Privacy 21 April 2017

Collaborating to Eliminate Spam and Nuisance Communications

This report summarizes a workshop held by the Canadian Radio-television and Telecommunications Commission (CRTC) and the International Institute of Communications (ICC) in October 2016 in Bangkok, Thailand, that brought together experts from around the world to look at how best to combat spam and other forms of nuisance communications.

For more information, please see:

Background

On 11 October 2016, the Canadian Radio-television and Telecommunications Commission (CRTC), in partnership with the International Institute of Communications (IIC), hosted a workshop on combating spam and other forms of nuisance communications. The half-day event took place as part of the IIC’s annual Communications Policy & Regulation Week in Bangkok, Thailand.

Like many communications regulators, the CRTC is committed to ensuring that its citizens have access to a world-class communications system – one that is safe, secure, and trusted. As part of this mandate, the CRTC is responsible for promoting and enforcing compliance with Canadian unsolicited communications policy frameworks. The CRTC also works continuously to improve its ability to collaborate with key partners – the private sector, domestic government partners, and foreign governments – in an effort to reduce harm to consumers arising from the abusive nature of unsolicited communications. The global nature of communications networks, and associated abuse of those networks, makes work across jurisdictions critical to success.

In partnering with the IIC, the CRTC sought the opportunity to further advance international cooperation on this important issue. The IIC provided the ideal forum for discussion, since it offered an independent, international, and distinguished platform to discuss the critical and evolving impacts of spam and nuisance communications on citizens and businesses globally. The IIC also offered access to a global network of senior-level industry strategists, regulatory authorities, enforcement agencies, academics, and other experts. The workshop introduced the IIC to the unsolicited communications enforcement community, and broadened the discussion of communications policy issues. Finally, the IIC provided an open and balanced environment for new ideas to emerge.

WORKSHOP OBJECTIVES

The purpose of this workshop was threefold. Its first objective was to bring together experts from both policy and enforcement communities around the world, enabling them to exchange views and experiences in policy, regulation, and enforcement related to spam and nuisance communications. These different communities are actively engaged in conversation and productive work to combat spam and other unsolicited communications. However, too often, these conversations take place in isolation, remaining mostly within each community; consequently, policy may be developed without sufficient consideration for enforcement needs, and feedback from investigators may not make its way back to policymakers, resulting in legislative barriers that hinder enforcement activities. Workshop participants were also requested to brainstorm on how to advance efforts to work collaboratively across borders. The discussions aimed to engage regulators from emerging economies and to introduce them to the work of established networks, communities, and organizations. As noted above, the global nature of these issues introduces unique challenges. While important considerations for anti-spam efforts can apply to both domestic and international initiatives, this report focuses primarily on international perspectives and approaches to working across jurisdictions.

Workshop attendees included 45 participants representing regulators from all global regions, industry representatives, academics, and other communications experts. The workshop began with a keynote introduction, which presented the main themes for discussion, described the impacts of unsolicited communications on governments and citizens, and outlined the current landscape faced by regulators and enforcement agencies. As part of the introductory keynote, workshop participants were also introduced to the Unsolicited Communications Enforcement Network (UCENet), an expert network of organizations engaged in international cooperation on spam enforcement.

The first panel, consisting of enforcement experts and practitioners, discussed three case studies detailing the international and cross-jurisdictional nature of the challenges in enforcing spam and unsolicited communications rules. The panel then discussed the challenges and opportunities in pursuing cross-border enforcement activities, including identifying the need for ongoing dialogue to ensure optimal enforcement and compliance strategies between countries. The second panel, consisting of policy and technical experts, identified capacity gaps and ways to increase harmonization of cross-border policies and enforcement activities. Discussions related to the opportunities and challenges specific to emerging economies. To conclude the workshop, an armchair discussion among senior regulatory officials identified the key takeaways from the first two panels and engaged all workshop participants in identifying next steps. A copy of the workshop agenda is available in Appendix A. All discussions during the workshop took place under the Chatham House Rule.

This report reflects a summary of the discussions that occurred during the workshop. The topics presented over the course of the afternoon frequently overlapped, highlighting the links between policy, technology, and enforcement challenges.

The connections between issues and across areas of expertise were present throughout the workshop panel discussions. As such, the report reflects these themes, which are relevant to countries with robust anti-spam legislation and policies, as well as to those looking to rapidly grow their capacity and benefit from lessons learned.

REPORT HIGHLIGHTS

Based on the information shared by workshop participants, this report is divided into three sections. Part One identi es why, as an international community, there is a need to pursue cross-border collaboration on issues of spam and unsolicited communications. Unsolicited communications present a serious and increasing threat to the social and economic prosperity of the digital economy. Selling or stealing citizens’ personal information, one of the major drivers behind spamming, has become a lucrative black market business. The public and private sectors share the responsibility to protect and educate citizens on this matter.

Part Two identifies interrelated challenges in pursuing enforcement activities. Unsolicited communications, whether initiated by legitimate or illegitimate actors, often cross borders, originating in one jurisdiction, but targeting citizens in another jurisdiction. This can raise legal challenges, while advancements in technology, such as the ability to spam anonymously, further complicate investigations. At the same time, different jurisdictions have different resources and expertise, which can either help or hinder capacity building for enforcement activities.

Part Three summarizes the consensus among workshop participants on the path forward. Specifically, participants agreed that interested communities (i.e. regulators; enforcement agencies; and interested third parties, such as industry or academia) should

• engage in ongoing and regular policy discussions;
• leverage private and public sector partnerships; and
• participate actively in UCENet.

No one organization can advance this agenda unilaterally. Policy makers and enforcement agencies must work together internationally, while also building robust domestic frameworks. The workshop represented an ambitious first step to start this work.

  • crtc-spam-report-cover thumbnail Download
  • crtc-spam-report-cover thumbnail Download

Related Resources

Privacy 24 September 2019

2019 Online Trust Audit Methodology 

The 2019 Online Trust Audit will represent the 11th independent analysis and benchmark report of the adoption of security standards and responsible...

Internet of Things (IoT) 19 September 2019

Policy Brief: IoT Privacy for Policymakers

Introduction The Internet of Things, or IoT, is the latest wave of integration of technology into our lives and...

Building Trust 16 September 2019

Are Organizations Ready for New Privacy Regulations?

Based on 1,200 privacy statements, many are not prepared for coming regulations.