ietf-asrg
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Asrg] RE: claims about law

2003-03-07 08:45:43
from [Tom Thomson] [Permanent Link] 
From: "Jacqui Caren" <jacqui(_dot_)caren(_at_)ig(_dot_)co(_dot_)uk>

To: "asrg(_at_)ietf(_dot_)org" <asrg(_at_)ietf(_dot_)org>
Date: Fri, 07 Mar 2003 12:53:11
Reply-To: "Jacqui Caren" <jacqui(_dot_)caren(_at_)ig(_dot_)co(_dot_)uk>
Subject: Re: [Asrg] RE: claims about law

On Fri, 7 Mar 2003 11:12:15 -0000, Tom Thomson wrote:


  3.4. The likely endgame for this behaviour is to force senders of
  unwanted bulk e-mail to stop lying about who they are, which is
  illegal in meatspace anyway


Why spoil what might otherwise be a fairly decent piece of work with a
blatantly nonsensical claim like this?  In the UK, the only time I am
required to identify myself as the publisher of something is when I

publish

election literature for a local, national, or European government

election


Depends upon your definition of 'publication'.

If you use your phone for commercial calls you are not legally entitled

to

withhold CLI .


The relevant law is Telecommunications (Data Protection and Privacy)
Regulations 1999 introduced under on 1 March 2000 the Data Protection Act
1998 which does not say anything like what you claim.  What it does say that
(a) direct marketing organisations must pay attention to TPS listings and
(b) you are not allowed to make your equipment fudge CLI data so as to
defeat ACR (effectively implementing section 8.3 of the EU's Telecoms Data
Protection Directive 97/66/EC). Same regulations prohibit delivering a
premium number as CLI. There is nothing there at all to require you to
provide CLI if you don't want to.  You could also look at section 6.2.1 of
Oftel's CLI guide (latest draft is 19 Sept 2002) which explicitly
contradicts your claim. Extremely similar laws, regulations, and directives
apply to fax. Of course I'm not a lawyer so you can't rely on my
interpretations of these laws, and maybe the rules have changed since Sept
19th last (but I think I would have heard about it if they had).  Of course
the telco knows who the caller is but that's not CLI at the receiver.

There is an EU directive making unsolicited bulk email illegal - bulk email
is legal only if the recipient has opted in (but watch out: "opt in" is a
legal term which doesn't mean what you probably think it means); this is
quite a lot stronger than the telephone directive (which only enforces the
TPS).  So if we could identify senders and track them down we could at least
have a decent attack on spam originating in the EU. Of course there are US
regulations about this too (I think the US rules are a good deal weaker than
the European ones in that you can spam someone as much as you like provided
you give them an opt out method that will work sometime in the future, but
even weak rules are still potentially useful).


I remember a very interesting discussion some years ago in uk.telecom
about the actual procedure required to get/force phone companies to

withdraw all

phone services from the offender if they withold CLI. As witholding CLI

is pretty

much a de facto standard for the vast majority of UC phone calls and the

vast

majority of recuitment agencies - they are all risking the removal of all

telephone

services if a complaint is made (correctly).


I think whoever took part in that discussion may have been confusing
non-spoofing of ACR with CLI (you can withhold CLI but you must not defeat
ACR either by faking CLI or by fooling the receiver into thinking CLI is
just unavailable when you've actually withheld it), or may even have been
confused between CLI and TPS: the Telecommunications (Data Protection and
Privacy) (Direct Marketing) Regulations 1998 (now superseded by the ones
mentioned above)introduced  punishment for "direct marketers" (telephone/fax
spammers) who ignored TPS.



Evidently the same goes for commercial FAX (but I have no corroboration

on

this).


The fax rules are much the same as the telephone rules.


Quite simply electronic communication (phone fax etc) is reasonably clear

and

if you know how (and are a persistent sod) can be applied with little

cost.

Yes, if you use TPS you will get very little phone or fax spam originating
in the EU. Using ACR will help too.


Email will have safegards within the EU but enforcement is not something
that joe public will have any real input in. (one law for the rich etc).


The EU email law is STRONGER than the EU phone/fax law, but the problems as
you say are in enforcement.


_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: [Asrg] Spam detection system proposal, Sauer, Damon
Next by Date:  [OT] Mailing list alternatives (was RE: [Asrg] Let's try something different), Gary Feldman
Previous by Thread:  Re: [Asrg] RE: claims about law, Jacqui Caren
Next by Thread:  [Asrg] RE: PLI and DNSSEC deployability and DNS based solutions, Tom Thomson
Indexes:  [Date] [Thread] [Top] [All Lists]