CASL is more privacy law than anti-spam law

Michael Geist, a law professor in Canada, writes about the new CASL law, why it’s necessary and why it’s more about privacy and consumer protection than just about spam.

The law has at least three goals: provide Canada with tough anti-spam rules, require software companies to better inform consumers about their programs before installation, and update Canadian privacy standards by re-allocating who bears the cost for the use of personal information in the digital environment.

There are a lot of marketers out there that are really in a tizzy about CASL and about actually having to ask for and receive permission before sending mail to people. These are the same marketers who will tell you that they only do permission email. I’ve not quite gotten past the cognitive dissonance. They already do permission email, now they just actually have to keep some accurate records and have an audit trail.
The more cynical side of me says that the problem is that these senders who are stomping around ranting about how awful CASL is and how unfair are just pouty because they can no longer pretend they have permission. They actually have to have permission. They can’t bury an opt-in somewhere in a privacy policy, they have to have a real opt-in. They can’t tell a complainant “well, you opted in at some point, we just don’t know when” they have to be able to demonstrate the opt-in. They can’t just collect an email address and assume that address is a viable target forever, they have to either have a demonstrable relationship with the recipient or stop mailing the address after a few years.
Whenever I read about how awful CASL is, the underlying issue seems to me to be that marketers don’t like being told to stop taking permission from recipients. The marketers don’t like begin told they have to respect consumers. Not only that, they really hate that if they violate the law they may be held accountable for that.
Canada was one of the last western, industrialized nations to adopt an anti-spam law. I do not think it’s coincidence that CASL is extremely consumer friendly. Canada saw what happened with other laws and wrote a law that was a lot harder for marketers to ignore.

Related Posts

June 2014: The month in email

Each month, we like to focus on a core email feature or function and present an overview for people looking to learn more. This month, we addressed authentication with SPF.
We also talked about feedback mechanisms, and the importance for senders to participate in FBL processes.
In our ongoing discussions about spam filters, we took a look at the state of our own inboxes and lamented the challenge spam we get from Spamarrest. We also pointed out a post from Cloudmark where they reiterate much of what we’ve been saying about filters: there’s no secret sauce, just a continuing series of efforts to make sure recipients get only the mail they want and expect to receive. We also looked at a grey area in the realm of wanted and expected mail: role accounts (such as “marketing@companyname.com”) and how ESPs handle them.
As always, getting into the Gmail inbox is a big priority for our clients and other senders. We talked a bit about this here, and a bit more about the ever-changing world of filters here.
On the subject of list management, we wrote about the state of affiliate mailers and the heightened delivery challenges they face getting in the inbox. We got our usual quota of spam, and a call from a marketer who had purchased our names on a list. You can imagine how effective that was for them.
And in a not-at-all-surprising development, spammers have started to employ DMARC workarounds. We highlighted some of the Yahoo-specific issues in a post that raises more questions.
We also saw some things we quite liked in June. In the Best Practices Hall of Fame, we gave props to this privacy policy change notification and to our bank’s ATM receipts.
We also reviewed some interesting new and updated technology in the commercial MTA space, and were happy to share those findings.

Read More

Check your assumptions

One of the things that prompted yesterday’s post was watching a group of marketers discuss how to get subscribers to give them their “real” or “high value” email addresses. Addresses at free email providers are seen as less valuable than addresses at a place of employment or at a cable company or dialup ISP. The discussion centered around how to incentivize recipients to give up their “actual” email addresses.
The underlying belief is that users don’t use free mail accounts for their important mail, and if a recipient gives a marketer a free mail account as a signup that they will not be reading the mail regularly. Better to get an email address that the recipient checks frequently so there is a better chance at a conversion and sale.
Perfectly acceptable marketing goals, but makes a number of assumptions that I am not sure are valid.
Assumption 1: An email address at a freemail provider is less important to the recipient than a different email address.
Wrong! A sender has no idea if a recipient uses a freemail account exclusively or has another real email address. Many people these days use gmail as their primary account and they don’t check the email account associated with their dialup or broadband provider. For instance I have an email account at AT&T associated with our UVerse TV and internet service, but have never logged in to do anything with email.
Assumption 2: A non freemail address gives better response rates.
Really? I haven’t seen data one way or another saying that different classes of email addresses give better responses. It may be true, but it may not.  Some users do have separate accounts for friends and family and marketing mail. In that case, are senders better off in the marketing account? Or in the F&F account where the user may hit the “this is spam” button just because that mail is in the wrong place?
Assumption 3: I’ve been invited in, I get free run of the place
Wrong! Just because you’ve been invited onto the front porch for a glass of lemonade, doesn’t mean you’re welcome in the bedroom. Marketing is all about pushing limits and getting more and more from recipients, but in email marketing the recipients get to hit the “this is spam” filter and stop delivery of that email. Limit pushing in email may result in all out blocks and zero inbox delivery, rather than causing a massive increase in sales.
Assumption 4: Incentivized permission is the same as real permission
Wrong! Just because a subscriber hits the “give me a coupon” or “enter me in the drawing” link does not mean they want mail from that sender. What it really means is the recipient wants a chance to win something or get $5 off their next purchase. Just because they closed the loop to get an incentive does not mean the sender gets a free pass through spam filters or is exempt from having their mail marked as spam.
The marketing relationship between sender and recipient is a lot more balanced than any other direct marketing relationship. The sender can’t ignore the recipients’ preferences over the long term without suffering delivery problems. Many email marketers, particularly those that didn’t start in email, forget that the relationship is different and marketers have to respect the recipient.

Read More

Signup forms and bad data

One thing I frequently mention, both here on the blog and with my clients, is the importance of setting recipient expectations during the signup process. Mark Brownlow posted yesterday about signup forms, and linked to a number of resources and blog posts discussing how to create user friendly and usable signup forms.
As a consumer, a signup process for an online-only experience that requires a postal address annoys and frustrates me to no end. Just recently I purchased a Nike + iPod sport kit. Part of the benefit to this, is free access to the Nike website, where I can see pretty graphs showing my pace, distance and time. When I went to go register, however, Nike asked me to give them a postal address. I know there are a lot of reasons they might want to do this, but, to my mind, they have no need to know my address and I am reluctant go give that info out. An attempt to register leaving those blanks empty was rejected. A blatantly fake street address (nowhere, nowhere, valid zipcode) did not inhibit my ability to sign up at the site.
Still, I find more and more sites are asking for more and more information about their site users. From a marketing perspective it is a no-brainer to ask for the information, at least in the short term. Over the longer term, asking for more and more information may result in more and more users avoiding websites or providing false data.
In the context of email addresses, many users already fill in random addresses into forms when they are required to give up addresses. This results in higher complaint rates, spamtrap hits and high bounce rates for the sender. Eventually, the sender ends up blocked or blacklisted, and they cannot figure out why because all of their addresses belong to their users. They have done everything right, so they think.
What they have not done is compensate for their users. Information collection is a critical part of the senders process, but some senders seem give little thought to data integrity or user reluctance to share data. This lack of thought can, and often does, result in poor email delivery.

Read More