You are currently browsing EDRi's old website. Our new website is available at

If you wish to help EDRI promote digital rights, please consider making a private donation.

Flattr this


EDRi booklets

Spam & spyware

Recommended Reading: EU spam regulations ineffective

5 May, 2004

The Amsterdam institute for information law published a study (commissioned by Sybari software) about the impact of the new anti-spam regulations in the EU. Their conclusion is not encouraging. "An important limitation on the effectiveness of the E-Privacy Directive is the simple fact that most spam originates from outside the EU. (...) Beyond that, the effectiveness of the E-Privacy Directive depends on its implementation in national legislation. So far, implementation has been rather slow in a number of countries." The study warns about large differences in the EU in the legal protection of corporate users and users which are not subscribers. The most important recommendation is for the EU to take additional actions to promote effective enforcement mechanisms.

Regulating spam: Directive 2002/58 and beyond (April 2004)

Dutch Spammer Bevelander fined 25.000 US Dollar

7 April, 2004

The Dutch spammer Martijn Bevelander has to pay 25.000 US Dollar to the US Federal Trade Commission, for unfair and deceptive acts of commerce. Bevelander and his company Maps Holding BV were accused by the FTC for misrepresenting the subject line, 'spoofing' (faking) the sender) and creating untrue opt-out possibilities in large amounts of unsolicited commercial mail. Both Bevelander and his US business partner Brian Westby have agreed to settle out of court. Westby pays 87.500 US dollar to the FTC.

According to the complaint, Westby sent large amounts of adult e-mails with misleading subject lines, like 'Did you hear the news?' en 'New movie info'.

For a period of three years, they both have to notify the Commission of any change in their private address and telephone number, any change in their employment status, and make all their current and future personnel sign a statement that they have read the FTC-order.

XS4ALL wins appeal in Dutch spam case

24 March, 2004

The Dutch Supreme Court has ruled that the Dutch internet provider XS4ALL is permitted to refuse spam on its network. It is the first time that a supreme court in Europe has ruled on the rights of spammers.

In the view of the Supreme Court, the fact "that XS4ALL has exclusive rights to its computer capacity, transmission capacity and customer base (its computer system)" outweighs the appeal made by AbFab for freedom of speech. Providers in the Netherlands have no conveyance obligation, not even if the spammer offers specific payment for the costs of relaying the spam (a spam-stamp). Based on this judgement, all providers in the Netherlands can impose an a priori ban on the sending of spam, even when addressed to their business customers. This judgement therefore goes further than the new spam legislation planned for the Netherlands

Germans consider prison sentence for spammers

24 March, 2004

The German newspaper Frankfurter Allgemeine reports about plans from the governing Social-Democrats (SPD) to make spamming an offence in Germany. According to the SPD, merely introducing fines is not enough, and spamming should become an offence, with penalties or a prison sentence. The working group on Telecommunication and Mail of the SPD did not yet decide on the length of the desired sentences. Germany will implement the anti-spam legislation in a specific law against unfair competition that also forbids unsolicited faxing, not in the simultaneous pending revision of the Telecommunication Law.

According to SPD-representative Ulrich Kelber prison sentences are necessary to be able to stop the biggest spammers, that send out millions of unsolicited commercial mails. 2 or 3 of the biggest spammers from the

Dutch police arrests 52 'Nigerian' spammers

11 February, 2004

In January, Dutch police have arrested 52 people suspected of large scale internet fraud with the infamous 'Nigerian e-mail' scam.

The scammers sent spam e-mails asking for help in transferring a large sum of money out of their country (usually Nigeria), in exchange for a generous percentage. According to an AP news report, the gang had reaped millions of Euros. A task force of 80 officers raided 23 apartments, seizing computers, fake passports and 50.000 Euro in cash.

Jan Willem Broekema, board member of the Dutch Data Protection Authority explained during the OECD workshop on spam that he expected hundreds more to be arrested in the nearby future, presumably putting a worldwide stop to the Nigerian scam.

Arrests have been made in several countries in recent years, including

Results OECD workshop on spam

11 February, 2004

During the OECD workshop on spam, held in Brussels on 2 and 3 February, the consumer unions of Europe and the USA (united in the Trans Atlantic Consumer Dialogue) presented the results of a survey amongst 21.102 consumers on both sides of the Atlantic Ocean. 96 percent of the people said that either they hated spam or that it annoyed them. 82% of the respondents said that governments should only allow commercial e-mails to be sent if the recipient has agreed in advance to receive them (opt-in).

In spite of this apparent massive wish for opt-in, representatives from the US Federal Trade Commission defended the new opt-out legislation in the United States. This invoked polite criticism from Commissioner Liikanen and less politely worded responses from representatives from ISPs and consumer associations.

European Commission communication on spam

28 January, 2004

The European Commission has finally published a Communication on spam, just in time for the OECD conference on spam, hosted by the Commission on 2 and 3 February. The Communication focusses on actions to be taken by the EU member states in order to make the ban on spam more effective. Clearly, implementing the EU directive on privacy and electronic communications (2002/58/EC) is the first and most important step. 7 out of the 15 member states have not yet transposed the directive, Belgium, Germany, Greece, France, Luxembourg, the Netherlands and Portugal.

In general, the Communication does not bring much clarity to the complex problem of banning spam. It only signals problems caused by the impossible compromises dictated by the Directive. For example, Member States may decide for themselves how and by whom the enforcement should be done. In some countries the Data Protection Authority is given the responsibility, in other countries the task is delegated to the National Regulation Authority or the Consumer Ombudsman and in many countries responsibility is not clear at all. The Commission 'solves' this problem by calling on all national parties to collaborate. Even when it is clear who the competent authority is, it often lacks investigation and enforcement powers to trace and prosecute 'spammers'. "The Commission will look to confirm that national transposition measures provide for real sanctions in the event of breach of the relevant requirements by market players, including where appropriate financial and criminal penalties."

Polish government allowed to send SMS-spam

28 January, 2004

According to a recent decision from the Polish Data Protection Authority (Generalny Inspektor Ochrony Danych Osobowych - GIODO) a massive SMS-spamrun from the Polish government was perfectly legal. A governmental agency committed this run in June 2003 as a last-minute reminder to citizens of the upcoming referendum about the European Union.

Of the 30 million Polish inhabitants 58.85% were eligible to vote, and no less than 77.45% of them voted in favour of joining the European Union in the referendum held on 7 and 8 June.

The Bureau for European Integration managed to send all owners of mobile phones in Poland an SMS-message reminding them that they could vote until 20:00 PM. Only the people that had previously opted-out with their operator were excluded.

One of the spammed cell phone owners decided to complain about his telecom operator for this violation of his private data. However, according to the Polish Privacy Authority this spam was not unlawful, since it was not a commercial message. Sending commercial messages towards individuals by means of electronic communication is forbidden since 10 March 2003 under the Polish law concerning the provision of electronic services (adopted on 18 July 2002). Spamming is not forbidden for privacy-reasons, but because it is considered unfair competition. The Bureau for European Integration was allowed to send the SMS-spam because of its legal mission: promote public knowledge about European integration in Poland.

Syndicate content


Syndicate contentCreative Commons License

With financial support from the EU's Fundamental Rights and Citizenship Programme.
eu logo