UK firms should adhere to new Advertising Standards Authority (ASA) rules introduced last week, designed to crack down on spam, say experts.

Organisations that adopt the ASA guidelines will be better equipped to comply with new European Union led laws due to come into force later this year, which will introduce similar measures backed with stiff penalties.

The new ASA code requires firms to obtain explicit consent from consumers before using their data for marketing via email or SMS.

Companies were formerly free to use an opt-out method, where the default option is to accept advertising and where consumers must uncheck a box to avoid being subscribed to marketing lists.

The EU Privacy and Communications Directive backs up the ASA's guide in enforcing opt-in methods, and also applies to websites.

It will become law in the UK on 31 October and will oblige many firms to change customer-facing systems.

IT managers will have to ensure that emails and web forms are designed so that users choose to opt in before they are sent electronic advertising.

The EU directive will also control the use of cookies on websites, so firms must provide information about their usage and give users an opportunity to refuse them.

Rupert Battcock, of law firm Nabarro Nathanson, warned that businesses risk damage to their reputations if they breach the new rules.

The Department of Trade & Industry will release draft regulations for the directive later this month, followed by a three-month consultation period.

The EU directive does permit unsolicited emails to be sent to customers who have previously bought similar goods or services.

Robert Dirskovski, head of interactive media at the Direct Marketing Association, explained that companies needed to know where the law draws the line.

"We need guidance on what constitutes an existing sales relationship and similar goods and services," he said.

Dirskovski added that firms need to be told whether existing data has to be reprocessed.

"We don't know yet if current records need to be reassessed to fit in with the legislation," he said.

Firms will also need to keep separate databases of consumer data, depending on how it was acquired and how it will be used.

"For electronic data, firms must have some way of proving how data and consent was obtained," stated Dirskovski.

However, Jamie Cowper, of messaging specialist Mirapoint, predicted that the new law will increase the administrative burden on law-abiding firms without reducing spam.

"The problem is that much of the spam comes from outside Europe, and the legislation has no validity there," he said.