Security threats Toolkit

UK firms warn of increasing spam burden

Tags:
Pwc,
PricewaterhouseCoopers,
DTI,
Spam

Graeme Wearden ZDNet.co.uk

Published: 01 Apr 2004 17:20 BST

Over half of UK businesses believe the problem of unsolicited email is getting worse, according to an official survey, bringing the government's decision to exempt business email accounts from Britain's anti-spam laws into renewed focus.

The Department of Trade and Industry's Information Security Breaches Survey, which is due to be published in full later this month, found that the increasing amount of spam sloshing around the Web is a growing concern for British firms.

The report was conducted by a group led by PricewaterhouseCoopers (PwC). It found that 55 percent of companies surveyed think that spam volumes are rising, while just 10 percent can see a reduction in the amount of junk mail they are receiving.

"It looks as if the amount of spam hitting UK businesses is set to rise and is therefore likely to feature higher on the security risk agenda in the future. Companies need to be vigilant, therefore, and use a combination of tactical and longer-term measures to tackle the problem," said Andrew Beard, PwC's advisory services director, on Thursday.

Last year, the UK government implemented the EU directive on privacy and electronic communication. This attempted to clamp down on the problem of spam by making it illegal to send an unsolicited email to anyone that you didn't already have business relationship with.

However, the DTI decided not to protect business email addresses. This decision was heavily criticised by both spam experts and politicians, with the All-Party Internet Group (APIG) urging the government to widen its anti-spam protection to cover businesses.

"A small or medium-sized enterprise is just as vulnerable to spam as a home user," said Brian White MP, APIG treasurer, last October.

PwC's research shows that without this protection, the majority of businesses are seeing the spam problem getting worse. Despite this, PwC isn't convinced that more legislation is the answer, especially as many companies appear to be failing to implement anti-spam software.

"I'm not sure that our findings are evidence that the government's laws were a mistake," Beard said. "I think to a degree you could make an argument that they were driven by the urge to protect individuals first and foremost."

PwC also found that only 20 percent of companies surveyed were using any kind of anti-spam protection, a figure that rose to 44 percent for companies with more than 250 staff. With so many firms doing so little to prevent their users receive junk mail, it's little wonder that many of them are seeing spam volumes rise.

But anti-spam products aren't the only answer, PwC says.

"We'd argue that technology-only solutions are unlikely to be totally effective. Legislation does have a part to play, but you need to be cautious about legislation," said Beard.

The DTI did not return calls asking whether it is planning any new anti-spam legislation in response to the results of its own survey.

In a surprising finding, a significant number of firms said that they are relaxed about spam. While one in ten said spam was a major problem, a third reported that they are unconcerned about the issue.