←back to thread

FTC announces "click-to-cancel" rule making it easier to cancel subscriptions

(www.ftc.gov)
1737 points pseudolus | 7 comments | 16 Oct 24 13:09 UTC | HN request time: 0s | source | bottom
Show context
Uehreka ◴[16 Oct 24 15:57 UTC] No.41860626[source]
When people try and say that regulating stuff like this is impossible, I often think about how unreasonably great the regulations around “Unsubscribe” links in emails are.

There really seems to be no loophole or workaround despite there being huge incentive for there to be one. Every time I click an “Unsubscribe” link in an email (it seems like they’re forced to say “Unsubscribe” and not use weasel words to hide the link) I’m either immediately unsubscribed from the person who sent me the email, or I’m taken to a page which seemingly MUST have a “remove me from all emails” option.

The level of compliance (and they can’t even do malicious compliance!) with this is absurd. If these new rules work anything like that, they’ll be awesome. Clearly regulating behavior like this is indeed possible.

replies(46): >>41860684 #>>41860824 #>>41860883 #>>41861066 #>>41861129 #>>41861436 #>>41861512 #>>41861678 #>>41861722 #>>41861736 #>>41861811 #>>41861814 #>>41861817 #>>41862226 #>>41862350 #>>41862375 #>>41862533 #>>41862548 #>>41862583 #>>41863105 #>>41863467 #>>41863955 #>>41863981 #>>41864245 #>>41864326 #>>41864554 #>>41864607 #>>41864815 #>>41865404 #>>41865413 #>>41865616 #>>41866082 #>>41866103 #>>41866240 #>>41866351 #>>41866850 #>>41866986 #>>41869062 #>>41869290 #>>41869894 #>>41870054 #>>41870127 #>>41870425 #>>41870478 #>>41871231 #>>41873677 #
inetknght ◴[16 Oct 24 17:45 UTC] No.41861722[source]
> I often think about how unreasonably great the regulations around “Unsubscribe” links in emails are.

The sheer number of comments that think the state of "unsubscribe" is good is... saddening. I should not have to click a link to "unsubscribe" from something that I did not subscribe to. There's no recourse for me against these thieves.

replies(3): >>41861788 #>>41861821 #>>41866709 #
vel0city ◴[16 Oct 24 17:56 UTC] No.41861821[source]
So what, people should only be able to email you if you've previously emailed them? How am I supposed to know who I'm allowed to email?
replies(3): >>41862068 #>>41862652 #>>41863478 #
1. inetknght ◴[16 Oct 24 18:21 UTC] No.41862068[source]
> So what, people should only be able to email you if you've previously emailed them?

No, people should be able to email me as they would normally.

I should be able to block senders, or entire domains. To use a direct example: if I decide that substack is shit because they subscribe people without consent (which is exactly true), then I should be able to block all things from substack and not just a single email address from the domain.

If the spammer is operating within the continental US (or any other country with a reasonable court system), then the spammer should be legally and monetarily liable for the time and money wasted. Everything from the second it takes my server to receive the message, to the second it takes to transmit to my email client, to the multiple seconds it takes me to read the headline and/or body, and the time it takes to press the block button -- the energy costs, the hardware cost, the bandwidth cost, my own time's cost, and the cost of lost confidence in the safety of the internet (just as a thief in your home makes you lose confidence in the safety of your neighborhood) -- all of it should be legally and monetarily liable.

So when that shit substack email puts on a SendGrid or Mailchimp facade, or goes through some Cloudflare or CloudFront or whatever CDN, those "businesses" also get blocked and sued into oblivion because fuck any "business" that doesn't want to own the relationship with their customer, and fuck any "business" whose customer is not the person they're emailing.

So... you want to send me an email? Cool! I hope you will agree that it's legitimate *and wanted*. Because if it's not then I should be able to take you, or your business, to court for wasting my time (and time is money) -- and win on that ground alone.

tl;dr:

Why do I have such a stark view on this, many might ask?

Well let me put it simply: "legitimate" spam is indistinguishable from targeted phishing. So that "unsubscribe" link that people so proudly claim is a great solution? Clicking it does not improve the spam situation and does increase vulnerability to malicious actors. I'm not going to click on that because it doesn't go anywhere that I recognize and can verify. That "unsubscribe" link is worse than a real solution because it's only theatre.

replies(3): >>41862165 #>>41863496 #>>41868039 #
2. lazyasciiart ◴[16 Oct 24 18:29 UTC] No.41862165[source]
> then the spammer should be legally and monetarily liable for the time and money wasted

You might want to start by addressing physical mail, or advertising billboards, if you want to radically overhaul some of the fundamentals of society.

replies(1): >>41862245 #
3. inetknght ◴[16 Oct 24 18:35 UTC] No.41862245[source]
> You might want to start by addressing physical mail, or advertising billboards, if you want to radically overhaul some of the fundamentals of society.

It's on my todo list. The amount of incessant spam, that's legally protected by the USPS, is astonishing.

replies(1): >>41865707 #
4. efreak ◴[16 Oct 24 20:26 UTC] No.41863496[source]
Set up a filter from substack to the spam folder. I filter a number of domains directly to trash.
replies(1): >>41865867 #
5. inetknght ◴[17 Oct 24 02:28 UTC] No.41865867[source]
> Set up a filter from substack to the spam folder.

Can you walk me through the steps? Gmail doesn't let you create a filter which sends to the spam box. There used to be, but it was taken away. I know because I used it a lot.

Even if the feature was still there, it was still received instead of rejected, and it only moves the offending mail to the spam box instead of deleting it.

replies(1): >>41866319 #
6. efreak ◴[17 Oct 24 04:04 UTC] No.41866319{3}[source]
I know the spam folder is a special folder, but I assumed you could filter to it. Apparently not. A quick search tells me that you can set up a Google script to do this[0]. I personally use the secondary spam tag method, since I don't want such messages being deleted automatically (I filter a number of marketing and other messages to my secondary spam tag, and only check those messages when I need something; in these cases I don't actually want them being deleted automatically)

``` var threads = GmailApp.search("[your search criteria] -is:spam"); for (var iThread = 0; iThread < threads.length; iThread++) { GmailApp.moveThreadToSpam(threads[iThread]); } ```

[0]: https://webapps.stackexchange.com/a/120534

7. boomlinde ◴[17 Oct 24 10:01 UTC] No.41868039[source]
When I contacted Substack about it they insisted that I can't be subscribed to a mailing list there unless I gave them my explicit consent.

Quickly going through their own documentation I found out that this is not true: Substack allows you to import CSV subscriber lists without the consent of each subscriber, ostensibly to allow painless migration of old mailing lists. That feature is of course abused, and they did nothing when I reported the abuse, presumably because spammers represent a large part of their business.

What a piece of shit company.