Jump to content


Discussing Web Design & Marketing Since 1998
Closing May 25. Investment Opportunity.


  • Content count

  • Joined

  • Last visited

Community Reputation

0 Neutral

About JohnG

  • Rank
    Industry Reporter
  1. Hello, In response to the general question of sending newsletters to Hotmail, you will find the MSN Hotmail and Windows Live Postmaster Services page helpful. As to the specific question, insert a list unsubscribe header in your message header. (For more information, go to this page.) When the user clicks the unsubscribe "button," the MSN postmaster will use the list unsubscribe header to either send you a message stating the specific user wants to unsubscribe; or cause the user to be unsubscribed (depending on how the list unsubscribe header is set up in your message header.) If you are not using a list unsubscribe header in your mailing software, but you are participating in the MSN Junk Mail Reporting Partnership Program, then the MSN postmaster will not treat the request as a junk mail complaint, but will report the request through this program to you. (Junk Mail Reporting Application / Update Form.) Now, if you don't have a list unsubscribe header in your email message headers and you are not participating in the MSN Junk Mail Reporting program, then yes, ultimately users who follow the process you are speaking about, could end up hurting your delivery to MSN. You will find also more details about the whole process of getting mail delivered to Windows Live Hotmail in Improving E-Mail Deliverability into Windows Live Hotmail, a pdf hosted by MSN on the page I referenced at the beginning of this post. John Glube
  2. JohnG

    Truste Still Alive?

    Ah ... I would suggest that people are likely more concerned today about protecting their privacy and online security online then they were around the turn of the century. Why? In large measure because of the ongoing problems with spam, (which has clearly created problems for the email marketing industry), the horror stories concerning identity theft, the significant losses suffered by individuals from phishing attacks and recent stories about significant data hacking. I live in Toronto, Ontario. The other day I had to go downtown and took the subway. While waiting for the train, I was watching the video on the screen which hangs from the station ceiling. There was a piece from the local crime stoppers on the video. The police were telling the public not to give out their real email address, name or physical address when going to various types of websites, because of the potential for identity theft. Anyone with any net savvy, will look at a "marketing" web site and check to see: * Does the site have a physical address, email address and phone number posted? * Does the site have a posted privacy policy and what does it say about data sharing? (I always love the ones which state "We hate spam as much as you do. Your privacy is assured. There is a link to the site privacy policy." Click on the link, read the policy and it contains the usual, "we may share your personal information with anyone that can breathe for marketing purposes, but you have the right to opt-out." Okay, I am taking a few liberties, but not by much.) * Does the site have any other signs that promote "trust." These questions simply reflect what studies have reported about the biggest concerns users have: * That their personal information will be shared with someone they don't know; and * Their credit card information will be stolen in some way. By not having a solid site privacy policy, along with other symbols of "trust worthiness;" and ensuring that you mean what you say, you are hurting your own conversion rates. Does this mean that "TrustE" is the appropriate solution? Personally, I am not a big fan. That being said, many marketers participate in the program for the simple reason they have seen measurable benefits. I would also concur with another poster's comments that being a member of the Better Business Bureau may well give you a "better bang for your buck." As to specific improvement rates in conversion, you will want to do some "digging" online, taking any vendor case studies with the appropriate "grain of salt." John John Glube Toronto, ON
  3. The short answer to the question "Opt-in: For Marketing Only?" is No. In the United States the operative Federal legislation is the CAN SPAM Act of 2003. That Act does not prohibit the sending of unsolicited bulk email. The Act makes certain dishonest activity involving email a crime. It prohibits the sending of commercial or transactional email unless the sender satisfies certain statutory obligations, while creating certain exemptions if the sender meets set criteria. It gives the FTC, (or the applicable federal regulatory agency) State Attorney General's and Internet access services a statutory cause of action to enforce the Act. (Commercial, transactional, sender and Internet access services all are defined terms under the Act.) At the same time, the Act makes it quite clear that it has no bearing on the rules that Internet access services have concerning the use of their networks to send or receive email. To determine your legal obligations concerning the required email collection practices for running a "bona fide" newsletter mailing list, you need to first look to the contract that you have with the Internet access service you are using to send mail to your list. Typically these obligations are set out in the service's acceptable use policy. You also need to look to the acceptable use policies of the networks that will receive the mail you want delivered to your list members. Generally speaking, the rule is fairly simple. You may not send unsolicited bulk email (UBE). The definition for UBE is found in the paper written by Paul Hoffman of the Internet Mail Consortium published on October 5, 1997 titled "Unsolicited Bulk Email: Definitions and Problems:" "Unsolicited Bulk Email, or UBE, is Internet mail ("email") that is sent to a group of recipients who have not requested it. A mail recipient may have at one time asked a sender for bulk email, but then later asked that sender not to send any more email or otherwise not have indicated a desire for such additional mail; hence any bulk email sent after that request was received is also UBE." http://www.imc.org/ube-def.html How do you show that someone has requested to receive your bulk email? The best practice is to use of some form of closed loop verification. Some Internet access services will mandate that you must run a closed loop subscription process for your list. Others will simply prohibit you from sending unsolicited bulk email. Almost all receiving networks prohibit sending unsolicited bulk email to their network. Receiving networks have their own rules to determine whether their users have requested the mail. What does all this mean practically? In setting up any process, ask yourself how would you like to be treated as a reasonable consumer? What notice form is appropriate? Do you use a pre-ticked check box, an unticked check box, or a simple statement above the submit button, that "by clicking the button, you agree to ..." My own preference would be have to a line item list description next to an unticked check box. Where do you place the notice? Place this between the web form where the user is asked to submit their email address and any other data as part of the initial registration process and the "registration" button. If the user ticks the check box, have this entered into in your data base. Require that users verify registration through the use of a closed loop process. After the person "confirms" add the user's email address to your mailing list. Then send the user a "welcome email." The welcome email will contain their user name and password, along with the url to allow the user to login and set up their profile. If the user has checked the "subscribe" tick box, include: * notice that their address has been added to your mailing list; * a request that the user add your newsletter "from address" to their address book; and * If you wish, you can also include an unsubscribe link, so that users who have changed their mind can remove their email address from your mailing list. Also, set up a newsletter subscribe form on each page of the forum, so that visitors / forum users can subscribe to your list. Depending on the forum subject, the specific AUP of your list host, along with list frequency and subject matter, you may decide to set this subscribe process up as single opt-in, with a confirm email. By that I mean, after the user hits the subscribe button, you simply send the user a welcome email, which tells the user his address has been added to the list, request the user add your from address to their address book and give the user the option of unsubscribing, if he has changed his mind or made a mistake. If you decide or need to go with a closed loop subscription process; after the user hits the submit button, redirect the user to a page which tells him to go to his mail box, look for the subject line: .... in either the the inbox or bulk folder, open it and click the link to join your list. Then once the user confirms, send the user a welcome email, which verifies the user's address has been added to the list, etc., etc. Trusting all this helps, John P.S. This post was modified after the initial submission to add some additional thoughts. John Glube Toronto, Ontario
  4. Thanks for the kind words. "Why don't US officials speak up to debunk all the hype?" Normally, government officials don't speak to an issue like this. Why? Simply put, "the law speaks for itself." That being said, if you go to the Department of Justice web site, you will find a useful report titled Stalking and Domestic Violence. The report was published in May 2001, which predates the surge in Internet telephony. Among other things, the report sets out the challenges State legislatures and Congress face in passing effective Cyber Stalking laws. I would suggest people specifically read pages 11 to 13 which provide some useful comments on existing Federal legislation to gain some understanding of the legislative intent. Trusting this also helps. John P.S. As to my link, it must have been the "Internet Gremlins." It is working now, but thanks for the head's up.
  5. What are folks upset about? It is a "technical" amendment found in the Violence Against Women and Department of Justice Reauthorization Act (VAW) recently signed into law by President Bush that some people think might outlaw legitimate behavior. The amendment expands the meaning of the word telecommunications device as it applies to a specific section of US Code Title 47, 223. Title 47 is the Communications Act (1934) as amended. This Act was revised by Congress during the Regan Administration to include communications over the Internet although Congress directed the Federal Communications Commission to take a hands off aproach in regulating the Internet. What does section 223 deal with? The title to the section reads: "Obscene or harassing telephone calls in the District of Columbia or in interstate orforeign communications." Congress passed this specific section in the early 1990's. (I believe the saga started either at the end of the first Bush administration or during the first term of the Clinton Administration.) Why? It was an attempt to outlaw certain lewd behavior over the phone and on the Internet, with the focus being on obscene or harassing conduct. I wrote "attempt" because section 223 has been the subject of much litigation before the US Courts. The core provisions dealing with obscenity were struck down. Congress then tried again during the Clinton administration and passed another section to amend Title 47. However, this provision was also the subject of further litigation that is still ongoing. What was the concern? Whether the legislation as originally drafted and the subsequent revised section infringed on the Bill of Rights and specifically that right protecting freedom of speech. With that background in hand, let's go back to the specific amendment. The provision is section 113 of the VAW. It amends the definition section of US Code Title 47, 223 (h) (i) as it specifically applies to one offence, being that created under US Code Title 47. 223 (a) (1) ( C ). Let's expand on this for a moment, by looking at the specific provisions. Section 113 of the VAW reads: "SEC. 113. PREVENTING CYBERSTALKING. (a) In General.--Paragraph (1) of section 223(h) of the Communications Act of 1934 (47 U.S.C. 223(h)(1)) is amended-- (1) in subparagraph (A), by striking ``and'' at the end; (2) in subparagraph (B), by striking the period at the end and inserting ``; and''; and (3) by adding at the end the following new subparagraph: ``( C ) in the case of subparagraph ( C ) of subsection (a)(1), includes any device or software that can be used to originate telecommunications or other types of communications that are transmitted, in whole or in part, by the Internet (as such term is defined in section 1104 of the Internet Tax Freedom Act (47 U.S.C. 151 note)).''. (B) Rule of Construction.--This section and the amendment made by this section may not be construed to affect the meaning given the term ``telecommunications device'' in section 223(h)(1) of the Communications Act of 1934, as in effect before the date of the enactment of this section." What is the result? 47 U.S.C. 223(h)(1) now reads: "(h) Definitions For purposes of this section— (1) The use of the term “telecommunications device” in this section— (A) shall not impose new obligations on broadcasting station licensees and cable operators covered by obscenity and indecency provisions elsewhere in this chapter; (B) does not include an interactive computer service; and ( C ) in the case of subparagraph ( C ) of subsection (a)(1), includes any device or software that can be used to originate telecommunications or other types of communications that are transmitted, in whole or in part, by the Internet (as such term is defined in section 1104 of the Internet Tax Freedom Act (47 U.S.C. 151 note)). (2) The term “interactive computer service” has the meaning provided in section 230 (f)(2) of this title." The amendment makes it clear that this definition change will not have retrospective application. Okay, so what does 47 U.S.C. 223(a)(1) ( C ) deal with? It is one part of the offence section. The relevant part reads: "(a) Prohibited acts generally Whoever— (1) in interstate or foreign communications— ... ( C ) makes a telephone call or utilizes a telecommunications device, whether or not conversation or communication ensues, without disclosing his identity and with intent to annoy, abuse, threaten, or harass any person at the called number or who receives the communications; ... shall be fined under title 18 or imprisoned not more than two years, or both. " So, what is the purpose of this amendment? Let's write out the particular provision and include the amended definition. Also, let's leave out the part that deals with making a telephone call. So, what we have is: Whoever in interstate or foreign communications ... utilizes a telecommunications device, which includes any device or software that can be used to originate telecommunications or other types of communications that are transmitted, in whole or in part, by the Internet (as such term is defined in section 1104 of the Internet Tax Freedom Act (47 U.S.C. 151 note)) ...whether or not conversation or communication ensues, without disclosing his identity and with intent to annoy, abuse, threaten, or harass any person ... who receives the communications ...shall be fined under title 18 or imprisoned not more than two years, or both. Now, in trying to understand what this all means, we need to ask, what is the purpose? Is the purpose to stop "anonymous free speech by way of email, on a blog, through a forum post or so forth?" I would suggest not. Why? We need to remember that based on how the Communications Act (1934) as amended was written and interpreted by the Federal Communications Commission, voice over the Internet, email and general Internet communication has fallen outside the general regulatory framework established under this Act. With the advent of voice over Internet communication in particular, due to the wide spread implementation of DSL and Broadband, it was understandable that Congress may want to make it a crime for someone to make anonymous communications over the Internet to another person that and are made with intent to annoy, threaten or harrass that person (aka "CyberStalking"). Why? The provision as previously written would not pick up this form of objectional behavior using for example voice over Internet telephone calls, or electronic mail. Remember, the provision requires the following physical acts: * someone initiate a telecommunication or other type of communication that is transmitted, in whole or in part, by the Internet (call this a "communication"); * the communication is made anonymously; * the communication must be annoying, harassing or threatening; and * the person who is the subject of the communication must receive the communication. It is not necessary that after contact is made actual conversation or communication take place. (This means that picking up the phone and repeatedly dialing a number by the Internet could fall within the ambit of the objected physical activity.) But, we also need to remember the provision requires that the person carrying out these physical acts do so with intent to annoy, abuse, threaten, or harass the person receiving the communication. When looking at this provision as it now reads, we also need to remember the title of the amendment "CyberStalking." Now, is the provision so broad in meaning as to stop any form of anonymous email, blog or forum post as examples? No. Why? Two reasons: * The section must be read in light of the desired objective. Stop annoying, harassing or threatening telecommunications or other forms of communication made anonymously over the Internet to a person. * The activity must be carried out with intent to intent to annoy, abuse, threaten, or harass any person. In otherwords, the communication must take on the form of "cyberstalking." I add, my view on this position is strengthened by the defence provisions found in 47 U.S.C.223. (e) (5) and looking at the legislative intent as a whole. Looked at in its broadest light, all this provision does is make criminal certain behavior which was already prohibited under the netiquette rules written by the Internet Engineering Task Force in the mid 1990's dealing with online offensive behavior. For the record, although I have a law degree, I am not a lawyer, just a business person with legal training (a dangerous breed). Having said all this, it is possible that this provision, like any other provision in Federal and State criminal law could be abused in the hands of an overly zealous prosecutor. In this case what is the ultimate protection? The behavioral norms on the Internet (as outlined for example in the netiquette guide I referenced earlier) and the Bill of Rights which prohibits Congress from making any law that abridges free speech. Trusting this analysis helps clear up matters. John John Glube Toronto, Canada [Amended after the original post to correct minor typos.]
  6. Effective at what is the question. All sarcasm aside for those who are interested, you can read the full report by clicking here. (You will need Adobe Acrobat to read the document.) Among other things, the report contains: * A useful review of the substantive provisions in the Act; * The FTC's read on the consumers attitudes towards spam; * A useful review by the FTC on how, if at all, authentication can facilitate delivery of requested bulk email. This portion of the report also sets out the "corporate" position in the US on email marketing. Also, in October, the Council for Responsible E-mail of the Direct Marketing Association published a White Paper titled "E-mail Delivery Best Practices For Marketers and List Owners." You can find the paper by visiting the DMA website at this page. (Access is through a web account. Hey, its the DMA!) I strongly disagree with the stances taken by the DMA in the past on email marketing. I am of the view that the US Federal Legislation does nothing to help the situation, despite the long press release (report) by the FTC to Congress. However this paper represents a useful piece of analysis. Finally, the Email Sender and Provider Coalition recently published its updated guideline for permission based marketers. My own view? Well ... but in the meantime, to read the press release and details use this. Okay, that's the news for today. Back to lurking in the mists of time and oh yes, should I not re-surface until the New Year, Season's Greetings to all and to all a happy New Year. John John Glube Toronto, Canada
  7. JohnG

    Hijacked Email address

    A couple of comments: * One or more spammers are forging your domain name in the mail from command and the from command when doing the spam runs. In the simple mail transfer protocol, there are two parts of the mail transfer process. The first involves transfer of the envelope, which contains the message, including the headers. The second involves opening the envelope and delivering the message. The sending mail server goes through a "hand shake" process, issuing a series of commands to the receiving mail server. Initially the sending mail server will say HELO or EHELO, depending on the software being used by the sending server and ask the receiver mail server in essence are you ready to receive mail? The HELO or EHELO command will contain the domain of the sending mail server, along with the IP address. Another command is for the sending mail server to provide the receiving mail server with the mail from "address" so that if the message "bounces," the receiving mail server can return the message. After the envelope arrives at the intended destination, the message is opened. When initially sent, the sender will add a number of headers, including the from header, meaning the email address of the person purportedly sending the email and the reply to header, which is the email address that someone should use if they want to respond to the message. Unfortunately, given the simplicity of SMTP the bad guys can forge many of these commands and headers. However, it is reasonably difficult (although not impossible) to forge an IP address. * If you look closely at the bounced message headers, it will show the helo or ehelo command, along with the IP address. Unless someone is sending spam from your web host, using your domain name the IP address will not be that of your mail server. Not familiar with how to read message headers? http://www.rahul.net/falk/mailtrack.html - and - http://www.stopspam.org/email/headers.html * Block list operators are aware of the problem of spammers forging domain names in the SMTP HELO/EHELO and MAIL FROM command, along with email addresses in the from commands and look to the IP address, among other things. * As to block lists like the SURBL - Spam URI real-time block lists - the operators are very careful to ensure that domain owners don't get caught up in the fancy footwork of the bad guys. http://www.surbl.org Okay, is there anything that domain owners can do to protect their domain from being forged? * Publish a Sender Policy Framework (SPF) record. Unfortunately, it has been shown that SPF is a flawed protocol. It changes the way "mail forwarding" is handled and it remains an open question as to whether the benefits out way the potential pitfalls. That being said, there are some benefits that can be gained from publishing an SPF record. http://www.openspf.org/ (The high priests of SPF will tell you it is the best thing since sliced bread and if everyone would adopt it, the world would be saved. Nice if it were true, but it ain't.) * Publish a DomainKeys (DK) record. DK is more complex than SPF, as it involves a light weight cryptographic solution, but also more accurate and robust. Initially, DK was championed by Yahoo! Since then a number of industry people got together and it was decided to "merge" DK with a similar proposal put forward by Cisco called Identified Mail, resulting in the clunkish name DomainKeys Identified Mail (DKIM). The Internet Engineering Task Force has agreed to establish a working group to fine tune DKIM. A lot of thought has gone into the design of DKIM, although more work is required. There is also significant experience with DK. For information on DomainKeys: http://antispam.yahoo.com/domainkeys As to DomainKeys Identified Mail: http://mipassoc.org/dkim/ Will these technologies "stop spam?" No. The objective is to simply allow the receiving server to verify that yes the sender is who the sender says it is. Whether the message is a phish or spam is an entirely different question. I won't get into all the technical details, but for those who are interested in publishing an SPF, DK or DKIM record, you will find more information at the referenced sites. Trusting these comments are of some assistance. John John Glube Toronto, Canada
  8. JohnG

    spam definition

    Spam is about consent not content. (As an aside SPAM is the trademark for the Hormel product) Probably the best technical definition of spam is unsolicited bulk email, reads as follows: http://www.imc.org/ube-def.html The key part of the definition is sending email to a "group of recipients who have not requested it." So, if you visit a web site, believe that the web site owner may have an interest in doing business with you, based on the web site owner's business, the web site owner has posted his or her email address and has not said, no unsolicited proposals please and you send the owner a one off email, not based on a form or template, then you are not sending UBE. Keep in mind the objection is to bulk email, because of the harm that unsolicited bulk email does to the Internet infrastructure. Why the difficulty? The American legislation is opt-out and in response, the large American mail box providers have redefined the word spam to mean "any email I don't want." This is based on the unwritten rule of the larger mail box providers, which is "we will deliver your mail as long as our customers want it." Unfortunately, this approach has muddied the waters. Why? Because consumers are encouraged not to unsubscribe from requested list mail, but rather to complain about mail they no longer want. The result? The mail is then filtered to the bulk or junk mail folder. For commercial mailers this has become a problem, although hopefully as the larger mail box providers introduce feed back loops, this will help to resolve this difficulty. At the same time, due to the huge increase over the past few years in UBE, most businesses heavily filter their corporate mail boxes. The result? Yes, you can send one off commercial email (just make sure you comply with the appropriate legal rules) to a business owner, but due to the huge increase in UBE, in many cases you are better of contacting the company first by phone or mail and then, if there is an expression of interest, follow up by email. Trusting this helps, John John Glube Toronto, Canada
  9. A couple of questions: * When the person subscribes and hits the submit button, what happens? Is the person re-directed to a page telling them in essence three things: - hey, wait - you need to go to your mail box right now and confirm your e-mail address; - check your bulk folder and your inbox; and - remember to white list, safe list, etc, this address [insert from address]. * What does the subject line for the confirmation e-mail say? What does the text say? * You indicated that you are using a 3rd party ESP to do your mailings. Are you monitoring delivery rates, to see whether your confirmation e-mails are being delivered? Open test accounts with AIM, Hotmail and Yahoo! to see what is going on. I appreciate that a lot of marketers are frustrated when they see a 30% confirm ratio. Some ESPs give you access to the subscribe data. If they do, then you may want to send a reminder mail to these folks. A couple of ESPs will do this for you. Others allow you to export the subscribe data and do this manually. Either way, if you decide to proceed in this fashion, a simple reminder e-mail will suffice, although you may want to include a reason why "pitch." Subject: [insert first name]: Your subscription to [insert publication] [First and last name] [E-mail address] [subscribe Date] [Remote IP used to subscribe] Dear [first name] [Text of reminder letter with appropriate confirmation link or details.] Etc. Just some suggestions. John Glube
  10. You have a domain and web hosting service contract with X co. As a result of an arrangement between X co and Y co, X co will cease to exist. Question: Is Y co buying all of the outstanding shares of X co and then proceeding to 'wind up' X co into Y co? Is Y co buying all of the assets of X co and then the shareholders of X co after paying out the liabilities are distributing the net as a capital distribution and proceeding to wind up X co? Are X and Y co amalgamating, with the shareholders of X and Y co receiving shares in New Co to be called Y co? (I suspect the answer will depend on which course nets the lowest cost to Y co's shareholders and the highest after tax distribution to the shareholders of X co.) In any event, Y co will acquire the domain and web site. Depending on how the deal is structured between X and Y co, can X co assign its rights under your service contract to Y co to receive domain and web site hosting and services at the agreed price for the balance of the contract term, either under the asset purchase or amalgamation agreement? Your obligations under the service contract are governed by: * Any local statutory law dealing with service contracts. * The applicable statutory provisions under the local Corporations Act or its equivalent as they relate to the transaction between X and Y co. * Depending on how the transaction is structured and subject to the applicable statutory provisions under local law, the ability of the X co to assign its rights under your services contract to Y co, when the contract is silent on this point. Short answer? You need to speak with your solicitor or lawyer. The practical answer? It sounds from a practical perspective that Y co realizes you have them over the barrel. Why? At best, all the successor company (be it X co, Y co or New Co) can realistically insist upon is that your firm continue to maintain the existing domain and web site for the balance of the contract term in accordance with the existing arrangement, with any change in service scope being subject to negotiation. Trusting this helps. John P.S. Not legal guidance, but just an educated guess by someone who has been around the block a few times. John Glube Toronto, Canada
  11. JohnG

    Good News On Spam

    Nope. Gates has the fly swatter and gives away the money. http://seattlepi.nwsource.com/horsey/viewb...ate.asp?id=1245
  12. JohnG

    Good News On Spam

    Interesting article in the Economist magazine, which references the Richter settlement titled Opening Pandora's Box John
  13. JohnG

    An Email Tax?

    Yes, what is happening in Michigan and Utah is disconcerting. But, it is understandable, given the CAN SPAM Act of 2003. It is okay to send commercial email without consent. Just follow the Government's guidelines, find a band-width provider that supports the sending of Government approved spam and away you go. The result? Mailers can send US Government approved grade "A" spam and bandwith sellers can sell bandwidth to mailers who send US Government approved grade "A" spam. Does this happen? Just go to http://www.spamhaus.org and review the records for certain backbone providers like MCI World Com. Oh sure, their Acceptable Use Policy has nice sounding language which prohibits the sending of unsolicited bulk email ("spam"). But, the reality is somewhat different. Spamming, oh I am sorry, opt-out marketing, is big business in America. My beef with the steps being taken in Michigan and Utah? If you have consent as required under COPPA or prohibit minors from subscribing to your mailing list, it does not matter a row of beans. Do the authorities in Michigan and Utah really think opt-out marketers are going to line up and pay the piper to scrub their lists? At 1/2 cent per email address on the mailers list in Utah and 7/10th of a cent in Michigan. When their is no money budgeted for State enforcement, so that the only way the whole process works is if sender's scrub their lists and provide funding. Of course, I would anticipate that Unspam Registry Services, the people running the registry system in Michigan and Utah, headed by Mathew Prince, an attorney will file civil suits and endeavor to collect judgements, with the funds realized being used to fund the registry cost and make a tidy profit. As to Mr. Mansfield, I have no problem with the steps being taken by the Australian Communication Authority (ACA) to bring him to account. Australia has a model regime for controlling unsolicited commercial email. Why? Because all stakeholders, from marketers to consumers were involved in the legislative process. The Act prohibits the sending of commercial email without consent. Consent can be express or implied. The Act is a civil regulatory regime. When a claim is made, the onus is on the defendant to prove consent. This is typical, being known as a strict liability regime. However, it is fairly easy to prove consent if you are a "good guy." The Act only sets out the framework. The Act allows for a "consensual regulatory" regime. This means the applicable community can develop a set of regulations to fill in the legislative details and file these with the ACA. The ACA can then enforce these guidelines if the community cannot enforce them. The marketing community, lead by the Australian Direct Marketing Association has developed a detailed set of guidelines. The guidelines were developed after a public consultation process. These guidelines set out in detail the standards marketers need to meet to comply with the Act. http://www.adma.com.au/asp/index.asp?pgid=20312 I have read the guidelines. They are very fair and easy for any permission based marketer to follow. The result? Unlike the situation in America, one of the core thrusts of the Australian regulatory regime is to fully support permission based marketing, while prohibit the sending of commercial email without consent. This makes the whole exercise very simple. Also, given the way implied consent is defined, ordinary commerce can continue. The result? If the marketer has consent, the authorities have no interest in the message content, unless it involves something illegal - such as child pornography - the Policy, or content which is deceptive or unfair - the Fair Trade Authorities. (As an aside the guidelines suggest that marketers of age sensitive material may wish to take some steps to prevent under age recipients from receiving unwarranted material.) In fact, Canada will likely follow in the Australian footsteps, although the exact details are going to be different. See the recommendations found in the recent Canadian Task Force Report titled Stopping Spam, Creating A Stronger, Safer Internet. http://e-com.ic.gc.ca/epic/internet/inecic...h_gv00248e.html John John Glube Toronto, Canada
  14. Last year Michigan and Utah passed laws authorizing the establishment of a "child protection registry." Say what? And what does this have to do with email? Well, hang on to your hats folks, it is about to get interesting. Under these laws, parents can register the email addresses to which their children have access and schools can register their domains if children have access to email addresses at school. What is the law's purpose? To prohibit people from sending (conspiring with others to send) communication to these contact points which contains material or links to material promoting or advertising products or services which children are prohibited by law from seeing, viewing, purchasing and so forth The specific list of prohibited material is much broader than merely adult content material and includes alcohol, tobacco, fire arms, contests and sweepstakes. The language in the Michigan Act is fairly broad. The language in the Utah statute is slightly narrower. So, why should you care? Michigan State announced yesterday their registry will be open for business on July 1 (Canada's Birthday) http://michigan.gov/som/0,1607,7-192--121645--,00.html Where can I read this law? You can find a copy of the Michigan law here: http://ssl.csg.org/dockets/26cycle/2006A/2...s/1926a04mi.pdf - and - What about Utah? You can find a copy here: http://www.le.state.ut.us/~code/TITLE13/13_26.htm (Both laws come into force on July 1, but only Michigan seems ready to be up and running.) Why do I call these laws an email tax? Simply put, even if you have prior informed consent to send list mail to a registered email address, as these law read if the material in your email contains a promotion or links to any website which contains a promotion or advertisement for anything which a child is prohibited by law from viewing, purchasing, etc, than: (In Utah, the limitation is to purchasing, except there is a section dealing with adult content.) * you will have no choice but to pay a fee and check your mailing list against the registered list; and * you will have to do this monthly (if you want to say in compliance). Please note that I have written it *seems* as there are a number of significant issues surrounding the application of these laws. What are the issues? First of all, to avoid the application of the CAN SPAM Act of 2004, both states have made violations of their Acts a computer crime, while providing parents, ISPs and ESPs, along with the states AG with rights of civil action. I appreciate that no one can disagree with the general thrust of the policy. But, have the state legislatures succeeded in avoiding application of the CAN SPAM Act of 2004? Interesting question. Does the law expressly regulate commercial email? If so, it is superseded. Or is it a law of general application to computer crime? Then it stands. Perhaps. The next question is presuming the States have achieved the objective of ducking out from under the CAN SPAM Act, there are two subsidiary issues. * Where does the act take place which violates the law? * Presuming for the sake of discussion that the law applies to out of state actions, does the dormant commercial clause in the US Constitution apply so making the law "unconstitutional." This legal theory in essence states that States are prohibited from passing laws which unfairly prejudice or interfere with inter-state (between state) trade. Let's say as an example, the marketer is based in Nevada, accesses the Internet through a local ISP in Reno through her computer, uses an ESP hosted in California via her web browser (ISPs and ESPs are exempt from the law) to send e-mail to her double opt-in mailing list. The marketer runs a mailing list devoted to wine, fine dining, cigars and so forth. The mailing list rules require that you must be 18 to subscribe to the list and you must confirm your subscription to have the email address added to the list at which time you verify that you are at least 18. The company whose product or service is advertised in this week's issue is wine. The winery is based in North Carolina. Now remember, children are prohibited from purchasing alcohol (which includes wine). A parent, whose email address is subscribed to this list, proceeds to register this address with the Michigan child protection registry, as her children may have access to this email address. The parent does this in an effort to stop unwanted "offensive" spam from being sent to that email address. The registered email address is hosted on a server in Georgia, (EarthLink) but registered to a parent residing in Michigan. Let's just take a peek at some of the relevant provisions. The section creating the offence in Michigan reads: Sec. 5. (1) A person shall not send, cause to be sent, or conspire with a third party to send a message to a contact point that has been registered for more than 30 calendar days with the department if the primary purpose of the message is to, directly or indirectly, advertise or otherwise link to a message that advertises a product or service that a minor is prohibited by law from purchasing, viewing, possessing, participating in, or otherwise receiving. Where did the violation occur? In the place where the person using the computer which initiates transmission resides, or the place where the email address is registered and to which you can't send "forbidden email" under Michigan law? How does our Nevada marketer avoid this problem? Under the Michigan law, she does it as follows: 5 (2) A person desiring to send a message described in subsection (1) shall use the mechanism created under section 3(6) to ensure compliance with this act. (Meaning you have to pay a fee and scrub your list against the child protection registry each month.) 5 (3) The consent of a minor or third party to receive the message is not a defense to a violation of this section. (So the fact dad signed up to the list and swore he was over 18 is apparently no defence to the minor seeing the offensive message.) Now for the fun part: 5 (5) The sending of a message described in subsection (1) is prohibited only if it is otherwise a crime for the minor to purchase, view, possess, participate in, or otherwise receive the product or service. (Well a child can't purchase alcohol, so we are out of luck.) Want to go to jail? Sec. 7. A violation of this act is a computer crime ... That section goes on to read: ... and a violation of section 5a of 1979 PA 53, MCL 752.795a, subject to the penalties provided for under sections 6a and 6b of 1979 PA 53, MCL 752.796a and 752.796b. What does that mean? Two things. It means a violation of the Act is a violation of the computer crimes Act. The result? If you are found guilty, you can go to jail, along with forfeit all the profits derived from sending the offending message and all property used to send the message. But wait there is even more fun. The Act also creates a private right of action. The right of action is based on the commission of the computer crime found above. The persons who may bring the action are: * The parent, the service whose network was used to transmit the message, or the State Attorney General. (And if the winery paid the marketer to promote the message, yup, you guessed it, the winery could be on the hook as well.) The Act allows for recovery of civil fines in lieu of damages. How much? The specific provision reads as follows; B) In lieu of actual damages, recover the lesser of the following: (i) $5,000.00 per each message received by a recipient or transmitted. (ii) $250,000.00 for each day that the violation occurs. Bring a frivolous action? The court can award the defendant her attorney fees. Now, I don't have an answer to the questions I have raised, (yet) except to say that in my view, the scope of this law is potentially "breathtaking." Why? Well, we all know who will not comply with this law. Spammers and the people who hire spammers. The ones sending their messages promoting all the stuff children are prohibited from buying from computers in the US via web hosts in China, using zombies all over the world. So, who apparently gets to pay? The good guys. The ones who follow best practices. The ones who don't spam and are lilly white. And the good guys get to pay monthly. Does this sound *** backwards? For another perspective, you may also wish to read this article in Marketing Sherpa: http://www.marketingsherpa.com/sample.cfm?...?contentID=3023 Personally, what do I suggest? Unlike the editor of Marketing Sherpa, rather than lobbying their State legislatures, I would suggest the American marketing community needs to stand up and do three things: * Want to market using e-mail? Don't live in Michigan or Utah. * Ask the FTC for a ruling on whether the Michigan law is overridden by the Can Spam Act of 2003; and * Lobby Congress to amend CAN SPAM to prohibit the sending of UBCE, a la Australia's Spam Act of 2003, so putting an end to all of this nonsense. Why? Even if the FTC provides an opinion saying the laws are overridden by the Can Spam Act of 2003, it is only an opinion. The first time someone is charged, challenges the law in local State court and loses, (and it will likely be a spammer, not someone running a double opt-in mailing list) you will see States across the US flocking to pass similar legislation. And then watch the fun really begin. What about me? I am thinking that maybe for once it actually may make sense to live in the land of the great white North. John Glube Toronto, Canada [Edited after original post.]
  15. Okay, I am not sure if this is the right forum, but since it relates to your online business, I thought I would post it here. (If the mods think it should be moved to another forum, don't be shy.) There is a new virus threat out there: http://www.theregister.co.uk/2005/06/03/malware_blitz/ The new virus is a variant of something that was running around a while ago, but even more malicous. The messages typically pose as warnings from your system administrator (webmaster@example.com) about the misuse of your email account (you@example.com) with Subject lines such as "*DETECTED* Online User Violation, Your Email Account is Suspended For Security Reasons and Account Alert." Bottom line. Don't open the attached zip file. It's bad news. Trusting this helps. John John Glube Toronto, Canada