You must honor a recipient’s opt-out request within 10 business days. You can’t charge a fee, require the recipient to give you any personally identifying information beyond an email address, or make the recipient take any step other than sending a reply email or visiting a single page on an Internet website as a condition for honoring an opt-out request
OP could probably threaten a lawsuit and their practices will change quickly. That's assuming the company does business in the US...
edit: just realized this is stubhub. this smells like a lawsuit waiting to happen
There you have it.
When I’ve been in OP’s situation, I filed a complaint with the FCC, performed a whois lookup on their site to send emails to the abuse/spam emails of their DNS registrar and host and inspected the email headers to email their email provider’s abuse/spam account(s). I’ve not yet had cause to reach out to my attorney general’s office when I’ve had a company violate CAN-SPAM, but it’s an option.
I also make sure each company knows there’s a pending CAN-SPAM complaint. I keep it convivial, but serious. “Hey, just letting you know that one of your clients is violating your terms of service and the law! A complaint has already been lodged with the FCC. Toodeloo!”
That bit of knowledge tends to shift the interpretation of your complaint from “annoyed nerd” to “someone politely informing you that you’re going to get skull fucked by the long dick of the law if you don’t fix this ASAP”
It may sound sort of excessive, but I’m a bit of a consumer rights absolutist.
That last paragraph is art
I’m currently fairly ill (likely RSV, if the expired COVID tests are to be believed) and this is day 6 of moderate to severe insomnia.
A state of semi-delirium must be a good look for me, because I have received more complements on my writing in the last 3 days than I have in the last several years.
Get well soon!
A state of semi-delirium has given us some of the greatest artists the world has ever seen. Just look at Stephen King. Or Picasso.
Stop licking public restrooms, it's not worth it!!!
The registrar can't really do anything, and the service they use to receive email (what you'd see in the DNS MX record) is often totally different to the service used to send marketing emails. You'd need to look at the Received headers of the email to figure out where it was sent from. For example, a lot of companies use Office 365 or G Suite for corporate emails, but something like Mailchimp or ConstantContact for marketing emails.
So, here’s my reasoning -
Inspecting the headers will let you see where the email came from - if it came from MailChimp, then you email the MailChimp abuse folks, who can apply their abuse policies.
And the DNS registrar has the keys to the kingdom. Many registrars have terms of service that forbid using their service for spamming. That ought to include emails associated with the domain, no?
In the end, there’s a high likelihood of no real action being taken (not without a volume of complaints), but if the righteous wrath feels righteous, do its outcomes have to be righteous?
This is also why companies include their mailing address in the footer of emails - it's one of the other requirements.
Are single page apps considered one page?
I'd say no since it is how pages are loaded and those likely interpreting the law including the user see a visual page change / transition it it would be considered another page since they'd likely not understand what SPA is.
More generally, are single page apps legal? And if yes, why?
Because they are useful and provide a good experience to most users
You must honor a recipient’s opt-out request within 10 business days.
Oh, this explain why they say "may take up to 10 business days." Why do they have two weeks to remove a name when it can be done near-instantly? It's not like a person is manually removing every single name that opts out.
I guess below in another comment that was answered. Send it to their registrar.
With a lot of people using free email services, most have some report button. What this does is flag the specific email as potential spam that you specifically do not want to see. With enough people doing that, the probability of the email and subsequently the source domain being spam and spam generators goes up. High probability means the emails may end up in the spam folder without hitting your inbox.
There's a bit of fine tuning email marketing can do to mitigate that, like not sending emails too frequently. But that's not a passive thing they can do, which is why there are teams devoted to email marketing specifically at some companies.
The worst thing for a marketeer is to be dumped in spam. No one will ever see it or any future emails.
Yeah I had to do this to a couple lists because I have a very simple email address that gets added to things all the time, but if it's really irritating to unsubscribe, I just click my email settings to report spam or fishing, and that usually creates an automatic filter for that center so you never get bothered again.
You can manually create a filter in the settings to send all their messages to trash or spam if you want as well.
Yeah any emails that don't have a simple Unsubscribe link, just hit Report Spam. It's surprisingly common.
I just report spam and block these types. It's a them problem, not a me problem.
If it has been particularly frustrating for me, I'll even go out of my way to block the whole domain.
Report spam and block. They've lost emailing privileges.
I've seen many a clutched pearl at the suggestion of doing this.
Fuckin, if it's a problem for me to treat emails I don't want like that, then they need to stop sending so goddamn many. I get maybe 5 emails a week in actually looking for, and that's extremely generous. 5 a month would be just as believable.
I probably get 100+ emails a week.
Think of your inbox as a garden. You must tend your garden or weeds will spring up.
The only ones upset at your approach are the problem anyway.
100/week? I just checked my personal and work inboxes for yesterday (Jan 2), and recieved 93 emails.
I have had 35 so far today (its 9.30am in my time zone)
That's one of the most unethical ways to have users unsubscribe, and it's done on purpose.
Companies who do that should get DOS attacked until their email infrastructure crumbles.
Everyone to their stations!
report as spam in gmail works better :)
It seems that the user still wants to use stub hub. They just dont want the torrent of marketing emails. Marking as spam might block emails they actually want.
The user says they forgot their password and don't care, it's unlikely they still use the platform.
It seems i was mistaken. My bad.
Mark it as spam.
Are there any lawyers taking on cases like this? Cause I'd consider donating to a patreon if someone was out there fighting the good fight
Welp I do appear to be wrong.
What standing do they have?
The spam act says they need a functioning unsubscribe link to be compliant, judging by what OP said the link worked and the company wants to verify the account before unsubscribing.
It should not ask for more information than the email address also it should be on a single page or a single email reply.
Seems like they're going to be blacklisted from Gmail if they continue like this. From February all mass mail directed to Gmail need to have single click unsubscribe or they'll ban the server and reject all mail (even legit mails)
This is why I use a random email for every service that I can simply turn off on my end if they don’t behave.
You can also create aliases on most sites by adding a + and a suffix to your email
And then if you get fed up just set up a filter to put everything that comes to that specific address into the trash
But the thing to do is that if they dont send you a link that automatically undubscribes you is to mark it as spam
A lot of services won’t let you use the +, and it’s also trivial to get rid of the extension with Regex.
You can also create aliases on most sites by adding a + and a suffix to your email
You can never disable those aliases, though. The best you can do is write a filter that sends them to trash. With a good email alias system, you can actually disable an alias, so that emails to it just bounce back.
Many services just strip out everything at the + so I instead have a catchall account use email addresses like sitename@example.com. For addresses that start getting spam, I add them to a config in rspamd that bounces them. (I self-host my email server)
This is where you say you are living in the EU and have the right to be removed
It's called StubHub because this feels as bad as stubbing your toe.
I got an email that was spam/marketing for one of my accounts. This is a copy paste:
This notification email has been sent to you as part of your REDACTED benefits. You will continue to receive these benefit notification emails even if you have requested not to receive commercial emails for this account.
Needless to say, I simply called and cancelled my account. When asked why, I told them that I don't want spam emails from them for marketing or for "benefits".
Without knowing the details, it's hard to say. Yes this could be a spam tactic but various industries have laws saying they have to contact their users/clients/customers if they make a change- e.g. your bank has to notify you of new charges.
Not a defense of someone using this to scam, but an explanation of why that language might be used if legitimate.
It was for them having a sale and giving me an extra $50 off if I use my card.
Recently Gmail has had a big pretty unsubscribe button at the top of all my emails like this.
This means that the sender includes a list-unsubscribe header, which is supported by a lot of email clients. Not sure if StubHub does this, but it's worth checking.
Most providers that adhere to the CAN-SPAM act should have a List-Unsubscribe header since they generally allow unsubscribing either by clicking a link or by sending an email.
Set up a small raspberry pi device that is.programmed to constantly spam them with nonsense emails and give it a decent battery and casing and hide it near somewhere with public wifi.
Maybe tie it into that Wisdom of Deepak Chopra text generator or something.
If you can even find an email to spam, all you're going to do is get the IPs of the public wifi blacklisted. Whatever department at StubHub is sending those emails will probably never even know.
Same thing happened to me with monster jobs. I just blocked their emails.
Oh monster was the worst! I signed up well over 10 years ago and had unsubscribed several times over multiple months once I found a job. They still would send emails 5 days a week. I blocked them and will never ever use them again because of their awful spam. If anyone's curious, I did not find the job through monster.
If this was Europe you could sue them ¯\_(ツ)_/¯
What I do with these sometimes is replying to the e-mail itself with a message that has only the text unsubscribe in all caps. Might add that to the subject as well.
Sometimes it works.
You mean you like to verify that you are seeing and paying attention to their marketing emails?
I used to manage an email queue that collected both GDPR requests and responses to marketing emails and saw a fair number of those. Many companies have it setup to forward responses to marketing emails to a support queue somewhere, but some don't
You need a platinium level subscription to be able to unsubscribe. The entry level subscriptions don't have that option.
Upgrade now for a small monthly payment of 49.99!
Only $500 if billed annually (16% savings)
!aboringdystopia
Only $500 if billed annually (16% savings)
Glad this is highly illegal in the European union.
Doesn't stop this happening to you though.
I send out tonnes of GDPR threats to these companies and I wonder if they go anywhere
They will at a minimum once you forward a CC complaint to the GDPR office.
Agreed. Don't make a threat - just make the GDPR complaint. Inform the company if you want. How many times have you remembered to follow up on one of those threats to see if you should still make a complaint?
I was just dealing with this infuriating issue as well! Besides marking it spam, and giving the app a bad review, I was able to wvwbtuyfibd a setting near my email address/contact info that said something along the lines of don't email me anything - it's really not that obvious (I remember it was just text that was underlined).
Good luck finding it! Let me know if you don't
I was able to wvwbtuyfibd a setting
... What?
At least it loads. Some of the links i click to unsubscribe just won't work at all
Happens to me too, but it's usually Pihole or a browser extension
Some of those are actual spam, and their domain has been shut down due to their spamming.
Those are usually the illegal or low value adverts - dick pills and "luxury watches"
Yep Report Spam in that case.
Reporting as spam is your best tool. That keeps you from seeing them and hurts their deliverability which they VERY MUCH care about.
Even worse is when you need to log in
Never trust anyone who thinks 'traffics' or 'emails' is a correct noun.
Btw, be careful that you only unsubcribe from services/pages you actually subcribed to or have a login there.
The others are fake to get to know that this address is alive and send you even more spam/sell that data point.
World of Wartank and Warship for me
A bit of a devil's advocate: requiring a login prevents someone from unsubscribing a user who actually wants to receive the messages.
Github does the same. You can't unfollow threads without logging in.
Microsoft has really messed up GitHub. Logs you out automatically if you haven't visited in a few days, constantly asks you to verify your 2FA, and the new feed makes it extremely difficult to track engagement on your own projects.
The worst one for me is that they allow you to view your recovery keys any time - IMO this is a really bad practice, recovery keys should only be shown once after a user has set up 2FA
Probably going to move to Codeberg since I'm seeing a lot of projects making the jump over there, but the real solution IMO is a federated version control system
A few weeks ago, I got a new laptop, and GitHub just denied me logging in. I had to use the recovery code.
I was extremely angry because I entered the 2FA codes right, and it always just said unable to login.
Silly you. There's a saw, and a chain traping your leg. You know what to do. You have one hour before your pretty thermite necklace detonate. Good luck.
Never click an unsubscribe link.
They are used to confirm your email address is active, which sell for more to spammers.
Just mark the sender as spam, if your mailserver is any good, it should auto block senders whom are tagged like that too much.
In EU at least they're required by law to have working unsubscribe links that actually unsubscribe you, otherwise they risk getting huge fines, i understand that in California things are not too far from this but no idea about the details
This is the case across the whole US, as part of some legislation called the "CAN-SPAM act". I think the person you're replying to is talking about fake unsubscribe links in malicious emails.
Just mark the sender as spam, if your mailserver is any good, it should auto block senders whom are tagged like that too much.
It's extremely unlikely that any email provider would block a big service like Stubhub.
If it's a sender you've done business with and just don't want emails from any more then the courteous thing to do is use the Unsubscribe link.
Sounds like they want to be marked as spam
I’m pretty sure this against FCC regulations.
I've been wondering this myself so I just went ahead and read the FCCs CAN-SPAM business compliance guide.
This is 100% a violation. As per section 7:
You must honor a recipient’s opt-out request within 10 business days. You can’t charge a fee, require the recipient to give you any personally identifying information beyond an email address, or make the recipient take any step other than sending a reply email or visiting a single page on an Internet website as a condition for honoring an opt-out request
OP could probably threaten a lawsuit and their practices will change quickly. That's assuming the company does business in the US...
edit: just realized this is stubhub. this smells like a lawsuit waiting to happen
There you have it.
When I’ve been in OP’s situation, I filed a complaint with the FCC, performed a whois lookup on their site to send emails to the abuse/spam emails of their DNS registrar and host and inspected the email headers to email their email provider’s abuse/spam account(s). I’ve not yet had cause to reach out to my attorney general’s office when I’ve had a company violate CAN-SPAM, but it’s an option.
I also make sure each company knows there’s a pending CAN-SPAM complaint. I keep it convivial, but serious. “Hey, just letting you know that one of your clients is violating your terms of service and the law! A complaint has already been lodged with the FCC. Toodeloo!”
That bit of knowledge tends to shift the interpretation of your complaint from “annoyed nerd” to “someone politely informing you that you’re going to get skull fucked by the long dick of the law if you don’t fix this ASAP”
It may sound sort of excessive, but I’m a bit of a consumer rights absolutist.
That last paragraph is art
I’m currently fairly ill (likely RSV, if the expired COVID tests are to be believed) and this is day 6 of moderate to severe insomnia.
A state of semi-delirium must be a good look for me, because I have received more complements on my writing in the last 3 days than I have in the last several years.
Get well soon!
A state of semi-delirium has given us some of the greatest artists the world has ever seen. Just look at Stephen King. Or Picasso.
Stop licking public restrooms, it's not worth it!!!
Seriously though, I hope you feel better soon...
The registrar can't really do anything, and the service they use to receive email (what you'd see in the DNS MX record) is often totally different to the service used to send marketing emails. You'd need to look at the
Receivedheaders of the email to figure out where it was sent from. For example, a lot of companies use Office 365 or G Suite for corporate emails, but something like Mailchimp or ConstantContact for marketing emails.So, here’s my reasoning -
Inspecting the headers will let you see where the email came from - if it came from MailChimp, then you email the MailChimp abuse folks, who can apply their abuse policies. And the DNS registrar has the keys to the kingdom. Many registrars have terms of service that forbid using their service for spamming. That ought to include emails associated with the domain, no?
In the end, there’s a high likelihood of no real action being taken (not without a volume of complaints), but if the righteous wrath feels righteous, do its outcomes have to be righteous?
This made me happy. Thanks!
This is also why companies include their mailing address in the footer of emails - it's one of the other requirements.
Are single page apps considered one page?
I'd say no since it is how pages are loaded and those likely interpreting the law including the user see a visual page change / transition it it would be considered another page since they'd likely not understand what SPA is.
More generally, are single page apps legal? And if yes, why?
Because they are useful and provide a good experience to most users
Oh, this explain why they say "may take up to 10 business days." Why do they have two weeks to remove a name when it can be done near-instantly? It's not like a person is manually removing every single name that opts out.
Block, report spam/phishing
Maybe I am ignorant, but report to who?
I guess below in another comment that was answered. Send it to their registrar.
With a lot of people using free email services, most have some report button. What this does is flag the specific email as potential spam that you specifically do not want to see. With enough people doing that, the probability of the email and subsequently the source domain being spam and spam generators goes up. High probability means the emails may end up in the spam folder without hitting your inbox.
There's a bit of fine tuning email marketing can do to mitigate that, like not sending emails too frequently. But that's not a passive thing they can do, which is why there are teams devoted to email marketing specifically at some companies.
The worst thing for a marketeer is to be dumped in spam. No one will ever see it or any future emails.
Yeah I had to do this to a couple lists because I have a very simple email address that gets added to things all the time, but if it's really irritating to unsubscribe, I just click my email settings to report spam or fishing, and that usually creates an automatic filter for that center so you never get bothered again.
You can manually create a filter in the settings to send all their messages to trash or spam if you want as well.
Yeah any emails that don't have a simple Unsubscribe link, just hit Report Spam. It's surprisingly common.
I just report spam and block these types. It's a them problem, not a me problem.
If it has been particularly frustrating for me, I'll even go out of my way to block the whole domain.
Report spam and block. They've lost emailing privileges.
I've seen many a clutched pearl at the suggestion of doing this.
Fuckin, if it's a problem for me to treat emails I don't want like that, then they need to stop sending so goddamn many. I get maybe 5 emails a week in actually looking for, and that's extremely generous. 5 a month would be just as believable.
I probably get 100+ emails a week.
Think of your inbox as a garden. You must tend your garden or weeds will spring up.
The only ones upset at your approach are the problem anyway.
100/week? I just checked my personal and work inboxes for yesterday (Jan 2), and recieved 93 emails.
I have had 35 so far today (its 9.30am in my time zone)
That's one of the most unethical ways to have users unsubscribe, and it's done on purpose.
Companies who do that should get DOS attacked until their email infrastructure crumbles.
Everyone to their stations!
report as spam in gmail works better :)
It seems that the user still wants to use stub hub. They just dont want the torrent of marketing emails. Marking as spam might block emails they actually want.
The user says they forgot their password and don't care, it's unlikely they still use the platform.
It seems i was mistaken. My bad.
Mark it as spam.
Are there any lawyers taking on cases like this? Cause I'd consider donating to a patreon if someone was out there fighting the good fight
Welp I do appear to be wrong.
What standing do they have?The spam act says they need a functioning unsubscribe link to be compliant, judging by what OP said the link worked and the company wants to verify the account before unsubscribing.
It should not ask for more information than the email address also it should be on a single page or a single email reply.
https://lemmy.world/comment/6344610
Seems like they're going to be blacklisted from Gmail if they continue like this. From February all mass mail directed to Gmail need to have single click unsubscribe or they'll ban the server and reject all mail (even legit mails)
This is why I use a random email for every service that I can simply turn off on my end if they don’t behave.
You can also create aliases on most sites by adding a + and a suffix to your email
eg. Register with the site name
your.email+stubhub@gmail.com
And then if you get fed up just set up a filter to put everything that comes to that specific address into the trash
But the thing to do is that if they dont send you a link that automatically undubscribes you is to mark it as spam
A lot of services won’t let you use the +, and it’s also trivial to get rid of the extension with Regex.
You can never disable those aliases, though. The best you can do is write a filter that sends them to trash. With a good email alias system, you can actually disable an alias, so that emails to it just bounce back.
Many services just strip out everything at the + so I instead have a catchall account use email addresses like
sitename@example.com. For addresses that start getting spam, I add them to a config in rspamd that bounces them. (I self-host my email server)This is where you say you are living in the EU and have the right to be removed
https://www.dataprotection.ie/en/individuals/know-your-rights/right-erasure-articles-17-19-gdpr
Also copy paste this example letter
https://www.datarequests.org/blog/sample-letter-gdpr-erasure-request/
It's called StubHub because this feels as bad as stubbing your toe.
I got an email that was spam/marketing for one of my accounts. This is a copy paste:
Needless to say, I simply called and cancelled my account. When asked why, I told them that I don't want spam emails from them for marketing or for "benefits".
Without knowing the details, it's hard to say. Yes this could be a spam tactic but various industries have laws saying they have to contact their users/clients/customers if they make a change- e.g. your bank has to notify you of new charges.
Not a defense of someone using this to scam, but an explanation of why that language might be used if legitimate.
It was for them having a sale and giving me an extra $50 off if I use my card.
Recently Gmail has had a big pretty unsubscribe button at the top of all my emails like this.
This means that the sender includes a list-unsubscribe header, which is supported by a lot of email clients. Not sure if StubHub does this, but it's worth checking.
Most providers that adhere to the CAN-SPAM act should have a List-Unsubscribe header since they generally allow unsubscribing either by clicking a link or by sending an email.
Set up a small raspberry pi device that is.programmed to constantly spam them with nonsense emails and give it a decent battery and casing and hide it near somewhere with public wifi.
Maybe tie it into that Wisdom of Deepak Chopra text generator or something.
If you can even find an email to spam, all you're going to do is get the IPs of the public wifi blacklisted. Whatever department at StubHub is sending those emails will probably never even know.
Look into email aliases.
https://proton.me/blog/what-is-email-alias
Same thing happened to me with monster jobs. I just blocked their emails.
Oh monster was the worst! I signed up well over 10 years ago and had unsubscribed several times over multiple months once I found a job. They still would send emails 5 days a week. I blocked them and will never ever use them again because of their awful spam. If anyone's curious, I did not find the job through monster.
If this was Europe you could sue them ¯\_(ツ)_/¯
What I do with these sometimes is replying to the e-mail itself with a message that has only the text unsubscribe in all caps. Might add that to the subject as well.
Sometimes it works.
You mean you like to verify that you are seeing and paying attention to their marketing emails?
I used to manage an email queue that collected both GDPR requests and responses to marketing emails and saw a fair number of those. Many companies have it setup to forward responses to marketing emails to a support queue somewhere, but some don't
You need a platinium level subscription to be able to unsubscribe. The entry level subscriptions don't have that option. Upgrade now for a small monthly payment of 49.99!
Only $500 if billed annually (16% savings)
!aboringdystopia
Only $500 if billed annually (16% savings)
Glad this is highly illegal in the European union.
Doesn't stop this happening to you though.
I send out tonnes of GDPR threats to these companies and I wonder if they go anywhere
They will at a minimum once you forward a CC complaint to the GDPR office.
Agreed. Don't make a threat - just make the GDPR complaint. Inform the company if you want. How many times have you remembered to follow up on one of those threats to see if you should still make a complaint?
This is why I use email aliases.
Turn the email on and off at will; I know some services like Firefox Relay Premium will block promotional emails while allowing other emails.
Yes! https://simplelogin.io/
I was just dealing with this infuriating issue as well! Besides marking it spam, and giving the app a bad review, I was able to wvwbtuyfibd a setting near my email address/contact info that said something along the lines of don't email me anything - it's really not that obvious (I remember it was just text that was underlined).
Good luck finding it! Let me know if you don't
... What?
At least it loads. Some of the links i click to unsubscribe just won't work at all
Happens to me too, but it's usually Pihole or a browser extension
Some of those are actual spam, and their domain has been shut down due to their spamming.
Those are usually the illegal or low value adverts - dick pills and "luxury watches"
Yep Report Spam in that case.
Reporting as spam is your best tool. That keeps you from seeing them and hurts their deliverability which they VERY MUCH care about.
Even worse is when you need to log in
Never trust anyone who thinks 'traffics' or 'emails' is a correct noun.
Btw, be careful that you only unsubcribe from services/pages you actually subcribed to or have a login there.
The others are fake to get to know that this address is alive and send you even more spam/sell that data point.
World of Wartank and Warship for me
A bit of a devil's advocate: requiring a login prevents someone from unsubscribing a user who actually wants to receive the messages.
Github does the same. You can't unfollow threads without logging in.
Microsoft has really messed up GitHub. Logs you out automatically if you haven't visited in a few days, constantly asks you to verify your 2FA, and the new feed makes it extremely difficult to track engagement on your own projects.
The worst one for me is that they allow you to view your recovery keys any time - IMO this is a really bad practice, recovery keys should only be shown once after a user has set up 2FA
Probably going to move to Codeberg since I'm seeing a lot of projects making the jump over there, but the real solution IMO is a federated version control system
A few weeks ago, I got a new laptop, and GitHub just denied me logging in. I had to use the recovery code. I was extremely angry because I entered the 2FA codes right, and it always just said unable to login.
Silly you. There's a saw, and a chain traping your leg. You know what to do. You have one hour before your pretty thermite necklace detonate. Good luck.
Never click an unsubscribe link.
They are used to confirm your email address is active, which sell for more to spammers.
Just mark the sender as spam, if your mailserver is any good, it should auto block senders whom are tagged like that too much.
In EU at least they're required by law to have working unsubscribe links that actually unsubscribe you, otherwise they risk getting huge fines, i understand that in California things are not too far from this but no idea about the details
This is the case across the whole US, as part of some legislation called the "CAN-SPAM act". I think the person you're replying to is talking about fake unsubscribe links in malicious emails.
It's extremely unlikely that any email provider would block a big service like Stubhub.
If it's a sender you've done business with and just don't want emails from any more then the courteous thing to do is use the Unsubscribe link.