SPAM AND THE EU Unsolicited Commercial Communications under the Directive on Privacy and Electronic

1
SPAM AND THE EU (Unsolicited Commercial
Communications under the Directive on Privacy and
Electronic Communications (2002/58/EC)) Spam
Summit, House of Commons 1 July 2003
Philippe GERARD, DG Information
Society
EUROPEAN COMMISSION
2
I - Background

• Note The positions expressed are those of the
  authorand do not necessarily represent the views
  of the Commission

3
(a) The Data Protection Directives

• The General Directive (95/46/EC)
• harmonised rules on data protection to ensure the
  free flow of personal data across the EU e.g.
  purpose limitation, fair processing, access to
  data, etc.
• note in particular harvesting is illegal in the
  EU
• The Specific Telecoms Data Protection Directive
  (97/66/EC)
• Directive 97/66/EC translated the principles set
  out in Directive 95/46/EC into specific rules for
  the telecommunications sector e.g.
• security
• confidentiality
• traffic data
• calling line identification
• public directories
• unsolicited commercial calls and faxes

4
(b) The New Package for Electronic
Communications

• Directive 2002/58/EC is also part of the new EU
  regulatory framework for electronic
  communications networks and services
• General objective a framework that is
  future-proof, pro-competitive, etc.
• On privacy and data protection in particular
  reflect developments and provide an equal level
  of protection of personal data and privacy,
  regardless of the technology used

5
(c) - Main features

• Widening of coverage to all electronic
  communications networks and services
• New definitions for communications, traffic
  data, location data and e-mail
• Services concerned on public communications
  networks in the EU
• The general Directive 95/46/EC is in principle
  applicable (unless otherwise provided)

6
II - The provisions on Unsolicited Commercial
Communications (spam) in greater detail
7
(a) - Why legislate?

• Some reasons
• Unsolicited e-mail is a problem for the
  development of e-commerce and the information
  society (e.g. confidence)
• Spam creates costs and nuisance for professionals
  and consumers
• Filtering systems used by ISPs seemed open to
  legal challenge
• Single market approach needed to avoid legal
  patchwork

8
(b) - Why an opt-in?

• Some reasons
• Privacy as a right, not as an option
• Consumer choice
• Responsiveness of permission-based marketing said
  to be very efficient (spam study 2001)
• Many possibilities (e.g. Web) to obtain consent
  from e-mail users
• Also
• Mere extension of the fax and automated calls
  regime (opt-in) to new developments
• Several Member States had an opt-in (high level
  of consumer protection)
• Reminder the harvesting of e-mail addresses to
  send them commercial e-mails is contrary to data
  protection principles

9
(c) - Basic principles (Art 13)

• Opt-in for unsolicited e-mail for direct
  marketing to natural persons
• Opt-out for use of contact details obtained in
  the context of a sale (existing customers)
• Legal persons legitimate interests to be
  sufficiently protected (B2B marketing) e.g.
  opt-in, opt-out

10
(d) Additional safeguards

• Disguise of identity of sender is prohibited
• All marketing messages must include a valid
  return address and allow opt-out also after
  earlier opt-in
• Note other provisions may apply e.g.
  misleading advertising, deceptive practices, or
  if illegal access to information systems
  (harvesting, hacking)

11
(e) - Definition of Electronic Mail

• Broad technology neutral definition (covering
  also SMS, MMS etc.)
• Any text, voice, sound or image message sent
  over a public communications network which can be
  stored in the network or in the recipients
  terminal equipment until it is collected by the
  recipient. (Art 2)
• In short any form of electronic communication
  for which the simultaneous participation of the
  sender and the recipient is not required.

12
(f) - Concept of Direct Marketing

• Covers any form of sales promotion
• Includes direct marketing by charities and
  political organisations (e.g. fund raising)
• Harmonised approach within EU to be ensured
  notably through the Article 29 Working Party
  composed of national data protection authorities

13
(g) - Existing customer relationship

• Opt-out allowed for use of contact details
  obtained from customers in the context of a sale,
  but
• May be used by the same company only
• Only for marketing of similar products or
  services
• Explicit opt-out must be offered at the time of
  collection and with each message

14
(h) - Application and Enforcement

• In short rules on spam apply to all messages
  sent over EU networks, regardless of where they
  originate
• Adequate complaint and penalty mechanisms must be
  established e.g. individual right or action,
  claims for damage, sanctions
• Monitoring of tranposition starting
• Practical follow-up underway, including on
  international cooperation

15
(i) - Follow-up

• Consultation and follow-up document
• Addressed to MS, competent authorities, industry,
  consumer associations
• Areas awareness raising, complaints mechanisms,
  effective enforcement, ADR mechanisms, coverage
  issues, contractual issues and SR, technical
  issues, international cooperation
• Informal online group to facilitate work on these
  issues

16
(j) - International cooperation

• Legislation is only part of the answer to this
  global problem, but legislation is part of the
  answer
• Strong international cooperation is needed to
  make it effective
• Bilateral and multilateral efforts (e.g. OECD)
• Industry and consumers to take part as well (e.g.
  TACD)

17
III - Timetable

• Adoption in July 2002 (OJ No 201)
• Transposition deadline 31 October 2003
• Follow-up under way with Member States, Data
  Protection Authorities
• Commission guidelines if appropriate
• Review in 2006 with particular emphasis on
  unsolicited commercial communications
• Note Directive 2002/58/EC is available at
  http//europa.eu.int/information_society/topics/te
  lecoms/regulatory/new_rf/documents/l_20120020731en
  00370047.pdf

18
Contact details