Some folks don't get it.


When I give an E-mail address to a web site, I give a different one to each site. I have many domains, including one where all addresses are forwarded to me unless I turn them off.

I recently started getting some spams for "entertainment@" the domain, which is the address I gave to use the web site of, which publishes those books of discount restaurant coupons. Their privacy policy states they don't give away or resell the information, so something's fishy. (And no, since I get all addresses at this domain I know spammers are not dictionary attacking it, this almost certainly leaked or was sold out of

So I file a complaint and get back a form response explaining their privacy policy because I stupidly entered the selectbox saying it was a privacy policy question. When I sent back another note, you will enjoy the response I got back...
From: Ask Us <>

Dear Brad,

Thank you for your inquiry. We would be happy to look into the matter for you. What I can do is escalate this to our Head Quarters and have someone get back to you, however, we do need some more information. Please include your:

Email address
Telephone number

Thank you.

Your Customer Service Specialist

While they know my email address and name (and have my mailing address in their database) the irony of responding to a privacy complaint -- a complaint about them selling people's addresses in violation of their own polices -- they send a demand for my address and phone number!


This seems pretty typical. It is sad when a 'Privacy policy' has become a tool to give users a false sense of security. I had a similar problem with I use for nearly every single 'subscription' that requires an email address. It's nice and easy because I can name the addy after the site. This particular address was Started getting spam from outside scriptlance within a week. When pressed about it the response was:

"I didn't sell your e-mail. You are probably just forgetting that you used the
e-mail somewhere else."

That's right, I probably used a disposable email address, used specifically to weed out the crooks like this, at another site where the email address would have no significance.

Heh, I guess welcome to the Internet Age.


Hi Brad,

Short time reader, first time responder. I like what you are writing-- it is very entertaining.

Is there a possibility that the webhosts are using a shared server that gets the information as well as the webhost? ( A reseller's hosting enviroment).

This first got my attention a couple of years ago.

I just thought I would ask.

I searched "linking" last night and this site didn't come up on Yahoo... but tonight it did.

I like it!

I'll be here for a while.


For US-based companies, please note that privacy policy violations are also violations of Section 5 of the FTC Act which prohibit deceptive practices. This could open up the company to prosecution and fine by the FTC.

For example, please see the settlement of the recent FTC action against Gateway Learning.

Stacy Martin
Plaxo Privacy Officer
privacy @t

Wow. I'm in the middle of *exactly* the same process with them. ( I also use site-specific addresses, and started getting spam to theirs last week. I complained, and got back the form response. I sent off my response, but haven't gotten that last email yet asking for my phone number.

I'm definitely planning to take this to the FTC and/or Canadian Privacy Commission.

Same exact thing here! I have a special e-mail address I used to register at the Web site many months ago ([mylastname], and then starting today, I got spam at that address!

I called their customer service department and spoke to a nice-but-powerless person who probably works for a contractor call center (she refused to confirm this).

She gave me the physical address of Entertainment Publications Operating Company's HQ (Maple Corporate Center, 1414, E. Maple Rd., Troy, MI 48033).

I just sent e-mail to them... We'll see what happens.


From: [snip]
Sent: Tue, 19 Apr 2005 09:14:02 -0700
Subject: SPAM from one of your "affiliates" which I DID NOT AUTHORIZE

Please forward this to your legal department at once.

Today I received the following spam from one of your "affiliates" which identifies itself as YOUDISCVERREWARDS.COM (note the missing "o" in the word "discover"). That spam message follows below, complete with long headers. I know it from one of your affiliates because it was sent to a special and unique e-mail address that I created solely for the purpose of registering on your site: [snip]

Notice that the spam I received makes no mention of Entertainment Publications.

When registering my account at the Web site, I DID elect to receive offers via e-mail "FROM ENTERTAINMENT" but the option did NOT say anything about my granting permission to your company to give my e-mail address to any other organization.

I also reviewed your privacy policy, and it made NO MENTION about giving my e-mail address to any other organization.

THIS IS A CLEAR VIOLATION of appropriate business practices in terms of privacy and integrity of holding your subscribers' e-mail addresses. In fact, I recently learned that it may also be a violation of Section 5 of the FTC Act which prohibit deceptive practices (see the settlement of the recent FTC action against Gateway Learning at

OPTING OUT OF SPAM E-MAIL IS FUTILE. Most spammers do not honor such requests, and some use the "opt out" mechanism as a means of verifying that an address is valid, and thus generates more spam. Therefore, it is inappropriate to expect members to opt out of spam sent by your affiliates.

I honestly expected more integrity from your company, and I'm extremely disappointed.

I see that I am not alone in my concerns, as there is a Web page about your violations at

Please contact me with your intentions to resolve not only my specific concern, but also your plans to bring either your business practices or your privacy policy (preferably the former) into compliance.



-----Original Message-----
Mime-Version: 1.0
To: "[snip]"
Content-Type: multipart/alternative; boundary="----=_Part_270852_33024191.1113889247755"
X-MB-Recipient-Addr: [snip]
X-MB-Recipient-Addr-Type: TrackerAddress
X-MB-Trace: IMM:FromExtSMTP,C70F3928-4C4D872A-0375E482-0E0914D5 TRK:VTrckr AV:NA AFS:MID_NP UAR:AcptTrkr GARPostUser:WD_NP DTKT:WD_NP DTKTR:WD_NP CR:WD_NP DDisp:WD_NP
Subject: Get your Free* Trip to New York here
X-MB-Message-Source: ExternalSMTP
Received: from by APP27.MAILBLOCKS.COM ( with SMTP for [snip]; Mon, 18 Apr 2005 22:40:50 -0700
Received: (qmail 14541 invoked from network); 19 Apr 2005 05:40:49 -0000
Received: from (HELO mail1.YOUDISCVERREWARDS.COM) ( by with SMTP; 19 Apr 2005 05:40:49 -0000
X-MB-Message-Type: User
From: DiscoverRewards
Reply-To: DiscoverRewards
X-MWI: rnzwnnngmlvlrlvlawlsaawe zzvwgrglnenlvrrlrl llgelsarwa
Date: Tue, 19 Apr 2005 00:40:47 -0500 (CDT)

[big obnoxious [graphic]
Click here
[four graphics containing only text]

To no longer receive these messages, please send a blank emaill here: unsub-jvcdcasgsaxddada@YOUDISCVERREWARDS.COM
OR Send a postal mail to: PO Box 1119, Old Chelsea Station, New York, NY 10113

Upon further research, I discovered that InterActiveCorp owns Entertainment Publications Operating company:

I just called their headquarters in New York (212/314-7300) and left voice mail for their legal department. I'm awaiting their callback now.

I'll post what happens (if anything) here.

Two more spam messages came into my unique address, from the same YOUDISCVERREWARDS.COM address... And still no callback from InterActiveCorp.

I also found a bunch of other spam and sleaze related to this spammer by Googling the Box 1119 Old Chelsea Station address:

I have just started receiving emails from this same company at my work address and I also used that email address when I purchased an Entertainment book last year. I've just changed my email address with and if the spam from YOUDISCVERREWARDS.COM starts showing at the custom email address, I'll know for sure the source.

I'll let you know if something happens, otherwise I'll look forward to your updates.

I got the same spam sent to a unique address registered at No response to my query sent to customer service.

Well, after a total of three messages from YOUDISCVERREWARDS.COM at the designated address, it stopped suddenly, and there have been no further messages received on it.

InterActiveCorp's legal department never called me back.

Maybe it was an inside job -- perhaps an employee of InterActiveCorp stole a bunch of subscriber e-mail addresses and tried a bit of spamming. Perhaps that person got shut down and discouraged from doing it anymore... Or fired -- that would be nice!

Add new comment