From: John Madden [mailto:jmadden@xxxxxxxxxxxxx]
Sent: Saturday, May 26, 2018 2:47 PM
Subject: [External] FreeLists and the GDPR
CAUTION: External email. Do not click links or open attachments unless
verified. Send all suspicious email as an attachment to Report
As a FreeLists list admin for a list that has been active at least since
January 2016, we're contacting you to let you know about updated policies and
processes here at FreeLists as well one further communication most subscribers
will soon receive. If you'd like to permanently discontinue any old lists, just
let us know. As always, you can reach us via email at
staff@xxxxxxxxxxxxx<mailto:staff@xxxxxxxxxxxxx> with any questions.
With the GDPR now in full effect we're actually late to the "check out our new
last two months getting our act together.
If you're unfamiliar with the GDPR, please read about it here:
https://www.eugdpr.org While FreeLists is not based in the EU and has no ;
presence there, we do serve both list owners and list subscribers who reside in
the EEA (European Economic Area) and thus it affects all of us. We think the
GDPR is a good thing! As you know we value privacy very highly and this new law
swings the balance of power over personal data back to consumers where it
belongs. Rather than carve out special policy just for Europeans, we think it's
best to follow the EU's leadership on this and extend these protections to
* As of May 19th, 2018, all new subscribers to all lists have been directed
through these documents and a consent process to keep a record of their
acceptance of them.
* The subscriber actions form on your lists' List Pages
(www.freelists.org/list/<//www.freelists.org/list/><list>) are now
less-susceptible to automated bot attacks. This should improve the quality of
* We've long offered a relatively wide-open subscription form you can host
on your web site. Within a week or so these forms will redirect them will be
redirected to your List Page to use the new consent system. We recommend you
take these forms off your sites (and replace them with a link to your List
Page) to avoid any confusion.
* The Web Login is really only useful to list admins. We'll be making that
distinction more clear in the coming weeks.
Covering Existing Subscribers
Unfortunately our long-standing tradition of requiring opt-in to join a list is
not sufficient and an extra step must be taken.
We'd like to make the transition to a post-GDPR world as smooth as possible for
you. As soon as we can wrap up the code behind this -- hopefully by the end of
this weekend -- we are going to start pulling in anyone who actively posts to a
list by emailing them once after they post asking them to express their
consent. If they ignore this or choose to opt out, we will unsubscribe them
from the list. They're always free to subscribe again later, of course. This
will get us a more gradual migration with slightly less disruption.
The next step is to ensure we've covered everyone else -- subscribers who
haven't yet posted and been looped in through the above process -- with a
similar message asking them to provide consent. This leads to a bit more
disruption and potentially some subscriber loss. It's a necessary step though
and we think the end state is an improvement.
This is where you come in!
* Please let your subscribers know they might be hearing from us. (Again,
very new subscribers are already covered.)
* If you have any suggestions on how to proceed, things to be aware of,
things perhaps we haven't thought of, please reach out to us.
* Some EU-based lists are anxious to get everyone covered quickly and we're
here to help. Let us know if you'd like your lists to be covered immediately.
* We'll accomplish all of this without requiring any new accounts or logins
or gathering of further, unnecessary data.
Here to Help
As always, we're here to help. Any concerns, suggestions, or questions, please
feel free to reach out.