GDPR applies to any business that collects any personal information data about individuals. This personal data, or 'personally identifiable information' (PII) includes things from which identity can be derived, such as, for example, a street address, a telephone number, an email address, and even an IP address.
Google has started sending notices of deactivating inactive Gmail addresses (actually they are going to deactivate dormant Google accounts, which includes Gmail accounts); and Yahoo posted a notice about deleting inactive mailboxes earlier this year. And if you don't pay attention to this it can, and likely will, hurt your deliverability.
By now you may have heard that Validity is going to start charging for access to their FBL, which they call the Universal FBL because they have made it the single point of access to the FBLs of so many ISPs. Here are all the details, including how much it will cost you.
There is a lot of confusion over what exactly qualifies as "legitimate interest" under GDPR. Additionally, you may be wondering whether GDPR governs the handling of personal data which you collected before GDPR went into effect and, if so, whether you can keep it under the legitimate interest test. The answer is both 'yes' and 'no'. Below we talk about the legitimate interest test generally, and how it applies to data acquired before GDPR went into effect. We also include information about how to obtain the model legitimate interest assessment (LIA) template which has been developed by a GDPR expert and which we have been given permission to share.
You should never send mass or bulk email through a new IP address before you warm up that new IP address. Warming up an IP address is a critical step towards not only having good deliverability, but also to making sure that your email isn't tagged as spam, or blocked. To illustrate the importance of warming up an IP address, we're going to tell you a story.
Yesterday afternoon (8/24/23) a Federal court judge handed the Republican National Committee its head on a platter. As you may recall the RNC had sued Google, claiming that Google's spam filtering algorithm was intentionally anti-Republican. Google then countered by offering a pilot program to any political campaign that would adhere to Google's best practices for email - a spam-filter offramp, if you will - in other words they would not even have to have their email run through certain spam filters.
There is a hidden legal danger in not confirming email addresses, and yes, even in the United States. We talk a lot about email deliverability (because hey, we're the original email deliverability service). And in that context we always explain how using double opt-in (i.e. confirmed opt-in) helps immensely with deliverability by reducing spam complaints and increasing interaction rates. But now we're going to talk about something that people rarely think about: not confirming someone's email address before you use it or add it to a mailing list can have serious legal consequences for you having nothing to do with CAN-SPAM, GDPR, CASL or any email-specific law. It can also have serious consequences for others, consequences that in turn can come back to you in serious, unexpected, but entirely avoidable, legal ways.
Not confirming email addresses can put your customer in physical danger, and can cause you legal liability if they are harmed. We've written before about how not confirming email addresses can potentially create real-world, real legal liability, because in certain settings, and particulately in ecommerce, it can actually lead to your customer suffering physical harm; maybe even death.