances in technology (including improved spam filtering) Australians are indicating that they are less bothered by spam than ever before.’
But there is also a legitimate side to e-marketing and the ACMA has been working closely with industry to ensure they are aware of their Spam Act obligations. In 2013 alone, the ACMA has contacted nearly 4,000 businesses. Of those contacted, no further reports have been received in seven out of 10 cases. The ACMA’s blog ‘Successful E-marketing...It’s about reputation’ has also assisted industry by providing plain language advice about best practise e-marketing.
‘While the ACMA has had really sound success with its informal work with industry, we have also demonstrated that we are not afraid to take a hard line when we need to,’ Mr Chapman said. ‘From 126 investigations, we have accepted 23 enforceable undertakings and given 50 formal warnings and 17 infringement notices. We’ve also taken three cases to the Federal Court resulting in penalties of just under $30 million.’
The ACMA has been able to harness technology to its advantage in the spam fight. Not only has it developed sophisticated spam analysis tools that have been shared with a number of other regulators globally, but it has launched a number of initiatives. The newest is the ACMA Phishing Alert Service, which provides information to government agencies and financial institutions about websites purporting to operate in their name.
‘I’m also encouraged that the ACMA’s Australian Internet Security Initiative is also internationally recognised for the excellent work it does with Internet Service Providers, identifying computers on their networks infected with malware,’ Mr Chapman said.
‘It has evolved naturally from our decade of technical work in the anti-spam arena, and is another example of the steps the ACMA has taken to help Australians rid their in-boxes of unwanted junk.
‘Ten years ago, Australia was listed in Sophos’ top 10 spamming nations. Australia’s latest ranking has dropped to 44.’
If you receive marketing email that you think may not comply with the Spam Act, you can report it to the ACMA by forwarding the message to email@example.com. You can forward SMS spam to the Spam SMS service on 0429 999 888.
Click here to subscribe to the e-marketing blog, Successful E-marketing...It’s about Reputation.
For more information or to arrange an interview, please contact: Emma Rossi, Media Manager, (02) 9334 7719 and 0434 652 063 or firstname.lastname@example.org
Media release 90/2013 - 12 December
The Spam Act 2003 regulates unsolicited commercial electronic messages in Australia. Commercial electronic messages can be emails, SMS messages, MMS messages, instant messaging messages or any other similar messages.
The Act sets out that commercial electronic messages must have the following features:
> Consent - it must be sent with the recipient's prior consent. They may give express consent, or consent may be inferred from their conduct and 'existing business or other relationships'
> Identify - it must contain clear and accurate information about the person or organisation that authorised the sending of the message
> Unsubscribe - it must contain a functional 'unsubscribe' facility to allow the recipient to opt out from receiving a message from that source in the future.
The Spam Act provides a range of enforcement options and the ACMA determines an appropriate action on a case-by-case basis. Formal warnings are used by the ACMA to indicate concerns about alleged contraventions and allow for the business or individual to take compliance action to prevent any future contraventions.
Enforceable undertakings can be offered to the ACMA at any time and provide the opportunity for a business or individual to formalise its commitment to compliance with the Spam Act. The ACMA may also give an infringement notice in relation to particular civil penalty provisions. In addition, the ACMA can lodge proceedings in the Federal Court, including seeking an injunction.
The Australian Internet Security Initiative (AISI)
The ACMA developed the Australian Internet Security Initiative (AISI) to help address the problem of compromised computers (sometimes referred to as 'zombies', 'bots', or 'drones'). Computers can become compromised through the surreptitious installation of malicious software (malware) that enables the computer to be controlled remotely for illegal and harmful activities without the computer user's knowledge.
Compromised computers are often aggregated into large groups known as 'botnets'. Among other things, botnets are used to assist the mass distribution of spam and malware, the hosting of 'phishing' sites and distributed denial of service (DDoS) attacks on websites.
The AISI collects data from various sources on computers exhibiting 'bot' behaviour on the Australian internet. Using this data, the ACMA provides daily reports to internet service providers (ISPs) identifying IP addresses on their networks that have generally been supplied to the ACMA in the previous 24-hour period. ISPs can then inform the customer associated with that IP address that their computer appears to be compromised and provide advice on how they can fix it.
These ISPs are estimated to cover more than 95 per cent of Australian residential internet users. The ACMA aims to progressively increase ISP participation in the AISI over time.