?

Log in

The war on Spam - Songs of innocence and of experience [entries|archive|friends|userinfo]
Douglas Spencer

[ userinfo | livejournal userinfo ]
[ archive | journal archive ]

Links
[Friends| (full) (people) (communities) (both) (feeds) (friendsfriends) ]
[Using| (new) (rec) (clu) (inb) (tag) (bot) (adm) (mod) (poll) ]
[Other| (DJ) (DW) (IJ) (JF) (Scribbld) ]
[Me| (AoOO) (eF) (FB) (GP) (LI) (Tu) (Tw) (Wk) ]
[Links| (AVDAR) (Exchange) (il_calmo) (LGCM) (ZZ9) ]

The war on Spam [Feb. 3rd, 2005|02:16 pm]
Douglas Spencer
[Tags|]
[Current Mood |aggravatedaggravated]

One of the things I do for many of my clients is to put in measures to limit the amount of spam which reaches the users' desktops.

One of my clients has some of our better anti-spam measures in place, and we block about 85% of their spam. Because they're a firm of accountants and financial advisers, it's harder than usual to avoid false positives -- but we do a pretty good job.

Every time I visit this client, I'm given a hard time about how much spam they're getting. I tell them that without these measures in place, they'd be getting approximately six times as much.

While I was there yesterday, I had long conversations with a couple of them about the ways in which spammers get hold of valid email addresses. In particular, I talked about being careful about which websites you type email addresses at. I said, amongst other things, that in general you can't make any assumptions about what any particular website is going to do with your email address.

These are conversations I've had repeatedly with various of the people at Client B, including (on previous occasions but not yesterday) a certain one of the partners.

Blair (my boss) had an email from this parter this morning.

He writes:
> Blair.,
> I'm using a new tool called Plaxo to update my address book. Plaxo
> makes this easy by sending messages like this one -- and if you
> download Plaxo too, you and I will automatically have each other's
> latest contact info right inside Outlook without needing to send
> emails back and forth. You can get plaxo at [snip url].
> Thanks,

I'll reiterate what just happened.

This client pays us good money to filter their spam.
I'm contracted to advise this client on all IT matters.
I've had frequent conversations with them about behaving sensibly online to minimise their exposure to spam.

And one of their partners has just uploaded their whole address book to an online database which has, as one of its selling points, that it keeps passing his own contact information to other users.


Please, please, don't let anyone who has my email address pass it on to a third party without asking me first. Third parties, in this instance, include any random attractive-looking online service that happens to take your fancy.
LinkReply

Comments:
[User Picture]From: scarlatti
2005-02-03 02:32 pm (UTC)
D'oh!

Have a cushion for your forehead; beating it against that brick wall must hurt. ;)
(Reply) (Thread)
(Deleted comment)
[User Picture]From: twicezero
2005-04-06 10:19 am (UTC)
I'm more worried about the calls i get _from_ my bank, where they ask for _my_ security details.
(Reply) (Parent) (Thread)
(Deleted comment)
[User Picture]From: ramtops
2005-02-03 02:48 pm (UTC)
several of my acquaintances have signed up for Plaxo, and so my main address is now even more compromised. When I point out to them that I don't want to be in such an organisation's records, they're quite taken aback, and slightly offended [sigh]
(Reply) (Thread)
[User Picture]From: sbisson
2005-02-03 06:20 pm (UTC)
Except it isn't.

It's more like one of the ways you've described that you use CIX. Any address sharing is purely on a double opt-in basis - probably best compared with Linked-In or any other social software tool.
(Reply) (Parent) (Thread) (Expand)
[User Picture]From: alexmc
2005-02-03 04:59 pm (UTC)
I know lots of people who use Plaxo and I know LOTS of people who think it is the worst kind of "opt-in-spam-my-friends-and-colleagues" operation.
(Reply) (Thread)
[User Picture]From: sbisson
2005-02-03 06:17 pm (UTC)
Except it isn't...

(I actually find it useful keeping track of OnFired folks and the perigrinations of various PRs...)
(Reply) (Parent) (Thread)
[User Picture]From: dougs
2005-02-04 12:18 am (UTC)
Explain how the email Blair got isn't spam.
(Reply) (Parent) (Thread) (Expand)
[User Picture]From: nwhyte
2005-10-16 03:08 pm (UTC)
Alex, Doug,

My apologies to both of you. What can I say? I've been using it for over two years; I find it useful and non-intrusive; I'm sorry you think otherwise; and I'll happily comply with your requests to remove your addresses from the list.
(Reply) (Parent) (Thread) (Expand)
[User Picture]From: alexmc
2005-10-16 03:23 pm (UTC)
My arguments are a bit different to DougS.

But basically I do not believe you should be using this system at all unless you have individually asked everyone concerned whether it is alright. You should do this BEFORE you commit the offence, and not afterwards.

This system looks like an "opt-in" system but it isnt. Details are stored in the system unless I opt-out. And frankly there is no earthly reason why I should be forced into doing that.
(Reply) (Parent) (Thread)
[User Picture]From: alexmc
2005-02-03 05:01 pm (UTC)
suggest to them that they have probably breached data protection regulations and that their clients may be inclined to sue them.
(Reply) (Thread)
From: plaxoprivacyguy
2005-02-03 08:32 pm (UTC)
How is it that you feel a member has somehow breached data privacy regulations with the use of services such as Plaxo?

I am the Privacy Officer here at Plaxo and to my knowledge, there are no data privacy regulations that I am aware of a person would be in violation of by using Plaxo.

Otherwise there would be potentially millions of people who are also in violation for the usage of services such as Yahoo! mail, Google GMail, MSN Hotmail, AOL or similiar services. In addition, ecommerce sites such as Amazon, eBay, or anyplace else where a user might enter or store the contact information of a friend or family member in order to ship a gift would also be in violation.

The bottom line is managing one's information within Plaxo is no different than managing the exact same type of information that people manage within these other services such as Yahoo! or AOL. Member's are simply using Plaxo to help manage information they maintain within their address book, calendar, tasks and notes. Address book information maintained within Plaxo is under the complete control of the Plaxo member and this information is used only in accordance with a member's instruction.

For example, as with sending a message through Yahoo, members can chose to send a message to a contact in their address book through Plaxo. Plaxo does not initiate these messages, but rather we operate as a service provider for processing these messages as well as any responses the Plaxo member might receive.

Plaxo does not share the information members maintain within our service with 3rd party, nor do we send communications directly to member's contacts. As we've stated in our Plaxo Privacy Policy to each Plaxo member:

- Your Information is your own and you decide who will have access to it.
- You maintain ownership rights to Your Information, even if there is a business transition or policy change.
- You may add, delete, or modify Your Information at any time.
- Plaxo will not update or modify Your Information without your permission.
- Plaxo will not sell, exchange, or otherwise share Your Information with third parties, unless required by law or in accordance with your instructions.
- Plaxo does not send spam, maintain spam mailing lists, or support the activities of spammers.

Stacy Martin
Plaxo Privacy Officer
privacy @t plaxo.com
(Reply) (Parent) (Thread) (Expand)
[User Picture]From: sbisson
2005-02-03 06:16 pm (UTC)
Plaxo doesn't work like that. While you can use it as an online store for your address book, any address sharing is purely on a double opt-in basis.
(Reply) (Thread)
From: (Anonymous)
2005-02-03 07:40 pm (UTC)

Spam Email

ok...maybe to stop the spammers, we should encourage US Postal Service to start charging for sending email....
(Reply) (Thread)
From: plaxoprivacyguy
2005-02-03 08:53 pm (UTC)
> And one of their partners has just uploaded their whole address book to an
> online database which has, as one of its selling points, that it keeps
> passing his own contact information to other users.

You offer sound advice that people should be careful before using any new service or software to ensure privacy will be protected and their information will be used properly.

In the case of Plaxo, we certainly feel we follow some of the most stringent privacy practices in place in the industry protecting both a user's information and privacy.

With Plaxo, please understand that the member controls whom they wish to share their information with through Plaxo. There is no arbitrary sharing of information with our service; no global directory; member information is kept safe and secure.

From the feedback I have received from members, they feel Plaxo is a tremendously useful and valuable tool for them to connect with friends, family, and colleagues and stay connected over time automatically and life changes.

There are many facets to how Plaxo works, but basically members use our service to update and keep updated their address book information. Members can send an Update Request message through Plaxo to selected contacts they currently maintain. Plaxo does not initiate these messages.

Within the update request message, the member is providing their latest and most updated information to the contact in order to keep them updated and stay in touch. The member may also ask for the contact to optionally update them as well with their updated contact info. Of course the member could have sent a similar message without using Plaxo, but they have chosen Plaxo to help automate and simplify the entire process. Any responses the member might receive to their update request message is automatically inserted into their local address book.

In addition, there is also the ability for two Plaxo members to "connect with" each other through Plaxo. When two members connect with each other, any time one member changes his information, the other member is automatically updated. There is no need for a member to send out any email to update friends and family, and a member's address book becomes self-updating so they never lose touch with those most important to them.

I hope this helps,

Stacy Martin
Plaxo Privacy Officer
privacy @t plaxo.com

(Reply) (Thread)
[User Picture]From: dougs
2005-02-04 12:13 am (UTC)
None of this changes the fact that you send unsolicited commercial email -- spam -- to the addresses which unwitting idiots upload to your system.

None of this changes the fact that you encourage unwitting idiots to pass personal information to you without the consent of the people involved.
(Reply) (Parent) (Thread) (Expand)
[User Picture]From: johncoxon
2005-02-04 04:07 pm (UTC)
Wow, so you can copy and paste too?
(Reply) (Parent) (Thread)
[User Picture]From: drplokta
2005-02-04 07:18 am (UTC)
It's not spam, it's just annoying email sent by clueless people, which isn't the same thing. It's email sent between people who have an existing relationship, which pretty well rules out it being spam, and the fact that it's sent via Plaxo which adds some text of its own doesn't make it spam, any more than an email sent using Yahoo! Mail with an ad at the bottom is spam.
(Reply) (Thread)
[User Picture]From: hawkida
2005-02-04 07:23 am (UTC)
I voted "no". They might be unwelcome but the person who initiates the process, the reason why the mail gets sent, is someone you know. Unwelcome mail is not the same as unsolicited mail. The reason your boss got mail was that someone he knew pressed a button that caused it to be sent. You can argue that he didn't *want* it sent, but you'd have to argue a case for "Craig Shergold is dead ill, tell everyone in your address book" being spam as well if you label Plaxo as such. Giving out your email address these days has consequences. Misguided people will use it in ways you'd hope they wouldn't.

When someone invited you to get gmail, was that spam?

When someone invited you to Orkut was that?

How about if I invited you to join a BDSM for Christians mailing list hosted on Yahoo?

What if someone enters an online competition and fills in your address as someone who might also be interested in entering?

In all these cases your received email goes through the same sort of process and while it might be unwelcome and it might be unsolicited by you it's not bulk random crap from a stranger and *that* is what tends to constitute spam these days.

Can you trust the random computer at a random company that now holds your email address? Who knows? But just because you might not trust them you can't throw the "spam" label at them.
(Reply) (Thread)
[User Picture]From: ang_grrr
2005-02-04 07:41 am (UTC)

Based on instinct and not knowledge...

I sent Caroline a gmail invite without asking her because I thought it would be useful. She got an email from Google - that wasn't spam and neither is this.
(Reply) (Thread)
[User Picture]From: johncoxon
2005-02-04 08:23 am (UTC)

Re: Based on instinct and not knowledge...

Yeah, but when I get SMS.ac e-mails from my mates I just leave 'em in the spam box. They're unsolicited in that I didn't ask for them therefore they're spam.
(Reply) (Parent) (Thread)
[User Picture]From: ang_grrr
2005-02-04 08:59 am (UTC)

Re: Based on instinct and not knowledge...

I have to be on works mailing lists and get lots of stuff I don't want to read... does that count as spam too?
(Reply) (Parent) (Thread) (Expand)
[User Picture]From: drplokta
2005-02-04 09:41 am (UTC)

Re: Based on instinct and not knowledge...

Spam is unsolicited commercial email from someone with whom you don't have a prior relationship. Your friends, by definition, cannot send you spam. If someone you know sends you 1000 emails asking you to buy viagra from him, that's still not spam. There are categories of annoying, unsolicited and even commercial email other than spam.
(Reply) (Parent) (Thread) (Expand)
Spam? Yes! - (Anonymous) Expand
[User Picture]From: johncoxon
2005-02-04 04:06 pm (UTC)

Re: Based on instinct and not knowledge...

...it's spam if she didn't ask for it. Whether or not she appreciated the fact she'd received spam is different - some of my mates like getting it for the porn.
(Reply) (Parent) (Thread)
[User Picture]From: hawkida
2005-02-04 04:43 pm (UTC)

Re: Based on instinct and not knowledge...

If you email your mate are you spamming him? Why not? Did he ask you to email him in every single case where you did so?

If someone sends you, via the Royal Mail, an invitation to a party at their house, is that junk mail that's arrived on your doorstep? Why/why not?

If your friend organises a party at a club and gives the club an invite list and THEY send out the invitations is THAT junk mail arriving on your doorstep?

You can't just give a blanket explanation that equates anything arriving that was requested to junk/spam - it doesn't make sense.
(Reply) (Parent) (Thread) (Expand)