Winning Mods Hearts and Minds

February 18, 2008
About moderators getting Grouply Owner Authorization Code emails that they did not ask for …

It seems that anybody could go to the opt-out page and sit there all day punching in the group names for lots of groups to get Grouply to send them the OAC.  Probably not a good thing for Grouply, and a good way to annoy moderators, especially those who already opted-out.

Could the opt-out page restrict the same IP address from using it more than once per day?  Maybe twice in case the owner didn’t get the email the first time for some reason beyond Grouply’s control.

A better solution would be for Grouply to block access to any group where the owner had not first opted-IN to grant access to their members.  In my groups, nothing would win over the hearts and minds of members for using a new service better than their own fearless leader promoting it, because I have a long-term trusting relationship with them that Grouply does not have (and probably never will have now).  Of course, first I’d have to be convinced that Grouply was a good idea.  That’s hard to do when Grouply uses spam as a promotional activity.

If Grouply wanted a short-cut to attract members of Y! Groups, they would provide special features and benefits to owners and moderators, to encourage their use of the product, instead of annoying them with spam and unrequested OAC emails and security holes like overrides on archive access restrictions and personal information sharing defaulted to on instead of off, and defaulting to on advertising in member profiles links to groups that are unlisted in the YG directory.

I have found nothing in Grouply that improves my ability to manage my groups, or anything to make it more convenient for me to do so, no tools that make my life any better as a moderator.  On the contrary, I have found that Grouply has caused me more work.

As owner of my groups, I’m not just a YG moderator, I’m the executive director of a club or association (varying according to the nature of the group) that uses YG as its communication venue.  If Grouply wants to offer a service to my club members, shouldn’t it come politely knocking on my front door instead of barging in the back door, spam guns blazing?Yeah, they made an effort to reduce the spamming, but did not eliminate it, and before they reduced it, they effectively tossed up a big global red flag saying, “Don’t trust this company because they use an illegal practice to promote their wares.”  Lowering the flag to half-mast, or shrinking it, is not a fully effective solution to its prior size or presence.  Burning it would be better.

Because of Grouply and the potential for similar services putting me through still more hoop-jumping to avoid their intrusion, I’m considering moving my groups’ communication venue to another service instead of YG, even if it means having to pay for a secure one.  Is that what Grouply wants?  Is that what Yahoo wants?  Is that “improving the experience of Yahoo Groups?”

Since group owners have the power to abolish Grouply access, and began doing it (as I did) even without the opt-out procedure Grouply now provides, aren’t group owners and moderators people whom Grouply needs to attract rather than annoy with illegal spam via their “Invite Groups” postings to groups, something universally objectionable to conscientious moderators of good groups?

Spam once a month or even only once per group lifetime is still spam and illegal under U.S. federal law when it is unsolicited commercial email (the definition used by the Federal Trade Commission), as Grouply’s “Invite Groups” thing certainly is, because it is sent BY THE COMMERCIAL ENTITY.  I checked the headers on their spam; the originating IP is registered to grouply.com, not the Grouply subscriber pulling the trigger on Grouply’s spam gun.  So when I send it to the FTC, I will be careful to point out that it originated from the web site of a commercial entity, not just some Joe Citizen sharing an idea he likes with fellow group members.  The subscriber may be something like an agent for Grouply’s spamming operation, but the message IS SENT BY GROUPLY.COM.  How does Grouply expect to win hearts and minds among owner-moderators when they break the law to advertise their service to their members in spam postings?

Everyone who agrees should send the spam, with full headers displayed, and with a note emphasizing that the originating IP is registered to grouply.com, a commercial entity, to the FTC’s spam reporting center at:
spam@uce.gov
(that’s spam-at-uce.gov)

FTC probably won’t act on one complaint, but they might if lots of citizens file it.  It would be so much better if Grouply acted on it themselves.

Turn off the spam gun.  That would be a very good Grouply Improvement.

Since moderators of YGOG and EL-M seem to like Grouply, and put considerable effort into defending Grouply against criticisms, they could welcome Grouply posting promotional messages about their service in those big groups, which are actively promoted by Yahoo itself via links to them on Yahoo official web pages, and being groups that cater to moderators, people Grouply would seem to have a vested interest in winning over.

Or, instead of allowing access for any group by default on request of any one member of the group (which can be just a Grouply employee who joined the group to get a head start on scraping their archive, which takes time), Grouply could promote their product via the advertising banner in YG to attract moderators to sign up for it, and to attract members to lobby their moderators to sign up.

Yahoo uses YG banner ads to promote their Y! Hotjobs, Y! Personals, Y! Small Business web hosting, Y! Autos, and other services.  T-Mobile uses it to look for customers who want to “Get rockin’ now” with the “Samsung Beat,” and T-Mobile’s $10/month unlimited email.  Disney Cruise Line uses YG banner ads.  Macy’s, University of Phoenix, too.  Right now I’m looking at a banner ad in YG for Waste Management, Inc.  They seem to have the notion that it’s a good idea to advertise to YG users.

I’m no business tycoon, but it seems that Yahoo would have an interest in telling Grouply, “If you want a piece of the Yahoo Groups action, you can use our advertising banner service to target your ads at our YG users,” and come in through the front door instead of the back.  Yep, I suppose it might be expensive.  Cost of doing business with the big boys.

Advertisements

Lawyer-Up

February 18, 2008

Ungrouply Behavior,

I posted this message in the GI group in response to Grouply’s assertion that they “had lawyers review the Yahoo TOS to make sure we would be ok.”

You have my permission to post this in Ungrouply Behavior.  The original is at:
http://tech.groups.yahoo.com/group/GrouplyImprovements/message/722

—————————————–
Enron’s chiefs had lawyers, too, who fought hard to defend them.  Not to compare Grouply’s tiny place in the world to theirs, or Grouply’s activities to theirs, but the argument that lawyers said it is okay means almost nothing to me.

Case in point:

The Freecycle Network, Inc. (TFN), which also has a lawyer reviewing its practices (a respectable law firm, as I understand it), said repeatedly (including directly to me personally) that it had Yahoo’s okay for their YG message aggregation scheme (“Finder”), until Yahoo publicly pronounced the technique involved to be contrary to their TOS.  That came only after an outcry from YG members and moderators, and many complaints filed about it, and even then not before national press media gave attention to the matter.  Prior to that, for a long time (more than a year as I recall), the scheme was in place and operating successfully without visible interference from Yahoo.  Once Yahoo became convinced that it was a problem, and pronounced on the matter, TFN immediately took its revenue-generating freecyclefinder.org off the web, despite all the prior lawyerly claims made by TFN that it did not violate Yahoo’s TOS, operated with Yahoo’s knowledge, and allegedly even with their consent.  Grouply’s similar lawyer-reviewed claim of TOS compliance is unconvincing to me.

In their public statement made recently on third party access issues, so far clearly Yahoo is leaving the matter to the discretion of moderators, advising them to do what they think is best for their groups regarding membership eligibility of YG users connected with or enabling access of third parties.

As a group owner-moderator responsible for working to ensure TOS compliance in and by my group, I find that Grouply subscribers are complicit, whether willfully or not, in at least an end-run around certain provisions of the Yahoo TOS, if not directly violating it.  I find that they participate in enabling iGroup, Inc. to abrogate aspects of the spirit and the letter of the Yahoo TOS.  I find that Grouply encourages behaviors contrary to my understanding of the spirit of the Yahoo TOS.  Access and usage via the Grouply method also infringes on previously established internal policies of my groups.

Therefore, members are not allowed to use the Grouply method to access my groups.  There are so few of them, their not being allowed to use their Grouply account to access my group has no effect on the mission effectiveness of my groups anyway, but the presence of just one of them using Grouply does involve significant risks, in my view.  Grouply subscribers otherwise eligible for membership are welcome to participate in my groups, just not via the Grouply.com service, or any other like it.  Not being allowed to use Grouply does not prevent or inhibit their full participation in the missions of my groups, in well established, reliably convenient ways provided by Yahoo!.


Grouply Talk 2

February 18, 2008

[Posted here by permission of the author, who asked not to be identified.  Another part of a conversation between two moderators.]

… just some follow-up thoughts.

Almost certainly you have only a few Grouply users who might be affected if you use Grouply’s opt-out/disable access routine just released a couple days ago.  Even in massive groups with over 20k members they had less than one tenth of a percent Grouply users each, as of yesterday.  Most groups with 1k-3k members have only one or two Grouply users in them, so far, if any.

Grouply is still in beta, so it hasn’t caught fire yet … and they have enough problems that it may be some time before they do catch on, if ever.  They’re taking a bit of a beating from vocal opponents to their methods.

Meanwhile, I’m not thrilled about the fact that if even just one group member signs up with them, Grouply.com starts mirroring the group’s entire archive and keeps it indefinitely.  Even if you disable access, they still have not installed a means to purge what they had already captured of your archive.  I ran a test with a group that had only one message posted, and it did not get deleted after I disabled access.  They say they are still working on that.

Now I find also that even if a Y! group has its archive access set to mods-only or no access or even no archive at all, Grouply still starts mirroring postings as soon as one member joins them, and makes it available to any/all members of the same group within their site.  That’s an override of moderator control of access to their message archive.  The only way to stop it is for the moderator to use Grouply’s new disable access routine.

Without announcing it to the whole group, you could just quietly disable Grouply’s access, and send a private email to those few Grouply members saying that they can certainly continue as members of your group, just not with their grouply.com email address.

To find them, search for “grouply” in Management | Memberships.  As it stands now, every Grouply subscriber gets their email address for all their groups changed to @grouply.com when they first subscribe to Grouply.  They can change it back later for any group they want, or it will be changed for them by Grouply’s bot if they unsub from Grouply.com, but that search will tell you how many members at least tried it.  I’m sure it won’t be more than a handful in a group your size.

To block Grouply’s access to your group, see:

http://www.grouply.com/owner_controls.php

That also turns off their spam gun for your group (their “Tell Your Groups about Grouply” feature, which sends an advertisement to the group posting address).

Later, if Grouply turns out to be a safe product some day, and becomes popular among YG users (I doubt it), you can go to that link to re-enable access, too.
 


Grouply Talk 1

February 18, 2008
[Posted here by permission of the author, part of a conversation between two moderators]Before I say anything else, you can probably guess that if you open this topic on-list, it may become very hot and flood the board with OT traffic for a long time.  However, if you feel, as I do, that members should be aware of what’s going on, maybe you could post an announcement but restrict dialog on it, referring people instead to the group links below.  Then again, maybe you’ll like Grouply, too, and welcome their hosting a duplicate of your group’s restricted message archive (which they may already have)!

The message I sent you is a copy of the special notice that I sent the members of my groups.  Actually I first sent a notice just saying we will not permit Grouply users, no explanation.  One person asked why.  So I followed up with what I sent you, just for the record, knowing most of my members are not especially tech savvy and don’t care.  None of my co-mods had heard of Grouply until I told them they could not be mods with a Grouply-subscribed YID (before I decided to abolish Grouply users altogether).  But in the past they have given me nice positive feedback when I did things to protect the group’s integrity, privacy and security, so I know they appreciate the effort.  I have not lost any members over this matter, and would not care if a few left because they like Grouply.  Besides, they can be Grouply subscribers and just not use it to connect to my groups.

It seems to me that the way Grouply gained notoriety and public awareness was through spamming.  When you subscribe, by default you are offered a “tell a friend” box to insert the email addresses of others to receive a Grouply advertisement.  Some people have been using that to enter group -owner addies or group posting addies.  Then they also prompt you to say no to a default list of all the groups you belong to, offering a spamming gun to send an advertisement to the group message board of every group where you hold membership.  Then they also had a contest (not sure if that’s still running … see

http://theprizeblog.com/2007/12/01/featured-contest-the-grouply-nintendo-wii-and-ipod-touch-competition/
for existing Grouply subscribers where they gave away toys like an iPod and Nintendo Wii to members who recruited the most new subscribers.  These tactics generated a mass spamming effort among Y! groups, which aroused lots of interest, of course, though not good PR for iGroup Network, Inc. and its Grouply “service” (apparently incarnated at least partly by the principals of linkedin.com, from what I read in trade reports).On the advice of a friend with more experience in Grouplyfication, I planted a lurking account in Grouply temporarily just to see for sure how many people are using Grouply.  None were in my groups.  In the EmailList-Managers group, with 3322 members, less than 1% were using it, including two Grouply staff and, I believe, two moderators who are Grouply fans.

If you run a search on the word grouply in Management | Memberships, you’ll see address changes to @ grouply.com if any members signed up with them.  That happens instantly as soon as someone subscribes to Grouply.  (Sets them up like Freecycle Finder did … Indy Emails going to their Grouply address, and Grouply archives the “take” indefinitely.  Grouply’s bot — they prefer the word “application” or “service” — does the Yahoo email address verification in the background.)  They can switch to Grouply’s new “web connection” mode once they are signed up, where Grouply’s bot uses their YID and password to simply scrape the group archive instead of getting only new postings by email.  And they DO take the whole archive.  Supposedly their mirroring will eventually keep up to date by removing deleted posts, too, if you trust Grouply to do that.  I don’t.

They claim we should trust them because they have TrustE certification.  Yadda, yadda, yadda.

If a member’s address changed to grouply and back again, there’s no way you’ll know if it’s because they just switched their Grouply account to web connection mode for your group, or they quit Grouply, unless you create a dummy YID and sub it to Grouply to monitor your group.  That exposes your group to whatever risks may be involved, but within Grouply you can turn off the connection to your group for your dummy ID, and turn off visibility of your Grouply profile to other Grouply subscribers.  (It takes them a while to scrape an entire archive … in my testing I found that even for a tiny test group archive with only three postings, they did not pick it up within 15 minutes.)  Then, when you want to check on your group, you can temporarily turn on the connection for a couple minutes just to see how many of your members are using Grouply.  If you’re not inclined to block Grouply access (see below), this dummy lurker method would at least tell you how popular Grouply is among your members.  I doubt you have more than 1% Grouply subscribers right now, and I don’t see it ever having potential to go higher than 10% anywhere.  Not enough advantage in the product for the average YG user.  No doubt attractive only to a very specialized nitch, but its fans think it’s going to be the next Google or Microsoft, of course.

But it only takes ONE member to give them access to mirror your message archive to their server.

I guess you could also issue a poll to see how many of your members want to allow Grouply access, but I think it would be a waste of time.

Grouply claims not to let non-members of your group access your archive, but already they were caught with their pants down (admitted publicly by their CEO Mark Robins) letting a member pending approval in a group see its members-only restricted message archive … not hard to do when you have already scraped the archive using other members’ passwords.  They say they have fixed that problem.  What other problems may arise you can guess.

Another somewhat creepy thing is that Grouply subscribers BY DEFAULT (unless they turn it off) display to other Grouply subscribers a hotlinked list of the home pages of all the groups where they hold membership.  Nice spying tool.

Someone reported that they learned some rather private things about other Grouply subscribers in their group, like membership in a certain type of mental health peer support group, membership in a group for a certain sexual orientation, the member’s non-Grouply email address (because it was not turned off in their Grouply profile privacy settings), their real full name, etc.  People are notoriously careless about combing through all the privacy settings and fine print in “services” like this.  Sharing such things should be defaulted OFF, but Grouply defaults many of them ON.  It’s only a matter of time before a criminal stalker makes use of it.

It was interesting to see some Grouply subscribers belonging to as many as 500 groups, and people holding memberships in scores of Freecycle groups all over the country.  I guess they are doing research?  Stalkers, scammers, con artists, spammers, phishers and pedophiles are known to do research, too.  Grouply may become popular among that crowd.

And then there are those using Grouply’s subscriber spamming tools just to irritate people against Grouply!  Nothing like hurting someone from within their own system, anonymously under an alias.

Due to an uproar among mods/owners, Grouply just came out with a scheme to let group owners “opt out” (gotta love it) of allowing Grouply access to their groups.  It’s pretty simple.  Go to:

http://www.grouply.com/owner_controls.php

… and punch in your group name.  They email your group -owner addy an authorization code.  Go back to that page and paste in the code.  It lets you disable Grouply access, and you can go back and enable it later if you decide Grouply is a good thing after all.  Their “disablement” is not an absolute abolishment of the appearance of your group name in Grouply subscriber profiles, but reportedly they are still working on that.  They say they are going to come up with some other tools for group owners to control Grouply subscriber access, even offer a newsletter to owners with group stats and such.

Of course you have no contractual commitment from them that they won’t change their minds later about letting you opt-out of being invaded, or that a new owner of their company won’t change its rules.  I have not seen it added to their TOS.  Maybe they will get around to that.

If you use that blocking tool, Grouply subscribers in your group will have their email address set back automatically by Grouply’s bot to pre-grouply default (and they screw that up every time by setting the member to their junk free yahoo email address, not the non-yahoo one they had previously set as their primary, but the member can fix than manually … oh, and they don’t remove their grouply address as an alternate posting address in YG “myprefs”), and they’ll still be a member of your group, just won’t be able to access it via the Grouply.com site.

I used my temporary lurking account in Grouply to verify that the block works.  (BTW, I never subscribed that lurker to your group!)

Yahoo has been silent on the matter so far, but plenty of people have griped to them, and got standard “we’re looking into it” form letters.  I assume it’s just a matter of time before they pronounce a decision on it in their Yahoogroups Blog, as they eventually did on the Freecycle Finder issue …
http://www.ygroupsblog.com/blog/

I just don’t like the smell of the whole thing, and my group’s restricted, members-only message traffic is not on the market for them to use to generate targeted and context-based advertising (which they will do when they get out of beta).  I’m never fond of being told, as someone described it, “Guess what?  You’ve been hijacked.  If you don’t want to fly where we’re going, here’s a parachute!”

Besides, in my exploration of the product, I was not impressed, and did not find it gave me any advantage or “improved my experience of YG,” their pitch for why you should give them your password.  And they only grab your message archive, not files, links, databases, or photos.  Grouply CEO Mark Robins announced publicly that they have no interest in those YG features.  No money in it, I guess.

See also:
Anti-Grouply:
http://tech.groups..yahoo.com/group/ungrouply/

http://tech.groups.yahoo.com/group/grouplycomplaints/

Pro-Grouply (including Grouply’s CEO and another Grouply exec posting here):
http://tech.groups.yahoo.com/group/grouplyimprovements/
Even here, where the aim of the group is to help Grouply improve their beta,
less than 10% of the members are actually Grouply subscribers (I checked
from within Grouply), and even far fewer post via the Grouply service.  Most
of the members seem to be there just to keep tabs on what’s going on.

http://tech.groups.yahoo.com/group/yahoo_group_of_groups/

http://tech.groups.yahoo.com/group/EmailList-Managers/
Same moderator as the GrouplyImprovements group above.


Grouply Access Controls for Group Owners

February 18, 2008

This link should work (the Grouply “group owner opt-out” page):

http://www.grouply.com/owner_controls.php?r=1

I agree with the concern expressed by others that we should not have to give Grouply a list of all our groups (which is a pain in the butt, by the way) in order to get them to stay out of our groups, and to prevent our group members from violating the TOS by granting Grouply.com access where they don’t deserve to have it.

But that’s a risk I’m willing to take in order to prevent Grouply access … IF this is really going to work.  I’m going to try it with just one group at first, and confirm whether it worked, from within Grouply with a dummy account I’ll create there.

That still leaves open the question of whether the block will ALWAYS remain effective, and what hoops we have to jump through to check on it in the future.  Grouply has no contractual commitment with us requiring them to maintain the block forever, nor would such a contract exist with a future owner of the Grouply.com company.

The only really right way I see to handle this is for Yahoo! to give us the ability to block them, at OUR end, not at Grouply’s.


Grouply Subscribers Violate Yahoo! TOS

February 18, 2008
[Posted here by permission of the author.]
Executives, staff and contractors employed by Grouply.com having access to their YG-mirrored archives are not members of any of my groups. 
Grouply is retransmitting content and putting it into the possession of people who are non-members (i.e., Grouply staff), if any one member of my group becomes a Grouply subscriber.
The access connection to my group happens by default when they join Grouply.  If someone in my group joins Grouply, by default Grouply instantly changes their YID primary email address in my group to @ grouply.com and immediately, by default, lists it as a connected group in the Grouply subscriber’s Grouply account and profile, and begins capturing and archiving postings from my group to Grouply.com.By giving Grouply.com their YID passwords, members grant Grouply.com access (and possession of data in their groups’ mirrored archives on Grouply servers) that neither Yahoo! nor I granted as the parties controlling access.  This is where I see a violation of the TOS by the Grouply.com subscriber.

Access (and retransmission to another web site) has been granted to parties who are not members of my groups, at least (if not others) those parties who are employed by Grouply.com and are not members of my group.

Note that the YG Guidelines do not require merely adherence to the “letter of the law” of the TOS.  Yahoo! advisedly reserves the right to terminate the account of any person violating even just the SPIRIT of the TOS and Guidelines.  I quote from the Guidelines page at:
http://groups.yahoo.com/local/guidelines.html

– – – – –
Yahoo! Groups, in its sole discretion, may terminate or remove any content, Group or your Yahoo! ID immediately and without notice if (a) Yahoo! believes that you have acted inconsistently with the *** SPIRIT OR THE LETTER *** of the Yahoo! Terms of Service or the Yahoo! Groups Guidelines, or (b) Yahoo! believes you have violated or tried to violate the rights of others. Please help us keep Yahoo! Groups an enjoyable and positive experience. If you see a Group or content that violates our rules, please let us know by contacting us [hotlinked to
http://help.yahoo.com/l/us/yahoo/groups/abuse.html ].
– – – – –
[emphasis mine]
But the Grouply subscriber’s violation of the TOS is in both spirit and letter.

The TOS does not say that retransmission to another website is prohibited ONLY IF that other website restricts access to YG members of the same group as the violating member (as GrouplyFans have argued to be permissible under the TOS).  It says in YG Guideline #11 (which is enforced under the TOS): “A Groups owner or moderator (or any other user) cannot re-post or re-transmit Groups content to any other site unless the person has the explicit permission of every group member whose content is being re-posted or re-transmitted.”

That phrase “any other site” is plain and clear.  It does not specify, “unless that site restricts access only to members of the group.”  It simply says “ANY OTHER SITE.”  The only condition under which it says such retransmission is allowable is also very clear: i.e., with “the explicit permission of every group member whose content is being re-posted or re-transmitted.”

Therefore, any Grouply subscriber in my group will be removed for TOS violation.  This is not to say that they are evil, only that they have exceeded the terms and conditions controlling their membership in my group, whether innocently or willfully.


Press Conference?

February 18, 2008

Posted here by permission of the author:
——————————————————

In response to Grouply CEO Mark Robins’ announcement of a blog entry he called a “virtual press conference” … but did he actually INVITE THE PRESS?  How can you call something a press conference without inviting the press?

Speaking of a press conference …

It may be past due time the press, especially tech trade journals, and major, popular bloggers, along with mainstream news media, got involved in reporting these Yahoo! Groups owners’ concerns about Grouply.com, because it bears significance for what has been reported here as “100+ million” Yahoo! users.  That makes it a matter of considerable interest to the general public, worldwide.

And it is definitely past due time for Yahoo! to take a publicly broadcast position on the matter.  Until we know exactly where Yahoo! stands on it, I feel like we’re sort of three sheets to the wind, so to speak, in trying to do anything about it.

Tricia wrote, at:
http://tech.groups.yahoo.com/group/EmailList-Managers/message/91033
————————-
<begin quote>
2.  NO “Invite Your Group” capability.  Inviting an entire list at once, even once, never mind once a month, even if the owner doesn’t really care, is spamming the list members who did NOT sign up for the list to receive Grouply unsolicited commercial emails, even if Grouply uses the fingers of their users to send them rather than co-opting the computers of the unknowing to do so.  Same concept – get someone else to send your spam for you.

3.  OPT IN ONLY.  Not “send the list owner a message letting them know that someone on their list is using Grouply and they can opt out if they want to”.  True Opt In means that Grouply doesn’t lay a virtual finger on a list until the list owner says explicitly that they want their list to be made available for Grouply.
<end quote>
————————-

I agree, and intend to maintain this position and present it vociferously to Yahoo!  Thank you, Tricia, for persistently staying on target about the true fundamentals involved.

Spam is spam is spam, and is means is.  The U.S. Federal Trade Commission’s mandate to enforce the CAN SPAM Act of 2003 needs to be applied to this situation, if the spam-encouraging feature of Grouply.com is not eliminated immediately.

Opt-in is necessary, by a group OWNER (not just any mod who may not be owner replying to an opt-out message sent to all the moderators via the group’s -owner address).  I find no opting-out scheme to be a satisfactory substitute for OWNER-chosen opt-IN.