Speech Liikanen bij OESO-workshop ter bestrijding van spam (en)

maandag 2 februari 2004

Erkki Liikanen

Member of the European Commission, responsible for Enterprise and the Information Society

Good morning ladies and gentlemen.

First of all, I'd like to welcome you all in Brussels. Some of you have had a long journey to be here and I appreciate that.

The European Commission is proud to host this OECD workshop and to enable you all to discuss in detail one of the biggest challenges the Information Society is currently facing: unsolicited communications, or 'spam'.

Back in 2003, when we offered to host this workshop on spam, we were not sure whether all OECD member countries would share our views. Today, with so many people present, I'd like to validate the first conclusion of this workshop before it even starts: 'spam' is indeed a challenge recognised by all.

Before entering into detailed discussions about spam, its business models, and its impact, I'd like to say a few words about (1) why action is needed, (2) how we have acted so far in the European Union, and (3) what we think the OECD could do at its level.

1)Why do we need to act?

Nobody will seriously contest that 'spam' has reached worrying proportions. In December 2003, more than 50 percent of EU e-mail traffic was estimated to be spam according to leading industry experts. At global level, 58 percent was estimated to be spam for the same period of time. What is even more worrying is the rate of growth of spam: in 2001 the figure was 'only' 7 percent.

Spam is a problem for many reasons:

- it is an invasion of privacy;

- it is often misleading;

    - pornographic spam can be harmful, in particular when minors are confronted to it.

In addition, spam implies extra costs for businesses. Just in terms of lost productivity, the cost is estimated in billions of EURO just for Europe. Some legitimate commercial or business communications are simply not read anymore.

The overall result is that spam undermines consumer confidence, while consumer confidence is a prerequisite for the success of e-commerce and, indeed, for the Information Society.

More generally, spam could compromise productivity growth, since the Internet and other services - broadband access, wireless access - are increasingly at the core of productivity in our economies.

This is clearly unacceptable.

2)What did we do so far in the European Union?

    The EU Directive on Privacy and Electronic Communications:

A first step was taken on the legislative front in 2002, by way of the Directive on Privacy and Electronic Communications. This Directive which was adopted by the European Parliament and the Council notably clarified what marketing communications would be allowed.

In short, this Directive has quite logically extended the principle of consent-based marketing or 'opt-in' that was applicable to unsolicited faxed, to emails and other forms of electronic mail such as SMS and MMS.

Hiding its identity, and not providing a valid opt-out address, have also been prohibited.

Sanctions must be foreseen in the laws of Member States, the choice of which is left to them as is generally the case with EU Directives. Many Member States have criminal penalties in more serious cases.

    The Communication on unsolicited commercial communications, or 'spam':

However necessary, legislation is only be part of the answer. The Commission has therefore identified, following consultations in 2003, a series of actions that build on the new rules, in order to make the 'ban on spam' as effective as possible. This was the subject of the Communication adopted last week.

In short, since there is no 'magic solution' to combat spam, we have called all interested parties to play their role:

  • -not only the states and competent authorities,

  • -but also industry, consumers and,

  • more generally users, of the Internet and other electronic services. Success in combating spam will depend on all interested parties playing their role, not just legislators, just industry or any other single stakeholder. Let us turn to the OECD.

Action must focus in particular on:

  • effective enforcement by Member States and public authorities,

  • industry self-regulation,

  • technical solutions,

  • consumer awareness,

  • and last but not least, international cooperation.

On enforcement for instance, it is good to see that Member States are bringing more cases against spammers. Two weeks ago for instance, a Danish firm was fined about 55.000 EURO for sending up to 1,500 spam.

The international dimension is also crucial, since much spam comes from outside the European Union. It is therefore good to see that the Action Plan adopted at the recent UN World Summit on the Information Society has identified the need for international cooperation on this subject.

    3) Now, what role do we see for the OECD in this international dimension?

We firmly believe that the OECD is very well placed to play a prominent role in this fight. The OECD should not waste time and energy in lengthy discussions on the exact instrument. A framework for action is needed now, and the prospect of a second workshop in South Korea, in about one year, has naturally built a calendar for us to work.

We see OECD action on spam focusing in particular on the five following basic elements:

1.Promoting effective legislation

First, all countries should aim to put in place effective legislation to combat spam. While legislation may not be sufficient, it is the minimum necessary to cope with spam, to define rights and obligations, and thereby ensure legal certainty.

Let's be clear: the object would not be to seek to impose one regime over another. We need to take into account the diversity of the regulatory approaches taken in OECD member countries. What is important is that effective legislation be adopted.

Effective legislation also means that countries have the necessary investigation and prosecution powers, as well as the ability to co-operate internationally.

Non-member countries should also be invited to implement effective legislation. Every country should start by cleaning up its own house.

2.Promoting international cooperation on enforcement

Secondly, and in view of the global nature of spam, international cooperation is essential to ensure the effectiveness of these anti-spam rules.

Appropriate bilateral and/or multilateral cooperation should enable appropriate information sharing and mutual assistance on specific spam cases. OECD can promote this cooperation on enforcement.

3.Promoting self-regulation by industry

Thirdly, industry - service providers, mobile operators - can do a lot to combat spam by adapting their contracting practices, as well as their marketing practices.

Codes of conducts should be assessed and these codes should be systematically improved with experience. Industry should also share their expertise and best practices across industry branches and across countries and regions in the world.

In relation to what I said earlier, cooperation between industry and enforcement authorities should also be promoted, in particular to trace spammers and provide evidence.

4.Promoting technical solutions

Fourthly, industry, research bodies and particularly the Internet community should continue to develop technical anti-spam solutions.

Collaboration should be promoted across sectors of industry (internet and email service providers, network operators (carriers), software developers) on anti-spam technologies.

This is both a short-term and a long-term issue. Security measures must be promoted (e.g., on open servers, open proxies). Filtering or software services as a basic customer service should also be recommended.

Long-term adaptations also need to be considered. Research in the economics of the technology used is also important to understand the business models for spamming and to consider how to create economic disincentives to spamming. Monitoring the trends and developments of spam is also necessary.

5.Promoting awareness and education

Finally, awareness and education are also central and should be promoted. Consumers and businesses should be in a position to know for instance:

  • what the rules of the game are;

  • how to limit his or her exposure to spam;

  • what filtering or basic security measures can be taken to minimise spam;

  • where to complain when confronted with spam.

I cannot really conclude at the beginning of a workshop. What is not disputable is that action is needed at the international level. I strongly believe that the OECD can play a prominent role and I hope that we will seize this opportunity.

At the end of these two days, I hope that we will have a clear idea for these 'next steps' to be undertaken at OECD level, with a view to adopting the right framework.

The next workshop is to be held in South Korea in about one year. There is no time to waste.

I wish you a pleasant stay in Brussels and I thank you very much for your attention.

Meer over...