spf-discuss
[Top] [All Lists]

RE: Good Domain List one step closer to reality (actually two steps)

2004-08-18 23:10:16
From: Seth Goodman
Sent: August 18, 2004 8:22 PM

From: John Glube
Sent: Wednesday, August 18, 2004 5:38 PM


Seth,

<snip>

As for IAB, do you have any influence on that group?  It
would certainly help the cause if they would come around to
the verified opt-in point of view, though I realize it
would take a lot of consideration on their part.  The more
organizations that recognize verified opt-in as a best
practice, the more likely that it will be accepted by bulk
emailers and the less abuse there will be.  It's in their
best long-term interest, but it will still require a lot of
selling.

The Anti Spam Research Group (ASRG) has a sub group set up
to deal with best email practices. Ultimately, the issue
will come forward through this group. 

In the interim, there has been a lot of discussion among
online publishers, marketers, those involved in the email
industry and ISPs as to what is required to prove
"affirmative consent" under the CAN SPAM Act of 2003.

Initially when the discussion came up, the IAB standard was
put forward as the minimum standard, with verified opt-in
being the optimal standard. 

Some in the industry responded by saying that's nice, but
in the event of dispute ISPs want verified opt-in. 

About three months ago, one of the leading email service
providers in the SOHO market place published a study
proving that a verified opt-in mailing list was more
responsive, gave rise to less churn among subscribers and
cut spam complaints dramatically.

* One attorney who has a large clientele in the SOHO market
place and has significant experience in responding to
unfair trade practice complaints by the FTC has taken a
clear stand advocating the use of verified opt-in.

* Since January the responsible email service providers in
the SOHO marketplace have moved to mandatory verified opt-in.

* More and more web hosting services are now starting to
say to their clients, you must use verified opt-in if you
want to use our service to run mailing lists.

* Let's just say other steps are being taken. Whether these
efforts are successful or not remains to be seen.

I say this because at least in OECD countries, if one uses
the domain for business purposes, this becomes a business
expense and is generally understood to be deductible as
against business income for income tax purposes.

Having said this many will argue all domains which don't
send bulk email irrespective of whether the domain is used
for personal or business purposes should receive access to
'free' accreditation, or accreditation at a nominal cost.

Sounds like this is a tax attorney question, and a tricky
one.

My point was that if the individual uses the domain for
business purposes, the accreditation cost, if there is one,
is a deductible expense. 

I happen to believe in the citizen's right to arrange his
affairs to minimize his taxes, a principle well enshrined
in Canadian tax law. Even Judges don't like to pay taxes:-)

If the individual uses the domain for both business and
personal, then I agree the issue does become trickier. 

The problems?

* Legal regimes regulating commercial email in the United
States and elsewhere impose oversight costs to ensure
compliance.

At least for the time being, not much is going on here on
the ground that would incur actual costs to emailers, aside
from implementing better policies.  

It depends on what the trustworthiness/reputation statement
from an accreditation service means. If one is simply using
it to verify whether the sender is verified opt-in or not,
as an example, then yes. 

It is possible to create a service which goes beyond merely
verifying whether the sender is verified opt-in.

For example, let's say the sender agrees to comply with the
laws and rules prohibiting unfair or deceptive trade
practices as found in the Federal Trade Commission Act,
more specifically the CAN SPAM Act of 2003 and the various
rules passed under these Acts. 

(Remember a violation of the CSA is also deemed a deceptive
or unfair trade practice under the FTC Act.)

Well, gee that's nice, you have agreed to abide by the law.
Ok, fair retort. But, if one is looking for enforcement
sticks, this is a potential avenue. The FTC may not do
anything, but ... that does not prevent the accreditation
service from doing something.

(We spoke about this earlier.)

However, if one does not make this statement up front, what
is the basis for wanting to use the stick later? None. 

* Oversight to ensure someone does not register a
domain for personal use and then start using the domain
to send solicited bulk email, or unsolicited bulk email.

This may be a tax and/or legal issue, but does it matter
from the email perspective? I mean any entity that sends
bulk email needs to do it properly, meaning with permission
that they can prove.

Whether or not they are registered as the correct kind of
entity may be important for other reasons, but has no
bearing on what are good email practices. 

The legal issue is relevant to the accreditation question. 

Let me explain. When I register my domain and promise to
use it for one purpose and start using it for another
purpose, without notice and consent, based on further
verification, I have broken my word. This goes directly to
the question of "can you trust this sender?"

I suppose if they ever get around to doing some real
enforcement, there's a big difference between corporations
and individuals.  Wouldn't an individual be at greater
risk, legally speaking, than a corporation?

Typically, the FTC goes after both the corporation and the
operating mind (s) of the corporation. 

Changing the subject, glad to read you enjoyed the lyrics.

:-)

John

John Glube
Toronto, Canada

The FTC Calls For Sender Authentication
http://www.learnsteps4profit.com/dne.html

---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.737 / Virus Database: 491 - Release Date: 11/08/2004
 


<Prev in Thread] Current Thread [Next in Thread>