PayPal Followup

I thought I would give everyone a brief update on my continuing saga with trying to unsubscribe from PayPal’s marketing list. Because of what I do, I have some options not available to the average recipient. One of the things I did is ask people I know if they had any contacts at PayPal who may be able to address this issue.
I was given an internal contact at PayPal by a colleague who works at one of the certification companies. I sent the PayPal contact a brief summary of my experience. She explained she was not in a department that handled email any more, but that she forwarded my mail on to the responsible people. A little later I received another message saying that I had been unsubscribed and they were examining the tapes of my call. She also mentioned that their unsubscribe process would be changed “sometime in mid-July.” I was not given any details.
A colleague who attended the recent AOTA meeting in Seattle offered this comment.

I sat at a table during lunch with Michael Barrett, the CISO of Paypal recently at AOTA and I can assure you he is fully aware of CAN-SPAM laws and changes. Whether that translates to all layers of the company or not is another issue (one they are clearly not handling well). Ironically, his trust presenation talked about these types of battles for large companies.

In addition to looking for some personal contacts at PayPal, I contacted the vendor where I made the purchase from in February using a credit card through PayPal. He shared with me the information PayPal sent to him, including the notice that my PayPal account was unregistered. Unequivocal evidence that the last time I used their service, that I did not have an account with them. They had no business sending me that email.
His information confirms that their marketing message did violate CAN SPAM. The claims of the customer support reps that I had an existing account are contradicted by PayPal’s own statements to the vendor in February. There was no opt-out on the message as I received it.

Related Posts

Unsubscribe policies

Our local brewpub has an email list. For various reasons I have multiple addresses on the list and finally decided that getting 4 copies of each mailing was silly. About a week ago, I sent in unsubscribe requests for 3 of the addresses. Today I get another 4 copies of their mailing. That’s not good. Luckily, I know one of the delivery folks at their ESP so I send her an email.
I know unusubscribes can take a few days to process, but it has been seven and CAN SPAM is pretty clear about the 10 day requirement. My first email to their delivery expert is just asking how long unsbs normally take. She responds they take 3 – 4 days. Uh Oh.
I tell her I unsubscribed these 3 addresses (with the unsub links) on 6/10 and received more email this morning. I did tell her that there were multiple subscriptions and they were all legit, but the reasons were really not important. Just that I didn’t want quite so many emails and their unsubscribe process seemed broken.
Now we get to the part where it all goes a wee bit pear shaped. The next email I get back from her explains why I am on so many lists. Fair enough. The more concerning bit is that they have not only gone through their database and unsubscribed all my addresses, but they have also found Steve’s addresses and unsubscribed those too. What the email does not contain is an explanation of why their unsubscribe process broke.
At this point I am a bit annoyed. I did not want all my addresses unsubscribed, just some of them. And the bit about unsubscribing Steve? That’s just silly and unnecessary. Another round of email ensued, pointing out this is bad and please put everything back how it was except please unsubscribe these three addresses I sent originally.
Things are back how they were, although the technical staff is still looking into how their unsubscribe process broke. The initial thought is that during a technology transition they lost some unsubscribe requests.
This whole process has bothered me for a number of reasons. One is the utterly cavalier attitude of the delivery people at the ESP. Their unsubscribe process broke. This is, to my mind, an emergency. ESPs have been fined for broken unsubscribe processes. Two is the process of unsubscribing addresses that belonged to a completely different person. The ESP did explain the policy behind that, sorta.

Read More

How not to handle unsubscribes

On the heels of my unsubscribe experience last week where an ESP overreacted and unsubscribed addresses that did not belong to me, I encountered another deeply broken unsubscribe process. This one is the opposite, there is no way to unsubscribe from marketing mail at all. Representatives of PayPal have only been able to suggest that if I do not want their mail, that I block PayPal in my email client.
I had a PayPal account years and years ago. They made some extensive privacy policy changes back in 2003 and when I did not actively agree to the new policies, they closed the account. That account closure seemed to take, I heard nothing from PayPal. In early 2008, I made a purchase at a vendor that only accepted credit cards through PayPal. Normally, I do not do business with vendors who only accept payment through PayPal, but there appeared to be a way to make the payment without establishing a PayPal account, so I went ahead and made the purchase.
The receipt from that purchase came from PayPal, and mentioned that I had an existing PayPal account. I figured that because the address was the same as the 2003 account that the boilerplate did not understand ‘closed accounts’. I brushed off the notice and did not worry about it.
On June 23, I received marketing email from PayPal. The mail offered 10% off my first eBay purchase, if I set up an eBay account using the same address on my PayPal account. Yay. Spam. Oh, well, no big deal, there was an unsub link at the bottom of the email. It is PayPal, they are a legitimate company, they will honor an unsubscribe. It will all be fine.
Or. Not.
Clicking on the unsubscribe link in the email takes me to a webpage that tells me I had to login to my account to unsubscribe. But I do not have an account!
They clearly think I have an account linked to the email address they mailed. I decide to see if I can recover the account and then unsubscribe. I put in the email address they sent the marketing email to, the password I probably would have used had I actually set up this account and hit “submit.” PayPal now asks me to set up 3 questions to use to recover my account in case I forget the login in the future. Uh. What? No. I do not want to set up an account, I want them to stop sending me email. I abandon that webpage.
I then attempt to recover the password to the account. Put in the email address that PayPal is sending email to and hit “forgot password”. PayPal, as expected, sends me an email. Click this magic link to recover your account. PayPal then asks me to input the full number of the credit card associated with the account – the credit card number I do not have. What account? What credit card number? Is this from my 2003 subscription that was closed? Is this from the purchase I made in February? I abandon that webpage.
The recover password email helpfully lists a phone number I can call for assistance so I call. In order to be able to talk to someone I have to enter my phone number. And the credit card number associated with my account. I resorted to randomly pounding on “0” and telling the voice recognition software I wanted help. Eventually, it got so confused it transfered me to a real human.
Tragically, the voicemail system was actually more helpful than the real human on the other end. Distilling down hours of sitting on the phone with them, I am told the following:

Read More