Policy is hard

We’re back at work after a trip to M3AAWG. This conference was a little different for me than previous ones. I spent a lot of time just talking with people – about email, about abuse, about the industry, about the ecosystem. Sometimes when you’re in a position like mine, you get focused way too much on the trees.

Of course, it’s the focusing on the trees that makes me good for my clients. I follow what’s going on closely, so they don’t have to. I pay attention so I can distill things into useable chunks for them to implement. Sometimes, though, I need to remember to look around and appreciate the forest. That’s what I got to do last week. I got to talk with so many great people. I got to hear what they think about email. The different perspectives are invaluable. They serve to deepen my understanding of delivery, email and where the industry is going.

One of the things that really came into focus for me is how critical protecting messaging infrastructure is. I haven’t spoken very much here about the election and the consequences and the changes and challenges we’re facing. That doesn’t mean I’m not worried about them or I don’t have some significant reservations about the new administration. It just means I don’t know how to articulate it or even if there is a solution.
The conference gave me hope. Because there are people at a lot of places who are in a place to protect users and protect privacy and protect individuals. Many of those folks were at the conference. The collaboration is still there. The concern for how we can stop or minimize bad behavior and what the implications are. Some of the most difficult conversations around policy involve the question who will this affect. In big systems, simple policies that seem like a no-brainer… aren’t. We’re seeing the effects of this with some of the realities the new administration and the Republican leaders of congress are realizing. Health care is hard, and complex. Banning an entire religion may not be a great idea. Governing is not like running a business.
Talking with smart people, especially with smart people who disagree with me, is one of the things that lets me see the forest. And I am so grateful for the time I spend with them.

Naming Names
Confirmed Opt-In: An Old Topic Resurrected

Related Posts

June 2015: the Month in Email

Happy July! We are back from another wonderful M3AAWG conference and enjoyed seeing many of you in Dublin. It’s always so great for us to connect with our friends, colleagues, and readers in person. I took a few notes on Michel van Eeten’s keynote on botnets, and congratulated our friend Rodney Joffe on winning the prestigious Mary Litynski Award.
In anti-spam news, June brought announcements of three ISP-initiated CAN-SPAM cases, as well as a significant fine leveled by the Canadian Radio-television and Telecommunications Commission (CRTC) against Porter Airlines. In other legal news, a UK case against Spamhaus has been settled, which continues the precedent we’ve observed that documenting a company’s practice of sending unsolicited email does not constitute libel.
In industry news, AOL started using Sender Score Certification, and Yahoo announced (and then implemented) a change to how they handle their Complaint Feedback Loop (CFL). Anyone have anything to report on how that’s working? We also noted that Google has discontinued the Google Apps for ISPs program, so we expect we might see some migration challenges along the way. I wrote a bit about some trends I’m seeing in how email programs are starting to use filtering technologies for email organization as well as fighting spam.
Steve, Josh and I all contributed some “best practices” posts this month on both technical issues and program management issues. Steve reminded us that what might seem like a universal celebration might not be a happy time for everyone, and marketers should consider more thoughtful strategies to respect that. I wrote a bit about privacy protection (and pointed to Al Iverson’s post on the topic), and Josh wrote about when senders should include a physical address, what PTR (or Reverse DNS) records are and how to use them, testing your opt-out process (do it regularly!), and advice on how to use images when many recipients view email with images blocked.

Read More

M3AAWG in Philly This Week

Today marks the training day for M3AAWG 37 in Philly. With all the traveling and speaking I’ve been doing lately we’re not going to be there. So no tweeting from me about the conference.
logo
We’ve been attending various M3AAWG meetings since way early on – 2004? 2005? in San Diego. The organization has grown and matured and really come a long way since the early days. One of the challenges of M3AAWG is that it is a true working group. This isn’t like the various conferences I’ve been attending recently. I think there are two things that makes M3AAWG different from other conferences.
One of the most obvious things is the lack of a vendor floor. Sure, there are vendors and sponsors but vendors don’t bring in displays and have sales people stand around them to talk to folks. The conference does have demos and negotiations and meetings, but done differently than other events.
The other difference I’ve noticed is that M3AAWG is much more about participation. As the name says, this is a working group. Everyone is encouraged to get involved in things they’re interested in or that they think they can contribute to. Other conferences are a lot more about information being shared by speakers and panels. But during M3AAWG conferences, there are 2 mornings devoted to round tables.
The round tables are a true community effort, and probably deserve some discussion for people who’ve never been to the conference. Before the conference, members of the community submit ideas for things they think M3AAWG should discuss. These suggestions are reviewed by the board and leadership and ones that fall within M3AAWG’s purview are taken to the conference.
The first day of roundtables each topic is discussed in small groups. Volunteers facilitate a 20 – 30 minute discussion on the topic at hand with attendees. After time is called, attendees go to another topic and discuss that one. Part of what is discussed is not just the issue (say, how to get off a blacklist) but also what the final work product looks like. Is this a document for M3AAWG members? A panel at a future conference? A public document?
The second day is refinement of the roundtable topics and commitment from people to move the project forward. Champion is the person who is project managing this. Other roles depend on the work product. For presentation or panels, there is one set of roles. For documents there are roles as writers and editors and contributor.
M3AAWG has written and produced some useful resources and information over the years. Many of those resources are public, like best practice documents and metric reports. Other docs and reports are specifically for members.
The working group part of M3AAWG in one of its real strengths. Experts on all sides of the business of email get together to keep email useable and workable. Early on it there were a few barriers and some suspicion about various participant groups. But, as the industry as grown things have changed. Many folks have moved from ISPs to ESPs and back. There’s also a bigger place for companies that provide services to ESPs and ISPs, like us here at Word to the Wise. We’ve built bridges and technology and have been a positive force on the world.
 

Read More

2016 J.D. Falk Award

André Leduc received the 2016 J.D. Falk award this week at the Paris meeting of M3AAWG. He was recognized for spearheading two distinct projects.
The first was the Operation Safety Net – Best Practices to Address Online, Mobile, and Telephony Threats  This 76 page report was written by global security experts. One of the major goals of the report was to discuss security in language accessible to policy makers and management. The report, newly updated in 2015, is available at the M3AAWG website. Making technical language accessible is, to my mind, one of the most important parts of getting security recommendations implemented.
In addition to his work in making security recommendations accessible, André was the lead architect behind the Canadian Anti-Spam Legislation. This legislation has greatly reduced the amount of spam received by Canadians. According to Leduc, CASL has improved permission practices by senders outside of Canada.
Congratulations to André.

Read More