Commercial electronic mails needs to be regulated, if not such Unsolicited mails are more than harassment to users and cause much waste of time, consumption of storage space, very much of hassle to users , and may result in attacks such as phishing.
Commercial Electronic messages is meant here for “commercial activity” where any particular transaction, act or conduct or any regular course of conduct that is of a commercial character, whether or not the person who carries it out does it for profit, or not.
The most important means of controlling or regulating UCEM is by having a legislation that will deter that, where ;
(i) It will require commercial electronic messages to include accurate information about the person who authorised the sending of the message and a functional unsubscribe facility in order to enable the recipient to instruct the sender that no further messages are to be sent to the recipient.
(ii) It will prohibit the alteration of transmission data and the installation of computer programs which can cause an electronic message to be sent from a person’s computer without the owner’s express consent.
(iii) It will prohibit address-harvesting software or a harvested-address list from being used in connection with sending unsolicited commercial electronic messages. This will bring in the Data protection provisions with regards to database of e-mail address for persons or legal entities.
Consent of the person receiving the mails would be the most debatable aspect in this piece of legislation as “consented to receiving” may be Express or Implied Consent such as ;
(i) Express consent - that needs to be set out clearly and simply by the party seeking it, and whether given by the relevant electronic address-holder or any other person who uses the relevant electronic address;
(ii) Implied consent - that can reasonably be inferred from the conduct and the business and other relationships of the persons concerned, or where consent has been given in an implied manner such as by publishing an electronic address in a business or official capacity relevant to the business or official capacity, and the publication of the address is not accompanied by a disclaimer to the effect that the relevant electronic address-holder does not want to receive unsolicited electronic address messages at that address.
The definition of electronic mail and message will be as important to determine if there are infringements to provisions of UCEM legislations.
For Electronic Mail” - any text, sound or image message sent over a public electronic communications network which can be stored in the network or in the recipient’s terminal equipment until it is collected by the recipient;
For Electronic Message - a message sent using a telecommunications service and sent to an electronic address, and includes -
(a) a message which is sent to an electronic address, whether or not the electronic address exists or the message reaches its intended recipient;
(b) an electronic mail;
(c) a message sent using a short message service;
The law enforcement authority, their powers, penalties and jurisdiction issues for infringements would also form part of such legislation, and this part can surely be inspired from the Budapest convention on Cyber Crime.
The objective to deter UCEM through legislation would be to:
(a) promote a safer and more secure environment for the use of information and communication technologies;
(b) to avoid the hassle of unsolicited e-mails to users, and risks of attacks like phishing
(c) reduce the costs to businesses and the wider community that arise from unsolicited commercial electronic messages;
For countries that have not yet enacted legislation on Computer Misuse and Cyber Crimes, they can even consider having the UCEM within their Computer Misuse and Cyber Crimes Act at one go.
I request for comments from those that already have such provisions in their laws in their countries.