Spammers still a law unto themselves

Unfortunately, they seem to be worth little as they are often vague, lack enforcement mechanisms readily accessible to the public (who don't want to add to the work load of police officers with low priority items) or still lack the implementation systems and tools envisioned by the legislation to protect them.

Ant Brooks, spokesperson for the Internet Service Providers Association (ISPA), says current legislation offers weak protection against spam. And what is in place is hardly ever enforced.

First line of defence

Section 45 of the Electronic Communications and Transactions (ECT) Act of 2002 is the first line of defence for consumers against spam and states that "[a]ny person who sends unsolicited commercial communications to consumers, must provide the consumer
(a) with the option to cancel his or her subscription to the mailing list of that person; and
(b) with the identifying particulars of the source from which that person obtained the consumer's personal information, on request of the consumer."

Consumers are left to institute charges when companies fail to comply with the act, and do we really want this to be a priority of police officers? (Easy: no.) The issue of responsibility down the supply chain is also open to question.

For instance, I recently received unsolicited communication from Hospital Premium Cover, which on enquiry complied with the ECT Act by not only removing my details from its database and undertaking not to message me again but also by providing me with the details of the company it purchased its database from, Datadirect24.

Datadirect24 initially promised to implement "a full investigation to track the excate [sic] source of your email address and will keep you informed." That was late September. I've had no joy in getting any feedback from it as yet and, at this stage, don't really expect to. After all, it did not directly send me any information - it simply facilitated the process for its rather naïve client.

A couple of gaping holes

My contact details (and more besides) are out there drifting around in databases ready to be sold and resold, in spite of the ECT Act. Here is a paper by Lance Michalson shredding any real hope that the act can protect consumers. This 'first line of defence' seems to have a couple of gaping holes in it, to say the least.

The National Consumer Protection Act would provide some recourse if it actually implements its national opt-out database - something the legislation caters for but which for now doesn't exist. There has been some discussion as to who should operate the database - at one stage even the Direct Marketing Association of South Africa (DMASA) was in the running - something that lead to a consumer and media backlash.

Brooks says the latest feedback he has is that the National Consumer Commission will manage the list in-house. Companies will eventually be forced to check their databases against the national opt-out database or be fined 10% of turnover, or R1 million. Enjoy the wait in the meantime.

The Protection of Personal Information (PPI) Bill is yet to reach Parliament and will offer the strongest protection yet to consumers, says Brooks. It could criminalise trade in databases which don't fulfil legal requirements for data collection, and would set strict criteria aimed at protecting consumers' personal information - although consistent lobbying by various players might still dilute some of the bill's clauses. The bill is still winding its way through the corridors of power and isn't expected to be implemented soon.

Direct action

The ISPA, which represent a good number of South African Internet Service Providers, does take direct action against spammers through its 'hall of shame' which publishes the names of spammers (and identified address resellers) while the Wireless Application Service Providers' Association also takes action when complaints are lodged against its members (though most SMS spammers are not members of WASPA).

So, plenty of legislation but few options for consumers on the receiving side of spam. Name 'em and shame 'em seems to be the most effective tool to dissuade marketers from spamming you, so give their details to the ISPA, and make some noise on your social media platforms.

Brooks also says that smsing STOP to SMS spam is generally effective, though you still have to pay for the SMS, while around 50% of unsolicited email senders will adhere to an unsubscribe request.

Walter Penfold, MD at Prefix Technologies, a provider of email and SMS marketing solutions, meanwhile encourages consumer to contact service providers (when you are able to track them down) with information on spam, which will result in termination of the user accounts of spammers.

"If a recipient demands proof of where the sender obtained their email address and the sender cannot provide that proof, we would consider this grounds for terminating the account," says Penfold.