MAPS and Experian Settle Lawsuit

dbrower writes: "Experian is trumpeting a settlement with MAPS here, where MAPS agreed not to blackhole them without a court order, and agreed that Experian didn't need to do opt-in. Looks like a loss to me."

Re:Double opt-in? What the hell?

[Todd Knarr]

Think about what happens if someone else subscribes you to a mailing list with a high volume. Single opt-in means your mailbox starts getting filled up with mail without giving you any chance to avoid it. Do you really want to enable people to kill your e-mail easily by just signing you up for a few dozen multi-megabyte-per-day single-opt-in mailing lists?

The people´s internet?

[andres32a]

"In addition, neither Experian eMarketing nor its clients will be required to employ the practice of double opt-in (process by which a consumer must reaffirm their permission before they are added to an e-mail list) demanded by MAPS in November 2000." This is just amazing. They shut down napster while they still allow Experian to continue SPAMing. Is this really the internet we all want??? Will this be the kind of legislation we will be seing over the net??

Experian needs to be fought, not just for e-mail

[Anonymous Coward]

When I read this story, I was floored by the pandering to the behemoth that is Experian. For those who don't know, they're the company that takes about one minute to damage your credit for the next seven years due to a complaint, but several months or years to get the complaint reversed when it was mistakenly done. Obviously they are business and not consumer oriented. I didn't know they were in the e-mail business, but I wouldn't be surprised if they're not correlating their credit info databases versus e-mail to provide us such wonderful services as 27% APR credit cards and the like.

How to deal with this? I will be calling them at 1 888 EXPERIAN (1 888 397 3742). I also found a response form at http://www.experian.com/cgi-bin/mail_page/form?cat egory=o [experian.com]. Voice your displeasure over this travesty of justice and continued trampling of consumer rights!

Re:Double opt-in? What the hell?

[Anonymous Coward]

The realistic problem is that if spammers could claim legitimacy by being single opt-in, they'd just claim they got your address when you (or someone else) requested you be added. What, you want to be removed from their list? Sure no problem... *wink* *wink*

Double opt-in is the only method that lets YOU as the user have a real way of saying yes or no and holding onto your own email address. Honestly, meaningful opt-in doesn't even start before double opt-in. And single opt-in can be WORSE than opt-out because of the pretended compliance scenario cited in the first paragraph.

well... where do we go from here?

[digitalmuse]

"We are very pleased with the settlement agreement and believe it reflects the validation of Experian's e-mail marketing standards and that we remain at the forefront of consumer privacy and protection,'' said Tom Detmer president and general manager of Experian eMarketing Services. ``This settlement confirms that the privacy practices we have in place are responsible, accountable and in the best interests of the public and the marketplace. We will continue to offer the double opt-in solution for those clients who determine it is the right permissioning practice for their business."
well, since we will only be seeing more cases like this in the future as these spam-whores use the courts as a shield to protect themselves from MAPS and other public-service mail filtering tools, what are we going to do from here?
I for one would be quite interested in finding a listing of companies that have fought these charges in court and through miss-representing their datum and hiring bigger and better lawyer-weasels, have made themselves immune from public ban lists. Does anyone know of any existing services like this? I for one would be glad just to have a plain html listing of folks like Experian who have won in the courts to keep them selves off of RBLs and the like. I'd be even more keen on a nice XML page that I can parse with a quick script and have update my mail-server's ban lists. anyone want to make me a very happy admin? c'mon, please?

Re:Double opt-in? What the hell?

[Reality Master 101]

What gives you the right to tell a sysadmin what they can and cannot block?

Because ISPs are lazy like everyone else. They will just trust that MAPS has not become corrupt.

Put it this way: do you think Experian should be able to publish anything they want about a person regardless of accuracy? After all, banks have the choice whether to use Experian or not.

This is actually pretty real world, because all three credit agencies suck when it comes to accuracy (which is not surprising when you have 150 million records). That's why they need government regulation because of the power they hold.

Believe me, I am very anti-government regulation, but blacklists of any kind are very apt to be abusive.

Re:I don't get it!

[Velex]

MAPS only maintains a database that provides information to others, who seek that information. That database expresses an opinion: in the opinion of MAPS, the networks listed in the database are suspected of passing through or generating spam. Shouldn't this be protected by the First Amendment?

The First Amendment is merely a bunch of words on a piece of paper. It can't protect anything. Instead, it is the people that protect their own liberties of free speech. What this decision means is that the people, unless they resist (which they won't), have allowed their government to become more of a corporate republic than a democratic republic.

Welcome to the Corporate States of America, where the corporate right to censor out trumps the individual right to press. In the year C.E. 1791, the people believed that every person had the right to speak and publish his mind freely, so they drafted and ratified the Bill of Rights as their supreme law of the land. The times have changed however. To become a valuable player in the world of fast-paced business, like those corporate-sponsored business classes promise you will become, you must become submissive to the will of the corporation you subscribe to. The Bill of Rights is antiquated by this new workplace, where it is common for people to think of employment as selling themselves to someone they hate, doing something they don't like, for a cause they don't approve of. In the Corporate States of America, the people don't believe in the right of free expression, so it atrophies and disappears like an unexercised muscle.

For Libertarians such as me, it is a very distressing thing to see such egalitarian fervor which was displayed at the outset of the United States of America wither into the Orwellian, business-driven culture expressed in that same country today. Unfortunatly, we Libertarians and egalitarian thinkers are a minority, and it seems as though, in the wake of September 11, our goals will be shattered by a powerful majority, whose corporations and sometimes families have been damaged by the unseen enemy. It seems futile to resist; sometimes I only wait until I am assymilated.

But I know that I won't be. I believe steadfastly in egalitarian Libertarianism, which forbids this kind of bullying by corporations against disinterested parties. Simply because some advertiser can buy law-expert whores shouldn't give them the right to censor an organization that can't buy the same whores to do battle. Apparently it does, because the judge is incompetent. The judge was appointed by a president who was incompetent. The president was elected by a people who are incompetent.

Re:do i understand this correctly?

[Anonymous Coward]

MAPS provides a list of known spammers.

No, MAPS provides a list of alleged spammers. Alleged, convicted, and executed by MAPS, with no trial, no appeals process, no nothing. "Recognize that we are Net Gods or we block your email." Extortion, even if they aren't asking for money. Hell, they are asking for money -- they're asking for someone to take the time to "prove" a negative, which can take quite a long time, indeed (forever is about the longest time there is).

As a victim of MAPS (no, I'm not a spammer, I just was unfortunate enough to use an ISP that got on their shit list) I know what I'm talking about. MAPS lied to me, and I have the proof: They claimed to only block IP addresses, not entire domains, but my emails that were blocked were from a different subnet than the mailings they claimed were "proof" of spam from my ISP; hence they were not blocking just select addresses but my ISP's entire domain. Liars, plain and simple. Most terrorists are.

Just because MAPS claimed someone once used my ISP to send spam, my email was effectively shut down. Why should every internet user in the world obtain permission from MAPS to send email? Who the hell granted them this authority over the Internet? Nobody, that's who. If they can take unilateral action then so can anyone else. I deplore crackers shutting down legitmate sites, but if someone were to kill this nest of vipers I would consider the world better off. Far better off.

Re:I don't get it!

[benedict]

Corporatism isn't Orwellian -- Orwell's dystopia was a socialist one. It's more like _Brave New World_ than like _1984_. So it's, uh, Huxleian.

Re:I don't get it!

[btempleton]

If it's clearly an opinion, it is not defamation. If it could be viewed as a statement of fact, it can be defamation, unless of course, it's true. MAPS wordings have been more like factual statements -- these sites, they say, are known to send [some definition of] spam.

They might have felt at risk for a defamation ruling. Experian's own databases are highly regulated, subject to the Fair Credit Reporting Act, so they won't feel a lot of 1st amendment sympathy. Even with the FCRA, they are often wrong and hurt people getting credit who can't afford to sue.

I don't know the rules, but I could see trouble if you make a statement you claim is opinion, but everybody is treating it as a factual judgement. In this case, Experian claimed they have sent some 40 billion E-mails and MAPS admitted there were less than a dozen spam complaints. That's a lower ratio than just about any site out there, so this may have played a role, though if so, I don't know why they didn't settle earlier.

Article Summary.

[catsidhe]

From the article:

Experian enables organizations to find the best prospects and make fast, informed decisions to improve and personalize relationships with their customers. It does this by combining
sophisticated and intelligent decision-making software and systems with some of the world's most comprehensive databases of information on consumers, businesses, motor vehicles
and property...

Translation:

• Experian knows who you are.
  
• Experian knows where you are.
  
• Experian knows what you buy.
  
• Experian will sell this information to anyone who wants it.
  
• Experian wants you to be bombarded^H^H^H^H^H^H exposed to those advertisements which will be most suitable - or failing that, all of them.
  

and from the rest of the article:

• Anyone who thinks they have a right to protect themselves from our 'services' is gravely mistaken.
• Anyone who thinks they have a right to provide protection from our 'services' is gravely mistaken, and will be sued.
  
• Resistance is futile.
  

As far as I read this, it seems that Experian is saying that it is illegal to even provide the option of opting out.

Remember...

[SiMac]

Some times blackholing can indeed be inappropriate. Above.net (which may be owned by MAPS, I don't remember and don't quote me on that) blackholed sites like macromedia.com and ORBS.

Re:Free speech?

[dmarcov]

Because "spam" is technically commerce. The standard of protection for commerical speech is much lower than that for political speech.

Citations you might find helpful are Bigelow v. Virginia (1975) and the earlier Valentine v. Chrestonson (1942).

Posting a list of "spammers" is an inducement against commerce -- the reason for posting the information is to reduce commerical traffic, etc.

Middle ground.

[james_moriarty]

Has anyone stopped to read MAPS' press release [mail-abuse.org]? Here's an clip:

"Experian has committed to requiring their clients to provide them with lists which contain only those email addresses for which they have obtained the addressee's permission to send them email."

It appears that MAPS hasn't comprimised its values, it's just made them a little more reasonable. So what's the big deal?

Holy propaganda batman!
-Geoff

Re:MAPS settled

[Anonymous Coward]

Yes, spam sucks...but look at the examples you gave of how to ensure a spam-filled mailbox...all of those are like walking down the biggest public street in the world.

You are so ignorant! Here's an example of why spammers deserve to die a horrible, blackholed death. I maintain an email address that I do not give out to anyone but my closest friends and family, and my co-workers. Suddenly, one weekend I began receiving spam. Baffled, I reviewed the logs on our mail server. Turns out a spamming bastard ran a dictionary attack on our mail server, and eventually happened across my address. When no error was returned, they knew it was valid. Since then, I've received 4-5 spams a day.

It's pretty disgusting when you take great pains to protect your address at all costs, and these scum-sucking leeches still manage to get spam to you. Apparantly I have to start using an address like 03nf2-034f92nf3324n9f@whatever.com in order to avoid spammers...

the whole concept of black hole lists is just wrong. It's a "kill em all and let god sort em out!" solution

No, if I blocked every netblock but those that were known to be legitimate, THEN it would be what you describe. As it is now, they block those that are found to be spamming over certain netblocks. If you don't like it, find an ISP that doesn't use it, or setup your own mail server and deal with the overwhelming load of spam.

Blackholes like MAPS let ISP's avoid the high costs of spam.

Re:MAPS settled

[CharlieG]

Heck, I've always used my real email here, and on the usenet and my web page too. Yes the SPAM is annoying. I wish there was a Windows Client Side software that would tap into the RBL/ORBS etc

As it is, I deal with the 20 or so pieces of spam I get every day with the delete key

Re:Dynamic DNS Services get blackholed too!

[wayne]

MAPS decreases freedom on the net. [ ...] Thanks to MAPS its about impossible for me to send email directly from my server. Instead I am forced to use the email account of my service provider.

No, MAPS is not decreasing freedom on the net. Your right to throw a punch ends where my nose begins. You still have the ablility to attempt an SMTP connection to anywhere you want, and people who run SMTP servers, such as myself, still have the right to ignore you. You have no "right" to force people to accept your email, I have every right to use my property as I see fit. MAPS has every right to say what they want, as long as it is not libelous or desturbing the piece or breaking some other serious law. You and I are free to choose to listen to them or not.

Really, you aren't even seriously hampered by MAPS . You can still send email, all you have to do is use a machine with a fixed IP address and hasn't been involved in a lot of SPAM.

What you are doing is missplacing your anger. You should be mad at your ISP for its silly restrictions and costs of providing you with a fixed IP address. You should not be mad at MAPS, nor the people who choose to use MAPS.

Re: SPAM

[Kasreyn]

My ISP does not use MAPS and guess what? I am not flooded with spam. Not one bit. You do not need MAPS to avoid spam.

Oh really? I double-dog-dare you to go online, in chatrooms, read certain webpages and enter certain data, and have your email address unobscured on major websites like /. 4 months later, if you're not drowning in spam, then I'll apologize.

Put another way, there are three explanations for your not getting spam without MAPS: Maybe they're just not spamming you. Maybe your ISP is using a non-MAPS blackhole list (gasb! they exist). Or MAYBE the spammers just ain't NOTICED you yet, monkey-boy. New ISP means new email address, duhh.

-Kasreyn

Honestly

[macdaddy]

I can't see how this can be done. The way I see it, it's a violation of freedom of speech. If I say that I have a reason to not want to accept mail from spammer.com and I publicly state that, then that's my constitutional right. Really that's all they are doing. They are publicly saying that they won't accept mail from spammer.com or his netblock and they're making that known publicly. The method in which they let the public gain access to their list of people that thet won't accept email from is by DNS. If another said person of the public happens to decide that they trust my opinion on who I will not accept mail from and use my list of domains and netblocks as their own, then they are excercising their freedom to express themselves. I'm not forcing them to do it. They trust my opinion and that's that. To me it's really that simple. It's nothing more than a car magazine rating a given year's new models and expressing their opinions. If a writer for Car Magazine says that he personally doesn't like car A because it doesn't come in pink and I as a consumer have always based my purchasing decisions off of what that writer believes, then is he at fault just like MAPS? No, the writer isn't. He expressed his opinion and I decided to trust his opinion. If a buddy of mine tells me that he received spam from newspammer.com and I either a) trust what he told me or b) he proves to me that they spammed him (with the message and headers) than there's no reason why I can't trust his opinion and add newspammer.com to my list as well. If I decide to add a way for a spammer to have his domain removed from my personal list then there isn't any reason why I can't. If I say they first have to wear a baby blue tutu and cowboy boots and run through the streets of Dallas before I'll remove them, that's well within my right. After all the list is mine, not there's. I'm entitled to my opinion. Does anyone else see it as simply put as I do? To me it's just that simple.

I'll tell you one more thing that's very simple. Experian has earned a very simple and very permanent REJECT entry in my Sendmail access lists. Simple.

Sysadmins don't forgive. Sysadmins don't forget.

[KMSelf]

Rick Moen has a standard message [crackmonkey.org] for those who would sue MAPS. You see, MAPS actually wins by losing.

Time to update those DNS records and MTA rulesets, people.

My own last message to Experian:

Subject: Experian settles with MAPS -- Welcome to the Blackhole of Death

You've been added manually.

By me.

By 100,000 other sysadmins.

Or is it only 10,000?

Or is it 1,000,000?

Who knows?

But you're in named.conf.

You're in Sendmail, Exim, Qmail, Postfix, and Exchange reject rulesets.

And you'll never get out.

Ever.

Because.

You sued MAPS.

You can't root us out.

You can't make up, fly straight, and appeal your listing.

You lost by winning.

Welcome to the Black Hole of Death.

Remember: no one can hear you.

And no one cares.

Re:They didn't say there's no opt-in

[PacMan]

They said that they don't have to use a double opt-in. In other words, no confirmation step of the opt-in.

So you think it's OK to allow me to go to their site and "opt-in" with your email address?

That's what removing the confirmation step allows.