Ask the Expert

Preventing unauthorized email issues from hindering an organization

A recent prediction from Symantec Corp. said, "As the economy continues to suffer and more people seek to take advantage of the loose restrictions of the CAN-SPAM Act, we'll see more organizations selling unauthorized email address lists and more less-than-legitimate marketers spamming those lists." Under what circumstances could your organization do this legitimately, and what can you do to make sure this doesn't happen?

    Requires Free Membership to View

This question is as much about ethics as it is about the information security threats posed by sending out legitimate commercial emails. Commercial, unauthorized email has its place on the Internet, but you must protect your organization from crossing the line and becoming a spammer.

Organizations can buy a legitimate commercial email list in several ways. Infosec pros should develop relationships with marketing departments, and integrate themselves into their projects. This doesn't mean constant communication about all of the details, but if there is a question of technology use, the IT department should take action to ensure the information security risk is minimized for the organization. This could mean explaining to the marketing department that using the list they bought on the black market could have negative repercussions, such as reputation loss or being put on spammer blacklists. Companies can also buy or rent a list through legal means, or get access to addresses by sponsoring an event like a seminar or conference and making it clear the participants' contact information is going to be used for marketing purposes related to the event.

Make sure the marketing department is only purchasing lists from legitimate businesses, and scrutinize the terms and conditions under which the email addresses were collected. Then, be sure to honor the original terms and conditions when sending commercial email to the list.

This was first published in May 2010

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: