I am not aware of any E.U. laws that try to prevent U.S.-based organizations from blocking emails from European destinations. Blocking delivery of legitimate email from Europe would probably be a violation of some sort under international trade agreements covering restraint of trade. Even if there was a law, how would it be enforced? The E.U. certainly does not have jurisdiction over U.S. citizens or U.S. companies located in the United...
States. The E.U. and some of its members have been known to punish U.S. companies that violate its guidelines via fines or sanctions against their branch operations within the EU. To my knowledge, though, no company has been barred from operating; most issues are resolved long before reaching that point.
There is a U.S.-E.U. agreement called Safe Harbor that aims to protect E.U. citizens' personal data if it is handled by U.S. organizations. Safe Harbor is a set of principles similar to the E.U. Data Directive, the key piece of legislation governing unsolicited commercial email (UCE) in the E.U.
Its full title is Directive 95/46/EC on the protection of individuals with regard to the processing of personal data and on the free movement of such data. The directive provides for a national "opt-out" list, which consumers can join if they wish to stop receiving UCE. But this means it is still legal for a firm to send UCE in the absence of an explicit consumer opt-in. There are several national opt-out lists across the E.U. countries, making an E.U.-wide email marketing campaign quite challenging.
One common requirement in the E.U. and U.S. is that UCE email must be clearly identified as advertising and provide opt-out instructions. Spam rarely meets any of these rules.
Companies that send a lot of UCE must ensure that they comply with these laws and industry best practices, particularly as ISPs are also looking to prevent abuse of their infrastructure by spammers. One interesting twist in this battle occurred a few years ago when Verizon Communications Inc. offered to compensate its DSL customers who failed to receive emails from a European address; its services allegedly had an over-aggressive spam-blocking mechanism. You could say anyone who pays for an email service has a right to receive their email, wherever it is from, as long as it has been sent from a genuine account and there is no reason to think it can cause damage to the ISP's infrastructure and service.
Dig deeper on Information Security Laws, Investigations and Ethics
Related Q&A from Michael Cobb
A reported 43% of Microsoft XML users are running vulnerable versions of the software. Security expert Michael Cobb discusses how to mitigate the ...continue reading
Security expert Michael Cobb explains what Open Authorization or OAuth 2.0 is, its pros and cons, and how it is different from bring your own ...continue reading
While the fundamentals of securing an e-commerce website haven't changed in a few years, there are new threat vectors and security risks to be aware ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.