The Other Address Book Takeover Scandal.

Like many small firms, we use Basecamp for our project management duties. One of its miraculous features is a system which allows you to reply to an email to post a new message; it does this through a galaxy of email addresses which can be used to identify which topic thread you wanted to handle.

So recently, we’ve began to get posts to projects that were closed off several months ago. Linkedin friend requests, and now advertisements for some sort of incentive debit card. I suppose those are really germane to the operation of a website.

Obviously, what happened is that one of our users was invited to share their entire contact list– blindly– with the services mentioned. I can see it making sense for LinkedIn, as admittedly, most people’s address books are primarily filled with real people you intend to interact with on the site. But a debit card? Really?

This is the poor stepchild of the Path scandal last week– yeah, they might be getting consent to rummage through your contact list, but it’s not really a lot of conscious thought and consensus being made here.

Since nobody obviously considers “Basecamp topic #234564” a real acquaintance, this makes it clear, you’re either just carpet-bombing our clients’ entire address books, or willfully making it difficult to select, in an opt-in fashion, “here’s your contacts, pick ones who might actually want the offer.”

It also greatly increases your chances of winding up on a black-list, and gives the vast majority of people who got their first contact with your brand through the mis-targeted message a bad taste in their mouth. Way to go! But you got those email addresses… each connected to a valuable, twitching, live, potential…. project management forum topic.

Moreover, I’m sure Basecamp is not the only service being mis-handled this way. Some forums and mailing lists use similar custom-address-as-control-tool systems to avoid the old approach of “unsubscribe username@domain.kp authenticationkey” in the subject line or body. I wonder if you ever trigger “to unsubscribe, email to…” links with those messages.

In short, don’t expect me to be signing up for an Advershares card any time soon.