BLOG

Permission, Part 2

Permission Part 1 I talked about the definition of permission as I use it. Before we can talk about how to get permission we need to clarify the type of email that we’re talking about in this post. Specifically, I’m talking about marketing and newsletter email, not transactional email or other kinds of email a company may send to recipients. Also, when I talk about lists I include segments of a database that fit marketing criteria as well as specific list of email addresses.

There are two ways that recipients give permission to receive newsletters or marketing email, explicit permission and implicit permission. Recipients give explicit permission to receive marketing email when they sign up for such email. Implicit permission covers situations where a user provides an email address, either during the course of a purchase, a download or other interaction with a company. There may be some language in the company’s privacy policy explaining that recipients may receive marketing email, but the recipient may not be aware they will receive email.

The easier situation is explicit permission. There are two basic ways a company can gather explicit permission to send marketing email: single opt-in and double (confirmed) opt-in.

Single opt-in: Recipient provides an email address to the sender for the express purpose of receiving marketing email.

Double (or confirmed) opt-in: Recipient provides an email address to the sender for the express purpose of receiving marketing email. The sender then sends an initial email to the recipient that requires a positive action on the part of the recipient (click a link, log into a web page or reply to the email) before the address is added to the sender’s list.

There can be problems with both types of opt-in, but barring fake or typoed email addresses being given to the sender, there is an social contract that the sender will send email to the recipient. I’ll talk about single and double opt-in in later posts.

Implicit permission covers a lot of situations where email is commonly sent in response to a recipient giving the sender and email address. In these cases, though, the recipient may not be aware they are consenting to receive email. This behavior may annoy recipients as well as causing delivery problems for the sender. Common cases of implicit permission include website registration, product purchase and free downloads.

More responsible companies often change implicit opt-in to explicit opt-in. They do this by making it clear to users that they are agreeing to receive email at the point where the user gives the company an email address. Not only is the information about how email addresses will be used in the company’s privacy policy, but there is a clear and conspicuous notice at the point where the user must provide their email address. The recipient knows what the sender will do with the email address and is given the opportunity to express their preferences. If users do agree to receive email, the company will send a message to that recipient with relevant information about how their email address will be used, how often they will receive email and how they can opt-out.

Explicit opt-in is the best practice for building a list, however, there are still companies that successfully use implicit opt-in to build marketing lists. Companies successfully using implicit opt in usually are collecting emails as part of a sales transaction. There is very little incentive for their customers to give them an email address not belonging to the customer.

Outside of purchasers, however, implicit opt-in leaves a company open to getting email addresses that do not actually belong to the person providing the company with the email address. This most often occurs when the sender is providing some service, be it software downloads, music or access to content, in return for a “payment” of a valid email address. In order to protect against users inputting other, valid addresses into the form, the sender must verify that the address actually belongs to their user before sending any sort of marketing email. The easiest way for senders to do this is to send a link to the recipient email. This link can be the download link, or the password to get to restricted content. Because the recipient must be able to receive and act on email, the only addresses the sender has belong to actual users of the site.

In some rare cases, implicit opt-in can be used to build a list that performs well. However, senders must be aware of the risks of annoying their customer base and the recipient ISPs. Mitigating these risks can be done, but it often takes more effort than just using explicit opt-in in the first place.

Comment:

Your email address will not be published. Required fields are marked *

  • AOL compromise

    Lots of reports today of a security problem at AOL where accounts are sending spam, or are being spoofed in spam runs or something. Details are hazy, but there seems to be quite a bit of noise surrounding this incident. AOL hasn't provided any information as of yet as to what is going on.4 Comments


  • ReturnPath on DMARC+Yahoo

    Over at ReturnPath Christine has an excellent non-technical summary of the DMARC+Yahoo situation, along with some solid recommendations for what actions you might take to avoid the operational problems it can cause.No Comments


  • AOL problems

    Lots of people are reporting ongoing (RTR:GE) messages from AOL today.  This indicates the AOL mail servers are having problems and can't accept mail. This has nothing to do with spam, filtering or malicious email. This is simply their servers aren't functioning as well as they should be and so AOL can't accept all the mail thrown at them. These types of blocks resolve themselves. 1 Comment


Archives