Address book harvesting
The automatic invitation of all the contacts in the e-mail address books of people who signed up to their service was controversial for two reasons: # Without explaining intentions, Quechup required permission to access the address book. # Invites were sent to all addresses in address books without permission of e-mail address owners. This attracted a great deal of criticism in September 2007. Reacting to the criticism, Quechup's parent company iDate Corporation made a public statement on 17 September 2007, stating that: Much of the criticism focused on misleading users by hiding the nature of the feature in the 'small print' of the site terms and not specifying it in the Quechup privacy policy, which stated only, ''"You agree that we may use personally identifiable information about you to improve our marketing and promotional efforts, to analyse site usage, improve our content and product offerings, and customize our Site's content, layout, and services."''. While admitting the campaign was misleading, technology blogger Chris Hambly pointed out that text explaining how the feature worked was placed in normal print directly above the feature, raising the question of a user's responsibility to read what they agree to, although he noted that this explanatory text failed to clearly state what would happen. In their 17 September statement, Glen Finch, Chief Technology Officer stated This has raised the issue of users automatically 'opting in' without first understanding what they are accepting, rather than automatically 'opting out' of questionable features.Response
Quechup responded by changing how it operated its service and belatedly reassuring customers it was not acting maliciously, even if irresponsibly. # Quechup changed how its address book check worked within days, clearly giving members the option of which contacts, if any, they wanted to invite. # Quechup adopted Windows Live ID Delegated Authentication, enabling Live and Hotmail users to grant limited access by logging in directly on Microsoft's secure servers. # Quechup is a member of SenderScore the world's most comprehensive database of email sender reputation. # Quechup fully complies with Microsoft's Sender ID Framework for email authentication and uses SPF records. The Quechup affair encouraged calls for open authentication through an OpenID system such as Yahoo's BBauth, which would allow a user to grant limited access to their data, without providing passwords directly to a website. Indeed, Quechup adopted Windows Live ID Delegated Authentication, an OpenID system for Windows Live and Hotmail users.Fake invitations
In a more recent development, technology journalistSee also
* Viral marketing * Social networking spam * Forum spam * Blog spamReferences
{{reflistExternal links