Few will have celebrated the recent 10th birthday of spam. The first unsolicited electronic message was sent out (ironically by a pair of lawyers) in Arizona during April 1994. Since then everyone using e-mail has learnt to their frustration and cost how spam clogs the channels of electronic communication.

There are different views about the size of the problem, but it is generally agreed that we are well past the turning point: the majority of e-mail in unprotected inboxes is now unsolicited junk mail. The costs to business of reading, storing, deleting and filtering out spam are incalculable.

There are signs that the spammers are becoming more aggressive and dangerous. In New York an individual known as the 'Buffalo Spammer' report-edly faces seven years jail after sending some 825 million spam messages.

A man has recently been charged in California with extortion after allegedly making demands for $100,000 (£53,890) from Google – according to court papers he threatened that if they did not pay, he would release a piece of software to 100 spammers to generate fake advertising hits that could cost the company millions. Apparently he expected that he could rely on the spamming 'community' to co-operate with his scheme. Victims of spam have attempted to harness their collective power by creating communities of users whose communication channels have been purged of spam. One such consortium has formally proposed to ICANN the creation of a new top-level domain '.mail' to be used for sending and receiving purged e-mail.

Clearly the growth of e-business is threatened by the explosion of spam. At present large businesses keep the problem at bay by using various technical measures such as filtering software and online services – along with firewalls and anti-virus protection, many of us now regard anti-spam measures as essential safeguards of business efficiency. Small businesses however may not have the spare cash, spare time or IT capability to filter out spam.

There is fierce debate about the effectiveness of industry self-regulation: the 'preference services' for telephone, fax, mail and e-mail (TPS, FPS, MPS and e-MPS) set up by the direct marketing industry for the protection of consumers are in any event no help to businesses as recipients of unwanted communications. The only advantage for business of restricting the list of addressees to whom promotional material is sent is that marketing to willing recipients is likely to be more effective. We all know that half of our marketing budget is wasted – we just do not know which half.

How does the law help? In the US the CAN-spam measures (Controlling the Assault of Non-Solicited Pornography and Marketing Act, 2003) which took effect from 1 January, 2004 have led to US lawsuits filed on 10 March by AOL, Microsoft and Yahoo! against various spammers. AOL's successful suit against one spammer reportedly resulted in the confiscation of the spammer's Porsche which was then offered as a prize on AOL's website.

In this jurisdiction since 11 December, 2003 we have had a set of e-privacy regulations which derive from the European directive on Privacy and Electronic Communications (2002/58/EC). The UK regulations supplement our data protection legislation and cover, among other things, direct marketing by phone, fax and electronic communications, internet cookies and services which rely on traffic or location data.

The regulations are supposed to be enforced by the information commissioner, whose over-stretched department already has the complexities of data protection and freedom of information to cope with. The information commissioner can serve enforcement notices on spammers in breach of data protection obligations. If an enforcement notice is not complied with, criminal proceedings can then be commenced with magistrates entitled to levy fines of up to £5,000. For spammers earning thousands of pounds per week this is not likely to be a serious disincentive. Fortunately, it is possible for a case to be referred to a trial by jury where there is no limit to the fines that can be imposed.

So far the facts lag behind the legal theory. Recent enquiries reveal that there have been 300 complaints concerning SMS, e-mails, faxes and telephone calls lodged with the commissioner since 1 December, 2003. Although the commissioner is "compiling evidence for enforcement actions to be considered", no other action has yet been taken on any of these 300 complaints. Our prediction is that the enforcement programme will prove to be ineffective. In any event the originators of most hard-core spam (where the identity of the sender is disguised or concealed) are located beyond the information commissioner's reach in the US and 'data havens' such as China and Russia.

For business the main disappointment with the regulations is that most of the provisions protect only individuals, not corporations. A new amendment laid before Parliament this month, and coming into force on 25 June, 2004, will enable corporate subscribers to register their telephone numbers on OFCOM's register of persons (which previous to this amendment meant only individuals) to whom unsolicited calls for direct marketing purposes may not be made.

This is clearly a step in the right direction in terms of outlawing unwanted cold calls by telephone, since before the change takes effect companies have to forbid each nuisance caller individually from making cold calls and cannot benefit from the potentially broader 'filtering' that a subscriber is supposed to enjoy 28 days after putting his number on the register run by the Direct Marketing Association on behalf of OFCOM.

However, the change does not extend to fax or e-mail. Businesses therefore face the cost and complex compliance issues that the regulations impose upon us, but in return we get no effective legal protection against the rising tide of sewage that threatens to swamp our information systems.

Daniel Eilon is the head of the media group and James Watts is a lawyer at Campbell Hooper.