Politech mailing list archives

Previous By Date Next
Previous By Thread Next

FC: Email firm NetCreations tries to define "opt-in" standards

From: Declan McCullagh <declan () well com>
Date: Fri, 06 Jun 2003 01:45:53 -0400
[I disagree with the criticism implied in this message, but I'm sending it along anyway so you can make up your own mind. Maybe it's late and I'm not thinking clearly, but my quick read is that Netcreations is being a generally responsible company, if its claims of using double-opt-in (which is what Politech also uses) are true. --Declan] 

---

Date: Thu, 5 Jun 2003 10:38:05 +0300
To: declan () well com
Cc: contact () netcreations com
Cc: koser () primediabusiness com
Subject: NetCreations pushes for "double opt-in" terminology
From: era eriksson

Declan, Politech readers;

According to a recent article in _Direct_ Magazine, NetCreations -- a
permission-based bulk email company -- is trying to define a standard
for what direct marketers really mean by "opt-in" email. (June 1st;
<http://directmag.com/ar/marketing_netcreations_head_lets/index.htm>)

According to the story, NetCreations think that reaching a consensus
on how to define opt-in is going to be important in order to support
legislators' efforts top regulate permission-based email marketing.
While that's certainly true, there appears to be a FUD agenda lurking
in the shadows.

If NetCreations would truly look for a consensus for the terminology
used in permission-based email, they would hardly push for terms which
are known to be widely contested.

It should not come as news to NetCreations president Michael Mayor, or
any reader of _Direct_, for that matter, that the term "double opt-in"
is universally rejected by the anti-spam community. There is nothing
"double" about requiring confirmations, and confirmations are the only
way to avoid forged subscriptions. The direct marketers know this, but
they apparently wish to muddy the waters.

In fact, NetCreations even has the nerve to boast on their web page
that they "pioneered and patented the 'double-opt in' [sic, in quotes]
list building process which anti-spam groups, ISPs, legislators,
industry trade groups, marketers and consumers agree is the highest
form of permission". <http://netcreations.com/about.html>

Here are the de facto terms in wide use today:

"Confirmed opt-in" (what Mayor calls "double opt-in"): user has
requested to be added to a list, a confirmation request has been sent
to the user, user has actually confirmed.

"Unconfirmed opt-in": anything else where a user has (ostensibly)
signed up for something, but no sincere attempt to prevent forged
subscriptions has been made.

There are several sub-cases of this in Mayor's terminology, but they
are basically redundant -- this includes the case which Mayor wants to
call "confirmed opt-in" (!) where the subscriber/victim receives a
notification that they have been added to the list, but no actual
confirmation of the subscription takes place.

If you do not confirm opt-in properly, it is not proper opt-in,
because it can be forged. It's not just about the spam problem, it's
about the possibility for a malicious attacker to sign up an innocent
third party to a lot of mailing lists. This is a relatively common
kind of denial of service attack, and direct marketers should
obviously recognize that they will gain nothing by allowing themselves
to be a conduit for such attacks.

This drive by the direct marketers to establish terminology to suit
their own needs calls for a counter-effort by consumer and ISP
organizations. The anti-spam bills before Congress are already flawed;
further diluting them by muddying the terminological issues could lead
to catastrophic results.

Incidentally, you'll note that I'm in Europe, but in fact, my spam is
about 50/50 American and Asian. (The American spam I can at least
attempt to read ...)

/* era */

Please don't post my email address in any form -- URL is fine though.

--
Join the civilized world -- ban spam like we did! <http://www.euro.cauce.org/>
   tee -a $HOME/.signature <$HOME/.plan >http://www.iki.fi/era/index.html




-------------------------------------------------------------------------
POLITECH -- Declan McCullagh's politics and technology mailing list
You may redistribute this message freely if you include this notice.
-------------------------------------------------------------------------
To subscribe to Politech: http://www.politechbot.com/info/subscribe.html
This message is archived at http://www.politechbot.com/
Declan McCullagh's photographs are at http://www.mccullagh.org/
Like Politech? Make a donation here: http://www.politechbot.com/donate/
-------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: