• @[email protected]
      link
      fedilink
      English
      182
      edit-2
      1 year ago

      I’ve been wondering this myself so I just went ahead and read the FCCs CAN-SPAM business compliance guide.

      This is 100% a violation. As per section 7:

      You must honor a recipient’s opt-out request within 10 business days. You can’t charge a fee, require the recipient to give you any personally identifying information beyond an email address, or make the recipient take any step other than sending a reply email or visiting a single page on an Internet website as a condition for honoring an opt-out request

      OP could probably threaten a lawsuit and their practices will change quickly. That’s assuming the company does business in the US…

      edit: just realized this is stubhub. this smells like a lawsuit waiting to happen

      • @[email protected]
        link
        fedilink
        English
        1041 year ago

        There you have it.

        When I’ve been in OP’s situation, I filed a complaint with the FCC, performed a whois lookup on their site to send emails to the abuse/spam emails of their DNS registrar and host and inspected the email headers to email their email provider’s abuse/spam account(s). I’ve not yet had cause to reach out to my attorney general’s office when I’ve had a company violate CAN-SPAM, but it’s an option.
        I also make sure each company knows there’s a pending CAN-SPAM complaint. I keep it convivial, but serious. “Hey, just letting you know that one of your clients is violating your terms of service and the law! A complaint has already been lodged with the FCC. Toodeloo!”
        That bit of knowledge tends to shift the interpretation of your complaint from “annoyed nerd” to “someone politely informing you that you’re going to get skull fucked by the long dick of the law if you don’t fix this ASAP”

        It may sound sort of excessive, but I’m a bit of a consumer rights absolutist.

          • @[email protected]
            link
            fedilink
            English
            221 year ago

            I’m currently fairly ill (likely RSV, if the expired COVID tests are to be believed) and this is day 6 of moderate to severe insomnia.

            A state of semi-delirium must be a good look for me, because I have received more complements on my writing in the last 3 days than I have in the last several years.

        • @[email protected]
          link
          fedilink
          English
          31 year ago

          The registrar can’t really do anything, and the service they use to receive email (what you’d see in the DNS MX record) is often totally different to the service used to send marketing emails. You’d need to look at the Received headers of the email to figure out where it was sent from. For example, a lot of companies use Office 365 or G Suite for corporate emails, but something like Mailchimp or ConstantContact for marketing emails.

          • @[email protected]
            link
            fedilink
            English
            31 year ago

            So, here’s my reasoning -

            Inspecting the headers will let you see where the email came from - if it came from MailChimp, then you email the MailChimp abuse folks, who can apply their abuse policies. And the DNS registrar has the keys to the kingdom. Many registrars have terms of service that forbid using their service for spamming. That ought to include emails associated with the domain, no?

            In the end, there’s a high likelihood of no real action being taken (not without a volume of complaints), but if the righteous wrath feels righteous, do its outcomes have to be righteous?

        • @ExhibiCat
          link
          English
          21 year ago

          Assuming of course that the FCC is interested in skullfucking small fry. I kinda doubt that.

          • @[email protected]
            link
            fedilink
            English
            11 year ago

            Shh! We’re supposed to ignore that nearly all power is granted by fiat, and the government hardly enforces its duties to the common citizenry. It’s merely the threat of enforcement that keeps people in line.

            • @[email protected]
              link
              fedilink
              English
              21 year ago

              Even your local police on the front lines have no legal obligation to protect and serve individuals. Instead they use their individual judgment and discretion. Good luck with the government itself!

      • @[email protected]
        link
        fedilink
        English
        31 year ago

        You must honor a recipient’s opt-out request within 10 business days.

        Oh, this explain why they say “may take up to 10 business days.” Why do they have two weeks to remove a name when it can be done near-instantly? It’s not like a person is manually removing every single name that opts out.

      • @[email protected]
        link
        fedilink
        English
        31 year ago

        This is also why companies include their mailing address in the footer of emails - it’s one of the other requirements.

        • @[email protected]
          link
          fedilink
          English
          31 year ago

          I’d say no since it is how pages are loaded and those likely interpreting the law including the user see a visual page change / transition it it would be considered another page since they’d likely not understand what SPA is.