It really is time that governments made some useful laws regarding the internet, instead of just making ones allowing more censorship and spying on us. Like making automatic opt-in completely illegal.
When the internet was still young, I bought a catch-all email account from Clara. MY SOP has always been to make unique addresses for every entity I gave an address to. None of them existed as a configured address anywhere; I manually changed the headers when replying to anything incoming from them and most were never even sent to.
Over the years, I estimate about 75% of those have ended up on spam lists. I used to follow it up with the companies who had the address and only ever met with stone-walled silence and outright denials.
Still, the account was highly usable and received relatively little spam. What it did receive was easily dealt with as I just added the above addresses to my bin list.
That is until Plusnet 'lost' some personal data somewhere, including many users' unique-to-PN billing addresses. Whoever they lost it to now sends hundreds of spam emails per day and has figured out that they can use different addresses to the main account domain. All of them are similar enough to know it was this 'loss' that has caused it, but not so similar that I can easily blanket-bin them. It's now a case of just bailing out the boat and patching up the holes continually. Thanks to PN my nice email address that I had for many, many years is ruined.
This is the sort of thing that should be illegal!