The Email Sender & Provider Coalition (ESPC), a cooperative of leading email marketing firms and email service providers, today announced a plan to require members to support suppression file encryption when those files are transferred to or from third parties or clients.
The ESPC is moving to require suppression file encryption both as a privacy protection and to contribute to the email industry's fight against spam.
Under CAN-SPAM, marketers are required to maintain lists of recipients that have unsubscribed from receiving messages from a particular sender. Marketers are further required to share those files anytime they use a third party to conduct a commercial email marketing campaign, to ensure that unsubscribe requests are honored
If suppression lists are not secured in some way, they become vulnerable to malicious parties who could misuse them as spam lists. Suppression file abuse of this sort is a significant source of spam. Encrypting suppression files using a one-way hash, such as the standard being adopted by the ESPC, can help prevent such abuse...
--MORE--
http://www.espcoalition.org/042309encryption.php
This is good news in my opinion and something in the works here. With all the data breaches happening, we need to begin to start encrypting more personal identifiable data (PII).
-Dennis
Don't Just Send, Deliver!
So glad to see this finally come to light... I put many many hours into helping push this new standard with the ESPC Tech committee members. What a wonderful stand the ESPC is taking for the consumer by endorsing this standard and requiring adoption!
Posted by: John Engler | April 24, 2009 at 10:21 AM