Confirmed Opt-in in the Wild

Every once in a while I have to inform somebody that it is necessary to move their signup process to confirmed opt-in (aka double opt-in) to fix a delivery or blacklisting issue. Not everybody wants to do it. Some folks will tell me that they shouldn't have to do it because nobody else in the whole world does it.

Turns out, that's just not true.

I run across lots of sites utilizing COI/DOI as part of their email list signup process. Here's one I ran across today: Cook Brothers, a large discount retail store located here in Chicago. They claim to "Stack em Deep and Sell em Cheap." Not sure if that's true, as I haven't checked the store just yet. But having just signed up for their email list, I can tell you that it does indeed utilize confirmed opt-in. Check it out for yourself.

Email Append Gone Wrong

Way back in June 2012 on the Strongmail blog, Deliverablity Strategist Sean Wirt shared a tale wherein he was email appended in to mailings from a credit union somewhere in the US.

What we seem to have here is a financial institution guessing at somebody's email address and adding them to a mailing list or notification process without his explicit consent. What if they started sending him overdraft notifications? They'd be providing the consumer's personal information and data to the wrong person, an unrelated third party.

That's pretty scary.

Sean says the moral of the story is, "Don't append!" I couldn't agree more.

More Misdirected Messages

In what may become a recurring theme, Consumerist reports today about a financial institution sending daily emails to somebody who is not actually a customer of that institution.

If you're sending valuable transactional notifications via email, here are a few questions that I think you should be asking yourself:
  • How do you verify that the owner of an email address is truly the person who submitted that email address?
  • What are your company's policies and procedures for addressing these kind of issues when they occur?
  • Do your customer service representatives know of these policies and are they able to assist when the aggrieved subscriber contacts your company?
When you ask yourself these questions about your own company, what answers do you come up with?

Thinking about this kind of issue gives me the screaming heebie-jeebies. I hope there isn't anything in any of those email messages that could be considered personally identifiable information.