From: John Glube
Sent: Wednesday, August 18, 2004 5:38 PM
Seth,
A couple of comments:
* When I use the statement verified opt-in I mean as follows:
The individual subscribes to a list. The individual receives a
message asking the individual to confirm their consent by
clicking on a link provided in the message.
By clicking the link, this verifies the individuals consent.
(This is the standard used by MAPS and Spamhaus.)
Some call this confirmed opt-in.
I don't only because confirmed opt-in can also mean the
individual subscribes and in response the individual receives a
message verifying the subscription, providing details and giving
the individual the option of opting out if there was some error.
(This is the standard used by the IAB in its best practice guide)
Thanks for the clarification. I've often been confused by this. I'm
glad that we can agree that verified opt-in is the most workable
approach, if for no other reason than the sender has more proof in hand
that the communication was requested by the recipient. It also avoids a
lot of "grey area" mistakes. For instance, Sally is p.o'd at John, so
she subscribes him to the Monthly Enlargement Letter. They send John a
"you're subscribed unless you tell us not to" message, which winds up in
his spam folder. John get the Letter and reports it as spam. Is it?
Not really (Sally is the abuser here), but the whole episode could have
been avoided with the verified opt-in procedure.
As for IAB, do you have any influence on that group? It would certainly
help the cause if they would come around to the verified opt-in point of
view, though I realize it would take a lot of consideration on their
part. The more organizations that recognize verified opt-in as a best
practice, the more likely that it will be accepted by bulk emailers and
the less abuse there will be. It's in their best long-term interest,
but it will still require a lot of selling.
* You can find the lyrics for Harry Belafonte's song "There`sa
hole in the bucket" (this appears to be the correct title and not
There is a hole in the bucket, dear Lisa) at:
http://www.atrey.karlin.mff.cuni.cz/~mj/songs/db/english/TAHITBUC
- or -
http://www.geocities.com/bettyloucountry3/holeinthebucket.htm
RCA Victor produced an album titled Belafonte Returns To Carnegie
Hall. The song is one of the tracks on the album.
http://rcavictor.com/albums/product.jsp?id=09026626902
Thanks very much!
As to the rest of your comments, we are starting to cover old
ground, so let me make this short.
* In my books there is no 'right' to send UBE.
* Want to send bulk email? It must be solicited, with proof of
consent by way of verified opt-in or closed loop verification.
This arrangement gives rise to an agreement between the sender
and recipient confirmed by the granting of verified consent,
which consent the recipient can withdraw at his, her or its
discretion.
I am glad to see you and I agree at least in principle during the
term of this arrangement, receiving mail transfer agents should
not interfere with delivery of this email.
I'm also glad we can agree on this.
Converting this principle into practice is another story.
One of the problems is balancing individual freedom against the
need to prevent crime.
* Bulk email includes any content be it political, religious,
commercial, business or otherwise.
* In my view the move to a closed email system through the use of
sender authentication, along with reputation and accreditation
services is being done to deal with email abuse by those who send
UBE.
In establishing this new approach thought needs to be given as to
how to deal with domains which don't send bulk email and only use
their domains for personal purposes.
I say this because at least in OECD countries, if one uses the
domain for business purposes, this becomes a business expense and
is generally understood to be deductible as against business
income for income tax purposes.
Having said this many will argue all domains which don't send
bulk email irrespective of whether the domain is used for
personal or business purposes should receive access to 'free'
accreditation, or accreditation at a nominal cost.
Sounds like this is a tax attorney question, and a tricky one.
The problems?
* Legal regimes regulating commercial email in the United States
and elsewhere impose oversight costs to ensure compliance.
At least for the time being, not much is going on here on the ground
that would incur actual costs to emailers, aside from implementing
better policies. That's a real cost, but in the long run, the improved
company image that results will pay back. Easy for me to say while they
have to make this quarter's numbers. This may all change if the spam
situation doesn't improve. I can't comment about other countries.
* Oversight to ensure someone does not register a domain for
personal use and then start using the domain to send solicited
bulk email, or unsolicited bulk email.
This may be a tax and/or legal issue, but does it matter from the email
perspective? I mean any entity that sends bulk email needs to do it
properly, meaning with permission that they can prove. Whether or not
they are registered as the correct kind of entity may be important for
other reasons, but has no bearing on what are good email practices. I
suppose if they ever get around to doing some real enforcement, there's
a big difference between corporations and individuals. Wouldn't an
individual be at greater risk, legally speaking, than a corporation?
Others will argue, but what about people not living in the rich
nations of the world?
* One solution is to set up accreditation services in these
areas, which can better accommodate the specific needs of users.
Very good point. All we can do is provide ideas and models that work
here, but what could work in less wealthy economies might look quite a
bit different.
As to the rest, you have stated your position, I have stated
mine.
John
P.S. Enjoy the lyrics to the song:-)
Already have!
--
Seth Goodman