Getting it Wrong: Corporate America
Spams the Afterlife
by Bob West
January 19, 2008
The Smell of Profit
I've recently gotten several pieces of UCE from a new "offers" marketer, so I decided to pay their website a visit. ... On the unsub page, though, the stock image is that of an ancient Roman coin. ... This particular coin turns out to be a silver denarius struck in 75 A.D., during the reign of Emperor Vespasian. ... Interesting guy...
Yeah, that's right... It's our first update in almost five years!
Just because the site hasn't been updated in ages... that doesn't mean the spam problem has gone away. In fact, spam is up. The undergrounders have multiplied like rats, the botnets have seized control of hundreds of thousands of peecees... and corporate America has started spamming in a big way.
Oh, sure, large companies have benefitted from affiliate spamming for years. Some have enforced no-spam policies, and some have not.
Now, though, many big-name companies with warm and fuzzy marketing faces have started using email to reach their customers.
The problem is that Corporate America is getting it wrong. They're using what's called "email append", and ancient consumer data. The result? Spam.
Email appending is a process used by marketers to add an email address to a record for a person for whom they have a name, plus a postal address, phone number, or other personally-identifiable info. The big consumer data (and yes, credit bureau) companies like Equifax provide appending services.
Current law in the U.S. says that companies have the right to contact you via email if you're one of their customers. Yes, Congress is filled with people who don't grasp — or who ignore, due to lobbying pressure — the simple, obvious fact that explicit permission to email is the ethical and practical standard. So they pass laws that say, in effect, "Yeah, go ahead."
|Spamming the Afterlife
The companies below — big and not-so-big — are using ancient email append data, and, in an attempt to contact a man who has been dead for more than 8 years, are now sending me Unsolicited Commercial Email.
Are you on this list? Wanna get off of it? Just read this, then use the contact form and explain that you've converted your list to permission-based, not assumption-based.
AAA Mid-Atlantic — [Added 2008-04-17] AAA, buying ridiculously outdated consumer data (from?), is attempting to send email to the man's widow, who may or may not have joined AAA. And so, once again proving that emailing to reverse-appended addresses without first confirming is really, really dumb.
United Airlines — His miles still haven't expired, even though he has wings of his own now.
Hallmark — This one's even dumber; the man's widow shops at a Hallmark store at a mall. Now I get spammed because Hallmark associated her name with his 8-year-old email address.
Alpha Software — I don't use PeeCees. Never have. Probably never will. But Alpha apparently wants me to read their ads anyway.
Cerious Software — Ditto.
Norm Thompson — Online clothing retailer. Re-launched 3 web sites in Sept. 2007, and apparently decided to start email appending. Another company that slapped my address into their database, even though they're looking for a woman. I apparently have Debbie Hess, director of Norm Thompson Internet marketing to thank for buying moldy data.
Heavenly Ham — A Baltimore company advertising their supposedly "heavenly" ham with not-so-heavenly pork by-product.
Fox Restaurant Concepts — The man passed away in April of '98, having lived on the east coast. Fox was founded in '98, in Arizona. And they only started sending email to the man's email address in late 2007. They must have a psychic on-staff. Or they just bought a good old-fashioned spamming list. Kudos to Sam Fox, restauranteur and spam chef, and the "email marketing" [sic] company he uses, FishBowl... which has totally ignored repeated abuse reports.
Alzheimer's Association — Unfortunately, they appear to be suffering from the very condition they seek to eradicate. Truly tragic.
Here are some other companies that are spamming me at various addresses just because they can't wrap their pea-sized brains around the concept of prior permission:
Blockbuster — Got a membership there decades ago, but never gave them explicit permission to email me. So they appended an email address that was originally scraped off a web page by some low-life spammer, and started emailing me without any confirmation a couple years ago. A great way to impress your customers.
Sears — Bought a fridge, and got free spam in the bargain. they're sending to the same spammer-scraped email address as Blockbuster. Sounds like they shop at the same bargain-basement data warehouse.
Virginia Tourism Corporation — Spamming the same scraped email address. The interesting thing about this is that this corporation is controlled by the Commonwealth of Virginia... a governmental entity known for aggressively suing spammers. So... is the Attorney General of the Commonwealth of Virginia going to sue the Commonwealth of Virginia?
The result is that marketers buy appended email addresses, then start sending you email after email after email, regardless of whether you've asked for their advertising.
Using lists built from email append is a violation of the terms of service of many email list-management companies— and for good reason. The resulting number of bad addresses and pissed-off recipients can create a serious liability for the mailing company.
But, obviously, there are some email marketing companies that, like a crack addict, can only see the Benjamins, and don't give a frack about the risks.
Now... You might just like getting emails that update you on your account status, on special email-only sales that save you money, and so forth. Or you might not.
So, the marketers add an unsubscribe link.
So do a large percentage of underground spammers.
Once again, the marketers miss or ignore the point — if you don't have permission to email before emailing, you don't have permission.
So, consumers who don't want the ads are forced to take the time to unsubscribe. Some companies obey those wishes, while others ignore them. Like Reunion.com. But that's another article.
Compounding the problem is the unglamorous fact that a huge chunk of the consumer data "owned" [sic] by these large data warehouse companies is mind-blowingly out of date.
A prime example: When email addresses change hands, the data companies don't seem to have any mechanism for removing the data from the original record. Why should you care? Because the Internet is maturing. People come and go from ISPs and other online services. Domain names get bought and sold. Not to mention the fact that there are hundreds of millions of people on the Net.
What this means is that when you create an email address, or acquire a domain name, it's very possible that someone had it before you did. So when the geniuses at the data warehouse sell someone's personal information to some marketer, the email address associated with that person could now be yours.
And that means you get hit with email the marketer should be sending to the previous address holder.
So what happens when an email user dies? Or when a domain owner sells the domain? Their address, their domain, often goes back into the pool, and gets picked up by someone else.
A case in point: I acquired a domain a few years ago from the widow of a man who had died in April of 1998. A very nice, intelligent, accomplished man. We'd actually traded a couple of emails before he passed away. She's a lovely woman... a successful author.
Since her husband died, I've received a lot of spam that was meant for him. The two of them had posted a fair number of messages on web sites using what could be called a "default" address at his domain, and the address was scraped. So now I receive not only underground spam that's spewed at any address the undergrounders can get their hands on, but also "targeted" spam.
For years, though, I never got any spam at that address from companies he'd done business with, or other large companies.
Then, about a year ago, some well-known corporations apparently began testing the appending waters. And the corporate spam started rolling in.
Think about it: A man dies in 1998. Then, after 8 years, he starts getting spam from big companies. Do you think he gave permission for them to send their advertising to his email address?
Not unless the companies are now employing John Edward to verify permission for residents of Heaven.
The message is clear: The data these comanies are buying is ancient, and to send repeated emails to an appended address is the height of irresponsible — if not downright unethical — corporate behavior.
The solution is blindingly simple: If you feel an irresistable compulsion to append email data to your customer database, do the responsible thing. Make sure you got the append right, and make sure you have permission. Send a single email to each address that says something like this:
We're updating our data, and our records indicate your email address belongs to one of our customers. If you are [name], and you'd like to receive our updates, please click this link to confirm your permission.
If you are not [name], or if you do not wish to receive email from us, please ignore this message; you will receive no further emails.
That's it. That's all it would take to keep from spamming not only people who have inherited old addresses, but also many of your current customers. (And messages of this kind should include little or no promotional language, to keep them from being considered advertisements, and therefore spam.)
Without explicit prior permission that's associated not only with a person but an email address specified by them, these big companies have the same amount of permission to send you ads as a botnet-controlling, header-forging, male-enhancement-pill-counterfeiting bottom feeder: None. Zip. Zilch. Nada. Bupkis.
What's the best way to secure permission? Funny you should ask. Through the use Closed-Loop Confirmed Opt-In, that's what. It's easy to implement, and works like a charm. Use it before starting your email campaign, and you've got real permission from your customer.
So why don't the big corporations do it?
The truth is, just like underground spammers, these so-called "legitimate" marketers don't really care about permission, or who they annoy. They care about numbers. Millions of emails sent translates to more money for them.
Sure, they may not be forging their From: address or other headers. They may not be ignoring unsub requests. After all, that would be a violation of the [completely ineffectual] CAN-SPAM Act, now wouldn't it?
When marketers send out some of their postal advertising campaigns, they sometimes address the mail to the intended recipient, "or current resident". One of the great things about postal junk mail is that its cost limits its volume. (You can also file a request with the post office not to delivery third-class mail, but that's a slightly different case.) Email junk, however, costs almost nothing, so many marketers are much sloppier about managing their electronic mailing lists.
So, maybe they look at emailing to appended, unconfirmed addressed as a kind of "or current resident" thing. Just launch it out there... and maybe it'll stick to somebody. Kinda like... napalm?
These big companies are gambling with their reputations. The emails they send may sound friendly, caring and beneficial, but by carelessly throwing together unverified data into a single database and marketing to the email addresses in that polluted ocean of names, demographics, and other personally-identifiable information, they're really saying, "We don't care who you are, or whether you want our advertising filling your inbox. We just want your money."
The question is... Now that they've gone over to the Dark Side, will Corporate America ever take off the shiny black helmet and seek redemption from their spam victims?
Note that for the purposes of this article and this web site, "spam" is defined as Unsolicited Commercial Email (UCE), which is the long-time and prevailing definition of spam in the Internet community. If an entity is said here to be "a spammer" or "is sending spam," that's not to say that they work in a cramped basement, hacking into peoples' computers in order to send Vi@gra spam. They are simply sending UCE. Sending UCE is now and has long been considered unethical among those in the Internet community who are knowledgeable on Net ethics, and among proponents of Permission Marketing. Being named a "spammer" here is not meant to defame or slander the subject. It is meant to educate the subject and encourage them to adopt responsible email marketing and list management practices. And by the way— the concept that the CAN SPAM Act defines what is and is not "spam" is a myth perpetuated by spammers. CAN SPAM simply makes illegal certain acts commonly committed by spammers. The opinions expressed here are those of the owner of this web site.
All Contents of this Website are © Copyright 2002-2008, Robert M. West, All Rights Reserved.
More Legal Info