The study concludes that the EU directive on privacy and electronic communications, of 12 July 2002, allows European legislature the potential to regulate spam, but that it cannot be considered a safeguard against unwanted e-mail communication. The fact that most spam originates from outside the EU considerably restricts the directive's effectiveness.
As far as the legal liabilities are concerned, Article 13 of the directive demands that member states prohibit the practice of sending electronic mail for purposes of direct marketing while disguising or concealing the identity of the sender. The study notes, however, that the directive does not give users any definite right to object to their service providers when spam is not being filtered properly.
Furthermore, European employers must be aware of the risk of new computer related liabilities. Important examples of such potential new liabilities are the risks of being held accountable for not protecting employees against unsolicited pornographic e-mails, or failing to prevent rogue employees from sending out spam to individuals from their corporate account.