Most Retailers Improve Their Email Signup and Security Practices in 2018
The setup of an online retailer's email marketing sign-up process matters. Choices that may seem trivial can be the difference between a consumer signing up for an email campaign or not. The same choices can also put retailers in the crosshairs of regulators as protections for consumers evolve.
In November 2018, the Internet Society’s Online Trust Alliance (OTA) released its fifth annual Email Marketing & Unsubscribe Audit. OTA researchers analyzed the email marketing practices of 200 of North America’s top online retailers and, based on this analysis, offered prescriptive advice to help marketers provide consumers with choice and control over when and what messages they receive. The audit assessed the end-to-end user experience, from signing up for emails to receiving emails to the unsubscribe process and its results.
The good news for retailers is that in the 2018 Audit, 74 percent received a “Best of Class” designation, meaning they scored 80 percent or higher in OTA’s analysis of their email marketing. In addition, 10 retailers received perfect scores, meaning they adopted all 12 of OTA’s best practices. They are: Dick’s Sporting Goods, Home Depot, Lands’ End, Musician’s Friend, Office Depot, OpticsPlanet, Sierra Trading Post, Staples, Talbots, and Walgreens.
Getting visitors to sign up for its email program is one goal of any online retailer’s website, and in the 2018 Audit it was clear that the top retailers in North America upped their game. The percentage of sites that had subscribe forms that were easy for the user to find was 94 percent, up from 85 percent in 2017. In addition, one-quarter of sites offered incentives such as free shipping to entice users to subscribe, down slightly from 28 percent in 2018.
Helping users sign up for emails is only the first step for retailers; protecting those users is as, if not more, important. In 2018, there was more good news: most of the top online retailers take the security of their email subscribers seriously.
The use of Sender Policy Framework (SPF), a technology used to detect forged email addresses and prevent malicious emails such as phishing attempts, was used by 100 percent of the sites audited. DomainKeys Identified Mail (DKIM), a similar technology used to help authenticate the sender of an email, also reached 100 percent. Adoption of similar security technologies such as DMARC and TLS also increased significantly in 2018. All of these technologies help protect users when subscribing to retailers’ email programs.
One area for concern in the sign-up process, however, is the low percentage of retailers asking users to provide geographic information (just 14 percent of sites). Collecting geographic information is important for retailers as regulations evolve around the world (e.g., GDPR in the European Union). It's in retailers’ interest to collect geographic information during the email sign-up process in order to properly segment their subscribers depending on the regulatory regime where each resides.
In the unsubscribe process, the vast majority of retailers not only adhered to most of OTA’s unsubscribe best practices, but went well beyond the requirements laid out in regulations such as CAN-SPAM (USA) or CASL (Canada). Fully 84 percent of retailers had unsubscribe links in their emails that were clear and easy to find, a significant increase from 76 percent in 2017. In addition, the vast majority of retailers (89 percent) immediately honored unsubscribe requests — i.e., the consumer received no further emails after unsubscribing.
Read the full report and view the Key Results Infographic to see how top retailers stacked up when measured against the OTA’s best practices for email signups and to learn more about how retailers should think about their relationships with email subscribers.
Kenneth Olmstead is the internet security and privacy analyst at the Internet Society’s Online Trust Alliance (OTA).
Related story: 2018 Email Marketing & Unsubscribe Audit
Kenneth (Kenny) Olmstead is the Internet Security & Privacy Analyst at the Internet Society’s Online Trust Alliance (OTA). He helps research, analyze, write, and review technical content relating to OTA issues - identity, security, privacy, and data stewardship. Olmstead also helps with communications and engaging the OTA Committees on technical and techno-policy issues. Before joining the Internet Society, Olmstead spent more than a decade at the Pew Research Center studying how the Internet affects American life.