A recent post on the Email Marketing Roundtable list asked for clarification about how unsubscribe landing pages work under the updated CAN-SPAM regulations.
This led to an interesting thought. Is it permissible to put at CAPTCHA on an unsubscribe page?
CAPTCHA are usually a series of letters that the user is asked to type in to prove that they really a human and not a web spider. List owners are concerned about anti-spam and anti-phishing software that "follows links" and could accidentally unsubscribe a user. But there are some legitimate reasons why an automated unsubscribe would happen, such as if someone used Lashback's unsubscribe button. And a conservative reading of the FTC regulations would seem to prohibit CAPTCHA since it says that the only thing the user can be required to do is provide their email address.
Thoughts?
Surely this is a bit of a non-issue. If the subscriber's encripted link is within their email, and no where else, how is a spider going to follow it?
If I was asked to submit a CAPTCHA on an unsub request then I'd simply hit the SPAM button - it's easier
Posted by: Jake | June 24, 2008 at 05:09 AM
Josh -
With my understanding...err...interpretation of the new CAN-SPAM rules, this one would be a bit in the gray area, right? Gotta make it easy to unsubscribe. This added step is *kinda* similar to having to login, imho.
dj at bronto
Posted by: DJ Waldow | June 24, 2008 at 06:47 AM
The spiders are anti-spam spiders that are part of the mail system. They look at the links within incoming emails and they look more closely at messages that consumers mark as Spam. This is not a widely used practice at this time, but there are some ISPs and some anti-spam software that do this.
Posted by: Joshua Baer | June 24, 2008 at 06:49 AM
Josh,
I think the new CAN-SPAM rules are pretty clear:
"Accordingly, the Commission adopts final Rule 316.5, which prohibits the imposition of any fee, any requirement to provide personally identifying information (beyond one’s email address), or any other obligation as a condition for accepting or honoring a recipient’s opt-out request. "
Doesn't that say "...OR ANY OTHER OBLIGATION..."
Isn't a captcha an obligation if it's a required form field?
I'd recommend moving away from one-click unsubscribe links if you're worried about this new rule causing inadvertent unsubscribes among your subscriber base.
Posted by: John Engler | June 24, 2008 at 04:19 PM
Why would anyone want to make it harder to unsubscribe? Users aren't going to put up with that; they'll click the spam button instead.
Posted by: J.D. | June 24, 2008 at 05:26 PM
I have to agree with John- I think that CAPCHA is pretty definitely in the category of an obligation and thus in violation of the new rules. Fortunately, any problems that people are seeing with robots following links would likely be solved by a simple confirmation button on the landing page- I've not heard any accounts of robotic link following that go any deeper than the links in the original message.
Posted by: Ellen Siegel | June 25, 2008 at 09:33 AM
CAPTCH on sign up... okay, CAPTCHA on unsub, bad...
Posted by: Tom Bartel | July 02, 2008 at 01:23 AM