Despite a slight global decline in spam emails, unsolicited commercial electronic messages remain a pressing concern, particularly within ASEAN.
A recent policy brief by the Economic Research Institute for ASEAN and East Asia (ERIA), authored by Manager for Digital Innovation and Sustainable Economy at ERIA Mahirah Mahusin and Research Associate at ERIA Hilmy Prilliadi explores the ongoing challenges in combating spam and proposes strategies to enhance regional cooperation and enforcement.
THE PERSISTENCE OF SPAM AND ITS IMPACT
Spam remains a major cyber threat. Citing statistics from INTERPOL, the ERIA report noted that while global spam levels dropped from 49 per cent of all emails in 2022 to 45.6 per cent in 2023, email remains the primary vector for malware (92.4 per cent) and phishing attacks (96 per cent).
Spam also plays a significant role in distributing ransomware, which caused an estimated USD257 billion in economic losses between 2012 and 2020.
Beyond traditional email spam, ‘spim’- spam targeting instant messaging platforms – has risen with the increased use of mobile devices. This calls for stronger security measures in messaging applications to prevent cybercriminals from exploiting unsuspecting users.
Spam poses multiple challenges, from technical and economic burdens to consumer protection and regulatory enforcement issues. It strains internet infrastructure, increases costs for internet service providers (ISPs), and exposes users to fraud and cyberattacks. While the cost of sending spam is minimal for spammers, the financial burden falls disproportionately on internet service providers (ISPs), businesses, and consumers, exacerbating the problem.
ASEAN’S RESPONSE TO SPAM
ASEAN has taken steps to tackle spam through regional frameworks such as the ASEAN Digital Masterplan 2025, which advocates for stronger anti-spam regulations and consumer data protection.
The ASEAN Committee on Consumer Protection has led efforts in online consumer law enforcement, including tackling online scams and fake reviews.
Additionally, ASEAN+1 free trade agreements such as the upgraded ASEAN–Australia–New Zealand Free Trade Area (AANZFTA) and the Regional Comprehensive Economic Partnership (RCEP) mandate spam management measures.
These agreements require signatories to adopt opt-out mechanisms, develop consent requirements and enforce penalties for non-compliance. The 2023 ASEAN–China Initiative on Enhancing Cooperation on E-commerce also includes combating spam as a priority for joint capacity building.
At the 4th ASEAN Digital Ministers Meeting, the establishment of the ASEAN Working Group on Anti-Online Scams was welcomed as a platform for member states to share best practices in combating digital fraud, including malicious spam campaigns.
REGULATORY CHALLENGES AND GAPS
While ASEAN is making progress, regulatory gaps persist. Only three ASEAN Member States (AMS) have dedicated anti-spam legislation, while the rest rely on broader laws that incorporate spam-related provisions.
The variation in regulatory approaches – such as opt-in versus opt-out models – creates inconsistencies that spammers exploit.
The cross-border nature of spam makes enforcement difficult. Without bilateral or multilateral treaties, local laws cannot effectively target foreign spammers, leading to a ‘whack-a-mole’ scenario where enforcement efforts in one country merely push spam operations elsewhere.
Although long-arm provisions can deter international spammers, stronger regional cooperation is necessary to ensure effective enforcement.
Moreover, consumer empowerment remains weak. The 2020 ASEAN Consumer Empowerment Index revealed only moderate levels of awareness across the region. Without adequate knowledge and resources, consumers struggle to protect themselves from fraudulent digital activities. Strengthening consumer education and outreach is critical to reducing spam-related threats.
RECOMMENDATIONS FOR A HARMONISED ASEAN APPROACH
The ERIA report suggests a harmonised regional framework to enhance ASEAN’s anti-spam measures. It proposes:
A Unified Anti-Spam Framework
Integrating anti-spam regulations into the Digital Economy Framework Agreement (DEFA) and aligning commitments with RCEP and AANZFTA can improve cross-border enforcement and reduce regulatory inconsistencies. This includes prioritising opt-in models to strengthen consumer protection.
Capacity Building and Cross-Border Cooperation
ASEAN should leverage existing trade agreements to facilitate cross-border law enforcement, share best practices, and strengthen cooperation with external partners.
Clearer Regulatory Guidelines
Developing a unified ASEAN anti-spam guideline can simplify enforcement and encourage AMS with weaker laws to strengthen their regulatory frameworks. Stronger penalties for non-compliance would also increase deterrence.
Consumer Awareness and Business Outreach
Launching targeted public awareness campaigns can help consumers recognise and report spam, thereby reducing its effectiveness.
Investment in Advanced Technologies
Governments should incentivise ISPs and tech firms to develop and deploy advanced spam-filtering solutions, leveraging machine learning and AI to detect and mitigate spam threats.
Spam is more than just a nuisance – it is a gateway to cyber threats that undermine economic growth and digital trust.
ASEAN’s progress in addressing this issue is commendable, but stronger regional harmonisation and enforcement are needed to keep pace with evolving spam tactics.
By aligning regulations, enhancing cross-border cooperation, and investing in consumer education and technology, ASEAN can build a more resilient digital ecosystem. – Features Desk
