What Mark Said
Mark Brownlow skewers the arguments from opt-out proponents. A definite must read.
Related Posts
Fake privacy policies
I sign up at a lot of websites and liberally spray email addresses across the net. These signups are on behalf of one customer or another and each webform gets its own tagged and tracked email address. I always have a specific goal with each signup: getting a copy of a customer’s email, checking their signup process, auditing an affiliate on behalf of a customer or identifying where there might be a problem in a process. Because I have specific goals, I am pretty careful with these signups and usually uncheck every “share my email address” box I can find on the forms.
In every case the privacy policies of my clients and the things they tell me are explicit in that addresses will not be shared. It’s all opt-in, and email addresses are not shared without permission. Even in the cases where I am auditing affiliates, my clients assure me that if I follow this exact process my address will not be shared. Or so the affiliates have assured them.
Despite my care and the privacy policies on the websites, these addresses occasionally leak or are sold. This is actually very rare, and most of the websites I test never do anything with my address that I don’t expect. But in a couple cases these email addresses have ended up in the hands of some hard core spammers (hundreds of emails a day) and there was no useful tracking I could do. In other cases the volume has been lower, and I’ve watched the progression of my email addresses being bought and sold with morbid fascination.
Today an address I signed up at a website about a year ago got hit with multiple spams in a short time frame. All came from different IPs in the same /24. All had different domains with no websites. Whois showed all the domains were registered behind a privacy protection service. Interestingly, two of the domains used the same CAN SPAM address. The third had no CAN SPAM address at all. None of these addresses match the data I have on file related to the email signup.
It never ceases to amaze me how dishonest some address collection outfits. Their websites state clearly that addresses will not be bought an sold, and yet the addresses get lots of spam unrelated to the original signup. For those dishonest enough to do this they’ll never get caught unless recipients tags and tracks all their signups. Even worse, unless their partners test their signups or their mailing practices, the partners may end up unwittingly sending spam.
Social network sends spam
Yesterday we talked about social networks that harvest the address books of registered users and send mail to all those addresses on behalf of their registered user. In the specific case, the registered user did not know that the network was going to send that mail and subsequently apologized to everyone.
That is not the only way social networks collect addresses. After I posted that, Steve mentioned to me that he had been receiving invitations from a different social network. In that case, the sender was unknown to Steve. It was random mail from a random person claiming that they knew each other and should network on this new website site. After some investigation, Steve discovered that the person making the invitation was the founder of the website in question and there was no previous connection between them.
The founder of the social networking site was harvesting email addresses and sending out spam inviting people he did not know to join his site.
Social networking is making huge use of email. Many of my new clients are social networking sites having problems delivering mail. Like with most things, there are some good guys who really do respect their users and their privacy and personal information. There are also bad guys who will do anything they can to grow a site, including appropriating their users information and the information of all their users correspondents.
It is relatively early in the social networking product cycle. It remains to be seen how much of an impact the spammers and sloppier end will have. If too much spam gets through, the spam filters and ISPs will adapt and social networks will have to focus more on respecting users and potential users in order for their mail to get delivered.
Email and the Obama Campaign
Late in the summer there were people talking about the spam coming from Senator Obama’s presidential campaign. At that time, most of the discussion was focused on the open subscription form on their website and that there were some individuals who had been fraudulently signed up and were now receiving email from the campaign.
Last week, the Senator’s campaign again became a topic of discussion among some anti-spam groups. The maintainer of one of the more respected public blocklists and members of his family received mail from Senator Obama’s presidential campaign at their personal addresses. Because the mail was unsolicited and met the qualifications for listing, the sending IP addresses were listed on the blocklist. In response, the campaign’s ESP started moving the Senator’s mail to other IP addresses, resulting in those IPs also being listed on the blocklist as well.
I talked with the blocklist maintainer and I believe that his address, and those of his family members, were added to the Senator’s mailing list as the result of an email append. All of them are registered Democrats and they all live in a battleground state.
This may have made for good campaign strategy, not being an expert I cannot comment on that. It is, however, very poor email marketing strategy.
First, the campaign decided to appropriate permission to send email. There is not ever permission associated with an email append. Just because you have a name and a street address does not mean that you have permission to send email. In very, very limited circumstances, an opt-in append (click here to continue receiving email) may be acceptable. However, that is not how appending is normally done.
There is no pretense of permission to send email. Just because someone is registered to a particular party does not mean they want to receive email from that party.
Second, when the campaign started seeing delivery problems they started sending off different IP addresses. Moving IPs around is out and out spammer behavior, no questions asked.
Now, I know this is a very hotly contested election and I know that some people believe that any method of getting the word out is good. I also expect that there may have been some positive reaction from recipients. The overall reaction, based on the IPs changing, may not have been so positive.
Do I really believe that Senator Obama is a evil and willful spammer? No, not really. But that does not change the fact that the Obama campaign seems to be sending email without the permission of the recipient and seem to be attempting to evade blocks by moving IP addresses.
From a marketing perspective, the campaign may be using email effectively and doing everything right. But from an email delivery perspective, they are getting many, many of the basics wrong and are looking like spammers in the process.
Other news and blogs that talk about spam from the Obama campaign: