Politech mailing list archives
FC: Godiva responds to Politech subscriber over buy-chocolate spam
From: Declan McCullagh <declan () well com>
Date: Tue, 09 Apr 2002 00:06:13 -0700
Previous Politech message: "Dave Touretzky replies to direct marketing group over Godiva" http://www.politechbot.com/p-03353.html --- From: "Matt Del Vecchio" <matt.del () usa net> To: <declan () well com> Cc: <Dave_Touretzky () cs cmu edu> Subject: chocolate madness Date: Fri, 5 Apr 2002 15:15:21 -0600 declan, i had to find out what their deal was. give me chocolate sweets w/o the spam, or give me death. Cathy address the Godiva policy below... -----Original Message----- From: Matt Del Vecchio [mailto:matt.del () usa net] Sent: Friday, April 05, 2002 3:12 PM To: 'cathy_baucum () godivachoc com' Subject: RE: your online privacy policy Dear Cathy, Thank you for the useful information. FYI, if one has multiple email addresses forwarding to a different single email address, often it is impossible to known which email address needs to be UNSUBSCRIBED via an email. However, it still boggles the mind as to why Godiva would, by default, sell my personal information to 3rd parties. If it's not done in the store, why should electronic orders be any different? As a customer interested in buying chocolate, on the phone, Internet, or otherwise, I only do business with merchants that operate on the notion of "Opt-in", rather than "Opt-out". Until this policy is reversed, I will not be doing business with Godiva. Sincerely, matt -- Matt Del Vecchio -----Original Message----- From: cathy_baucum () godivachoc com [mailto:cathy_baucum () godivachoc com] Sent: Friday, April 05, 2002 2:14 PM To: matt.del () usa net Subject: your online privacy policy Dear Mr. Del Vecchio: Thank you for your email regarding our privacy policy and sharing information. Please be assured that Godiva does NOT share anyone's telephone number or EMAIL address with any other company for any reason at all. All customers have the option to UNSUBSCRIBE from the email list at any time, which they can do themselves or request customer service to do for them. If you place an order from our catalog over the PHONE, it is possible that your ADDRESS will be shared with other companies, but you may also request that we do not "rent" your address, and we are very happy to comply with this request. I hope that this has answered your question regarding our policy, but please feel free to contact me if you have any other questions or concerns. Thank you for your interest in Godiva Products. Very truly yours, Cathy Baucum Customer Service Supervisor Godiva Chocolatier Inc. 1-800-946-3482 - Select Prompt 3 for Customer Service ----- Forwarded by Ena McCarthy/US/GODIVA/CSC on 04/04/2002 08:12 PM ----- matt.del () usa net on 04/04/2002 08:00:46 PM To: letters () godiva com, sitefeedback () godiva com cc: (bcc: Godiva Questions) Subject: your online privacy policy Dear Godiva, In response to complaints from a customer who purchased chocolate online as a gift, I have decided not to do any business with your company, nor will I recommend anyone else do so. The customer complaint was based around the fact that the process for sending chocolate never presented an option for him to sign-up or not sign-up for promotional email ("SPAM"). Worse, that your company will sell his customer information to other companies to send their own promotional email ("SPAM"). This is unacceptable business practice. To retain customer respect and thusly business, you must be more up front about your policies, going so far as to provide customers with the option to Opt-in or Opt-out. Sincerely, matt ps - you "Click here for live assistance" link, found on http://www.godiva.com/customer/talk.asp, is broken. -- Matt Del Vecchio ********** [Below is from a journalist who wanted to remain anonymous. --Declan] FYI Life is far too short to be required to expend much of it on informing commercial emailers to take you off their commercial email lists. Godiva's unsolicited commercial email may provide one of the few "remove me" links that actually work. However, I have wasted God only knows how much time trying unsuccessfully to opt out of other spam. In the overwhelming majority of unsolicited spam I get at Hotmail, the purported web sites hosting the remove me or unsubscribe me links are dead or the emails are bounced back. One problem is that legitimate spammers (as in not making absurdly inflated or scurrilous marketing claims and providing opt out links that work) distribute your email address to less reputable marketers who falsely state that you have expressed a desire to hear about their pyramid schemes, herbal potions to extend your penis 6 inches; hard core pornography, credit identity reconstruction scams, get rich quick scams etc. etc. I completely agree with the Dave Touretzky that buying a box of chocolates should not require one to read a long, dull/obtuse privacy policy notice and opt out in order to not be flooded by tedious spam. Ben A. Isaacson's position just undermines consumer confidence in online commerce. Not many of us have time or the inclination to go to all that trouble just to ensure your email address is not sold to all and sundry after making simple purchases online. I won't be buying online from Godiva anytime soon either. ********** From: "Dave McClure" <dmcclure () usiia org> To: <declan () well com> Subject: RE: Direct marketing group replies: It's nutty to boycott Godiva Date: Fri, 5 Apr 2002 08:11:18 -0500 Organization: usiia.org Actually, Declan, David does seem to know the common definition of spam. And while he perhaps should have read the fine print, he is doing exactly what consumers should do when confronted with these kinds of policies -- voting with their wallets. The premise behind the "privacy policy" approach is that consumers will become aware of the policies of a company, and that if they cannot agree with those policies, they will refuse to deal with that company. David was merely passing consumer information along to other consumers to assist them in making a better choice. Personally, I gag over the companies that disengenuously claim they will not sell your data while at the same time saying they will "make the data available to certain third parties." I want to know what retarded chimpanzee makes the decision as to what products would be of interest to me (with apologies to any intellectually challenged simians on the list). My $.02, anyway, and a tip of the hat to Mr. Touretzky. I used to buy from Godiva, and he's likely saved me from making such an error in the future. Dave McClure ********** From: "Jim Harper - Privacilla.org" <jim.harper () privacilla org> To: <declan () well com> Subject: Re: Dave Touretzky replies to direct marketing group over Godiva Date: Fri, 5 Apr 2002 12:16:48 -0500 Would it benefit Politechnicals to note that this David vs. Godiva conflict is a good example a new marketplace learning what its customs should be? I don't necessarily agree with him, but Dave Touretzky is standing in the shoes of many consumers when he complains. He helps companies learn what is appropriate and inappropriate. They know that they risk the wrath of customers, and the suscpicion of potential customers, when they get it wrong. Many people's instinct would be that someone has to "solve" this problem. In fact, this argument is the solution. My line is privacy, and spam is better thought of as a question of incenvenience and annoyance, but I thought I 'd comment . . . . Jim Harper Privacilla.org ********** From: Colin Reed <aleph () alumnus caltech edu> Message-ID: <2.1-170575623-404-A-OEWW () smtp earthlink net> To: declan () well com, politech () politechbot com Cc: Dave_Touretzky () cs cmu edu, ben () interactivehq org Date: Fri, 5 Apr 2002 17:10:05 -0800 Subject: Re: FC: Dave Touretzky replies to direct marketing group over GodivaI was on Godiva's list for a while, but I had no trouble getting off of it. Maybe because I always check headers to see which adress a mail was sent to.
**********
Date: Fri, 5 Apr 2002 09:45:15 -0500
From: Rich Kulawiec <rsk () firemountain net>
To: Declan McCullagh <declan () well com>
Cc: Dave_Touretzky () cs cmu edu, letters () godiva com,
Godiva_Customerservice () godivachoc com, ben () interactivehq org
Subject: Re: FC: Direct marketing group replies: It's nutty to boycott Godiva
> The gentleman posting does not seem to know the common definition of
> spam, nor actually read the posted Godiva privacy policy. If he bought
> something, then the email is not unsolicited as there is now a prior
> business relationship.
Actually, no, that's not the correct definition of spam. Not surprisingly,
marketers have frequently attempted to warp the meaning of the term
"spam" to mean "that which we do not do". Having been around long
before they arrived online, I'm not buying it, and I urge others to
also resist such attempts to redefine the term to suit those of people
who work in marketing.
"Spam" is the slang term that we netizens originally coined to
describe the mass-posting of messages to Usenet newsgroups. It was
then quickly co-opted to also describe the sending of "unsolicited
bulk email", or UBE, because it shared many of the same characteristics.
There are some important things to note about UBE -- in particular,
what it *doesn't* say:
- It says nothing about content. Porn UBE is spam, and so
is charity or political or any other UBE. As is often said,
it's not about content, it's about consent.
- It says nothing about intention, or relationships, or anything
else. This is deliberate: intentions are unknowable, and
relationships are frequently redefined to suit the convenience
of spammers. (As in, "you have visited our website" to "you
are now our customer" to "we are going to spam the hell out of
you until you jump through our hoops to stop".)
- It says nothing about how the messages are transmitted. UBE
with forged headers sent through hijacked relays is spam;
so is mail sent directly from the spammer's own servers
with canonically correct headers. (The former also includes
*additional* forms of abuse besides spamming, but that's beyond
the scope of this discussion.)
- It says nothing about "opt-out", because "opt-out" is merely
a thinly-veiled excuse for spamming, as in "we get at least one
free shot at you, maybe more if we make the opt-out process
sufficiently onerous and obscure". (And, as has been repeatedly
demonstrated, it doesn't work.)
- It doesn't mention "solicited bulk email", such as the kind
one gets by signing up for politech; nor does it mention
"unsolicited non-bulk email", such as the kind most of us get
on a daily basis from a variety of correspondents. (Both of
these are frequently put forth as strawmen by pro-spam
groups like the DMA as part of their propaganda campaign
against supposed "anti-commerce radicals".)
The bottom line: forcibly signing up anyone for any kind of mailing
list without their express, prior consent is spamming. Given Dave's
recitation of the facts, and I have no reason to doubt his accuracy on
these points, it's clear that Godiva is doing exactly that.
This is disappointing, but not surprising: I've received the same sort
of abusive treatment from the Vermont Teddy Bear Company, SpaWish.com,
and others after purchasing a product/service from them AND explicitly
instructing them not to add my name to any mailing list of any kind
for any reason. I've now taken to using individual email addresses
for each online company that I do business with: this makes it easier
to block them if they commence spamming. (It also makes it very easy
to see who they've sold my address to, since only I and they know
each individual address.)
It's also disappointing because there's no need for such abusive tactics:
confirmed opt-in mailing lists have been operating effectively on the 'net
for over twenty years, and the software required to run them as well
as effective policies for their operation are all freely available at
zero cost.
One particularly enlightening and amusing story of just how far a single
email address can go -- being passed from spammer to spammer - is here:
http://www.honet.com/Nadine/
I join Dave in urging fellow netizens to vote with their wallets: do
not do business with companies that engage in spamming (e.g. Amazon)
or that provide support services for spammers. Some very useful resources
to use to identify precisely who those companies are may be found here:
http://www.spamhaus.org/
---Rsk
Rich Kulawiec
Senior Internet Architect
rsk () firemountain net
**********
From: Charlie Oriez <coriez () oriez org>
Organization: Lumber Cartel [tinlc]
To: Declan McCullagh <declan () well com>, politech () politechbot com
Subject: Re: FC: Direct marketing group replies: It's nutty to boycott Godiva
Date: Fri, 5 Apr 2002 07:27:53 -0700
X-Mailer: KMail [version 1.2]
Cc: Dave_Touretzky () cs cmu edu, ben () interactivehq org
References: <5.1.0.14.0.20020404232654.0225ea40 () mail well com>
On Thursday 04 April 2002 21:29, Declan McCullagh gave up the right
to remain silent by saying:
> ---
>
> From: "Ben Isaacson" <ben () interactivehq org>
> To: <declan () well com>
> Subject: RE: Time to boycott Godiva for spamming customers? By D.
> Touretzky Date: Thu, 4 Apr 2002 23:03:00 -0500
> Organization: AIM
>
> Declan,
>
> The gentleman posting does not seem to know the common definition
> of spam, nor actually read the posted Godiva privacy policy. If he
> bought something, then the email is not unsolicited as there is now
Sorry. It looks to me like Godiva doesnt know the correct definition
of spam. Spam is unsolicited bulk email. If they hide the
disclaimer to make it difficult to see, if they dont send a
confirmation message which you must reply to in order to confirm that
you understand that you are signing up for a mailing list and want to
be on it, any subsequent mailings are unsolicited and meet the
definition of spam.
Godiva seems from the discussion to be very careless in their consent
verification steps. I just connected with them using an email
address which is a spamtrap used to add mail servers to one of the
dnsbl's. If they send one confirmation message to that address in
keeping with best practices, the system won't add them to the dnsbl,
but it also will not respond. If they then spam the bejeezus out of
it without waiting for permission, they will get added to the dnsbl.
If Godiva understands spam, and doesn't spam, they have nothing to
worry about. If they decide to add addresses to their database willy
nilly without the consent of the address owners, they're going to
have problems.
http://www.mail-abuse.org/manage.html
--
Charles Oriez coriez () oriez org
39 34' 34.4"N / 105 00' 06.3"W
**
You can't be a real country without a beer and an airline.
A football team and some nuclear weapons help, but at the
very least you need a beer - Frank Zappa
**********
Date: Fri, 05 Apr 2002 08:57:45 -0500
Subject: godiva spam
From: "Victoria Ekstrand" <vekstrand () mindspring com>
To: declan () well com
How about free samples with that Godiva spam? Or some real dollars off in
the form of coupons?
Good marketers know customers are less apt to be annoyed by mailings if what
they're sending has real value.
After all, many of us put up with those supermarket circulars because we
actually benefit at the cash register. The same goes for those promotional
clubs like Hallmark.
Yes, we give up a bit of privacy. But money talks. Particularly for most
Americans who don't even know what an Internet privacy policy is.
It's the random stuff -- an alleged "sale" here and there or newsletters --
that annoy me.
Truffles would be fine, thank you.
Victoria Ekstrand
Ph.D. candidate, Park Fellow
University of North Carolina -- Chapel Hill
School of Journalism and Mass Communication
**********
Date: Fri, 05 Apr 2002 08:31:35 -0500
From: "J.D. Abolins" <jda-ir () njcc com>
Subject: Re: FC: Dave Touretzky replies to direct marketing group over Godiva
In-reply-to: <20020405082421.A4493 () cluebot com>
X-Sender: jda-ir () pop njcc com
To: declan () well com
Cc: Dave_Touretzky () cs cmu edu, ben () interactivehq org
> From: Dave_Touretzky () cs cmu edu
[...]
> What I asked Godiva to do when I wrote to them was remove me entirely
> from their database. Forget I ever existed, because they're not going
> to make another dime in sales from me for as long as they continue to
> treat their customers with this kind of contempt.
>
> Not surprisingly, there has been no reply.
This is a ongoing personal info control issue. The obligation to delete is
not well supported. There is a better chance in preventing certain uses of
the data.
Various businesses will insist that once the customer gave the mailing and other info, the database entry belongs to them. Many customers will insist that they retain some control over the info. Some attempt is made to negotiate this through contracts and policies. But the negotiation is often clumsy as this thread indicates.
A similar problem exists with government databases. I recollect a case in Virginia years ago where parents suspected of abusing their children sought to have their record deleted from the state's database of suspected abusers after state investigators cleared the parents. The parents argued that because the investigators found no cause to take action regarding child abuse, their names should be removed from the database. The state insisted that the records belong to them and the records were important to document the agencies' activities. Also even if a person is cleared, many agencies find it handy to have the record in case future allegations are made. Expungement, in the sense of sealing the records from certain uses, is possible in many places but total wiping of records is difficult anywhere.
That is why I emphasize "front end" disclosure control privacy protection rather than post disclosure methods. The post-disclosure methods, often don't work well and can sometimes trample upon rights such as freedom of speech.
> When customers insist on REAL privacy policies instead of fig leaves, > companies do comply, or their customers go elsewhere. I order my > books from Barnes & Noble, not Amazon, because of Amazon's repeated > bad behavior. Godiva may be a big name, but there are lots of other > chocolatiers selling over the web who do not thumb their noses at > customer privacy. I urge Politech readers to patronize them.The problems Dave described with Godiva's online purchasing could happen with any of the above entities at some time. Yes, switching to online business that suit one's needs and preferences is good. But consider taking the business to offline outlets where one can have greater privacy controls: paying in cash (how subversive!), avoid "courtesy/loyalty/discount" cards, not buying extended warranties, and so on. By going to the local candy store and buying Godfiva chocolates, I can avoid all the email and database hassles. If somebody is looking to make a statement regarding Godiva's or somebody else's online marketing practices, the boycott of a disagreeable online approach does remove a bit from the profitability of the online retail site.
J.D. Abolins Meyda Online Info Security & Privacy Studies http://www.MeydaOnline.com ********** From: "Downes, Stephen" <Stephen.Downes () nrc ca> To: "'declan () well com'" <declan () well com> Subject: RE: Direct marketing group replies: It's nutty to boycott Godiva Date: Fri, 5 Apr 2002 07:04:41 -0500 MIME-Version: 1.0 Another todbit... Ben Isaacson writes, "If he bought something, then the email is not unsolicited as there is now a prior business relationship." It occurs to me: people - myself included - do not shop over the web, not because they think someone will steal their credit card number, but because they know that if they buy even one thing then they will be deluged by spam. Put another way: nobody wants an ongoing "relationship" with Godiva: they just want a box of chocolates. -- Stephen Stephen Downes - http://www.downes.ca -- stephen () downes ca ********** From: "D McOwen" <dmcowen () bellsouth net> To: <declan () well com>, <politech () politechbot com> Cc: <Dave_Touretzky () cs cmu edu>, <ben () interactivehq org> Subject: RE: Direct marketing group replies: It's nutty to boycott Godiva Date: Fri, 5 Apr 2002 06:27:12 -0500 Message-ID: <NCBBLLCKEFIGAFOKNBDLGECECLAA.dmcowen () bellsouth net> Interesting Ben, You say Opt-out but these people never asked if you wanted to Opt in. Purchasing a product now means automatic spam as if you are actually purchasing spam and we're supposed to be happy about that? The same is true about all those "Free" chance to win stuff all over the place both offline and on-line, in the malls it's the boxes all over the place where you fill out a post card that asks for your e-mail, fill that out and viola, a ton of spam. You don't see clearly that you are Opting in for the spam. With products that's called bait and switch and illegal, with "Chances" and Free" stuff bait and switch with spam is OK? The online sites are the same but worse because the process is so automated and proliferated amongst more computers and lists. So everything we do now is automatic Opting in, that sounds pretty nuts to me. Dave McOwen ********** ------------------------------------------------------------------------- POLITECH -- Declan McCullagh's politics and technology mailing list You may redistribute this message freely if you include this notice. Declan McCullagh's photographs are at http://www.mccullagh.org/ To subscribe to Politech: http://www.politechbot.com/info/subscribe.html This message is archived at http://www.politechbot.com/ ------------------------------------------------------------------------- Politech dinner in SF on 4/16: http://www.politechbot.com/events/cfp2002/ -------------------------------------------------------------------------
Current thread:
- FC: Godiva responds to Politech subscriber over buy-chocolate spam Declan McCullagh (Apr 08)