VerticalResponse Email Marketing Blog for Small Business

We recently sent an email marketing campaign about a webinar we hosted with the folks over at Google Apps. Soon after we sent the email, an angered customer of VerticalResponse emailed me telling me how disappointed they were that we were "soliciting something that wasn't from our company" and that is spam.

I replied that we aren't soliciting anything, we're not asking for money (the webinar was free) and we were not getting paid by Google. In fact I told them that there are a ton of Google Apps that are free. I told them that we use Google Apps and we just think that our customers can benefit from knowing about how they can use these products with VerticalResponse.

Then I found this from the Spamhaus Project:

Spam is an issue about consent, not content. Whether the UBE message is an advert, a scam, porn, a begging letter or an offer of a free lunch, the content is irrelevant - if the message was sent unsolicited and in bulk then the message is spam.

So we emailed our users about something we were doing, with Google, that they could benefit from for free. I think that's pretty far from the 100's of spam messages I get in my inbox that I never signed up for. So I told this customer if they were so offended they could unsubscribe.

P.S. I noticed this customer got a huge ratio of spam complaints on one of their mailings...now who is the spammer? ;-)

I asked our ISP Relations & Deliverability Manager George Sukara to update me on some new CAN-SPAM rulings that just happened this past week (and break it down in plain English for all of us.)

1) POSTAL ADDRESS - Valid Physical Address can include a PO box or Mail Stop, as long as the USPS recognizes it. This might be an obvious one but it used to be a gray area, now it's not.

2) PERSON is now defined not just as a human, it can also be a corporation, non-profit, etc. This is who is responsible for CAN-SPAM compliance when sending a commercial email. So business entities, as well as regular folks are now responsible for CAN-SPAM compliance in regards to all commercial email they send.

3) DESIGNATED SENDER RULE - This applies to you if you include any advertising or partners in an email. If you don't include your company name "in the email" with a link to access your site, your advertisers are responsible for CAN-SPAM compliance even if your name is in the From Label. This mainly applies to companies who send coupons or offers on behalf their partners.

For example: Company A sends an email to their list with a special offer from Company B. In the email, Company A must have some information that advertises their own service, and some way for the recipients to access their site.

If Company A does not include some kind of ad for their own company inside the email, then Company B being advertised within the email would be responsible for all CAN-SPAM compliance.

IMPORTANT NOTE: If you're advertising in another company's email marketing campaign, make sure they put something about their services with a link to their site. You don't want to be on the hook for their CAN-SPAM compliance.

Also, CAN SPAM states (again) that all commercial emails:

• Must have a working reply-to address or other web based opt-out mechanism (which must also be conspicuous) for the company listed in the From Label
• Can't be false or misleading
• Can have no deceptive subject lines
• Must comply with the SEXUALLY EXPLICIT label

4) UNSUBSCRIBE - Unsubscribes must not be complicated, nor can it require some kind of purchase, or taking a survey. The only thing you are allowed to ask for in an unsubscribe is an email address and the user's email preferences.

As usual we'll keep you informed on most of the CAN SPAM updates, just be sure you follow the simple the rules above and you'll be AOK.    

VerticalResponse users are not spammers. You all upload lists of people that agreed to get email from you at one point or another in some way. It may have been an opt-in form, it may have been when they handed you their card to contact them at a trade show. So how would you know if you are a spammer? I've taken a stab at poking fun at some real world spammers.

You know you're a spammer if:

• You bought a CD of 250 million email addresses for “only $29.95!”
• You sell Viagkra or Ciialliis
• You have a Nigerian Uncle who needs $1 Million FAST!
• You email your same list 5 times a day.
• You refuse to let anyone (including the Feds) find you by your postal address.
• You’ve figured out the by mailing people from “Paypal” you can ask them to “verify their credit card number” by entering it in the field below.
• Your subject line says “Are we on for our meeting?” and your content reads “All New Online Drugstore – 50% off!”
• You work at a company that makes canned, jellied meat.

Ok, this is what a 6 hour plane ride gets you all, me being silly. Just for fun, got any to add?

The UK has updated  the Companies Act 1985 to the Companies Act 2006 and has some additional requirements for email and websites. All companies that send email from the UK need to put your registered address in the footer (instead of just a valid company address) along with your company registration number and place of registration. 

So an example footer might be:

VerticalResponse UK Division
5 Little Surrey Rd.
London, UK GHS-579

VerticalResponse UK is a company registered in England and Wales with company number 1ABF79863

There hasn't been a ton of press about this but this site has an article on the law and a site called Out-Law.com has some great information but you have to register (it's free).

If any UK customers have any more information on this please comment!

Question of the day for our users? Why aren't more of you taking advantage of our opt-out forms?

Here's the deal: An opt-out form simply gives you a consolidated way to manage those who unsubscribe from your email marketing campaigns.

Take this small quiz:

• Do you have an unsubscribe link somewhere on your site that goes into some database and you really aren't sure where?
• Do recipients call you and ask you to take them off your list? (I know, gasp!)
• Are your unsubscribes in places OTHER than your VerticalResponse account?

If you answered "yes" to any of these questions then you need to be aware of what the Free Opt-out form can do for you - put all of your unsubscribe data in one simple-to-download space.

Here are five compelling arguments in favor of opt-out forms:

1. Complying with the Federal Law - Honoring unsubscribe requests from your email marketing campaigns has always been a good business practice, but the CAN-SPAM Act of 2003 made it the law. Opt-out forms provide an easy, automated way for companies to update their unsubscribe list in real-time.
2. Set-up takes minutes - With our wizard-based system, you can create your very own web form. Then, simply copy and paste a few lines of code into your website and watch the opt-out form instantly appear.
3. Unsubscribe management - VerticalResponse opt-out forms allow you to manage unsubscribe databases with a minimum of fuss. Customers can unsubscribe directly from your website, or they can contact your office or call center to remove themselves from your list. You or they can simply type in the email address and they won't get another email. It's that easy.
4. 24-7 Access - VerticalResponse keeps your unsubscribe data constantly updated and grants you access to this information at all times. Best of all, if you need to take the data with you or share it with someone else, you can easily download all of your unsubscribes into an exportable file in minutes.
5. It's FREE - Need we say more? No one wants users to unsubscribe, but it just happens, even to the best of us. So stop the madness! A VerticalResponse opt-out form is an easy way to stay on top of the data and on the right side of the law.

It was bound to happen. It seems like the FTC has been wanting to nab a few legit email marketers violating the CAN-SPAM law. Last week they did it, they charged Kodak (formerly Ofoto) and ICE.com, two companies that VerticalResponse has approached in the past about retaining us for their email marketing needs.

The story? Kodak Imaging Network sent over 2 million messages and didn't have an unsubscribe mechanism or a postal address included in their emails. The outcome? They had to pony up over $26,000 in penalties. Ouch.

ICE.com's story was different. They sent an email marketing campaign to 6,000 people who had previously unsubscribed. Their penalty was a "cool" $6500.

So there you have it. If you use almost any ESP like VerticalResponse, you're ok, we ensure that you have a postal address and that the unsubscribe mechanism works indefinitely (not just the required 30 days).  We also ensure that you don't email someone who has unsubscribed using our mechanism.

(Oh, and thanks to Christopher for such a nice comment about how I had mistakenly published it was 10 days instead of 30, either way VR has you covered.)

Last week in DM News, Ken Magill reported a story that shows the precise reason why email registries don't work: they can be a target.

I'll recap it for you if you don't have time to read the whole story. Here's what the company featured in the story, Blue Security, does:

• People who don't want email subscribe to a "do not intrude registry" from Blue Security.
• Blue Security assesses where spam is coming from from desktop software on a registrant's computer.
• Blue Security finds the opt-out/unsubscribe on the spammer's website and automatically bombards the servers with requests.
• The spammer's servers are bogged down potentially slowing them from spamming.

Here's what happened:

• The spammer got mad!
• Said spammer then compared all of the requests to be removed with their internal list and specifically pulled those addresses out.
• The spammer emailed the list with this excerpt:  "You are receiving this email because you are a member of Blue Security," the message reads, in part. "Due to the tactics used by Blue Security, you will end up receiving this message, or other nonsensical spams 20-40 times more than you would normally."
• The attack took Blue Security down for some time.

In this case the spammers were specifically trying to target and attack the registry even if they didn't do it by hacking into the databases. This story illustrates another point for exactly why registries can be dangerous.

Got a comment? Let's hear it!

Even though we are still saddled with those in Michigan and Utah, it looks like other potential child protection registries are dead in the water. Bills in Georgia, Connecticut, Iowa, Wisconsin and Hawaii seem dead or dormant as of a week ago.  Read more on this story on each of these bills from Ken Magill, Direct Magazine.

For our previous post on Michigan and Utah registries go here. We'll continue to keep you updated as things change.

There's been a lot of hoopla surrounding the Do Not Email Registries in Utah and Michigan. So I wanted to take a sec to break it down for you and then talk about what VR is doing about it. First of all, VR is VERY opposed to this idea. We are helping the Email Service Provider Coalition in the fight against these registries and it seems to be working. Michigan has postponed their registry because of the issues raised by the ESPC. We are now in the process of getting Utah to do the same. Stay Tuned.

What It Is

I went through about 50 searches to find the Utah's Child Protection Registry. Apparently you need to search on "Register Your Child Utah Child Protection Registry" and it comes up on the 3rd page! Anyhoo, it allows parents to list any e-mail address to which their children have access. Sort of like the Do Not Call list but worse. Thirty days after registration, it is illegal for anyone to send spam to the address if the e-mail advertises pornography, alcohol, tobacco, gambling or any product or service illegal in Utah.

With the Utah Registry you cannot send emails to a minor with the following content:

• Alcoholic beverages
• Tobacco
• Porn
• Any product or service that is illegal in UT (whether purchased by a minor or an adult), such as illegal drugs, prostitution, and gambling.

Senders in violation will face up to three years in jail and up to $30,000 in fines as well as potential civil penalties of $1000 per message.

Michigan is on hold for now. That's the good news. They have postponed the implementation of their Registry until the issues raised by the ESPC (Email Service Provider Coalition) have been addressed. There are concerns about fee structures as well. They are trying to work out a timetable for future implementation. There is currently, as of this posting no risk to any sender.

In the event the MI Registry goes live you would not be able to send email to a minor with the following content:

• Alcohol
• Tobacco
• Porn or obscene material
• Gambling
• Lotteries
• Illegal Drugs
• Firearms

Michigan's law face similar fines and jail time, and may be liable to civil penalties of $5,000 per message or $250,000 per day of violation.

Why VerticalResponse is in Opposition

As i mentioned in my first paragraph we are not in favor of a "Do Not Email" registry. Here's why

• We are concerned with the security of the email addresses on the Registry
• There is no security audit of the system conducted by any third parties
• Many businesses are forbidden by their privacy policies from sharing their email lists with any third parties
• There needs to be more of an audited employee background check

Most notably, the FTC spent many months interviewing numerous constituencies in the email world, and hired independent email experts, prior to issuing a comprehensive report to Congress on the viability of registry-type solutions.  Their findings were conclusive: registries would not stop spam, and would very likely create greater risks for the individuals placing their names on the list. So we think that UT and MI should listen to us.

How You Get Minors Off of Your Email

While the fight continues we must offer solutions to appeal to these states. Unspam is the service that has been approved to scrub email addresses each month. The law in UT requires that every 30 days you clean your list of minors if your email contains any barred content. The service appears to cost about a half penny for each email address you pass through.

What VR is Doing for You in the Meantime...

Since Utah has gone forward with their registry we have been approved by Unspam to pass data on behalf of our customers. VerticalResponse is now working with Unspam's technical specs to enable you to scrub your data on a monthly basis. We need to be prepared for you in the event that the registries live. We should have more information for you about process, pricing and just how the whole thing works in the coming weeks. So stay tuned.