Company Cancels Order Because It's Confused About Anti-Spam Techniques

A reader writes in to warn that if you purchase from Cascade Toboggan, be prepared to be treated with suspicion and hostility, and to have your order canceled if you attempt to straighten things out. Michal used a fairly common spam-tracking technique when he placed an order with them earlier this month—he put their company name as part of his email and shipping addresses, so that if his information was sold, he’d be able to source the perpetrator. We’ve done this ourselves in the past, and it works. However, the owner of Cascade, Dana, says this is trademark infringement, and even after getting Michal to agree to remove the name from his personal info, canceled the order and effectively banned Michal from future business.

UPDATE: Cascade Toboggan responds.

Dana! If you read this, please understand that no sane person will mistake Michal’s custom email address—”cascadetoboggan@mydomain.com”—with yours, which ends with cascadetoboggan.com. We know that being a small business owner is a challenge, but going after legit customers isn’t going to help. You could have asked Michal to use some other unique identifier in his shipping and email addresses, so that you’d sleep better and he’d still be able to track spam leaks. (And this is what we suggest to Michal and other readers in the future too, if only to avoid raising any red flags at companies that do sell their info.)

The only other reasons we can see for canceling the order, even after talking to the customer about it, is you’re just a hot-headed guy who doesn’t like to be confronted by an angry customer, or you indeed sell your database to other companies and don’t like the idea of someone tagging your data to track it later.

In our previous incarnation as a web developer, we were consistently amazed by the willful ignorance of clients regarding the web. It’s certainly okay to not know about a new(ish) technology—but wouldn’t you want to ask questions and try to learn more about how everything works? (“No,” said our clients 90% of the time.) Having a Ted Stevens-like understanding of the Internet is only amusing when it’s a national lawmaker.

An account of the experience (Thanks to Michal!)
(Photo: Getty)

CASCADE TOBOGGAN’S RESPONSE:

To Whom It May Concern: I can certainly appreciate your role as consumer advocate. So many times consumers are treated unfairly by companies (usually large ones) and have no recourse. However, I believe it benefits all to get both sides of the story before making judgments or decisions concerning correct behavior.

First and foremost, we sent Mr. Bryc an e-mail immediately after he placed his order that was both cordial and requested he stop the practice of using our company name as both a ship to address and as an e-mail handle. I understand the rational for this, but there are certainly better methods of tracking the sale of information. I cannot say why Mr. Bryce did not receive our e-mail, everyone else does.

We do not sell any of our customers information, or give it away. We state this in our privacy policy on the web.

After not hearing from Mr. Bryc following my original e-mail, we assumed that he had elected to take his business elsewhere. Several days later, he sent an e-mail (this was Friday), then another on Saturday. When I returned to the office on Monday, I promptly called him to apologize for not sending his order. I also asked him if he received the e-mail I sent on the day of his order. He denied receiving this, although he has received every e-mail I have sent him since? I then asked him about his use of our name. He explained to me why he used this technique. I empathized with his desire to track people that engage in this practice, but suggested there were ways that this could be done without using someone’s legal trademark. I requested that he stop using this method and asked for his assurance that he would not use our name further. He told me that he would not be doing business with us in the future, but would not agree to not use our trade name.

At this time I did agree to send him the product he ordered, but would not send it to Cascade Toboggan at the Seattle address he specified. Several minutes afterward when I had a moment to reflect on the conversation, I made the decision that Mr. Bryc was not the kind of customer that we wanted to be involved with. His tone and in my opinion, his intent was inflammatory. I sent him a very cordial e-mail indicating that after further consideration we were invoking our right as a company to decline to do business with him.

I’ve owned this company for nearly 10 years, and the company has been in business for over 45 years. To the best of my knowledge, Mr. Bryc is the first customer we have declined to do business with. That should tell you something. We don’t make hot headed decisions regarding business practices.

I too am a ski patroller, and have been for many years. My company has also donated many, many thousands of dollars to the National Ski Patrol, various Search and Rescue organizations and the National Avalanche School. I’m sure if you polled our many thousands of customers, you would be hard pressed to find a handful that have had a negative experience with our company. I would hazard a guess that the opposite is true of Mr. Bryc.

Sincerely,

Dana A. Jordan

Cascade Toboggan Rescue Equipment Company

Comments

Edit Your Comment

  1. scoobydoo says:

    Idiots.

  2. swissdietcoke says:

    I did this a while back with a ‘free toothbrush’ i filled out information for. I knew it was a scam, so I gave a bogus email, but I also filled out my name as ‘Scott Toothbrush.’ While it confused my postman, after I explained to him why I was getting credit card applications and magazine offers for Scott Toothbrush, he got a good laugh. I received a piece of mail with Scott Toothbrush on it last week. I filled out the offer two years ago.

  3. Falconfire says:

    you know with the sheer number of lawyers in this country you would think at least a decent amount of them would tell these companies what the hell copyright and trademark mean, and what exactly the two ARE.

  4. Michal’s e-mail trail is really interesting. I never thought of doing this, but I think I’m going to start!

  5. …you’re just a hot-headed guy who doesn’t like to be confronted by an angry customer, or you indeed sell your database to other companies…

    $5 says it’s the latter.

  6. beavis88 says:

    *shrug* If they’re too stupid to handle something like this, they’re certainly too stupid to get my business on a regular basis. Frankly, he should be *glad* they were so forward about their incompetence – I’m sure it saved him countless hours of trouble down the road.

  7. Uriel says:

    wow, dicks all around it seems, meaning the people at Cascade Toboggan of course. Better send a letter to the Cascade soap company, get them on Cascade Toboggan’s ass they need to make sure that when people order a toboggan, they don’t think they’re ordering “Cascade” Soap, a registered trademark of the Procter & Gamble Company.

  8. RokMartian says:

    While I think that they eventually over reacted, I do understand why they might have been suspicious. We don’t know what his full email address is, but if I had a business and received an order from something like “mydomainname@alqaeda.com” I might second guess the buyers motives.

  9. gorckat says:

    Perhaps “casctob” and similar compaction would work.

  10. Myron says:

    I’ve been doing this with my email address for years and never had a problem. (I use, and recommend, the disposable email service Spamex)

    How do you do this with your shipping address?

  11. timmus says:

    I just have to say I am cracking up over the Mr. Toothbrush story. I may have to send in a few offers to give my wife something to puzzle over.

  12. fluiddruid says:

    What morons. I work for a small business and get emails *all the time* from ourcompany@theirdomain.com and ourproduct@theirdomain.com. Fortunately for us, we don’t spam. :D

  13. cabinaero says:

    Myron – in the second line of the address field, put “C/O ###X”. Start at “001A” and keep a spreadsheet cross-referencing the code to a company.

  14. SVreader says:

    When I was in middle school, I would get spam addressed to “your daughter.” The scource was easy to see–I had sent an e-card to my mom and signed it thusly.

  15. mbrutsch says:

    I’ve been doing this for years; that’s the only reason I even registered brutsch.net was to give out just such email addresses. I’ve never had a complaint (although I’ve had dozens of email addresses turn up in spam lists). Kudos to Cascade Toboggan for finding a new way to lose business. The ingenuity of small business owners never ceases to amaze me. I think I’ll order something as “retarded-owner@brutsch.net” and see if Dana recognizes himself.

  16. jferg says:

    I’ve had very similar experiences a couple of different places. I had a librarian at the Kansas City Public Library insist that I was going to hack their systems by giving my e-mail address as “kclibrary@[mydomain.com]” when I was signing up for my library card. I also had a rep at (B&N or Borders, I don’t recall which) insist that “borders@[mydomain.com]” just couldn’t be my e-mail address.

  17. Antediluvian says:

    I used to use a different middle initial with each company I signed up to get catalogs from or ordered from (pre-Intertubes). I stopped this because they were cross-seeding their lists and not purging very well (so I’d end up with 3 of the same catalog, for example), and I didn’t mind getting the different mailings (I minded the waste of getting duplicates).

    I do/did the same thing the OP is doing, and while only a few places SOLD or GAVE out my info, TOO MANY places got infected with address-harvesting SPAM programs and I got those addresses put onto SPAM lists. The best two: a (computer) SECURITY conference I attended and the computer retailer MICROCENTER.

    I’ve stopped doing this because I’ve decided it’s easier to filter in a different part of the process and there are so many one-off addresses that it’s not worth it.

  18. Myron says:

    @cabinaero: I’m intrigued. Does that second line tend to carry from merchant to the resulting third party junk mail?

  19. coan_net says:

    I’ve been doing that for years also – using the “company” @ mydomain.com

    I haven’t had a problem yet – but I wonder if when I sign up for contest and such, if for example Pepsi seen an e-mail pepsi@mydomain.com… if they would think I’m en employee or something and disqualify me. (or I’m just unlucky and never win those type of things.)

    To me, sounds like cascadetoboggan sells their list, and don’t like the idea that it can be traced back to them.

  20. Buran says:

    If they can’t respect that people might not trust you when you say “we will not sell your information” (ever heard THAT one before and gotten burned anyway? Sorry, guys, we don’t trust you) not only will I not do business with that company but I will tell other people why. It’s not libel if you tell the whole, true story, either.

    Cascade Toboggan, you have lost a potential customer due to your unfair treatment of this guy, who wasn’t doing what he was doing to make a profit or to scam anyone; he did it out of a need to protect himself and because, sorry to say, businesses are no longer trusted to keep customer information secret (and try to weasel out of rules stating that they must tell when it gets out, too). If this guy doesn’t like that and can’t cope with that reality, he should not be in business.

    Thanks for exposing these guys as shortsighted thinkers who can’t respect the people who keep them in business.

  21. kc2idf says:

    I do this sort of email tracking, also. I have blacklisted a large number of addresses in my name space.

    I think that if I were addressed in this manner, my response would be to use 5b9936ba43abbbbcbbea8d11ff2cf583@example.com…. this is, of course, the md5sum of “cascadetoboggan.com”.

  22. alice_bunnie says:

    I’ve been doing something similar since we used to tie onions on our belts! No, before the internet. I’d fill out surveys, only I’d put a random letter in my name. I’d be Alicex. Then one day a credit card offer came along that looked pretty good and Alicex got a credit card, really. I never, ever was able to get them to change my name, and it’s on my credit report to this day 20 years later. :p

  23. pestie says:

    Do these douchebags even get that this guy is only using their “legal trademark” to order from their company?? Christ on a crutch! If any company pulled this crap on me, I’d tell ‘em to eat a dick and take my business elsewhere.

  24. watchout5 says:

    You’ve owned the company for 10 years and this is the only person you’ve ever dealt with about you selling your database to people? Is it really that hard to admit, I don’t care how many thousands of dollars you’ve donated to good causes you’ve made thousands more selling your customers information and that’s not ok to some people.

  25. Jay Levitt says:

    I’ve done a few similar things…

    When I first moved into my own apartment 15 years ago (Apt H), I started filling out all my change-of-address forms and new catalogs as Apt H1, Apt H2, etc. and scrupulously kept track of which address had been given to whom. (The world was smaller then.)

    I finally gave up about 40 addresses later, when I realized that the only people who did sell my address were the USPS, and they’d given it to damn near everyone.

    On the other hand, I do use unique e-mail addresses like the OP does, for all my orders, message boards, etc. I’ve never had anyone accuse me of trademark violations, but I have found that if a human gets involved, they’re often confused, and sometimes they assume it’s a fake e-mail address, as JFERG did.

    I’ve taken to picking just a few letters from the company name, so that it doesn’t necessarily trigger the “hey, that can’t be real” response; for instance, I might use jay-castob@my-domain for Cascade Toboggan. Even if I forget what “castob” means, I can find it in Google Desktop.

    Like Antedeluvian, I find that the biggest problem comes from harvested names and compromised servers, not name-selling. Luckily, using unique addresses makes it easy to blacklist a name once it becomes known to spammers – and that, in turn, makes it really easy for me to catch other, similar spam (which might even otherwise hit my “real” e-mail address).

  26. scoobydoo says:

    If this is all it takes for you to dump a customer then I’m amazed you are still in business.

    “His tone and in my opinion, his intent was inflammatory”

    REALLY? For that you canceled his order and told him to piss off?

    Fingers crossed more of your customers read this and take their business elsewhere.

  27. sewrig01 says:

    O.K., But if you are a company do you really want to be shipping items to at the other person’s address. I could see where you may suspect some type of fraud. I think there are other ways he could have acted without putting their full name, that would still give him an idea of where it was from if they sold his information.

    Sounds like the company was suspicious and he had an attitude because they had a problem. It is a shame they couldn’t compromise.

  28. Antediluvian says:

    I appreciate that CTC (don’t want to use their name for fear of violating trademarks!) did write a response. I don’t agree w/ their decision, or the route they took to get there, but that’s their (stupid) prerogative.

    I wouldn’t use the company’s name in a shipto address because it doesn’t make sense. I like my way better: middle initials or names: Sarah Jane CTC Smith.

    But the idea that someone might have missed an email message: please, EVERYONE misses emails. Email is not a reliable medium — it’s mostly reliable, but it’s not guaranteed. If a customer said he didn’t get an email, he probably DIDN’T GET AN EMAIL.
    Or he got it and overlooked it, or accidentally deleted it.

  29. grrrarrrg says:

    at no point in time was the customer at fault here? why is everyone so eager to jump on the company?

    i know that people always like to say that the “customer is always right,” but at what point does the customer need to STFU?

  30. Charles Duffy says:

    One approach that would make everyone happy is to continue to use custom addresses, but ROT13 them.

    It’s no longer (obviously) trademark-infringing, but it’s trivial to tie back to an individual vendor.

  31. ShadowFalls says:

    Reading everything, I still not see why this company is giving this guy a hard time.

    Instead of respecting this guy’s attempt to protect himself from spam and the sorts, rhe company decided to instead get snoody and refuse to do business with the person.

    This “company” says that there certainly should be better methods of tracking this information, but failed to provide such a method making it a worthless point.

    When this company mentioned that Michal said he was not going to do business with them any longer and the company said he refused to stop using their “trademark”, makes them sound like fools.

    He wouldn’t be refusing that information any longer as it was meant for that business and that business alone. That is how it works. Sounds a little stupid to suggest there are better methods of doing something and not knowing how the method in question actual works.

    At the end, this company got to the point of acting pretentious. Went and then refused to ever do business with this guy, even after Michal said he wasn’t doing business with them any longer. Seems like someone lost perspective here.

    Then at the end, goes to the part of giving us a mini life story of himself and the company to make it sound like he and his company are wonderful givers and must be admired. Walmart donates to charity too, doesn’t make people like them any more, and I bet you get a tax write-off just as they do.

    So in the end, you (your company) decided that you didn’t want to do business with someone who already said they no longer wanted to do business with you, all because you couldn’t be flexible and understanding on the guy protecting himself from companies that operate in a manner that could be seen as very similar to yours.

    Michal here is the one in the right, if anyone can’t see that, I feel bad for you.

  32. geoelectric says:

    1) If a company don’t protect its trademark, it risks losing it. This means protecting against trivial uses too. The trademark can only be used safely to refer to that company or its products, and using it as your email makes it refer to you.

    2) As had been stated by the poster above, just changing it to castob or something would have fixed the issue to everyone’s satisfaction.

  33. nightshade74 says:

    I’ve been giving unique addresses since 2001.
    I take it a step further when someone sells
    my email info — I ‘return’ the favor. I
    lookup the whois for the domain and forward it
    to the admin contact…

    (Of course they arent ‘guessable’ or even randomly generateable addresses)

  34. IRSistherootofallevil says:

    Or maybe something like princebabalabashabalabadingdong@mydomain.com and see how much spam you get. Or how much junk mail you get addressed to Prince Babalabashabalabadingdong.

  35. salguod_senrab says:

    Despite the cordial tone, Dana Jordan’s letter reflects a total failure to understand both trademark law and a common anti-spam measure. This failure to understand (or become educated) irritated a customer. That customer became upset as Dana persisted in this ignorance, and expressed that to Dana.

    Dana had two choices here: blame the customer, or attempt to learn something about trademark law and anti-spam practices. So, plus one point for cordiality, minus ten points for languishing in ignorance which could be cured with about ten minutes of Googling.

  36. salguod_senrab says:

    @GEOELECTRIC:
    I can see that Dana Jordan isn’t the only one with gross misconceptions about trademark law.

    Although he is (as always) somewhat inflammattory, and he glosses over a few issues, Cory Doctorow’s article on trademarks pretty much says it all with respect to the kind of superstition you’re promoting:
    [www.openp2p.com]

  37. mbrutsch says:

    @grrrarrrg: Everyone is “jumping on the company” because the owner has a poor grasp of trademark law, and is compounding the problem by publicly refusing to do business with someone due to said ignorance. But then, who expects a ski bum to understand trademark law anyway?

  38. at no point in time was the customer at fault here

    @grrrarrrg: Nope.

    I will also give CTC points for responding but I still don’t see what the big deal here is. He was only going to use that e-mail address in doing business with CTC so the e-mail address does still refer to the company even though the e-mail itself isn’t going to that company. Was that point missed? This makes it seem so:

    I requested that he stop using this method and asked for his assurance that he would not use our name further. He told me that he would not be doing business with us in the future, but would not agree to not use our trade name.

    See, I don’t get it. Did CTC think the OP was using the e-mail address for other stuff or did the OP just insist on not deleting the account? He’d need to keep the account open if he wants to see if his information got sold.

  39. Flynn says:

    @jferg: I also had a rep at (B&N or Borders, I don’t recall which) insist that “borders@[mydomain.com]” just couldn’t be my e-mail address.

    Funny if it was Borders, as they claimed to me that when I started receiving spam to my borders e-mail address it was because spammers were hitting random e-mail addresses with “borders” anywhere in the user name.

    Oh, and I love the “we don’t sell information” verbal argument, yet the legalese ALWAYS says “we reserve the right to change this at any time.” Yet companies wonder why we are suspicious and try to track this.

    As an aside, I get spam to one of my e-mail addresses sent to “Trent Calhoun.” I have NO idea how or why this is, but I get a bunch of it.

  40. UpsetPanda says:

    Okay, here’s the situation I’m in. I’m engaged, started a few wedding registries, and now for whatever reason I am starting to get spam phone calls from various wedding-related companies. WTF?! Where the heck did they get my phone number?

  41. UpsetPanda says:

    Okay, I just checked one or two of my registries. A few of them are established at sites where I’ve already bought items from, so no biggie. But why the heck do they ask for a phone number? Is that how other companies and wedding telemarketing people are getting my number? I’m guessing so. Shame on me, yes, but is there a better way of getting my phone number on a do-not-call registry for weddding vendors? I mean, it’s already on the normal one…

  42. armour says:

    I have uset the Custom email adress ofter but what I do is use the ip of the webside at the end 99% ot teh prople out side of teh it department would reconize it

    armour69607199@yourdomain.ca

  43. magus_melchior says:

    Mr. Jordan,
    It would be much easier to see your side of the story if you had not included the first and last paragraphs. Nothing makes a consumerist angrier than a self-righteous-sounding company owner.

  44. skrom says:

    Some people are just so paranoid. What’s the big deal. Just throw the junk mail away. It isnt hurting you to get it. Really, just stop whining!

  45. Consumerist Moderator - ACAMBRAS says:

    @skrom:

    It’s not whining — people are sick of being bombarded with useless, wasteful, advertising.

    Furthermore, if a company promises not to sell customers’ information, the company should honor that promise.

  46. Mr. Gunn says:

    Consumerist Moderator – ACAMBRAS: That’s exactly it. Yeah, all the stuff would just get filtered anyways, but I still want to know if they’re lying to me so I can quit doing business with them.

    Now, after using this tactic for over a year, because Dreamhost has a cheap plan that includes free unlimited email addresses, I have to report that I’ve yet to get spam to any of the addresses I’ve given out. Essentially all of my spam remains wildcard spam.

  47. Consumerist Moderator - ACAMBRAS says:

    @Mr. Gunn:
    Yes, and I’m not just talking about e-mail, either. I still get a lot more unsolicited paper junkmail than I want.

  48. skrom says:

    @Consumerist Moderator – ACAMBRAS:

    How hard is it to just throw it in the trash, I dont even look at it, just pitch it

  49. Consumerist Moderator - ACAMBRAS says:

    @skrom:
    A) If it’s got my name or any other personal info on it, it goes into the shredder.
    B) Junk mail is WASTEFUL. Lots of paper, not to mention the energy/fuel that goes into producing it and transporting it. All that for crap I never asked for.

  50. Uriel says:

    @Flynn: “See, I don’t get it. Did CTC think the OP was using the e-mail address for other stuff or did the OP just insist on not deleting the account? He’d need to keep the account open if he wants to see if his information got sold.”

    No reason to delete the account. The idea that it was infringing on Copyright law, simply because it holds “CascadeToboggan” within the address is absurd.

  51. marsneedsrabbits says:

    The Toboggan guy really needs to unwind a bit and get over himself.
    He really comes off as a humorless grump.
    Yuck.

  52. AT203 says:

    Dear Mr.Tobbagman. Welcome to the Internet! It can be a fun, and sometimes scary place. New things can be frightening in their unfamiliarity. I would offer some tips, but I don’t think your business is going to be around much longer, what with its inability to adapt and all.

    It can hardly be considered trademark infringement to use the name of the business you are doing transacting with in your business records. That is what you are objecting to. If I wrote the name of your business in the memo field of my check, would you have lawsuit? No. And if I used the name in a purchas order? No.

    Anyways, thanks for stopping by. I don’t think the Internet was for you anyways, it rarely ever snows here. Ciao!

  53. realserendipity says:

    I just shot off an email to the company expressing my dismay over thier service level. It seems a pity that I will boycott them since they have good stuff for ski bums like me but I simply cannot do business with a company that treats consumers like that.

    Maybe one day the owner will learn

  54. Jerim says:

    God, when are people going to start looking up the meaning of trademark infringement before using it?

    First, a trademark is not simply a word. You can’t trademark a word. What you trademark is a unique spelling or the overall look of the logo. A trademark can be anything. It can be a simple picture of a tree or a dog. On occasion it can contain a word. But what you are trademark marking is the overall design; for instance, you can’t trademark McDonald’s but you can trademark the unique arch shaped spelling of the M, along with the color scheme of yellow letters on a red background.

    Secondly, in order to infringe on something you have to cause harm. Usually this is based on taking away customers from another business. For instance, if I open a fast food place, and call it McDonald’s with the unique spelling and color scheme, I would still have to be successful at taking customers away from McDonald’s before you could legally call it trademark infringement. Or you could claim that the sub-par food reflects badly on the real McDonald’s. But in either case, you have to actually cause harm. Using a word in an email to the company is not harming them in any way.

  55. eblack says:

    My company gets customers who do this from time to time. I chuckle a little to myself when I see it because our policy on releasing information is an iron-clad “we don’t.” But I’m familiar with the practice, and I understand why people do it.

    I would certainly never turn down someone’s business because they didn’t give me an email address I like. That’s just silly.

  56. CapitalC says:

    Why not just use a number or other “smart code” instead of the company’s name? I’ve been using date+letter coding on the email address I use (eg. 071022A@mydomain.com) for online orders for companies I don’t trust – this lets me know if they pass it off to a list or another company and I can track it without using someone’s trademark. Others, I simply use onlineorder@mydomain.com and it seems to work.