Companies known to disrespect your e-mail privacy

Mike Solomon, the author of the fantastic PithHelmet for Safari, writes of "Email Disrespect".

For a while, I've implemented a system for tracking companies which sell your email address to other lists for nefarious spam purposes. Periodically, I do some basic analysis to see who's evil and who's not. The latest confirmed offender is Cingular - a cellular (mobile) phone service provider. I don't recall ever asking for information about an extended cruise vacation. Considering I'm reasonably afraid of large bodies of water and nautical devices in general, it seems unlikely that I would have said "yes, please sign me up for something I couldn't possibly be interested in."

It looks like Cingular is in league with some direct marketing (spam) organization called local-newswire.com. I guess I know a new domain I can safely add to my PithHelmet rules.

I haven't looked terribly hard, but it occurred to me that I don't know of a list out there of the companies that are known to do this. And by "this" I mean that, when given your e-mail address for the right to use their service, will then sell your info to other companies.
This is a fairly common thing and many sites have to express their privacy info - letting you know that they may sell your e-mail address to companies in order to make money, but won't give our your financial info... something along those lines.
The "good guys" will either not do this at all (it is hard for the clueless suits high up in the company to overlook potential revenue when they don't understand all of the nuances of the net annoyance factor it creates against them), or if it is done, they will offer (and act on it) an opt-in/out system so that you aren't abused by being one of the users/customers.

This of course is a non-trivial thing to track. On a single user basis, if you have an account with a domain name - say spamblogging.com - frequently you can setup many (if not unlimited) e-mail addresses at that domain. (In fact, frequently anything sent to that domain will reach a single address.)
If that is the case, you could have one called "EricCingular@spamblogging.com" or something like that - customized for each company you deal with. They all come in to the account, so you can use them (assuming you don't have them blocked - I block mine for the most part). But then if you start getting spam into that, you know that you were sold out.

Were there a site that tracked this, that could then be submitted and then when some threshold has been reached/surpassed (meaning N users have submitted them as companies that give out the info), they are officially considered jerks.

This list could then be referred to - something along the lines of epinions - to see if the company that you plan on dealing with is trustworthy or not (at least in terms of information that you give them and the privacy of that).

The main problem that comes from that is that a site might be totally disinterested in selling your information, but if it is publicly available in anyway, then the automated bots that are out there could scan over their site and harvest the data that way.

Posted by Eric at May 8, 2004 03:54 PM | TrackBack