Generally I don’t like to publicly point the finger in cases like this, but this time I will: Tesco Compare, it’s your turn.
I last used Tesco Compare a couple of years ago while looking for car insurance. About a year ago they began sending me promotional email, clearly realising they had a list they had not been using. I’ve moved to France and I’m really not interested in UK car insurance any more, so I wanted to unsubscribe.
The message they sent me shows they are handling my data correctly to some extent – they have my email address right, they addressed me by name. It also contains an unsubscribe link. That’s the good bit over – It all goes downhill from there.
The unsubscribe link contains a long hash, probably encoding my identity in some way – so they are clearly capable of knowing precisely who clicked the unsubscribe link, however, the the form presented is completely generic, with no fields pre-populated, presenting the first of several deliberate barriers to unsubscribing. The hash could just be being used for click tracking and not actually performing a useful service at all (in which case Tesco is saying that fact that I clicked the link is more interesting than the fact that I want to unsubscribe). The form is delivered via SSL, though via an unsecured redirect, so the hash is exposed. The page that loads expands to full screen using JavaScript. That’s just rude and irritating. Here’s the form:
There’s a giveaway in that previous paragraph – fields? pre-populated? Why do there need to be any fields for an unsubscribe? Quite. The form REQUIRES my first name, last name, date of birth and email address – all data that they know already, but couldn’t be bothered to fill in (and doing so would not be a security risk as I could only get there with a secure hash in the URL which was sent to me). It looks like the form was originally intended to be used for subscribing as well as unsubscribing, but that means that it ends up performing badly for both purposes due to its poor information design, and doesn’t actually ever get used for the former. Lurking in a sidebar is the comment Remember, you can save and return later, though that doesn’t apply to this form at all.
There is no legitimate reason they would need my date of birth in order to remove me from a mailing list, explicitly against the data protection act’s principles which state “Personal data shall be adequate, relevant and not excessive in relation to the purpose or purposes for which they are processed”. I can understand that date of birth is relevant when requesting an insurance quote, but that’s completely separate from communication preferences. That they have chosen to combine the two inappropriately is just bad information design. Furthermore, ages submitted must be over 16, so children that have somehow ended up on this list can’t submit it truthfully either and risk polluting their profiles.
I investigated the use of this form a bit further. I logged into the Tesco Compare site and found that while the pages look similar, there is no link from inside the account to this page, only to a personalised account settings page, which lets me change email address, but offers no subscription options. While logged in, I returned to the communications preferences page, but found that it remained unpopulated – clearly it’s not joined up or using the currently valid account cookie I’m providing (it’s in the same domain). Overall I get the impression that this is still under construction – though I wouldn’t have signed it off for publication in this state.
The next part of the form is bordering on funny, starting with this obfuscators dream sentence:
Please de-select the options where you prefer not to hear from us
Somebody, somewhere thought that was the best and most appropriate language, which it is if your aim is to confuse the hell out of people in order to prevent them unsubscribing on a form that’s just a legal box-ticking exercise. The bottom of the form has a small note saying Remember, if you choose to deselect all boxes, we will not be able to let you know about the great products, services and special offers available from Tesco and Tesco Compare in the future.. This mitigates (but doesn’t excuse) the confusing language to some extent. I’m sure there are copywriters that have been sacked for less.
All options are checked by default, making it all opt-out: even if you had already opted out in the past! Accepting the form with defaults will result in you being subscribed to everything they care to throw at you via post, email, phone and SMS. So much for it being an unsubscribe page! Oddly enough, this part is not illegal – it falls neatly into the "2nd new rule" exemption introduced by the Privacy and Electronic Communications (EC Directive) Regulations 2003 – however, just because it’s legal doesn’t make it a nice thing to do. Given that this page doesn’t get used from inside the site, the only time people are going to hit it is to unsubscribe, in which case the default options (subscribe to everything) are completely out of sync with the page’s primary function. The page also has a unnecessary hidden timeout – if you don’t submit it within a certain (unknown) amount of time, it ignores your submission and resets the form without any warning or error message.
I really don’t want to give my date of birth, but since they know who I am already, if I give a fake date of birth to appease the form, it may be kept on my record, erroneously replacing the data they got from a relevant source. Ultimately my choice here is to submit unnecessary data or not to unsubscribe!
It’s hard to conclude that the design brief didn’t include an instruction to try and make unsubscribing difficult. Any clueful email marketeer will know that this is short-termist and counterproductive – every spam report that could have been an unsubscribe can hurt deliverability to every single other recipient – one spam report could block cost tens of thousands of legitimate deliveries. Unsubscribes should be welcomed with at least magnanimity – every unsub represents an improvement in list quality! Don’t keep your list sizes up by making it hard to leave – do it by making people want to stay. Somebody is probably pointing at stats from their newsletter mailings saying "look, clickthroughs are up, unsubscribes are low, we’re doing great!", when in fact a chunk of subscribers are reporting as spam after giving up on the user-hostile non-working unsubscribe form. Or look at it another way; What’s more damaging to your marketing: a single, easy unsubscribe, or a public deconstruction of your embarrassing ineptitude?
Now I probably wouldn’t have complained so much about this page if it wasn’t for one important thing: It doesn’t actually work. A month after submitting an (acknowledged) unsubscribe request, they’re still sending me messages. I decided to be generous and try it again, only to have the same thing happen again, so this time I’m publishing my observations. This tells me something else: their internal data handling is not working, also a data protection infringement. I’ve handled lists of over a million subscribers on a daily basis and never lost an unsubscribe like that or handled it so slowly, and yet I’d bet that our budgets are way smaller than Tesco’s.
I noticed that @TescoCareers is active on twitter, with frequent job postings. Perhaps they should add list manager, information designer and UX consultant to their list. Curiously enough I also happen a know of a list handling service that will do all of this properly, and cost them significantly less than their current provider.
One Reply to “Case study: how not to handle unsubscribes”