Kelly’s Not Here, Man
I like to think I’m unique, but I’m not. There are many more Kelly Molloys in the world, and I am but one. I know there’s a Kelly Molloy who lives in Ireland and orders pizza and tops up his or her phone often, and a Kelly Molloy who lives in the Midwest and makes a lot of appointments at the Genius Bar. There’s also a Kelly Molloy who lives in Canada and recently had a baby (congrats, and I hope all went well!) and a Kelly Molloy who works in IT who lives in the Greater New York City area.
There’s one thing all those Kelly Molloys have in common–they all think my email address belongs to them.
All the misdirected mail I get, the mail that’s meant for the other Kelly Molloys, is transactional mail. I get the mail that says “We received your online pizza order!” and the mail that says “You have 120 minutes of talk time remaining,” and the mail from the hospital that said “Your induction of labor is scheduled for $_time_and_date,” and the mail that says “Here’s a reminder for your Genius Bar appointment!” and the mail that says “This is the billing statement for your very expensive cloud software licenses, please pay it.”
But none of it is for me, and I have no way to make it stop. I’ve tried. I’ve written to the Genius Bar. I tracked down the hospital and called them and told them that so far as I was aware I wasn’t pregnant and I’d hate for that other Kelly to miss her appointment and they thanked me and then sent me another confirmation. I’ve written to the company with the software licenses and asked them to take me off the account, I wrote to the vendor and told them I am not authorized to access that account. I have a street address for the pizza deliveries and a phone number for the top-ups. I have yet to be removed from anything. I’ve tried to log in to accounts and change passwords, but most places use some kind of two factor authentication, so that doesn’t always work.
When Spamhaus says, as they did here (http://www.spamhaus.org/news/article/692/) that an email address used for transactional mail should never be used for marketing without permission, I completely agree. I also agree with Spamhaus’ statement that even transactional mail should contain a link that says “This isn’t me!” That would have solved my problems quickly and easily.
My email account is proof that transactional email can still be unsolicited by the recipient. Without some kind of confirmation, there’s no assurance that the person who is receiving (and in my case, opening) the mail is the person who asked for it. Also consider the amount of personally identifiable information I’ve collected on these other Kelly Molloys. I know where they work, where they live, and what kind of computers they have. I have software license keys, and even medical information. If I were so inclined, I could likely use this information for nefarious purposes–I could easily piece together enough information to reset passwords.
So, Kelly and Kelly and Kelly and Kelly, don’t worry. We’re all in this together. I won’t crack your accounts. But please, stop using my email address. And senders, please make it easy for me to make it stop. It’s the responsible thing to do.