A couple of weeks ago, I got an email from a division of one of the country's best known direct marketing agencies, informing me that I'd been identified from within their database as a technology buyer and influencer, and that certain criteria led them to conclude that their clients would also like to contact me directly about technology purchases. That is, they were about to start selling my name to their clients.
The email I received, however, wasn't sent to me. It went to a catch-all address for the domain, set up to capture messages sent to any email address I made up. You could send an email to email@example.com and I would have received it (I know because I've used that one). The actual email went to Monica.Sanchez@thisdomain.com.
Only it didn't actually go to Monica.Sanchez@thisdomain.com. I just made that domain up by way of example. The real domain was GamJams.net, which is a blog I run on bicycle racing, as a hobby. There would be little reason to identify anyone at the URL for this blog as a "technology buyer and influencer," much less Monica Sanchez, whom I have never heard of and whose email address has never existed at my domain.
Only I didn't actually receive an email. I received 11 -- to Mike Demmitt, Jeni Atkins, Lonnie Kramer, Chris Dawson, CTenney and half a dozen others, all of whom do not nor have they ever had any affiliation with my little bicycle racing blog or its technology purchases and influences.
So I did what any columnist sniffing a story would have done. I fired off a strongly worded email to the address provided for unsubscribe requests, identifying myself and asking for an explanation for how these addresses ended up in their database.
A few days later I received a phone call from someone managing this particular product for the very well-known direct marketing agency. When I asked him how GamJams.net was identified as an organization containing a technology buyer and influencer, he replied that it was a proprietary methodology that follows industry best practices. When I asked him how he determined these eleven fictional people were technology buyers and influencers at my domain, his response was that they don't discuss how their database is constructed, but that they certainly follow industry best practices. I also asked him if his clients would be happy knowing that they were buying a list full of people who don't exist at a domain with a technology budget of about $24.99 per month. His assured me that the domain was suppressed from future mailings, as per industry best practices.
I get a lot of spam - we all do. My outrage with this company was not so much that they were going to fire off a lot of unwanted messages to my domain, but that if I hadn't taken the time to respond and unsubscribe eleven times, they would have sold these fictitious address to their clients. Their clients are the ones who would suffer damage to sender reputation and receive the spam complaints, and pay handsomely for the privilege. They probably still will as it's not likely my case was an isolated incident, eleven times. Yet this large and well-known direct response agency insisted that by notifying "subscribers" in advance and providing an opt-out, they were compliant with CAN-SPAM and adhering to best practices.
Here's the thing about best practices - more often than not, they don't represent the best course of action at all. Rather, they are a minimum standard of acceptable business behavior. Was this company operating within the law? Probably. Would I want to be their client? No way, not ever.
When it comes to the law or best practices, email marketers shouldn't even cut it close. Subscriber relationships are too dear to jeopardize for a near-term gain. Being on the right side of the law can still put you on the wrong side of common sense and laudable business judgment.
We should all be suspicious of our own best practices. Are we using the term to mean "the best we can," or merely "what we can get away with because everyone else is doing it"?