from Hacker News

Email marketing regulations around the world

by jonathanbull on 2/6/23, 4:25 PM with 28 comments

  • by kevincox on 2/6/23, 5:45 PM

    I live in Canada and I find it ridiculous that email without consent is illegal, phone calls without consent is illegal, but sending physical mail is perfectly fine. It makes me sad the amount of trees that must be cut down, shipped to a factory, processed into paper (with some hash chemicals), shipped to the printer, printed then shipped to me. Only to be thrown into the recycling unopened to be shipped to the recycling plant, then reprocessed to start the cycle over. It is just disgusting waste.

  • by legitster on 2/6/23, 5:19 PM

    This is missing out a lot of subtleties that a legal team might care about.

    I have been a part of multiple companies trying to make a "harmonized" global opt-in policy: basically figure out any set of marketing preferences where we could get away with collecting information without first knowing the user's country - even if that meant more conservative marketing opt-ins.

    In each case, we could never figure out a single-method for collecting explicit opt-in that worked worldwide. The standout countries always being some combination of South Korea, Germany, Russia, or Brazil.

  • by nerdo on 2/6/23, 4:54 PM

    CAN-SPAM is unenforced afaict. You can still take action against bad actors by signing up with old abandoned email address(es) though. ISP's will have converted them into spam traps and will subtract a higher amount from their sender reputation.

  • by lbriner on 2/6/23, 5:10 PM

    GDPR (EU and UK) is much more nuanced than this makes out. For example, there are a number of legal bases that can be used to process someone's personal data.

    For example, "Legitimate Interest" can be used if there is a reasonable way that the usage could be foreseen like sending a "How did we do" email after somebody buys something. Unfortaunately, this is not well-defined in the regulations so, for example, one company I came across got my information from Linked In, sold it to other businesses and those directly contacted me to sell something on the basis that the vacuuming company had a "legitimate interest" in selling my data i.e. it's how they made their money.

  • by helloguillecl on 2/6/23, 5:31 PM

    Question: How do I prove to the authorities that a subscriber has given consent?

    I imagine that an attribute on my "users" table is not enough?

  • by butz on 2/6/23, 8:59 PM

    We probably need a similar list of all different privacy laws.

  • by brianjking on 2/7/23, 1:10 AM

    Wowwww, thank you!