In message <002401c3ea5e$acc51b50$21a19ed9@HCERT001>, Andrew Cormack <[log in to unmask]> writes >My take on it is that the EC Directive (2002/58/EC) that the privacy >regs implement is supposed to explain how Data Protection principles >apply to electronic communications. So even if spamming an address like >[log in to unmask] is legal within the words of the Privacy Regs, >there has to be a strong presumption that Data Protection has been >breached, 'cos that e-mail address is personal data no matter whether I >pay for the bit after the @ sign or not. Or am I applying too much of >this "common sense" stuff ??? I think (MRD applies) that the APIG spam report covers much of this rather well. See paras 32-45. Especially the discussion of the very narrow situation of permissible B2B unsolicited emails: They should be of interest to the *business* not the *individual*, and an *individual's* email address should not be emailed if it was "harvested", even if the email address is @a-business. http://www.apig.org.uk/spam_report.pdf My original evidence is at: http://www.apig.org.uk/rolandperryevidence.pdf >2002/58/EC and 97/66/EC don't extend >the data protection rules set out in 95/46/EC, they simply clarify its >application to a particular set of circumstances. Further, 2002/58/EC and 97/66/EC can impose *extra* restrictions on how data is processed, but cannot *relax* any of the requirements of 95/46/EC. -- Roland Perry ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ All archives of messages are stored permanently and are available to the world wide web community at large at http://www.jiscmail.ac.uk/lists/data-protection.html If you wish to leave this list please send the command leave data-protection to [log in to unmask] All user commands can be found at : - http://www.jiscmail.ac.uk/help/commandref.htm (all commands go to [log in to unmask] not the list please) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^