World Privacy Forum's Top Ten Opt-Outs 162
Ant writes in to mention the World Privacy Forum's top ten information collector/user list, which shows opt-out instructions (or at least a starting point): "As privacy experts, we are frequently asked about 'opting out,' and which opt outs we think are the most important. This list is a distillation of ideas for opting out that the World Privacy Forum has developed over the years from responding to those questions. ... Many people have told us that they think opting out is confusing. We agree. Opting out can range from the not-too-difficult (the FTC's Do Not Call list is a fairly simple opt out) to the challenging (the National Advertising Initiative (NAI) opt out can be tricky). Our hope is that this list will clarify which opt out does what, and how to go about opting out. In this list, some opt outs can be done by phone, some have to be sent in a letter via postal mail, and some can be accomplished online. Some opt outs last forever, some have time limits, and others can be changed at will. If an opt out is on this list, it is because we thought it might be important enough to be worth whatever annoyance it may pose. "
Old fashioned opt out (Score:4, Interesting)
I would get at least 2 catalogs a week from these people despite letters and phone calls asking them to stop. Well, After that didn't work, I collected all the catalogs over a 3 month period, stuffed them in a large envelope and sent them back to the company postage due. I never received another catalog from them.
What annoys me (Score:3, Interesting)
...are websites when you register have the "subscribe me to your stupid newsletter" option checked by default. Get something wrong on the reg form? We'll re-populate all the info, but we'll re-check the subscribe option, despite you unchecking it. Assholes.
Opt-in actually makes more business sense. (Score:5, Interesting)
Using opt-in saves you the cost of marketing to people who don't want your stuff, saves you the cost of storing data about them, and saves you from the negative word-of-mouth opt-out causes.
I've run opt-in marketing campaigns, and have converted multiple employers from opt-out to opt-in. Before the switch, every mailout would result in an inbox full of complaints and threats. After the switch to opt-in, people would actually mail us asking where the ads were, if we were late.
I'll take opt-in over opt-out any day.
Those are opt-in lists! (Score:3, Interesting)
2. Unscrupulous individual obtains opt-out list with your contact info and sells it to Nigerian spammers or other foreign group.
3. You wind up getting more BS than your friend who didn't sign up for that opt-out list.
Precisely this happened with Canada's do not call registry. I didn't have my name added to it, thankfully. However, in today's information market, opt-out lists would have to be highly secure to have even a remote chance of working as intended. However, unscrupulous spammers have to be able to access the opt-out list to tell if you've opted out! That's a pretty huge gaping security hole built in.
Bottom line, the more opt-out lists you sign up for, the more spam you're opting in for.
Re:There's only one opt-out (Score:3, Interesting)
I was actually pointing out a flaw in the system. It seems to me the only real solution is to just have good filtering systems in place.
Another way is to have a catch-all domain and when you register use addresses like slashdot@catch-all.com, youtube@catch-all.com which you can then block as needed. However this quickly becomes a nightmare when somebody runs a dictionary attack on your domain, so you disable catch-all then you can't remember what addresses are actually in use ect and it turns to shit.
Spam filtering utilising multiple reputable blacklists such as spamhaus, barracuda, spamcop ect. Still seems the best solution, or having an obscure address that's only given to a few trusted individuals.
Reality Check (Score:5, Interesting)
Let us break this down in a way that I suspect all "geeks" and whatnot can understand. Do you spend much time investigating the events/items that meet your expectations of "normal"? Or are you more interested in the "odd" result? How much time do you really dedicate to fixing a Windows glitch vs how many time you just write it off to "Yeah, typical Windows behavior". Compare that to how many times you investigate into a *nix type glitch where the norm is to behave in exactly the same fashion every time unless some odd and relatively easily discoverable condition occurs...
The very act of struggling so hard to make yourself completely anonymous and "off the radar" makes you a high visibility target. I often see people go on about how they refuse to use discount cards and so on... WHY?! Seriously...is your hot dog and milk buying patterns so fucking important to your privacy? If you are really buying something "suspect" or "interesting" then don't use the card. Fuck, I actively check costs and ingredients in shit because I am concerned about what I am paying and what I am eating. What better way to "vote with your dollar" then to send a nice "I am not buying this fucking garbage" message every time you check out? I don't buy shit with aspertame, I don't buy shit with partially hydroginated bullshit (did you know they can legally claim 0 trans fat by making it less than
Put yourself in "their" shoes. Who stands out more...the guy trying to mind his own business in the large crowd of other people who are generally just trying to mind their own business or the guy who is sneaking with sticks strapped on all over trying to look like a shrub. "They" employ a great number of very intelligent people more interested in solving puzzles than being "bad guys" to weed out those strange responses. It is an interesting challenge in human behavior.
Seriously...hiding every aspect of your life makes you more suspect. I think the notion of making every aspect of your life public voluntarily through myspace/facebook/twitter/whatever is absolutely moronic in the extreme, but trying to hide every aspect is the same thing. Unless you are looking for pedophilia, necrophilia, beastiality, or some other pretty universally questionable porn...you probably stand out more as "I don't ever look at porn" rather than "I like *XYZ* kind of porn".
The biggest violators of "privacy" are in it to make money, not to be evil dictators. They are going to dig into your information whether you like it or not. Provide them information that sends a clear message of what you want and they will most certainly meet your demands to continue making money! Every time some telemarketer calls me with some survey I am HAPPY to spend 5-10 minutes of my day answering their questions. You cannot even begin to imagine my amusement when they start asking about how much TV I
That should be the way it works. (Score:3, Interesting)
It really should be the way the internet works, but too many people during the boom days thought that setting up your own server was too hard. And too many ISPs were willing to make money catering to that attitude.
The ISPs don't want to help people get their own domains now because they think they'll lose a revenue stream.
That's the reason RFC 5233 addressing can be useful, if you do it right.
But running your own domain does work best, and would work even better if everyone did.
Re:Opt-in actually makes more business sense. (Score:5, Interesting)
I agree. As both a list manager for e-mail and phone lists we have the opinion that we don't want to waste time with the people who don't want to hear from us.
On the calling side; we love the FDNC list. It means we don't have to spend man hours dialing people who will just scream and holler (when all it takes is a simple 'take us off your list'). As far as e-mail goes; we sent out opt-in emails to 20,000 folks in our market area and 95% of them opt'ed in. People respect that you asked first and if you tell them there might be interesting content coming their way they watch for it.
Re:Opt-in actually makes more business sense. (Score:4, Interesting)
And before you reply saying that asking to be taken off a calling list doesn't work - realize you've dealt with fly-by-nights or otherwise shady ventures before. We are quick to blacklist anyone who is nasty or otherwise shows no interest, it just doesn't pay to keep calling.
Spam is spam, but believe it or not... most people WANT to be marketed to. Don't believe me? Purchase some Experian demo data and look at the 'multi-company mail responders'. In our geographical market most of the households do in fact reply to junk mail and so forth.
(And you'll never beat junk mail - it makes the USPS too much money. You can opt-out of 'junk mail', but you have to wait in line to do it. It's just too much postage for the USPS to turn down.)
Re:Telemarketing is a good opt-out but... (Score:3, Interesting)
Re:There's only one opt-out (Score:3, Interesting)
You were planning to call them up
Very likely. They sold my address, so it's quite possible they owe me something for that. I'm also likely to avoid doing business with them in the future.
You still get all the spam.
That's only with Gmail, and only if they've specifically targeted Gmail.
What is needed is "one-time addresses", or addresses that cease to exist after n messages arrive, where n is some low number suitable for you verification email to be mailed and maybe a couple more.
This should be trivial to write, if you really want it.
But I don't think that's a good solution. Why not just tag email sent to that address, and wait until it starts getting spammed? That way, you know who's likely to sell your address, and you have a bunch more spam to train a statistical filter on. (You do have a statistical filter, don't you?)
And, there's always the off chance that the service might legitimately try to send you other email -- for instance, Slashdot will email me when anyone replies to this message. But you always have the option of deciding it's not worth it and killing a toxic address.
The difference is, with your way, there is no choice -- you've already killed the address after the first few messages.