Krebs on Microsoft Suspending "Patch Tuesday" Emails and Blaming Canada

tsu doh nimh writes In a move that may wind up helping spammers, Microsoft is blaming a new Canadian anti-spam law for the company's recent decision to stop sending regular emails about security updates for its Windows operating system and other Microsoft software. Some anti-spam experts who worked very closely on Canada's Anti-Spam Law (CASL) say they are baffled by Microsoft's response to a law which has been almost a decade in the making. Indeed, an exception in the law says it does not apply to commercial electronic messages that solely provide "warranty information, product recall information or safety or security information about a product, goods or a service that the person to whom the message is sent uses, has used or has purchased." Several people have observed that Microsoft likely is using the law as a convenient excuse for dumping an expensive delivery channel.

Fail whale

[tepples]

Is there no reason they couldn't just use Twitter?

Using RSS instead of Twitter allows Microsoft not to rely on the single point of failure that is Twitter Inc.

And besides, isn't this solved by Windows Update?

For one thing, having thousands of PCs in a company individually download multi-megabytes updates from Windows Update wastes the bandwidth compared to use of WSUS. For another, some administrators prefer to test Windows patches before deploying them because Windows patches some are known to break programs that inadvertently rely on underspecified behavior.

Any periodic e-mails should be RSS feeds

[iamacat]

This law or not, any recurring e-mails are spammy. E-mail should be reserved for one time interactions like order confirmations and of course personal communication. With RSS feeds, user can unsubscribe, suspend and resume viewing updates at their convenience.

Timeline

[ZombieBraintrust]

The Canada Anti Spam Law requires very specific opt in from the people recieving emails. It requires that certian content not be in the email. It has fines. Microsoft is going to have to train its people and change its templates. It is going to have to get its emails approved by Canadian lawyers. It will take time for it to get in complience of the law. But the deadline is tommorow. So they will RSS feeds instead. It is very easy for an expert to say the emails are exsempt to the press. But I bet if you showed them a few emails they would find a few problems. Things Microsoft needs to fix or get fined.

Re:It is Canada's fault!

[Anonymous Coward]

What it boils down to is this. If you send an un-solicited email to someone you have not done business with in the last 2 years, and they have not opted in before and, and they believe your email to be spam, boom, you are culpable.

Good! That is the definition of spam. Spammers should die.

And this Canadian law is completely irrelevant to most mailing lists.

To get on a mailing list, you have to submit your email address, then they send a confirmation message, then you have to click the link in the email to confirm that you actually want the messages.

That is clear consent. And many mailing lists require you to reconfirm every 6 months or so.

Also if you install software on someone's computer without explicit, but easy to understand examples of what the software is/does you can also be held culpable.

What, you think just because you paid for the computer you think it belongs to you? The computer belongs to apple/google/microsoft and they can install software on it whenever they feel like it.

All email a company produces in Canada form this point on have to include a link in the bottom or ability to opt out of all future email.

Pretty much all email from responsible companies have been doing that for years.

So in summary, there is nothing in this Canadian law that applies here.

As a "Canadian IT head", you're an idiot, or a troll.