Our ref : 51/WKC/04724 November 2006The Hon Howard YoungChairman, Bills Committee on the Unsolicited Electronic Messages BillLegislative Council SecretariatLegislative Council Building8 Jackson RoadCentralHong KongDear HowardUnsolicited Electronic Messages Bill: Comments by the HKGCCThe Chamber has considered the above Bill and would like to offer our comments in the following paragraphs. These comments are based on the position stated in our previous paper in March 2006 in response to the Consultation Paper on Legislative Proposals to Contain the Problem of Unsolicited Electronic Messages, and our own consultation with members of the relevant Chamber committees.Legislative FrameworkThe scope and coverage of the Bill is generally in line with that proposed in the Consultation Paper, with which we are in agreement.We acknowledge that the opt-out regime adopted in the Bill is an appropriate balance between the interests of electronic marketers and recipients. While supporting the opt-out concept, we would like to reinforce the message in our previous paper in which we advised caution against the dangers of “legislative overkill”. Thus some business practices which are not in contravention with the spirit of the Bill should be excluded from the Bill's application. The following are two examples that have been drawn to our attention.(a) First, legitimate business messages of a pre-existing commercial relationship between sender and its customers should not be the target of the current Bill, as they are already regulated under Section 34 of the Personal Data (Privacy) Ordinance (Cap.486). The effect of the Ordinance is that in practice, many e-marketing practices are already taking place between senders and their existing customers, with an opt-out arrangement built-in. The Bill should not overlap with the Personal Data (Privacy) Ordinance in this respect.(b) The mobile telecommunications operators have raised the issue that the welcome messages issued by local mobile operators to inbound roamers should be excluded from the scope of application of the Bill. Such welcome messages are sent to inbound roamers offering contact details for assistance when they connect to mobile carrier's network for the first time. Though of the nature of an unsolicited electronic message, due to its one-off nature and its business legitimacy, it should not be considered unlawful.Offence and PenaltiesIn the Bill three levels of sanctions have been proposed, namely, (i) generally, fines against contravention;(ii) criminal sanctions with fines and custodial sentence of up to five years for some questionable practices such as electronic harvesting or dictionary attacks;(iii) criminal sanctions with fines and custodial sentence of up to ten years for fraudulent cases.While we are in agreement with the principle that fines should be the main penalty for spamming activities, and that practices with fraudulent and deceptive intent should be subject to criminal sanctions including a suitable custodial sentence, we are not certain that the penalties provided are commensurate with the offence, especially at the “second level” outlined above. These refer to spamming activities which are questionable as a business practice, but for which criminal or malicious intent may not be easy to establish. While we do not condone unethical business practices and would support heavy penalties, we would like to reinforce the principle that criminal sanction is a very serious matter and should be applied to business behaviours only when criminality can be unambiguously established.Liability of Directors and PartnersThe Bill states that when a company commits an offence, the responsible directors or partners are deemed to have committed the act, unless they can demonstrate that they have not authorized it. This amounts to having them “presumed guilty unless proven innocent” – a matter of much concern to the business sector.As in the case of copyright law, the Chamber's position is that as far as criminal sanctions are concerned, the burden of proof must lie firmly with the prosecution.In the spirit of promoting good corporate governance, we are prepared to support a higher level of responsibility for directors and principals, but only in so far as civil liabilities apply, and this should only be implemented on the basis of very clear guidelines as to what will amount to sufficient proof that the directors concerned have not authorized the infringing act. ImplementationUnder the Bill, the Telecommunications Authority will be the enforcement agent. The Chamber supports this arrangement rather than the creation of another new regulatory authority.Given the everyday changes in information technology, the anti-apamming law should be enacted and implemented as soon as possible if it were to serve any meaningful purpose. In the end, we reiterate our position that legislation is not the only nor the most important solution. As emphasized in our previous papers, other policies and measures should be considered together, including international cooperation, education, and industry self-regulation.I hope you will find the above views useful.Yours sincerelyAlex FongCEO
Sign up for the latest news & offers.