Category Archives: Email marketing

Another Year, Another Look Back

Nearing the end of the second year of the pandemic, it’s time for our annual look back on the year in email. As with the year before, many of us spent the year under at least partial lockdown. The businesses that could, continued to engage in email marketing. The ones that couldn’t…, well, the ones that couldn’t went out of business. A few companies stopped sending emails at the beginning of the situation back in 2020, only to discover that this wasn’t the right approach. When those companies started sending again, they found their deliverability had slipped (see Coming Back After Quarantine for more on this).

Looking back on this year’s mailings, one thing is readily apparent: email marketers have gotten far better at their jobs. There were far fewer mail merge and dynamic content errors this year. We’re also seeing a shift to simpler designs based on what works in email rather than what a graphic artist thinks is a good-looking composition. This is a double-edged sword, however. While it led to fewer mistakes, it also led to an increase in fairly uninteresting email designs. Most of the mailings we received this year followed the same header, hero image, text, and footer block format that you’ll find in every email template. It’s a good format, but when you see it too often your brain stops registering both the design and the content, and that’s never a good thing.

We’ll start with the gaffe heard round the world.

Testing… 1…2…3…

On June 17th of last year, all 44 million subscribers to HBOMax’s mailing list received the message shown above. People immediately started posting to Twitter about it. HBOMax went on Twitter to explain that it was an intern who made the mistake, promising to help the intern through it. This led to even more posts, with people defending the intern and admitting to some terrible mistakes of their own that they made while working as an intern. In one case, a person tweeted:

Proving things can always get worse.

They call me Hell. They call me Stacey.

Over the past few years, I’ve received many emails that began:

“Dear [first name]”

That has mostly gone away. Marketers now know that an attempt to be personal that fails has exactly the opposite effect. I also saw far fewer typos, which is probably a side effect of the improvements in spelling and grammar features and apps such as Grammarly.¹

Now that marketers have learned the dangers of empty fields in their mail merges, some have made sure that there is always a first name to refer to in the subscriber data. This can also come at a cost. In this example, somewhere along the line, someone in the office decided that my first name was Greg (it’s not). This might be even worse than a dangling comma or a placeholder. At least there’s no confusion over whether or not the email is intended for me. Maybe there’s some guy named Greg out there wondering why he hasn’t heard from them.

Sometimes an ampersand remains an ampersand

Mojang, the creators of Minecraft, have been owned by Microsoft since 2014. You’d think with a company like that behind them, you wouldn’t see these kinds of simple coding errors in the emails, and yet, here we are. “'” is a standard way to add an apostrophe in HTML, but I can’t see anyone doing that in email. More likely, the coding information got screwed up. Either way, a test send would have caught the problem.

Ma, fetch me the magnifying Glass!

I talked about this last year, but every year there are always a few people who haven’t learned that not everyone reads their emails on a desktop monitor. In fact, less that 20% of email is opened on the desktop now!² Some graphic artists still like to design their emails like they’re pages from a magazine. Most email marketers have learned to either use media queries to make their mailings responsive or, at the very least, mobile friendly. Yet, there are a few who haven’t received the memo. It’s probably not coincidental that these examples come from sources with smaller email lists. Five years ago, this wasn’t at all uncommon, but the fact is almost everyone is reading email on their phones these days, and this type of email design is a relic of the past.

Hey! Who turned out the lights?

In 2020, there was a lot of chatter in the email marketing community about “dark mode.” A feature of many mobile devices, dark mode inverts the display, making the background black and the lettering white. This works well in most cases, but marketers who like to use unusual background and type colors could find their results turn into something strange if they’re not careful. The biggest problems occur with images, and specifically with PNG logos. Dark mode can’t invert a black logo with a transparent background, so the result is a black logo on a black background. Not exactly eye-catching.

Unsubscribe? Good luck!

One thing you never want to see when you click unsubscribe is a placeholder. This is from a Klaviyo service, but I doubt that ESP is entirely responsible, more likely someone was trying to set up their own unsubscribe page and did a poor job of it.

By far the worst offender when it comes to emails is Warby Parker. Clicking on their unsubscribe button, I received this notice:

On my laptop, this was showing up as DNS not found. On my desktop, I received the warning above. As you might imagine. Warby Parker’s emails now go to my spam folder.

Click to go…Oops!

Some years, we received dozens of emails with broken or missing links. I was expecting dozens of these around the holidays—a prime time for this sort of thing when companies go into panic mode making sure their mailings get out on time—but this year there was far less of it than in the past. Of course, the thing to do is exactly what New York Magazine’s The Strategist newsletter did here, although few senders get this creative with their mistake.

You Already Said That

Forgetting a link is embarrassing, but how about sending out an email you already sent? I know that sometimes marketers will do this on purpose, but that’s clearly not what Skyword’s CEO Andrew Wheeler had in mind with his Content & Context newsletter. He admits it in the green subhead and the “Oops, wrong newsletter” in the subject line Fortunately, the marketing team was on the ball, and it only took a couple hours to straighten everything out.

Unclear on the Concept

There will always be spam, and if you want to see bad email formatting and grammar mistakes, you’ll find there’s no shortage of them in your spam folder. My personal favorite is when the spammer decides to send their email as a graphic (sometimes base64 encoded as well). This does get past the filter more often, and the spammers probably consider this a win, but while that email might just reach the inbox, they’ve lost the war. Any links they included are lost. By far the worst example of this I received was one that asked the recipient to cut and paste a long code number in order to deposit money into a bitcoin account. They didn’t stop to consider that you can’t cut and copy a number from a graphic (go ahead and insert your favorite Jean Luc Picard facepalm gif here).

And while we’re on the subject of spam, this one is one of my favorites:

It’s just ordinary spam, but I like the way it pretends to be about helping you avoid being a victim. Isn’t being a victim what spam is all about? It’s a bit like the used car dealer that calls himself “Honest Abe.”

That’s it for this year. If nothing else, this year’s mailings showed more people paying attention to the little things, or, at least, the use of templates has reduced the errors.

1. I’d include autocorrect here, but that feature, while good at correcting typos, sometimes leaves things unintelligible. I’d include a link here to the Damn You Autocorrect website, but it’s definitely NSFW.

2. This statistic is taken from SuperOffice’s article on the topic. Naturally, there are some discrepancies between various sources as to the actually number, but most agree that mobile device email viewing now far outstrips desktop viewing.

© Goolara, LLC, 2022. Unauthorized use and/or duplication of this material without express and written permission from this site’s author and/or owner is strictly prohibited. Excerpts and links may be used, provided that full and clear credit is given to Goolara, LLC and the Goolara Blog with appropriate and specific directions (i.e., links) to the original content.

Coming Back After Quarantine

4 Replies

In March of 2020, when the lockdown started, many businesses scaled back their operations, assuming that it would be over in a few months. We all know what happened next. Now, as businesses are coming out of a year of hibernation and restarting their marketing programs, some are finding that their email deliverability has dropped precipitously. More email is going to the spam folder and more subscribers are choosing to unsubscribe. They ask: “How can this be? We haven’t changed anything.” If you’ve encountered this problem, there are a few things you can do to alleviate the situation.

Remind Them Why

The sad truth is that people have a short memory and email is easily forgotten. If you immediately start sending them mailings the way you used to, they might not even remember who you are. This means there’s a greater chance of them clicking the spam button. See it from their viewpoint. It’s likely they are receiving dozens of emails every day. A year ago, they saw your mailings regularly and were used to it. In the meantime, they’ve been subscribing and unsubscribing from many other mailings. Suddenly, here comes your emails out of nowhere. If they haven’t kept your business in the front of their thoughts, they may assume that your mailings are from an affiliate marketer, or worse, unsolicited. “Who is this company, and why are they suddenly sending me emails?” they ask. If you’re lucky, they will click unsubscribe, but there’s also a chance they will see you as a spammer.

It’s easy enough to avoid this. If you’ve not sent emails during the past year, you’ll need to reintroduce yourself. An email letting them know that you’re coming out of lockdown and reminding them why they chose to subscribe to your mailings is a good idea. You’ll want to get across the point that you’re not sending unsolicited email and that your future mailings will have value to them. Avoid sales pitches for the first few emails. They need to remember why they subscribed to your email list in the first place, so give them something other than a sales pitch.

Common Ground

Few events in history brought the world together like the pandemic. We all went through it so we all have that in common. You’ll want to let them know why you weren’t mailing anything during the lockdown and that you are still in business. If it’s applicable, you can point out that you understood the hardships that the lockdown presented. You might even want to relate how your own staff dealt with the situation. A subject line such as “We’re back in our offices,” or “It’s been a while since we wrote” can help. Anything that will let them know that you’ve sent them email in the past and that you’re not a complete stranger.

One technique that works well for unengaged subscribers of any kind is to offer something at a discount or for free, however, this will only work once you’ve reintroduced yourself. Free offers and coupons from out of the blue are invariably viewed with suspicion and can be counterproductive. First, you’ll need to make sure you’ve established that you’re not sending them these offers unsolicited. Once you’ve done that, special offers are a great way to keep your subscribers engaged and bring them back to your site.

Start With the Best Bets

If you’ve set your subscriber database up for it, segmenting your mailings to distinguish the more engaged subscribers from the rest will help you get things back up and running. It will also clue you in to any changes you’ll need to make to your data. If portions of the group that were engaged before the pandemic and were interacting with your business on a regular basis, but are now ignoring you, you’ll want to find out why before opening up to the rest of the community.

Things Change

No matter what you do, one inescapable fact is that not everyone came through the pandemic with the same results. Some of your subscribers may no longer be in business. Hundreds of bars and restaurants have had to close their doors permanently. Thousands of people moved on to other fields after losing their jobs. Sadly, for some of your subscribers, your products or services may no longer be relevant to their needs. This isn’t always a bad thing. While others may have moved away from what you have to offer, new people are entering the market all the time. Right now is a good time to put some effort into strengthening your subscriber list, while new people are still learning about the fields they’ve entered. You’ll want to be there to greet them at the door, so to speak.

© Goolara, LLC, 2021. Unauthorized use and/or duplication of this material without express and written permission from this site’s author and/or owner is strictly prohibited. Excerpts and links may be used, provided that full and clear credit is given to Goolara, LLC and the Goolara Blog with appropriate and specific directions (i.e., links) to the original content.

Hey Google, Why’d You Do That?

Leave a reply

Last week, Google suffered several major outages. Naturally, it made the news. So many people rely on Google for search, Gmail, YouTube, and maps, not to mention Drive, which some companies use to prepare documents and presentations. We don’t fault Google for having an outage. We make software, so we know how difficult it can be, even for a company with Google’s resources, to avoid this situation. However, we do think the way the outage was handled for Gmail was unforgivable and shows a lack of respect for users of Google’s services.

What Happened Was…

On Tuesday, December 15th, 2020, Gmail stopped accepting email sent to Gmail. It lasted from approximately 1:30 to 4:15 PT—the middle of the afternoon on the West Coast, and toward the end of the workday on the East Coast. Bad times for an outage like this when you consider some businesses send their mailings out as soon as they are ready to go and, in the United States anyway, that is exactly when Google went dark.

This shouldn’t have been a problem for sending email. The protocol that defines how email is sent allows for a store-and-forward system where a mail server can hold email until a server is ready to accept it, making multiple retries over time to get the email delivered. If Gmail had gone down such that its servers simply didn’t respond, anyone attempting to send email to a Gmail user would have their email delayed, and that would be the only negative result. After the servers came back up the email would be delivered, and the system would catch up.

However, Google didn’t make the Gmail servers unavailable. Instead, they were left running but answered requests to receive email with a message that the email address was not valid. For a user sending an email to a friend or relative and getting a message back that the address is not valid might be confusing at best. Less sophisticated email recipients might assume that the invalid email message is correct and go ahead and remove that contact from their address book or, worse, assume that their own system was hacked when their messages to friends started returning invalid email notices, leading to a lot of wasted time on hold with their Internet provider’s tech support.

The Effect on ESPs

For the business of email marketing, the results are more serious. It’s common for Email Service Providers (ESPs) to set their software up to remove recipients when the destination email server says the recipient is not valid. We do it, as do many others. This is done to avoid potential future deliverability problems. Sending repeatedly to an invalid email address is a good way to ruin your reputation score.¹ In the Google case, it meant that a large amount of email wasn’t delivered to recipients. Worse than this, it meant that huge numbers of valid Gmail users were needlessly removed from ESP databases all around the world.

Fortunately, we were made aware of the problem early (the only real advantage to it happening in the middle of the workday). We contacted our customers and reversed the on-hold status for the hosted customers and the on-premise customers for whom we manage deliverability; but if you are using a different ESP or managing deliverability issues yourself, you should check to make sure your email lists have been corrected after this problem. We assume most quality ESPs will be proactively resolving this issue, but it would be good to check. If you run your own email marketing program, you’ll need to work with your programmers and database administrators to handle this issue.

Google’s Attitude

Google’s handling of this outage was disappointing. Leaving the Gmail servers up but responding to all email requests with “Unknown User” needlessly caused all kinds of problems and confusion for users. We would go so far as to say that it was a very rude thing to do. If Google had simply turned off the computers, there would be almost no negative impact from the outage beyond delayed delivery. Google employs dozens, if not hundreds, of people in its Gmail division. Was there no one there who could simply pull the plug on the Gmail servers?

Turning off a server is easy, but they were unwilling to take this step, apparently unconcerned about how it would impact their users and anyone who wanted to contact them. Is this a sign of how Google feels about its users? Google removed the “Don’t be evil” motto from their code of conduct several years ago. We now see why.

1. For more on what a Reputation Score is and why it’s important, see the Deliverability Enhanced white paper in the Resources section of the Goolara website.

© Goolara, LLC, 2020. Unauthorized use and/or duplication of this material without express and written permission from this site’s author and/or owner is strictly prohibited. Excerpts and links may be used, provided that full and clear credit is given to Goolara, LLC and the Goolara Blog with appropriate and specific directions (i.e., links) to the original content.

Email Marketers and California’s New Data Privacy Law

1 Reply

In June of 2018, Governor Jerry Brown signed into law the California Consumer Privacy Act (CCPA). Taking its inspiration from the European Union’s General Data Protection Regulation (GDPR), the CCPA was intended to protect online data privacy. Like the GDPR, it gives California residents the right to opt out of any sharing of their data and the right to have their data deleted. It was created by Alastair Mactaggart, a rich San Francisco real estate investor, and drafted by him with friends, including cybersecurity and data privacy expert Mary Stone Ross.

But Mactaggart wasn’t happy with the legislation and, two years later, introduced ballot measure Proposition 24, intended to correct what he saw as problems with the CCPA. In November 2020 the California voters passed a revision to the CCPA entitled the California Privacy Rights Act of 2020 (CPRA).¹ Not everyone was happy with the new resolution, including MacTaggart’s former associate Mary Stone Ross who opposed it as did the ACLU among others. Nonetheless, the proposition passed and is now law in California.

Why It Matters

While California is just one of the fifty US states, it has one of the largest populations and an over-sized influence on the rest of the country. Legislation passed by California is often copied by other states. So what has been the impact of the CCPA on the email marketing community, and what should we expect from the CPRA?

So far, the CCPA doesn’t appear to have had a significant impact on many in the email marketing community. Will the CPRA change that? Will it have a more significant impact on businesses? Only time will tell for the true effects, but there are a number of changes in the law that seem likely to cause an impact. We have read the law and attempted to interpret how the changes will affect the email marketing community. Please note that this is not legal advice. For specific questions about the law, please consult an attorney.

One of the changes was intended to close loopholes around businesses sharing information. The new law changes the wording to include the sharing of information between companies in almost every way. Whereas before, with the 2018 version of the law, many people interpreted it to allow businesses to share information between companies with affiliate relations, that is now explicitly disallowed.

The California Privacy Protection Agency

The most dramatic change from CCPA is the creation of the California Privacy Protection Agency. Previously, the prosecution of privacy violations was left to the California attorney general’s office, which acknowledged they don’t have the resources to bring many cases to court. With a projected budget of $5 to $10 million dollars a year and a law that says the proceeds from these cases will go to the new agency, the California Privacy Protection Agency actually benefits from prosecuting cases. With these kinds of resources, we expect that there will be significantly more prosecutions. Additionally, with CCPA, there were rules that allowed a company to “cure” violations to avoid punishment. With the new law, the ability to cure violations is reduced to a one-time opportunity.

It’s not all bad news, however. As with the CCPA, the CPRA has little effect on smaller businesses. It only applies to businesses that earn over $25 million a year. If anything, it’s more lenient than the CCPA since it increases the number of subscribers a business can have from 50,000 to 100,000.

The exceptions are businesses that earn 50% or more of their annual revenue from selling or sharing consumers’ personal information. The changes in this law make it clear that sharing data with another business, regardless of the creative words used to describe the arrangement or the annual earnings, are now illegal without strict contractual requirements to ensure that business maintains the same level of privacy protection. If you make money by selling your email leads, you will need to be very careful about this law. And the penalties for violations remain debilitatingly high. Fines could be millions of dollars for a single email blast!

The law continues or even strengthens the requirements of disclosure for the personal information you collect. This law goes so far as to give the exact words you need to provide as a link on the homepage of your website to explain to users the information you collect and requires you to make an option available to users to request that this data be deleted.

In GDPR and Email: Part 1, an Overview, we pointed out that much of this legislation requires businesses to forget all the information about a recipient, without addressing the inevitable problems this can cause. Our reading of this is that the law does allow for the storage of some key identifier to support a user’s request to be deleted (specifically, email address in our case). While we doubt that this was the intended purpose of this subsection, it certainly appears to let businesses off the hook in regards to keeping email addresses to prevent further data gathering and further email sending.

Don’t Add Data to Unsubscribes

The new law makes it explicitly clear that personal information cannot be added to records for recipients that have unsubscribed. Maintaining the email address to know the person has unsubscribed appears legal, but you cannot then augment the file of information about that user to include any personal information, even if you won’t be sending to them. Some software or business practice changes may be necessary for companies to comply with this.

One thing that is unequivocally banned by the CPRA is the practice of assuming that consent is provided by hovering over, muting, pausing, or closing a given piece of content. It also prohibits the practice of using “dark patterns” to add data about users, which it defines as “a user interface designed or manipulated with the substantial effect of subverting or impairing user autonomy, decision-making, or choice, as further defined by regulation.” Hopefully few businesses were doing this, but should you be considering it, now it is explicitly illegal.

Another frustration we have experienced with GDPR that doesn’t appear resolved by these California laws is the question of what constitutes personal information. Some things are obvious, such as Social Security Numbers, addresses, dates of birth, etc. But how about information like clickthroughs or opens? Is it personal information to keep track of what content the person opened, or to store the links that they clicked on? Certainly, an argument could be made that this information is unworthy to be considered confidential or private information, but the laws are not clear. It would be nice if this could be resolved for the email marketing community but for now, each company and their lawyers will need to make their own decision.

The CCPA went into effect at the beginning of 2020 and will stay in effect until the 1st of January, 2023. At that point, the CPRA will go into action, but the law also applies to personal information collected by a business on or after January 1st, 2022. If you are an email marketer who doesn’t collect any personal information about your recipients and simply blasts untargeted advertisements at them you may not need to change business practices. You need to offer an explicit “delete” option, rather than just an unsubscribe, but no other changes may be required. However, if you target recipients based on the information you have collected about them no matter what the source, you may have to make changes to “dumb down” your program. Untargeted advertisements appear to be acceptable but targeted advertisements may get you in trouble. It’s a bit ironic that the “benefit” of privacy protection may neuter all marketing to be generic and unengaging to recipients.

1. The California Privacy Rights Act of 2020 in PDF form.

The Hidden Costs of Cloud Services

Leave a reply

Have you considered moving computer workloads to the cloud? You probably have. In the studies we’ve seen, over 90% of companies are now using cloud computing services.¹ If you are considering moving your infrastructure to Amazon Web Service (AWS), or Azure, or some other cloud computing service, there are a few things you should know before taking the plunge. We’ll look at these potential pitfalls and give you the information you’ll need to make an informed decision.

Moving to Azure: A Case Study

Recently, a customer decided to move their databases from a managed IT provider to Microsoft’s Azure. They had a large, home-grown CRM-style database to move, plus several more databases that we helped manage for their email marketing purposes. They carefully studied the Azure website to determine which package would meet their needs, and how the cost compared to that of their current provider. They concluded it would be cheaper and more reliable to switch to Azure. However, things didn’t go as planned.

The first question everyone asks is how much will it cost, but that’s difficult to estimate. Even careful scrutiny of the configuration pricing using Azure or AWS won’t necessarily answer this question. When you buy a server from Dell or others, many factors determine the performance, but the cost is relatively upfront. The speed and number of cores determines the base speed and how much RAM can have a significant impact. In the case of a database server, the speed and size of the storage system is critical. There are other factors but these are the main considerations. It’s a relatively straightforward process.

Compare that with the purchase of a cloud database. For Azure, you start by determining if you want a managed instance, an Elastic Pool, or a single database. Go down the route of a managed instance, and you choose from Windows Virtual Machines, SQL Database Managed Instance, or a SQL Server virtual machine. The Elastic Pool is closest to owning your own server that hosts multiple databases and that pricing path has you choose between the vCore (virtual core) and the Database Transaction Unit (DTU) model. Choosing the DTU model has you then select your elastic Database Transaction Units (eDTUs) per pool, which determines the per-hour pricing. But what is an elastic Database Transaction Unit, and how many units do you need for a viable database? Microsoft defines a DTU as “…a blended measure of CPU, memory, and data I/O and transaction log I/O in a ratio determined by an OLTP benchmark workload designed to be typical of real-world OLTP workloads,” but they provide little information on how these factors are “blended” or the specifications of the OLTP numbers used. Microsoft does offer a DTU calculator, but it involves running either a Command Line Utility or a PowerShell script to capture CPU and IOPS at the server level and create a CSV file, which is then uploaded to the Azure website.

It’s also tricky to verify that the configuration you’ve chosen will actually work. The customer initially picked a mix of a single vCore and the other databases in an Elastic Pool. However, they learned later that this setup does not allow SQL jobs to run or cross-database joins, things that their current database allowed and were fundamental to their design. There were also resource limits that Azure imposed that caught them by surprise. An estimated nine-hour overnight transfer of the data ended up taking thirty hours because of Azure-imposed resource limits.

Azure vs. AWS

Although Microsoft’s Azure cloud offering is growing in popularity, Amazon’s AWS is still the market leader. How would you estimate the costs for their system? To us, AWS pricing seems more straightforward than Microsoft’s. You still get these cryptic descriptions like db.m5.xlarge and db.r5.8xlarge that you must individually look up, but when you do, the abbreviation stands for a computer with a certain number of cores running at a specific speed, and an amount of RAM. Much more like what you get when buying your own computer. You must also estimate costs for data transfers and database and backup storage, which can be hard to determine.

The customer ran into several issues in attempting to migrate their databases to Azure that further increased their costs, but once they worked through those technical issues the migration was performed overnight. However, when they brought their systems back online the next day, they found the performance was unacceptably slow. They rolled back to their existing managed provider and looked over the website pricing options again. With their increased knowledge of the requirements, they recalculated the monthly pricing. Now they estimated a figure that was twelve times their initial cost!

Needless to say, this was unacceptable, so they’ve stayed with their current managed provider. But how could the price be so far off? We looked over the options they had initially selected. In our opinion, the eDTUs for the Azure DTU model was a bit low, but not unreasonably so. It’s easy to see how someone performing a diligent and thoughtful analysis of the pricing could come up with this price.

If you’re considering moving your infrastructure to the cloud, you need to be aware that the benefits don’t always outweigh the costs. Goolara’s Symphonie email marketing solution can use a database hosted by a cloud provider, or with AWS, the entire system can be installed on their computers. If you are considering a cloud provider for your database or entire email marketing system, contact us, and we’ll be happy to help you estimate the costs.

1. According to Flexera’s 2020 State of the Cloud Report.

The Techniques Behind Mail Client Unsubscribe Links

Leave a reply

Of course, we’d all rather have no unsubscribes from our painstakingly crafted newsletters and promotional mailings, but you can’t please everyone, and having a recipient unsubscribe is vastly superior to having them mark your email as spam. In 2014, Google caused some furor in the Email marketing community when they announced the addition of an unsubscribe link that appears at the top of the email content. A few years down the road, we can see that the angst of many marketers was unfounded. Gmail wasn’t even the first email client to offer an automatic unsubscribe link. Microsoft started offering unsubscribe and block features in Outlook as early as 2010. We did some research, looking at a large collection of emails we’ve received to determine what criteria caused the ISP to show the unsubscribe link. There were inconsistent results, but one of the most significant factors is the List-Unsubscribe header.

List-Unsubscribe

One thing that should be included in your mailing—and is automatically inserted by most ESPs—is the List-Unsubscribe header. This provides a web link and/or a mailto address to use for automated unsubscribes. To see if your mailings have this, look at the header information, either by choosing to see the header or, in Gmail by choosing “Show original.” In some cases, you’ll see this line followed by a “List-Unsubscribe-Post” line, which may contain the command: “List-Unsubscribe=One-Click” to further facilitate the unsubscribe.

In our research, most of the cases where the ISP showed the unsubscribe link the email included the List-Unsubscribe header. Since this is the main mechanism to provide an automated unsubscribe ability, it is unclear how Google and the other ISPs are determining the unsubscribe link when the header is missing, but we have seen some cases where this was done.

Using “Via” Sends

When the ISP displays that your domain is “via” some other domain, it generally means that you do not have your SPF records configured correctly. If your email is “via” another domain, there’s a good chance the unsubscribe link won’t appear. Take a look at these two From addresses:

The mailing that was sent from the How-To Geek’s primary domain (howtogeek.com) has the unsubscribe link, while the mailings sent using a different domain (reviewgeek.com via howtogeek.com) does not. In our research, we found that none of the mailings sent via other domain addresses appeared with the unsubscribe links.

The Link’s Reputation Score

You can do everything right and still not have the unsubscribe link appear. In our research we were surprised to find many valid senders that didn’t have the ISP’s unsubscribe link. It wouldn’t make Google or some other ISP look good if the unsubscribe link they offered instead went to a phishing page. Email recipients should have confidence that clicking the link will be safe, but how does the ISP determine if the link provided as the List-Unsubscribe is valid? The answer is by using the same basic algorithms they have already applied to your sending to determine if the recipients want your email (your email Reputation score).

When the link does not appear, it is usually for one of these three reasons:

The sender does not send enough email out to create a usable profile
There is a problem with the sender’s IP information
The sender is a known spammer.

If it’s the first, the problem should disappear as your email sending rates increase. If it’s the second, you may have some erroneous information in your setup. As for the third, it needs no explanation.

The World of Apple

Not surprisingly, Apple has created its own version of the unsubscribe button. On iPhones and iPads, these appear in the Mail program like this:

The Apple unsub link appears to be intended to make it easy to unsubscribe from newsletters and other list-based mailings. The Apple unsub link is not contingent on the sender’s reputation score, so you may get the unsubscribe notice on the iPhone, but not in Gmail on the desktop. As with the Gmail unsubscribe link, figuring out why and when it appears is difficult. The wording of the message suggests that it appears when it recognizes that an email has come from a mailing list, but we see plenty of emails that unquestionably are sent from email lists that don’t include this link.

Email Apps

Email apps handle things slightly differently again. In the Gmail and Yahoo apps, you’ll find unsubscribe as one of the choices in the “more options” menus.¹ It won’t appear if your unsubscribe process uses a preferences menu or requires the subscriber to re-enter their email address.

Conclusion

Determining the conditions which will cause your email to appear in the ISP’s unsubscribe link can appear a bit arbitrary or illogical. The most important thing is to make sure you have the List-Unsubscribe header, and that the link works properly. Beyond that it appears to mostly be an issue of your good email reputation score, which is significant for many other reasons as well. Allowing recipients an easy way to stop receiving email they don’t want will help ensure good deliverability to the remaining engaged recipients.

1. Unlike the hamburger menu, which everyone agrees on, this menu goes by several names. Apple prefers to call it the “more options” menu, while on Android it’s the “overflow” menu. Some sources call it the “meatball” menu, while others refer to it as the “dumpling” menu. Still, others go for the most literal description of the menu, referring to it as the “ellipsis” or “three-dot” menu.

Our ESP has been hacked!

Leave a reply

We recently had a customer come to us to say their account had been hacked, and spam email was being sent from our system. We immediately investigated but were unable to find any sign of problems. The customer insisted the emails they had received were coming from our system because the “From” address was their email marketing address. In fact, their account hadn’t been hacked at all. It was just another example of scammers taking advantage of the “Friendly From” name in an attempt to fool readers into thinking an email was from someone else.

We’ve all received those emails that claim to have been sent by WalMart, Chase Bank, FedEx, and others. They’re annoying enough already, but they become intolerable when the company being spoofed is your own.

Scammers will copy the identifying elements from a sender’s mailings, such as the design and logo, in an attempt to convince readers that the email came from the legitimate company. But how can you recognize this, and what can be done about it?

Prevention

When email was created in the early 1970s, the designers had no idea how popular it would become or the range of problems that could be introduced. They created a simple, flexible system that allowed email to become what it is today, but that flexibility also enables malicious people to abuse the system. Email allows you to assign the “from” address to anyone you want. This is useful, especially for marketers who want to use an ESP to send emails that appear to have come from their company, but it can also be used to prey on a good company’s reputation.

To help prevent this kind of abuse, you need to add the email authentication protocol SPF. This protocol tells the receiving mail server which mail servers are allowed to send email using the “from” domain, so should reject email that is being sent by some other entity. The use of this protocol will help prevent phishing emails (those pretending to be from eBay, Bank of America or other brands with good reputations) from landing in your inbox. It is important that your SPF specification end with a “-ALL”, rather than “~ALL” or other options. The dash indicates that the email should be rejected, which is what you want.¹

DKIM (pronounced “dee-kim”) is also a popular email authentication protocol. DKIM uses encryption to verify that an email message was sent from an authorized mail server. A private domain key is added to the headers on messages sent from your domain. A matching public key is added to the Domain Name System (DNS) record for your domain. Email servers that get messages from your domain use the public key to decrypt message headers and verify the message source.

An email authentication protocol popular with high-profile, brand-driven companies is DMARC It was created by PayPal with the specific intention of preventing spoofing and phishing, and is most useful for companies that are often targets of these types of scams. For most businesses, SPF and DKIM should do the trick. DMARC only works if you’ve set up both SPF and DKIM.

Recognition

So what if someone contacts your organization saying they have an email from your company that is spam. How can you determine if your ESP has been hacked or if someone is sending email using your company name as a “from” address?

The content is seldom useful. Any decent ESP allows customization of the content, so any link could be sent and the unsubscribe information can be specific to you. These can be faked by the malicious entity.

In many cases, these attempts to trick readers into thinking an email comes from a legitimate source are easy to spot:

Although this appears, on the most casual glance, to have come from Chase Bank, there are giveaways that it did not. The most obvious one is that the actual email address is not from Chase, but from a free email service in Germany. Clearly, a major institution like Chase Bank is unlikely to use a free email address to send out information about a customer’s account status. Presumably, upon clicking the link, you’ll be taken to what looks like a sign-in page for Chase. They’re hoping you will continue believing the ruse and enter your login name and password.

If you want to find out where an email came from the email headers are your best source of information. Unfortunately, email clients don’t always make viewing the headers easy. The desktop version of Outlook, for instance, requires you to go to the File menu and choose Properties, then the headers appear in a small scrolling box that can’t be resized.

Yet, here too, though the headers are useful, they can be faked as well. Under the covers, headers are just part of the email content, and the malicious entity can provide any headers they want to the email. However, the standard rules for email are that the mail server that accepts and email should add some “received” headers. Your mail server knows the IP address of the mail server that is sending the email and should provide this information, as well as the name associated with that IP address, as part of the “received” header.

Often there will be multiple “received” headers. The email protocols were originally designed to be store-and-forward systems where an email might require passing through several mail servers before getting to the one that has the proper mailbox. In our modern environment multiple “received” headers often come as part of the sending process. Many ESPs and other senders will generate the email on one computer that relays it to another computer for actual delivery. This will result in multiple “received” headers that can be used to trace the path back to the original sending computer. The standard for “received” headers is to add from the top, so the data near the beginning of the headers data should be the data added by your mail server and can be trusted. Everything after that is suspect.

Understanding “received” headers can be a bit tricky, so you may need to ask your ESP or email expert for help. But simply scanning the data added by your mail server can often give you a clue of where the email came from. If the headers say “Received: from mail-ot1-f48.google.com ([209.85.210.48])” for example, it should mean that your mail server received an email from IP address 209.85.210.48, which, when looked up, inform us that it is a Google mail server. If the malicious email says it is coming “from” your brand, but the headers say: “Received: From h2hclan.com ([36.89.36.149])” you can feel confident it was not your ESP that sent this email.

Finding the Headers

If a client, co-worker, neighbor, or whoever forwards you an email that claims to be “from” you, the important headers will be lost. A forward is actually a new email message, with a new set of headers, and the content copied from the source email. This email will not show you the interesting header information. To get that you need a copy of the email as it was received. With most email clients, if you create a new email message and include the problem email as an attachment, the headers will be retained. The trick is getting that person who received the malicious email to send you the email as an attachment.

Conclusion

If you have a popular brand, and especially if you have good email deliverability, malicious people will eventually decide to try and take advantage of all your hard work to deliver their junk. The only thing you can do about this is to have the proper SPF records in place, which will limit the damage. Being able to recognize when an email has been sent faking your domain is important so you can quickly determine if someone has gotten into your email server or ESP, or if it is the more likely case of someone attempting to abuse your good reputation with an email pretending to be “from” your company.

1. Fortunately, our customer had the proper SPF records in place, so the damage was minimal. It seems that more North American mail servers pay attention to SPF records, and not so much in China and Asian countries where this particular abuse-email was targeted.

A Look Back at 2019: The Year in Email

Leave a reply

It’s that time again! Our annual looks back at email shenanigans. The things that worked and the things that didn’t. We look at the clever, the ill-advised and the sloppy. For our first example, we have one that is both clever and ill-conceived.

Please Read my … Email

As a rule, we don’t like to talk trash about the competition. We all make mistakes, and let he who is without sin, et cetera. Still, just to prove no one is above making mistakes, not even email marketing software providers (ESPs), here’s an example that turned up in our inbox earlier last year:

Look at the text above the blue banner. This has to be the most literal interpretation of the term “preheader text” you can get. At first glance, it might seem like it was intended as a placeholder, or maybe a novice worker was asked to “put the preheader text” at the top of the newsletter so they literally did. What they were trying to do here was a little too clever for its own good. By itself, the “Do’s and Don’ts of” subject line makes no sense, but if you receive the email in a client such as Gmail, which also displays the first text in an email, the message reads: “Do’s and Don’ts of…the preheader text.” If you click on the masthead it takes you to this:

It’s an interesting idea, but unless it’s viewed under exactly the right conditions, the concept falls apart.

This Crazy, Upside-down World

This also may have been intentional, but, like the previous example, there is nothing in the copy to indicate it. The fact that it advertises footwear by the avant-garde fashion designer Bernhard Willhelm might have something to do with it. but from here, it looks like they simply forgot to look at the email before sending it.

A Browser is not an iPhone

One simple way of checking the responsiveness of an email in a browser is to reduce the horizontal size of the browser window and see if the content re-positions itself for the smaller window. While this quick-and-dirty techniques works a lot of time, it can also fail. Witness the case of this mailing from FuncheapSF, a newsletter that lists free or cheap events in the Bay Area. If you check this by resizing your browser window, everything will look fine, but suddenly everything is out of whack on an iPhone.

Getting the dimensions right can be tricky and should be tested before sending. B&H Photo is usually pretty good about this, but here’s one that slipped by them:

If you check this one in a browser, it functions as it should. The problem is between the media query and the max-width. You’ll only encounter it if you look at the email on an actual iPhone, or an email rendering service that can duplicate the iPhone environment accurately. Checking it on an actual phone is safer.

E for Effort

This past Halloween, Microsoft came up with a fun little email that offers a scratch-off panel that lets you use your mouse or finger to reveal a free offer. While it doesn’t work in all email clients, it offers a fall-back that will take you to a website where you can experience it outside of the email environment. Except Firefox, which takes you here:
The funny thing is, when we opened the same email in other browsers, it did let us try out the scratch-off feature, but told us we didn’t win anything. At least the Firefox mistake gives us a discount.

Hurry, They’re Going Up Fast!

Whoever put together this email for the sports apparel and footwear store Under Armour wasn’t paying close attention. Normally the strikethrough price would be higher than the one you’re now offering (shown in red). Does anyone ever want to pay more for something that’s advertised at a lower price?

Self-Responding Email

As I’m sure you’ve noticed, emails with the same subject line and content are threaded in Gmail, so that if you and a friend are sending emails back and forth on a specific subject, these messages don’t completely takeover your inbox list. It’s a nice feature and it rarely has anything to do with email marketing since each new mailing is, as a rule, unique. A marketer might resend a message because the links were screwed up (although you don’t have to do this with Symphonie), but even then, they would normally change the subject line to let you know why they are sending you the message again. Here’s a case in point:

The content of these two emails is the same. Only the subject line and preheader have been changed, with the former subject line now appearing as the preheader.

But that’s not what’s happening with the Illyusa emails. The subject lines, and the content for these two emails is identical, and all the links seem to work in both emails. Perhaps they forgot they’d sent the message and sent it again. Or perhaps their email marketing software handles the email addresses in each segment as separate entries (a bad practice—see List Segmentation Landmines for more on this). Whatever the case, we ended up with a threaded promotional mailing.

A more extreme version of sending the same thing twice came from Forever 21, who actually pasted the same content into an email twice:

This could be something as simple as a person trying to paste finished content into their email marketing software and accidentally hitting the paste button twice. On the spectrum of email mistakes, this is minor.

Email as a Predictor of Business Honesty

At first we were confused when we opened this email. We usually read email with the images turned off at first to see how people are handling alt tags. Some email readers will put in default messages about missing images; others, such as Thunderbird, display nothing unless there’s an alt tag. Even so, if all of the images are missing, there’s usually the required fine print at the bottom to give you some idea of what you’re looking at, but not with this particular email. When we opened it, it was completely blank. After assigning it as spam, We checked out the message source and found the content consisted of two image with href links. The top image would have been acceptable, but turning the physical address and the unsub link into a graphic is always taboo. A closer examination of the email revealed that it was phony from top to bottom. A good rule of thumb: If the unsubscribe link is an image, mark it as spam.

We get a lot of spam, but our favorite junk mail of the year came from this knucklehead:

It sounds so self assured. Putting aside, for the moment, the bad grammar, the fact that we don’t have a webcam attached to our computers, and that claiming an email came from our own account is not a good threat to try on someone who works in the email marketing industry, this scam is the king daddy of scam failures, Worried that spam filters would identify this for what it is, the scammer converted the entire message to a base64 encoded image! This means that even if you did want to give this bozo your money, there’s no way to copy and paste the bitcoin address per the instructions. All you’ll do is drag around the image.

Beanie and Switch

Straight to Hell, a company specializing in hipster clothing, sent out an email advertising their new line of beanies. Most of this email was done well, with pictures of each beanie, and each image link going to that particular beanie. The only problem image was the first one, shown here. Which, when clicked, takes you to a page about their leather jackets, the subject of their previous mailing. Whenever an email has lots of links, and you’re working off an existing email there’s always a danger of this. Check every link!

This gets back to a topic we’ve discussed in the past and will, undoubtedly discuss in the future. If you’re going to show a product, make sure the link on that item takes you to the page containing that item. Too often, we click on links to pictures of products, only to discover that the product is buried five pages deep in the display listings, but this next example is even more insidious than that:

Putting aside the fact that boots are not accessories, and ignoring the mysterious “si” that appears between the images at the bottom, clicking on the boots takes you to Forever 21’s sale section. After scrolling through all 15 pages, we never did find these boots. Oh well, they probably wouldn’t fit anyway.

The Curse of the Template

Templates are a great way to get an email designed with a minimum of work. The only problem is that it’s also easier to miss things such as links. That’s what we suspect happened with this email from Screen-o-matic. Most of their social links work, until you get to the Instagram icon, which contains no link.

While we’re on the subject, We received an email the last week of 2019 using this social bar:

See any problems? Google shut down Google+ a year ago. Clicking on this link will get you the Google page explaining that the service no longer exists. Do all the social icons in your mailings work? Are you sure?

The other problem with templates is the danger of overlooking placeholders:

Whoever put this together should have noticed the empty content box at the bottom of their mailing, or, at the very least, got a second pair of eyes to look at it.

Problems of the Past

The other problem with previously-constructed emails is that if you never checked them thoroughly across all browsers and email clients, you might have issues that pop up again and again. Here is a problem that Target has had for at least a year now. In most email viewers, this email looks fine, but in Microsoft Windows’ Mail program, you get the rather confounding problem shown above. The image on the right looks fine, but the image on the left has the words “The picture can’t be displayed” appearing across the top. It seems like a strange thing to say, given that the image is actually there. Fortunately, the buttons that appear on the images make it a lot easier to trace the problem. In this case, it turns out that the folks at Target have inserted the image on the left as a background to a table cell, rather than simply place the image in the cell as was done on the right. An empty image placeholder sits inside the cell, for some reason. Since that image can’t be displayed, it results in the message over the background image. Considering that the audience for this particular type of email is the general public—the very people that are likely to use the Windows Mail program—and that the problem has existed for over a year, someone should have noticed it in the Target marketing department by now.

I Talk Real Good!

Really Good Emails is a website that offers a selection of recent emails that they think are particularly outstanding. It’s a good place to visit if you are looking for creative inspiration. Normally, their emails are well done, but this one came in a couple months ago that reads as if it was written by someone for whom English is a second—or maybe, third—language.
RGE responded a couple days later with an apology that also serves as an enticement to explore their site further.
Well done.

Color Theory 101

Considering the importance of good color use in every other aspect of marketing, it’s surprising how lackadaisically many marketers treat color in their mailings. The number one mistake comes from marketers who don’t bother to think about how their mailings will appear when people haven’t turned on the images. In the image above, the links are virtually impossible to read. This could have easily been remedy with a color:White (or color:#ffffff) style added to the alt text (for more on this, see The Finer Points of Styled Alt Tags).

While the absence of linked text color formatting is the number cause of unreadable text in emails, sometimes, the problem comes down to bad design:

Gold and pink are great colors for suggesting a certain pampered luxuriousness, but they don’t always go well together.

Oops…Just Kidding!

Petco isn’t exactly a fly-by-night organization, so I’m surprised to see that whoever is in charge of their email marketing thinks it’s okay to use techniques that are normally the providence of spammers. Neither of the emails with “Oops” in the subject line is an apology. They are simply promotional mailings. The email marked ‘CONFIRMED” is just an attempt to get you to use their dog grooming services. The fact that it’s all caps only furthers the suspicion that Petco’s email marketing manager comes from the world of spammers.

Click Here to See This Picture, Again!

If you’re going to add a link to an image, the best thing to do is to add a link that takes you to the page that the image references. Vinegar Syndrome did add a link, but it’s a link to the image in the email. Clicking on it just shows you the image by itself. I’m sure this one is a mistake. Remember to check your links. Fortunately, Vinegar Syndrome has provided other links in this mailing.

Dear Me

Missing names are a common mistake. They’re usually the result of using a mail merge command that requires content in the first name field. The problem is easy to avoid by using dynamic content instead. That way, if the first name field is empty, you can finish the salutation with something meaningful (e.g., “Dear Reader,” Dear Subscriber,” etc.). They also lose points for the white type in the footer on a pale pink background.

Blackboard Bold or Spam Folder Bait?

You may have received an email or two that appears to feature a unique font in the subject line and wondered “How’d they do that?” The answer is, the same way they use emojis in a subject line: by using alternative Unicode characters. Buried in Unicode are a few special characters that are virtually identical the standard alphabet except for their appearance. The most popular ones are those called the mathematical double-struck characters, sometimes referred to as “𝕓𝕝𝕒𝕔𝕜𝕓𝕠𝕒𝕣𝕕 𝕓𝕠𝕝𝕕.” There is also 𝕱𝖗𝖆𝖐𝖙𝖚𝖗 𝕭𝖔𝖑𝖉, ⓑⓤⓑⓑⓛⓔ ⓣⓔⓧⓣ, 𝒸𝓊𝓇𝓈𝒾𝓋ℯ, and many others. As fun as these things are to play with, we can’t recommend using them. They are often used by spammers to try and get their messages across without tripping the keyword searches, so there’s a higher chance that your email will end up in the junk folder with these characters. If you don’t believe it, take a look at your junk folder.

That’s it for this year. Do you have any examples of email marketing fails that you’d like to share with us? If so, let us know in the Reply box below.

Drag-and-Drop Solutions

Leave a reply

Perhaps it’s because I had already spent so much time learning HTML, or perhaps it was just prejudice, but, until recently, I gave drag-and-drop email design solutions little consideration. After all, how hard is it to create a few divs and tables then add images and text? It’s not rocket science; it isn’t even Python. But after spending a few weeks using the new drag-and-drop interface in Goolara Symphonie, I’m here to say, I’m a believer.

Since its inception, Symphonie has had a visual editor to help with the creation of emails, but not a drag-and-drop template builder. As most of our customers already have HTML designers working for them, adding a drag-and-drop builder to Symphonie was never a priority.

Then, when we started testing the new interface, something surprising happened. We found it was both robust and easy to use. Sure, it’s easy to write the code for a basic HTML email, but the template builder was even faster. Best of all, the finished designs automatically include responsive media queries and those pesky conditionals so necessary for displaying your emails properly in Outlook and IE (example: <!–[if (mso)|(IE)]><table width=”100%” cellpadding=”0″ cellspacing=”0″ border=”0″><![endif]–>).

Suddenly the thought of creating an email from scratch again seemed challenging. Using the drag-and-drop interface it’s possible to create a multi-section email template (example: Logo, hero image, salutatory text, three sections with images, text, and buttons, and a footer) in a little over a minute (yes, I really did time this).

Now I’m firmly in the drag-and-drop editor camp. Even for simple emails, it is faster and easier to use. Additionally, we’ve added lots of ready-to-use templates (all included for free) to make the process even easier. We think you will enjoy the new feature as much as we have. If you want to see it in action, contact us for a demonstration.

Privacy Report 2020

1 Reply

The second decade of the 21st century is shaping up to become known as The Privacy Decade. Recent legislation, both internationally and in the United States, is primed to change the parameters regarding what information about a person you can or can’t collect, and the limitations on what you can do with that information. One thing these regulations have in common is that they don’t restrict their data privacy requirements to emails sent from within their borders. If your emails are sent to subscriber inboxes within any of these states, you are deemed culpable for those violations and can be subject to hefty fines. Unlike previous legislation, such as CAN-SPAM and CASL, these new laws are not aimed specifically at email but are intended to address privacy issues across all devices, platforms, and services. They all do affect email because email involves the gathering of private data in the form of email addresses and, in some cases, names and locations. Each of these laws comes with its own set of restrictions, some more draconian than others.

More Restrictions

While some people might not care if everyone knows where they are every hour of the day, most of us value our privacy and like to have some say over what a company may or may not know about us. Accepting this and working with it is the best tactic for any email marketer. Try to game a subscriber’s private data was never a good idea, but all signs point to more restrictions and greater penalties for doing so as every country gets into the act. While there are no plans for upcoming legislation in this Congress, states such as California and Vermont have created their own stringent privacy laws and 2018 saw the passage of data breach notification laws in several states.

GDPR Arrives

The legislation that started the privacy protection ball rolling was the European Union’s General Data Protection Regulation (GDPR). This regulation set a high bar for an individual’s rights to access any data about them that a company gathers, as well as the right to have that data deleted (for more on GDPR, see our three-part series on the subject). It covers a staggeringly wide range of data—everything from a person’s email address to the geolocation featured in many digital cameras. It extends to any person living within the European Union, regardless of their nationality. If you send email to a person in the EU, you need to be GDPR compliant. Full stop.

California Picks Up the Torch

Taking its cues from the GDPR, the state of California came up with its own privacy regulation. Passed in 2018, the requirements of the California Consumer Privacy Act (CCPA) goes into effect January 1, 2020, and features many of the same restrictions as the GDPR, including the right to obtain one’s data from a company and the right to be forgotten. No other state has, as yet, passed such a strict law, but it looks like Washington State is set to follow suit with their Washington Privacy Act, which is also modeled after the GDPR.

As strict as the CCPA seems, it’s got nothing on the GDPR. The California law applies only to for-profit businesses, so nonprofits can breathe easy. Additionally, for-profit businesses need to have a gross annual revenue exceeding $25 million for the law to take effect, and your active email list must exceed 50,000 subscribers. It also only applies to tax-paying residents of California.

Brazil Follows Suit

In August of 2018, the Brazilian government signed into law the Brazilian General Data Protection Act (Lei Geral de Proteção de Dados Pessoais or “LGPD”). Like the GDPR, after which it was modeled, its scope is global, with companies in any country facing fines for violating its rules. As with the CCPA, the Brazilian law goes into effect in 2020. One notable difference between the GDPR and the LGPD is the latter’s inclusion of terminology pertaining to “non-discrimination”). It also addresses credit and health records with more specificity. Originally, the law had provisions for the establishment of an independent data protection authority, but the President rescinded that in a line item veto. The LGPD is more punitive than California’s law but less so than the GDPR. The maximum fine under the LGPD is 2% of a company’s Brazilian revenue up to 50 million in Brazilian Reals per infraction (about 13.4 million in U.S. dollars). Compare that to the GDPR’s 4% of an organization’s annual revenue or 20 million Euros (about 22.6 in U.S. dollars), whichever is greater.

And Then There’s India

Also getting in on the post-GDPR drive for stronger privacy controls, the Ministry of Electronics and IT (MEITY) in India has been hammering out its own privacy regulations—a process they started back in 2010. Following the 2017 Indian Supreme Court ruling declaring that privacy is a “fundamental right,” the MEITY finally got on the ball and drafted the Personal Data Protection Bill 2018 (PDP Bill), which contains many of the same features as GDPR, but with a few curveballs that already have companies crying foul. The main one is the requirement that all “personal data” on people residing in India must be maintained at a facility within India (although the bill doesn’t define what constitutes personal data—they’re leaving that up to the government). India isn’t the only country mandating such a restriction. China and Vietnam have similar restrictions, but neither of those countries could be considered free. Their governments exert a great deal of control over every aspect of data transfer and Internet use.

India, on the other hand, has a free market economy—some might say too free. It also has an online market second only to China in size, with close to 500 million Internet users. Restrictions making it harder for companies to conduct business aren’t welcome, and this requirement is already meeting with criticism and opposition. When the MEITY requested feedback on the bill, they received nearly 600 recommended changes, from both businesses and governments, including the United States.

Perhaps this is why, since its introduction, the government has had a few opportunities to pass the PDP Bill, but decided to wait until June 2019, after the new government is in place.

Congress Changes Its Tune

In 2009, U.S. Senator Patrick Leahy of Vermont tried to get his Personal Data Privacy and Security Act passed, but the bill never reached the floor. It was too much, too soon, and nobody had any idea yet the extent to which sites such as Facebook and Google would use personal data. Still, data privacy restrictions would be a hard sell in Congress, even today, if not for the increasing number of states tackling the problems on their own. All fifty states have laws concerning the reporting of data breaches, and 35 states have laws regarding the disposal of data. To complicate matters, the laws in each state are different. Some state laws apply only to business, while others only restrict the government, leaving private businesses to do what they want with your data. Some are quite stringent, while others are written in such general terms as to be virtually unenforceable.

Mostly in response to California’s legislation, the U.S. Chamber of Commerce and several other business-based groups are lobbying Congress to pass a federal omnibus privacy and data protection law that would pre-empt the CCPA and other existing and future state data protection laws.

Email’s Role in All of This

Unlike CAN-SPAM and CASL, this recent legislation doesn’t focus exclusively on email. In the case of GDPR, it regulates everything from website visits to in-camera geolocation. They all affect email marketing, although how much depends on your subscriber list. If your list is exclusive to the United States, and your gross revenues don’t exceed $25 million, then you can go about business as usual. None of the recent legislation will have that much impact on your email efforts. There is a lot more legislation on the books now concerning data breach notification, but that’s of more concern for the IT department than the marketing department.

If you have international subscribers or own a business that brings in over 25 million a year, we recommend you follow the rules of the GDPR. It is still the strictest of the current laws, so if you are in line with it, you should be fine for the others. For everyone else, there are a few things you can do to avoid problems. They include the following:

Make Your Terms Clear

Spell out in the clearest possible language exactly what you plan to do with the data you collect and make sure you include a statement to the effect that you will not use this data for other purposes or sell it to other companies.

Leave Boxes Unchecked

If you do any business in the European Union, this isn’t simply a suggestion, it’s the law. It’s less important in the States, but, like the single- vs. double-opt-in controversy, each approach has its supporters and detractors.

Respect the Privacy of Your Subscribers.

Email marketing is a double-edged sword. On one hand, we all like our privacy, but on the other, we also prefer receiving emails about things we are actually interested in. As an email marketer, the only datum you actually need is the email address, but, by itself, that makes for generic, “batch-and-blast” emails. Personal data helps improve the engagement and the receptiveness of your subscribers to your mailings. But don’t abuse it. Just because you can send an email saying “Hey Jill! I noticed you just visited our website fifteen minutes ago” doesn’t mean you should. It makes you look like a stalker, so avoid it.

The Ground’s Still Shaking

One thing is certain: This story is far from over. Right now, most of the fretting over the new laws has been a waste of time. How much they affect you is extremely variable. New legislation is cropping up in countries around the world every day and, as time goes on, it appears more and more likely that some national legislation in the United States will be enacted to bring the various states back into line. When that happens, we’ll take a look at this subject again.

The Goolara Blog

Email marketing topics in depth.

Category Archives: Email marketing

Coming Back After Quarantine

Remind Them Why

Common Ground

Start With the Best Bets

Things Change

Hey Google, Why’d You Do That?

What Happened Was…

The Effect on ESPs

Google’s Attitude

The Hidden Costs of Cloud Services

Moving to Azure: A Case Study

Azure vs. AWS

Our ESP has been hacked!

Prevention

Recognition

Finding the Headers

Conclusion

A Look Back at 2019: The Year in Email

Please Read my … Email

This Crazy, Upside-down World

A Browser is not an iPhone

E for Effort

Hurry, They’re Going Up Fast!

Self-Responding Email

Email as a Predictor of Business Honesty

Beanie and Switch

The Curse of the Template

Problems of the Past

I Talk Real Good!

Color Theory 101

Oops…Just Kidding!

Click Here to See This Picture, Again!

Dear Me

Blackboard Bold or Spam Folder Bait?

Drag-and-Drop Solutions

Testing… 1…2…3…

They call me Hell. They call me Stacey.

Sometimes an ampersand remains an ampersand

Ma, fetch me the magnifying Glass!

Hey! Who turned out the lights?

Unsubscribe? Good luck!

Click to go…Oops!

You Already Said That

Unclear on the Concept

Share this:

Remind Them Why

Common Ground

Start With the Best Bets

Things Change

Share this:

What Happened Was…

The Effect on ESPs

Google’s Attitude

Share this:

Why It Matters

The California Privacy Protection Agency

Don’t Add Data to Unsubscribes

Share this:

Moving to Azure: A Case Study

Azure vs. AWS

Share this:

List-Unsubscribe

Using “Via” Sends

The Link’s Reputation Score

The World of Apple

Email Apps

Conclusion

Share this:

Prevention

Recognition

Finding the Headers

Conclusion

Share this:

Please Read my … Email

This Crazy, Upside-down World

A Browser is not an iPhone

E for Effort

Hurry, They’re Going Up Fast!

Self-Responding Email

Email as a Predictor of Business Honesty

Beanie and Switch

The Curse of the Template

Problems of the Past

I Talk Real Good!

Color Theory 101

Oops…Just Kidding!

Click Here to See This Picture, Again!

Dear Me

Blackboard Bold or Spam Folder Bait?

Share this:

Share this:

More Restrictions

GDPR Arrives

California Picks Up the Torch

Brazil Follows Suit

And Then There’s India

Congress Changes Its Tune

Email’s Role in All of This

Make Your Terms Clear

Leave Boxes Unchecked

Respect the Privacy of Your Subscribers.

The Ground’s Still Shaking

Share this: