A Different Type of Currency

Recently, a member of the community lamented that folks weren’t willing to provide an email address for free training. This reminds me of an old saying popularized by Heinlein, but one that was used a lot in the Perl community: TANSTAAFL (There Ain’t No Such Thing As A Free Lunch). While the training was advertised as “free,” it really wasn’t. After all, the person had to pay up something: his or her email address.

Once upon a time, we didn’t think anything of this. However, then SPAM became more than a nuisance. And despite increasingly advanced mail filters, SPAM still gets through. SPAM campaigns are still effective. While percentage wise they seem not to be, converting at far less than 1%, the upside for spammers is sending out a bunch of emails doesn’t cost very much. So it doesn’t take much to turn a profit. Those conversion rates are stil good enough to keep the spammers happily in business. That’s why folks are still at it. 

Worse than that, now we’re seeing phishing and spear phishing attacks, where adversaries are trying to have you click on malware or a MitM (Man-in-the-Middle) site or just a mock-up of a legitimate site that doesn’t actually take you to the original site (it usually just throws an error indicating the site s unavailable and to try again later), the latter two to capture legitimate credentials to use at the sites they pretend to be.

And that brings me to my final thought about providing email addresses: they are increasingly becoming the username to log on to various sites, such as the PASS site. So giving up your email means giving up your login unless you’re a paranoid type that has multiple email adresses just to serve to split things up. Not many fall into this category as it’s a real chore trying to keep up with a lot of email addresses.  So if you give up your email, then someone who wants to be malicious now has part of the information he/she needs to log on to those sites as you. 

Therefore, I can’t fault folks when they don’t want to provide email information for something described as free. Whe you give up your email address, you don’t know what the person or organization is going to do with it. A lot of organizations resell email addresses to other organizations. This is legitimate business, even if we personally disagree with the practive. There’s also the black market where individual email addresses aren’t worth much, but if you can sell them in bulk, then the multiplier means a tidy profit. It’s even better if you are selling validated email addresses, which are obviously worth more, because spammers know they will be able to reach a legitimate person.

I also can’t fault folks who ask for the email address when they provide resources to the community. After all, they’ve worked hard (hopefully) to be able to make those resources worthwhile to whomever wants to use them. However, if you ask for an email address, what you’re providing isn’t free. You’re just asking for a different form of currency.  You are asking for both information and identity. So don’t be surprised if someone (especially folks like me) chooses to forego accessing a resource instead of providing the email. At the end of the day I have to make a decision on a value proposition: is what you are providing worth what I am giving up? Some folks win, other folks lose. That’s just the way it is.

1 Comment (+add yours?)

  1. way0utwest
    Jun 09, 2016 @ 18:59:02

    Great points, and certainly true, Brian. Quite a few “free” solutions do require some sort of registration or information. I am always reminded of this when a company says you can get $5 for some data. Often the value of the data is higher than what the company wants to compensate you for.

    We certainly do this at Redgate, trading emails and the chance to market to you later for a book or some other information. I think it’s a fair trade, or even a better trade for the individual at times, but it’s not totally free.

    It is, however, free as in beer, and perhaps that’s what we should have another word to describe. There are really three versions of free (or maybe more).

    1)Free as in no monetary or financial cost.
    2)Free as in an idea with no tangible loss from my if you get it.
    3)Free as in no monetary, but perhaps some time cost (reading marketing information)

    I miss having a catch-all email, so I could make up some address for different sites and shunt the messages to a specific folder. However I get the problems the catch-alls caused for SMTP systems, so I’m happy to lose those.

    Most people aren’t aware of the payment they’re making when they get something for “free”, enter a contest, or respond to a survey. We have a lot of maturing to do in the world WRT understanding, controlling, protecting, and managing our data. Especially where outside organizations are involved.


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: