Magazine & eMedia Publishing Professional & Social Network
New CAN-SPAM requirement?
According to an industry trade group, the "FTC recently released updated rules regarding the U.S. Federal anti-spam law, CAN-SPAM. As of July 7, 2008, the CAN-SPAM Act of 2003 will require that any and all unsubscribe processes be unencumbered by passwords or log-in requirements.
"Unsubscribe processes may request only the recipient's e-mail address and any opt-out preference changes associated with their subscribed address. Any unsubscribe process that requires a recipient to provide more information, or interact with more than a single Web page, is prohibited."
My question is this -- how do we know that an unsubscribe request for "jack@acme.com" really comes from that account holder? I can think of two cases where this could occur.
Case 1: The link to my unsubscribe process doesn't identify the email recipient, so my landing page asks the visitor to enter an email address. Since email addresses are public information (or easily guessed), anybody with a mischievous streak could supply the jack@acme.com address.
Case 2: The link to my unsubscribe process DOES identify the recipient, but the email has been forwarded around. Someone with a mischievous streak clicks on the unsubscribe link and the landing page thinks its jack@acme.com
It's easy to say that this won't happen frequently, but that's not very good risk management, is it?
Thanks,
Jack
"Unsubscribe processes may request only the recipient's e-mail address and any opt-out preference changes associated with their subscribed address. Any unsubscribe process that requires a recipient to provide more information, or interact with more than a single Web page, is prohibited."
My question is this -- how do we know that an unsubscribe request for "jack@acme.com" really comes from that account holder? I can think of two cases where this could occur.
Case 1: The link to my unsubscribe process doesn't identify the email recipient, so my landing page asks the visitor to enter an email address. Since email addresses are public information (or easily guessed), anybody with a mischievous streak could supply the jack@acme.com address.
Case 2: The link to my unsubscribe process DOES identify the recipient, but the email has been forwarded around. Someone with a mischievous streak clicks on the unsubscribe link and the landing page thinks its jack@acme.com
It's easy to say that this won't happen frequently, but that's not very good risk management, is it?
Thanks,
Jack
Replies to This Discussion
-
Permalink Reply by Robin McCabe on -
Welcome to politics, the Can-Spam law was not written to be technically reasonable, is was worded to make points with the voter.
-
Permalink Reply by Aneel Tejwaney on -
This is the exact issue we have with one of our users. Someone or some process keeps un-subscribing him from the enewsletter and we can't seem to stop it. I'd be curious to know what others have done for this issue.
-
Permalink Reply by Robin McCabe on
-
what you need to do is have your programmer slap a line of code, into the unsubscribe action that will extract the ip address of the source doing the deletion, if it does not match the ip address of the subscriber you have your culprit. then it is a simple matter to block all action from that IP address.
-
Permalink Reply by Aneel Tejwaney on
-
We typically don't save the IP address that the user has been logging in from however in this case we were able to track the IP address that is causing the issue. It turned out to be one of the general IPs within Comcast in the midwest US region (vs the user being in NewYork) but still we were not able to do anything about it.
If we do make changes to backend to record / match IP address and if it doesn't match ask more questions or make the user login then we would be breaking the CAN_SPAM laws.
Sign in
Latest Activity
What are you doing to turn your print brand into an online media company?
Groups
-
Online Publishing Busi...
282 members
-
Social Media Marketing
176 members
-
Magazine Event Strategies
82 members
-
Cheap Air Tickets Book...
1 member
-
Audience Development
231 members
-
Media Entrepreneurs
78 members
-
Growth Strategies
145 members
-
E-Media
360 members
Help Us Grow
Please Invite your co-workers & friends to join your network. They'll automatically be added to your Friends List. Click Now
Member Search
Badge
Commercial Use Limitations: Use of any content features (blogs, forums, messaging, etc) for direct self-promotion, spamming, etc. will result in account termination. Profiles are for individuals only at this time, not companies. Profile headshots should not include company logos. Publishing/Media companies (non vendors) may create groups for their employees. Vendors see this post for more information.
© 2009 Created by FOLIO MediaPRO Team
