Slashdot Mirror

← Back to Stories (view on slashdot.org)

When Does Signing Up Become 'Opting In?'

Posted by Soulskill on from the give-an-inch-and-they-take-a-mile dept.

AmyVernon writes "This piece from RWW got me thinking about whether, when you sign up for access to a site, you're actually signing up to get a slew of email spam from them. The single opt-in is still really popular, which I've noticed because I often check the box indicating I don't want further emails from a company or publisher. I always assume that giving my actual email address means I'm going to get spam-type emails from whomever. It still surprises me that most people don't. But it does raise a good question: Shouldn't you be able to sign up for something without automatically being signed up for a never-ending stream of 'updates?'"

15 of 151 comments (clear)

  1. They now have a vested intrest in not spamming by giorgist · · Score: 2

    Simply put, if they spam you and you click them as so, then even their legitimate emails will end up in other peoples spam folder.
    If they are a little agresive in sending you emails without a easy way to opt out ... SPAM

    1. Re:They now have a vested intrest in not spamming by Opportunist · · Score: 5, Interesting

      This is very, very slowly getting through to the managers, though.

      I had a boss not too long ago who simply assumed that everyone who ever bought a product wants to get our newsletter. I warned him that we might end up on blacklists, he chose to belittle my being a scaredy-cat and ignore me.

      Last I heard is that he's fighting a losing uphill battle to get off the various spam blacklists because NONE of his emails get to their recipients anymore, and he noticed that it's not building trust in a company when you have to phone a possible business partner who has a commercial spam filter to tell him that he has to dig through his spam for your mail.

      --
      We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
    2. Re:They now have a vested intrest in not spamming by Kjella · · Score: 4, Insightful

      If you are a business you HAVE to. From the start I made my mailing list completely opt-in. That doesn't stop AOL users from using the spam button instead of the prominent link at the top that gracefully removes them from the list. You can't have customers not receiving order confirmations or order updates or have business email blackholed because some webmail users decide they don't want your mail anymore.

      Blame that on all the asshats sending spam who take a link to opt out as a confirmation that your email address is live and proceed to sell it to ten more spam lists. Simple people need simple rules so the rule became to always click the spam button and never any opt out link. To fix this you'd have to fix the email system so we can tell the real opt-ins from the linkbait.

      --
      Live today, because you never know what tomorrow brings
    3. Re:They now have a vested intrest in not spamming by FireFury03 · · Score: 4, Insightful

      There's two different types of spam. One is commercial email that is sent legitimately but which you don't want

      I would argue that if they autosubscribed me without asking, or actively ignored the preference I made when I signed up (both of which are illegal in this country) then it is not "sent legitimately". True, they tend not to fake the sender, but they are indistinguishable from spam sent from false identities (at least, not trivially distinguishable), and you therefore can't trust the "unsubscribe" link will actually unsubscribe you rather than harvesting your address (also, would you trust such a link if the sender had previously ignored your preferences anyway?).

      In the other hand, in some cases there is a real problem with sending spam. I have in the past dealt with a bank (who I closed my accounts with then they started with this) who took to emailing me with marketing. The emails came from a domain that wasn't identical to their normal domain and instructed me to follow a link to a website which, again, wasn't their normal trading domain. The email told me that I could verify that it was legitimate because it contained some trivial PII (I think it was the first half of my postcode, or something similar... basically something that pretty much anyone could find out). So there are 2 problems here:
      1. The bank is teaching people that they can authenticate an email based on some very spoofable details instead of securely signing it using a readily available, standard and widely supported technology such as S/MIME.
      2. The bank is teaching their customers that it is ok to follow links in emails to random websites claiming to be their bank but being served from a domain that isn't recognisably the bank's own domain.
      Whilst the website in question was purely marketing and didn't ask for any personal details, it strikes me that it was a little too close to what phishing looks like and that teaching the general public that they can expect their bank will communicate in this way is a Bad Thing... A good chunk of the public don't have a good enough grasp of security to consider the difference between this and a phishing mail.

      --
      http://blog.nexusuk.org
    4. Re:They now have a vested intrest in not spamming by andymadigan · · Score: 2

      I recently signed up for a trial of an app (YNAB - You Need a Budget). They asked for your e-mail address, I gave it to them. They say they need it to send you the trial key. There was also a checkbox labeled " Yes! Also send me occasional budgeting tips and best practices.". I unchecked it.

      YNAB decided to send me messages (other than the trial key) anyway, I marked it as spam. I didn't agree to receive other messages, in fact I explicitly opted out.

      For cases where there is no opt-out, fine. A regulation should be in place requiring them to state in readable text, near the e-mail box "we will send you updates at a frequency of our choosing, we may sell your e-mail address to spammers, etc.". Not in a privacy policy, in bold print on the sign-up form. If the company legitimately believes that people are willing to agree to the deal (my e-mail address for your product), then they should have no problem making it clear to the consumer what they are agreeing to.

      I don't want to force a company to business with me, but I don't want a company to trick me into doing business with them so they can resell my information to the highest bidder.

      --
      The right to protest the State is more sacred than the State.
  2. Meh by Mashiki · · Score: 2

    In Canada unless it's clearly defined it's a privacy violation to do so. It's also a privacy violation in Germany, and I believe California. Signing up != A business relationship. So marketers take heed. Just because you can do something, and haven't been sued yet. Doesn't mean you won't. It just means that people can't afford to do so, or they don't care enough right now.

    --
    Om, nomnomnom...
  3. As a marketer... by lwsimon · · Score: 2

    Single opt-ins suck. Why would you ever want to subject your list that that much "spam" notations? No one wants to see your promotions if they've not signed up for them. If you're running the business right, people will want to open your emails because they provide value.

    I use double opt-ins for my online listbuilding, and am very explicit that the user will receive solicitations. I use single opt-in in the real world only, such as when I run a contest dropbox to collect email address to win a prize. Physically writing your email on a scrap of paper is good enough verification for me.

    --
    Learn about Photography Basics.
  4. Some managers don't get it by msobkow · · Score: 4, Interesting

    I worked for a company that had a manager who insisted on sending out a newsletter to everyone in the company customer database. We warned him that was illegal. We warned him that would be spamming.

    He refused to listen and ordered the email sent.

    The entire company was blocked from sending emails less than 24 hours later.

    You should have seen him rant and rave about the importance of getting the emal "fixed." His manager found out about the "newsletter", and fired him on the spot.

    --
    I do not fail; I succeed at finding out what does not work.
    1. Re:Some managers don't get it by Kjella · · Score: 2

      His manager found out about the "newsletter", and fired him on the spot.

      At least there's one good manager in this story, he's even the boss of the bad manager. It could be worse...

      --
      Live today, because you never know what tomorrow brings
    2. Re:Some managers don't get it by WuphonsReach · · Score: 4, Informative

      I worked for a company that had a manager who insisted on sending out a newsletter to everyone in the company customer database. We warned him that was illegal. We warned him that would be spamming.

      Not illegal in most jurisdictions as long as there is a pre-existing business relationship. Presumably, if they're customers, then they qualify.

      Doesn't mean it's not sleazy and prone to cause problems.

      --
      Wolde you bothe eate your cake, and have your cake?
  5. Re:Another disconnect between managers and IT peop by pspahn · · Score: 2

    Well duh. They define the entire business model on the idea that each user in their database is worth $x. If they reach a certain amount of users, they will make x amount of money. That disconnection between IT and Management is a two way street.

    --
    Someone flopped a steamer in the gene pool.
  6. Re:Protip by Demonoid-Penguin · · Score: 3, Informative

    Sign up using a throwaway account that is name-related to the site you are signing up to. That way you will always know who are the ones that send you spam, or sell your address to spammers.

    gmail accounts don't care about dots in your email user name - which makes it easy to tell who leaks your email address to spammers. Eg. sign up to gmail and dickhead@gmail.com - then sign up to slashdot as dick.head@gmail.com. All spam addressed to dick.head@gmail.com came via slashdot. NOTE: slashdot doesn't sell email addresses - but I certainly caught companies doing using this technique.

  7. Re:Stunning by Jah-Wren+Ryel · · Score: 2

    (Slashdot, some random story about spam) Blah blah blah paragon of virtue morals everyone should do what's right holier than thou...

    (Slashdot, some random story about copyright infringement) whine anger pout serves them right greedy thieving fascists yeah it's wrong but *&^% those &^%*# I'll keep on downloading stuff I haven't bought until the day I die (justify blindly, etc....)

    (Slashdot, some random poster complaining that slashdot users don't all share the same world-view)

    (Slashdot, some random poster complaining that his own personal world-view is the only valid world-view, and implying that anyone who doesn't conform is a hypocrite)

    --
    When information is power, privacy is freedom.
  8. Re:Protip by AliasMarlowe · · Score: 2

    Eg. sign up to gmail and dickhead@gmail.com - then sign up to slashdot as dick.head@gmail.com. All spam addressed to dick.head@gmail.com came via slashdot.

    Richard Head probably didn't want his gmail address spewed around, you inconsiderate clod!

    --
    Those who can make you believe absurdities can make you commit atrocities. - Voltaire
  9. Re:Protip by Anonymous Coward · · Score: 2, Informative

    Gmail also gives you unlimited e-mail addresses. If you are bob@gmail.com and you sign up for "Site A", you can enter bob+sitea@gmail.com as your e-mail address. Still goes to the same inbox but easily filtered and you can trace who originally gave out your e-mail adress if you give a unique version to every site.