SoylentNews is people
SoylentNews
Citing a Canadian anti-spam law, Microsoft last week announced that it would discontinue its security bulletin e-mail lists. From the e-mail: "In lieu of email notifications, you can subscribe to one or more of the RSS feeds described on the Security TechCenter website". Legal experts said the decision was unnecessary, as there were specific provisions in the legislation to take such email into account.
However, in an apparent reversal of its decision, Microsoft now says it will be re-starting its security notifications via email early next month. From a Microsoft's spokesperson: "On June 27, 2014, Microsoft notified customers that we were suspending Microsoft Security Notifications due to changing governmental policies concerning the issuance of automated electronic messaging. We have reviewed our processes and will resume these security notifications with our monthly Advanced Notification Service (ANS) on July 3, 2014."
Perhaps it was a case of Microsoft not reading the small print, or even the large print.
(Score: 2) by RaffArundel on Wednesday July 02 2014, @01:04PM
Probably not, I do this for a living and CASL looks like that "You are suggesting..." checklist we used to see all the time at the other site. But you are incorrect, since I am in the industry, I can say that it wasn't just Microsoft shutting down lists until the lawyers could weigh in.
What most likely happened is they went through CASL prep with their marketing campaign lists without thinking that the law would impact a Security Newsletter - but it does. Someone pointed that out (arguably a simple link back to their website could be construed as commercial) and the held the email send rather than get hit with huge penalties. Being Microsoft, they would likely have a big fat target on their back.
One issue is that the government dicked around and kept changing the law through the beginning of this year. While people are "grandfathered in" to mailing lists, some places take 6 months to make the major infrastructure changes necessary to identify and comply with the law. The second issue is that there definition of "commercial email", which requires explicit opt-in is very broad, specifically in the US's CAN-SPAM law the message has to be "primarily" commercial, but in CASL the vague way it is written, having links back to your site could arguable be "engaging in commercial purposes" and if all they did was bang in their email address into a form, that could result in the rather stiff penalties.
Let's use this site as an example. I get (and actually read) the daily digest even though I have generally already read everything listed. I don't recall you making me subscribe or even check a box to receive it. You also don't know (I believe) if I live in Canada. As a result, had I signed up yesterday, it would be illegal to send me an email with a "sponsored link". My guess is that Soylent cannot afford $1M CAD and keep running - so reviewing these things are probably a better idea than being shutdown by some bureaucrat pretending to be tough on whatever...
(Score: 2) by frojack on Wednesday July 02 2014, @05:36PM
Both for Soylent and Microsoft's patch list require subscription before any email starts flowing. Yes there are boxes to check. Yes you knew what you were getting into.
As a general observation, Canadian courts are a lot less ridiculous than man US courts, and someone making a claim that someone who voluntarily subscribes to Microsoft's list after installing microsoft software, already has a business relationship with Microsoft and any mention of a microsoft product would be expected.
Since the law was NOT change between microsoft's termination announcement and the re-in-statement announcement we can only assume that the termination had never been cleared with MS Legal, and certainly not Microsoft's Canada legal team.
I can see where Microsoft would like to purge this list (It must be huge, and full of long dead email addresses). Going to an RSS feed makes much more sense, because when your sysadmin moves on to another job, his RSS feed doesn't have to be terminated, and there is no list that needs to be cleaned.
And, in full Monty Python mode, here is a Commercial Link which I throw in your general direction as a taunt: http://media.chrysler.com/homepage.do [chrysler.com]
No, you are mistaken. I've always had this sig.
(Score: 2) by RaffArundel on Wednesday July 02 2014, @07:08PM
Nope, I just checked - the subscription is part of the message options in the profile. Unless that code has changed since the earliest days, I did not opt-in that I recall. The law specifically requires the site to prove me wrong - in this case, when specifically did I opt-in? Since the code is glorious open source, feel free to point me to lines that do so. There was no action required on my part that I recall, starting yesterday I could claim I didn't and sue.
Was there some confusion in my post? I said that a subscription based list like this is always very low on the list. Chances are the tech guy was dotting i's and crossing t's and brought it up. A responsible company (feel free to make M$ jokes) does a full-stop on legal compliance issues until someone can check. Someone checked, said it was okay and it was restated. Create a conspiracy if you like, I was simply pointing out this comes as no surprise.
(Score: 2) by frojack on Wednesday July 02 2014, @10:34PM
http://soylentnews.org/my/messages [soylentnews.org]
The default for all of the message is NONE, or WEB (when you log in).
Set up a new account and prove yourself wrong.
You don't need to announce the end of a list (with a future date) then announce the continuation if all that was required was to pass it through legal.
You might simply pause the list for a day or five while legal ex-digitates.
No, you are mistaken. I've always had this sig.