The European Commission has called on member states to take stronger action against spammers and those who send spyware, saying it may create further legislation to combat the problem.

The EC is concerned that European Union countries are doing too little to enforce EU rules under the European Privacy and Communications Directive that ban unsolicited email, or spam.

However, at the time the law was implemented in the UK in December 2003, experts said it would not help matters because the powers it gave the Information Commissioner were too weak.

Now spam accounts for as much as eight out of 10 emails in Europe according to the latest research from security company Postini.

Much of this spam has links with criminal organisations that use zombie PCs to deliver this junk email and malware. The preferred method of delivery is through hijacked PCs called zombies which are formed into massive networks called 'botnets'.

Postini said each day it tracks more than one million infected computers that are co-ordinating spam and virus attacks, with 50,000 or more active at any instant.

Computeractive learned back in August that one of the world's most prolific spammers, Amichai Inbar has apparently set up base in the UK and is controlling zombie computers in this country. Richard Cox of Spamhaus, the leading anti-spam organisation, said Inbar who is being investigated by the FBI, had set up a site hosted by UK internet hosting company.

Inbar and his ilk are not gearing up for festive fun with UK computer users and spam has tripled since June; Postini said the internet is currently under siege as spammers try out increasingly sophisticated techniques to bypass spam filters.

Now Information Society and Media Commissioner Viviane Reding has said it is time to turn political concern about spam into "concrete actions".

She said it can be done citing the Dutch authorities as a success story because they have managed to cut domestic spam by 85 per cent. Now she wants similar results from other countries.

She agreed this could only be achieved though "more efficient enforcement" and better collaboration with other countries. The Commission also said it will also revisit the legislative framework when it introduces legislative proposals to strengthen user privacy and security in 2007.

Future proposals may force service providers to notify of security breaches that lead to personal data loss or to interruptions in service.