I am not aware of any E.U. laws that try to prevent U.S.-based organizations from blocking emails from European...
destinations. Blocking delivery of legitimate email from Europe would probably be a violation of some sort under international trade agreements covering restraint of trade. Even if there was a law, how would it be enforced? The E.U. certainly does not have jurisdiction over U.S. citizens or U.S. companies located in the United States. The E.U. and some of its members have been known to punish U.S. companies that violate its guidelines via fines or sanctions against their branch operations within the EU. To my knowledge, though, no company has been barred from operating; most issues are resolved long before reaching that point.
There is a U.S.-E.U. agreement called Safe Harbor that aims to protect E.U. citizens' personal data if it is handled by U.S. organizations. Safe Harbor is a set of principles similar to the E.U. Data Directive, the key piece of legislation governing unsolicited commercial email (UCE) in the E.U.
Its full title is Directive 95/46/EC on the protection of individuals with regard to the processing of personal data and on the free movement of such data. The directive provides for a national "opt-out" list, which consumers can join if they wish to stop receiving UCE. But this means it is still legal for a firm to send UCE in the absence of an explicit consumer opt-in. There are several national opt-out lists across the E.U. countries, making an E.U.-wide email marketing campaign quite challenging.
One common requirement in the E.U. and U.S. is that UCE email must be clearly identified as advertising and provide opt-out instructions. Spam rarely meets any of these rules.
Companies that send a lot of UCE must ensure that they comply with these laws and industry best practices, particularly as ISPs are also looking to prevent abuse of their infrastructure by spammers. One interesting twist in this battle occurred a few years ago when Verizon Communications Inc. offered to compensate its DSL customers who failed to receive emails from a European address; its services allegedly had an over-aggressive spam-blocking mechanism. You could say anyone who pays for an email service has a right to receive their email, wherever it is from, as long as it has been sent from a genuine account and there is no reason to think it can cause damage to the ISP's infrastructure and service.
Dig Deeper on Information Security Laws, Investigations and Ethics
Related Q&A from Michael Cobb
Open source NoSQL MongoDB database faced 30,000 insecure instances. Expert Michael Cobb explains the misconfiguration that led to this, and how to ...continue reading
A new Veracode report offers details on common mobile application security risks. Expert Michael Cobb explains these flaws, and what developers can ...continue reading
Juniper firewall products were found to have two backdoor vulnerabilities. Expert Michael Cobb explains how a cryptographic algorithm and hardcoded ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.