Today the FTC issued a press release indicating the U.S. will join with the other 29 OECD member countries to cooperate in combatting spam. 

If only the U.S. congress would use the OECD privacy principles to establish one comprensive data protection (privacy) law applicable for all industries and organizations!

The press release included the following:

"The FTC has joined its foreign partners in calling for stepped up cross-border law enforcement cooperation and increased public/private sector cooperation to combat spam. The Organization for Economic Cooperation and Development (OECD) issued recommendations in this area today. The OECD is an international forum of 30 countries, including the United States, established to promote economic growth, trade, and development.  Spam is a vehicle for deception, for spreading viruses and spyware, and for inducing consumers to provide confidential information that can later be used to commit identity theft. Spam poses unique challenges for law enforcement in that senders can send their messages from anywhere in the world to anyone in the world, thus making spam an international problem that must be addressed through international cooperation. The OECD’s specific recommendations to address these challenges include the following:

Government enforcement agencies should have the necessary authority to take action against spammers located in their territory or against foreign spammers who target consumers in their territory."

This will be interesting to see put to the test.  Considering the proliferation of spam, it should be a long wait.

"Government enforcement agencies should have the ability to share information with foreign law enforcement officials in appropriate cases."

I wonder how far this information-sharing will go with regard to the data collected for investigations?  There are certainly some data protection laws that will conflict with this recommendation.

"Government enforcement agencies should have the ability to provide investigative assistance to foreign authorities in appropriate cases, particularly in obtaining information or locating or identifying people."

Again, it will be a test to see this recommendation put to action with regard to "locating or identifying people."

"Government enforcement agencies should partner with industry and consumer groups to educate users and promote information sharing."

This would be great to have some high-quality awareness and training materials; the government has already created several good training materials that businesses can use as part of their awareness and training efforts.

"Government enforcement agencies should cooperate with the private sector to facilitate the location and identification of spammers."

I will look forward to seeing what these outreach efforts will be.

"Countries should cooperate in international enforcement efforts; efforts to reduce the incidence of inaccurate information about holders of domain names; and efforts to make the Internet more secure.
The FTC has implemented many of the OECD recommendations. For example, it has engaged in aggressive law enforcement against international spammers; worked with an international network of spam enforcement authorities; partnered with the private sector on consumer education; and encouraged the private sector to implement domain-level authentication systems. In addition, the FTC has suggested that Congress enact legislation called the US SAFE WEB Act that would give the FTC new tools to cooperate with foreign counterparts in fighting spam and other types of cross-border fraud."

I think a big problem is that often times the private sector is not aware of the efforts of the government offices, such as the FTC, to partner on education.

Technorati Tags
privacy
FTC
spam
OECD
information security
government