Feeds

Does Gmail's tarted-up tab makeover bust anti-spam laws?

'Advert looks like an email, walks like an email...'

Beginner's guide to SSL certificates

Anti-spam experts are openly wondering whether Google's redesigned web mail service Gmail violates US laws against bulk unsolicited messages.

The CAN-SPAM Act (passed in 2003) makes the mass distribution of commercial electronic mail legal as long as the messages are properly formatted, include correct contact information and give the recipient the option to unsubscribe.

In late May, Gmail introduced a revamped interface featuring five tabs - labelled Primary, Social, Promotions, Updates and Forums - into which messages are sorted. The Promotions folder holds offers from online businesses a person uses, such as Amazon or Hotels.com, and acts as a pigeonhole for legitimate marketing email that's separate from other messages. (Spam still disappears into a separate holding pen.)

Above these marketing emails, in the Promotions tab, Gmail places one or more adverts based on the contents of the inbox, which is par for the course with Google. But these advertisements are dressed up as email messages yet they don't allow users to unsubscribe from "receiving" them, sparking outcry from email marketing experts.

Jordan Cohen, veep of marketing for Movable Ink, and John Caldwell, writing for Deliverability.com, claim Google's new webmail interface is in "flagrant violation of the CAN-SPAM Act", in that it there's no sight of an opt-out button for the ads in most cases.

"Google insinuates that only legitimate promotional emails will be routed to the Gmail 'Promotions' tab, while unsolicited messages will be sent to a Spam Folder," the duo wrote. "These ads dressed as faux email messages attempt to trick people into thinking that these are legitimate messages."

"Google will claim that since the ads aren’t transmitted via the Simple Mail Transfer Protocol, they are not email," wrote Cohen and Gladwell, who describe this as a potential "technical loophole" in US anti-spam laws.

The Google-promoted advertisements look like emails and behave as such: they have a subject line, an apparent From address, and a user can even forward them to others, notes Martijn Grooten, Virus Bulletin's anti-spam test director.

"If it walks like email and quacks like email... then it is subject to the CAN-SPAM Act," Grooten argued on the Virus Bulletin blog.

"Indeed, most of the advertisements fail to provide unsubscribe links - and for those that do, it is not clear whether Google will honour the 'unsubscribe' option."

Grooten notes that while there may be some merit to the duo's claims, the email marketeers have a vested interest and may well be upset that the Google-brokered ads are appearing in a prominent place in Gmail users' mail folders, while a substantial percentage of their own messages are at the mercy of spam filters.

"Deliverability.com is aimed at email marketers, to whom it may seem that these new advertisements are taking a significant slice of their cake," Grooten concluded. "What's more, Google will have a point if it argues that these advertisements weren't delivered through email and aren't stored in an email format - and thus aren't subject to the CAN-SPAM Act."

Whether or nor the messages are ads or emails is far from clear.

"If these ads are indeed emails, they are generated on Google's servers itself, so there would be no reason to transfer them from one system to another," Grooten told El Reg. "So I don't think the 'it wasn't delivered via SMTP' argument is very strong. I think it will boil down to whether it is more important how the messages are stored (probably not as emails - though I'm guessing here) or how they are presented (as emails)."

More debate on the ad or email issue can be found on a blog post by Laura Atkins of anti-spam consultancy and software firm Word to the Wise here.

Google declined our invitation to comment on the issue. El Reg presumes the advertising giant's lawyers cleared the Gmail redesign and declared it compliant with US anti-spam laws. ®

Secure remote control for conventional and virtual desktops

More from The Register

next story
Phones 4u slips into administration after EE cuts ties with Brit mobe retailer
More than 5,500 jobs could be axed if rescue mission fails
Driving with an Apple Watch could land you with a £100 FINE
Bad news for tech-addicted fanbois behind the wheel
Phones 4u website DIES as wounded mobe retailer struggles to stay above water
Founder blames 'ruthless network partners' for implosion
Sony says year's losses will be FOUR TIMES DEEPER than thought
Losses of more than $2 BILLION loom over troubled Japanese corp
Radio hams can encrypt, in emergencies, says Ofcom
Consultation promises new spectrum and hints at relaxed licence conditions
Special pleading against mass surveillance won't help anyone
Protecting journalists alone won't protect their sources
Big Content Australia just blew a big hole in its credibility
AHEDA's research on average content prices did not expose methodology, so appears less than rigourous
Bono: Apple will sort out monetising music where the labels failed
Remastered so hard it would be difficult or impossible to master it again
prev story

Whitepapers

Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
The next step in data security
With recent increased privacy concerns and computers becoming more powerful, the chance of hackers being able to crack smaller-sized RSA keys increases.