I'd like to back up a second here on opt-out.
I don't believe this group should recommend a global opt-out
solution. I believe that opt-out is 100% the wrong way to manage
bulk mailings. It is fundamentally flawed, and it will make the
current spam situation far worse than it currently is.
First of all. Look at the world as it is. Who sends you bulk email?
1. People whom you told to send you email.
2. People to whom you gave your email address to (e.g. product
registrations, online purchases) but didn't specifically tell them
they could send you email.
3. Affiliates of #1 or #2.
4. People who bought your address from #1 or #2.
5. People who bought the assets of #1 or #2.
6. People who snarfed your address off the web or from another
location which did not carry any implied consent for bulk email.
7. People who bought from #6.
This is how I think most people feel about each of those. I'm sure
there's a range, and it's not like I've gone out and done a survey.
But I think it's roughly like this. Please don't get picky if your
personal moral slider moves it in one direction or the other.
1. Fine if I can opt-out
2. Iffy, depending on content, but okay if I can opt-out
3. More iffy, but okay if I can a) stop the spread and b) opt-out
4. Probably crossing the line (no way to stop the spread)
5. Wrong, but the courts say it's okay, hopefully can opt-out
6. Wrong
7. Wrong
Now, let's consider an opt-out list. Who will it impact?
1. No
2. No
3. Possibly, but probably not
4. Yes
5. Possibly
6. No (they'll ignore it)
7. No (they'll ignore it)
So. An opt-out list will stop people who bought your list from
someone you gave your email address to. You don't *want* it to stop
the people you explicitly gave permission to. It might stop people
who bought the assets of a defunct company. It probably won't stop
affiliates of a company (e.g. multiple catalog companies owned by a
single entity) because they probably had fine print saying that you
gave permission to all of them (that's certainly what they do now).
It will have zero impact on existing spammers.
That's the good news. Here's the bad news.
A global opt-out list is a tacit statement that it's okay to spam
random email addresses. After all, if you didn't want email, you
would have put your name on the list, right? This is exactly the
*wrong* way to go. We do not want "100 million email address CDs" to
become legitimate sales tools just because they were cleaned by the
opt-out list. You do *not* want every company in the country
broadcasting email address to every address they can find.
"But," you say, "If you don't want that, just put your name on the
opt-out list."
I assert that if we tacitly support opt-out, we will create a mail
situation so bad that you won't be able to function unless you
opt-out. *Everyone* will want to opt out. And what is the point of
an opt-out system in which every person in the world is required to
opt out? Furthermore, as has been mentioned numerous times. It's
not just a question of email addresses, it's a question of domains
and bounces as well.
Opt-out can work for phone numbers because there are a finite number
of phone numbers. There are *not* a finite number of email
addresses. It should not be mandatory that every time you reserve a
domain you have to go and opt-out all possible email addresses in
that domain. That makes no sense whatsoever.
To sum it up.
1. Opt-out doesn't affect the majority of the people we are trying to stop.
2. Opt-out will make things worse.
3. There is no point in an opt-out system that everyone has to join.
Even if you don't believe #2, #1 and #3 still stand. As do my points
concerning domains and infinite email addresses.
I strongly believe that this group should make absolutely no
recommendations for a global opt-out system. I further believe that
it should recommend that opt-out is, with regards to email,
fundamentally flawed.
I believe that we could make positive recommendations for opt-in, but
I want to keep that discussion separate from this one. The point
here is simple. We should not recommend *any* opt-out system.
As an aside; other differences between email and phones. Email
addresses change more frequently, causing aging problems. Many
people manage more email addresses (sometimes *lots* more) than they
do phone numbers, making managing opt outs (especially if they
age-out) far more difficult. Email addresses reach inside companies,
where phone numbers often don't. Phone opt-outs can be verified
against an address to avoid do-gooders opt-ing out lots of people.
Email addresses cannot be verified except via confirmation email--and
that rules out wildcard, bouncing address and domain opt-out
possibilities. (I don't personally have a problem with someone
writing a program that opts out everyone in the world--but I don't
believe the marketing companies will accept an opt-out system that
doesn't have verification or other barriers against excessive ease of
use.)
--
Kee Hinckley
http://www.puremessaging.com/ Junk-Free Email Filtering
http://commons.somewhere.com/buzz/ Writings on Technology and Society
I'm not sure which upsets me more: that people are so unwilling to accept
responsibility for their own actions, or that they are so eager to regulate
everyone else's.
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg