The UK’s independent authority set up to uphold information rights in the public interest, promoting openness by public bodies and data privacy for individuals.

Spam emails

What is spam?

Spam emails are emails sent to you without consent. It is email that you don’t want and didn’t ask for, and its content can cause embarrassment and distress. However, it’s worth remembering that the sender generally doesn’t target recipients personally. The same spam email can be sent to millions of people at the same time and the addresses can often be guessed.

What does the law say?

The Privacy and Electronic Communications Regulations 2003 cover the sending of email marketing. This legislation says that organisations must only send marketing emails to individuals if you have agreed to receive them, except where there is a clearly defined customer relationship. Many spam emails come from outside the UK. The ICO can only investigate concerns about marketing emails from identifiable UK senders.

As a lot of spam comes from overseas, the Information Commissioner has an agreement with a number of overseas bodies to cooperate and exchange information to try and stop spam emails that are sent from those places.

What can I do if I’m getting unwanted emails?

If you receive marketing by email that you don’t want from an identifiable and legitimate UK based company that you know and trust, you should first use the ‘unsubscribe’ link or email the organisation to ask them to stop (remembering to keep a copy of any correspondence). Tell the sender about the problem and allow them time to put things right. Legitimate, well-known companies will offer opt-outs, and in many cases things can be resolved quickly without us getting involved.

However, if you are not sure whether the email is genuine, or if it comes from a company you do not recognise, you should avoid replying or clicking on any link as this might confirm your email is live.

If you continue to receive unsolicited marketing emails despite following this advice, then you may wish to report your concerns to the ICO.

What can I do to reduce the amount of spam emails I receive?

  • Be careful who you give your email address to.
  • Consider having separate personal and business email addresses.
  • Choose an email address which is difficult to guess.
  • Don’t advertise your email address, for example by putting it on the internet.
  • Check privacy policies and marketing opt-outs carefully. Use them to tell the organisation not to send you emails.
  • Avoid responding to spam emails if you have any doubts about who has sent them. Replying indicates that your email address is live. You should not reply to emails unless you know and trust the sender, and are confident the email is genuine. However, many complaints received by the ICO are about well known, legitimate companies who offer opt-outs. In most cases responding to the opt-outs in these emails should stop the problem.
  • Don’t click on the adverts in spam emails. By clicking on spammers’ web pages, it shows your email address is live and may make yourself a target for more emails. It can also reveal your computer’s IP address.
  • Use a spam email filter on your computer. These are programs which work with your email package to sift through new emails, separating spam emails from wanted emails and blocking them. Most packages are successful although sometimes block good email too. Also, they can’t stop the spam emails being downloaded before being blocked. New spam email filters are being developed all the time; you can search the internet for one that is suitable for you. Many Internet Service Providers (ISPs) also offer filters which work by examining content and using blacklists to restrict spam emails. Again, these sometimes block good emails as well as spam emails and you might have to pay for them. For more information on the services that are available to you, please check with your ISP.
  • Keep your systems well maintained. Hackers and spammers can exploit software problems, so most software companies issue product updates and patches that fix known problems. Updates are generally available through manufacturers’ websites and are usually free to download and install. You should also consider using anti-virus software to protect against virus programs that can destroy computer files and are increasingly being exploited by spammers.
  • Check privacy policies and marketing opt-outs carefully. If you buy something online or subscribe to a service, check the company’s privacy policy before giving your email address or any other private information. Consider how the company uses your information and whether they might send it to other people within their organisation or to other organisations.