Electronic mail is still by far the most popular internet application, despite the onslaught of junk messages. Hong Kong, now considering legislation on spam, has a chance to decide what role it will play in the fight against this modern menace. The nature of spam - the more unsolicited messages sent, the better the chance of success - has produced 'spam kingpins' who rake in millions by sending bulk messages to mailing lists stolen from service providers or harvested off the internet. Now that the problem has grown to account for something in the order of 70 per cent of all e-mails sent - eating into the productivity of users and systems administrators - governments are getting serious about cracking down on the worst offenders. Some US states have made spamming a felony offence subject to prison terms, while other jurisdictions are imposing fines commensurate with the sums spammers are making through their online scams. Since the laws and the first prosecutions are only now beginning to materialise, it is unclear how successful this legal assault on the spam industry will be, but what is apparent is that the deterrent effect will be minimal if there are places where no anti-spam rules exist. It will be far too easy for would-be junk-mailers to arrange for their mail to originate from less-strict jurisdictions. That is why Hong Kong should not shy away, after years of debate, from enacting its own laws. Perhaps 5 per cent of the spam Hong Kong users receive originates from here, but internet servers hosted in Hong Kong have long been used to launch spam aimed at computers around the world. The laws introduced should at the very least cover unsolicited bulk messages sent from here and to the greatest extent possible, address the full spectrum of cross-border e-mail abuse. One detail being quibbled over is whether the law should be flexible enough to cover unsolicited mobile phone messages, including those sent via the short-message service (SMS). Local mobile operators have come out against the latter, and understandably so. Some have experimented with SMS marketing third-party services or products, and they want to reserve the right to go into this potentially lucrative business in the future. The solution is simply the one applied on the internet: opt-in, permission-based marketing - or getting the customer's agreement before these messages are sent. This should keep the operators well within the bounds of any anti-spam laws. Spam via mobile phones is not a big issue yet, but it could become so as more handsets connect to the internet. Laws should be written with this in mind. While regulators everywhere have dawdled and debated, unsolicited e-mail has become big business for some and a threat to the usefulness of the internet. Hong Kong should waste no more time addressing this problem.