They're just a thin layer to be replaced last. They're just arrogant enough to think they're the company, but ultimately the endgame is -- all humans become economically insignificant compared to the automated economy.
I have done the opposite
We had a million people enter their email over the last decade
We haven’t messaged a single one.
Now we plan to start sending out a newsletter. For many, they may have forgotten downloading the app, but they might still appreciate it. If not - they can u subscribe.
Instead, send them a politely worded one-time announcement with an invitation to subscribe. Clearly mention that if they don't, this is the last mail they'll get from you, and keep that promise by deleting their address. You'll still get some pushback, but I think most people would find that acceptable.
That one-time announcement is called an email. And therefore that first announcement itself can be flagged as spam.
And naturally, unless they click a link in the first email, gmail should consider anything subsequent to be spam anyway. They have no idea whether consent happened somewhere else or not.
The unsubscribe links must work without even opening the email, according to gmail rules.
What I'd be concerned with is that if you have never sent anything to these users, they might have forgotten where and when they gave you their email address and simply mark your message as spam.
We've trained users to not use "unsubscribe" because some spammers once used that to verify addresses, or they may simply click "Spam" because they forgot who you are and think you got their address illegitimately. Gmail also doesn't make unsubscribe as visible as "Spam", making flagging the easier option. So now Gmail will see some percentage of users manually flagging you as a spammer, tainting your sender. This is why I'd switch the newsletter to a new domain or at least a new sender address. That does mean preparing that new sender, give it a bit of time to mature and send a few emails to Gmail accounts you control and ensure that they are not flagged as spam.
Probably also test with a list of Gmail account you control and check if you're tagged as spam and fix that, before doing the big push.
As a gmail user who may or may not have had to enter an email address to do something on the web, and who gets annoyed by spam, let me describe my decision points (anecdote is not the plural of data, of course, but here I am) when it comes to "unsubscribe" vs marking something "spam."
If your email reminds me (upfront!) how and when and why I specifically gave you (and not some other third party) my email address, and promises that you are advertising this newsletter one time, and it is opt-in, and you keep your promise, I am highly unlikely to mark it spam.
Now, this presupposes that it was really me who gave you my email address. I have a fairly generic email address because I got on gmail early. There are many variants of it, but sometimes people forget to add the trailing numbers or letters, so I get misdirected email all the time.
If the misdirected email is personal, I usually respond letting them know of the issue.
If the misdirected email shows a clear understanding that I might not have been the one who really signed up then I give them a pass.
If the misdirected email blithely assumes that I am the one who signed up, then I blithely assume that its senders are too fucking stupid to use the internet and it goes straight into the spam bucket. (And this is usually an easy call because they use the name of the person with the similar email address, which is not my name. My email address is firstinitiallastname@gmail.com and there are many different first names that start with the same initial.)
Any failure on any of those other points starts to increase the likelihood of it being marked spam, and...
> The unsubscribe links must work without even opening the email, according to gmail rules.
So here's where I'm a hard-ass and maybe even worse than google's rules.
If I see the RFC8058 unsubscribe link, it is too late. I only notice that link after I've decided to mark your email as "spam" and google asks if I'm sure, or if I merely want to unsubscribe.
Why did I decide to mark your email as spam? One possible reason is that I read through it, decided that the sender legitimately had my email address and was acting honorably, and then clicked the unsubscribe link embedded in the email.
When I do that, one of two things happens. Either I get some form of "thank you, you've been unsubscribed" or nothing happens because the sender assumes that I am OK with them executing javascript on my computer.
This is a privilege I jealously guard and only reluctantly offer to as few websites as possible.
Even if I previously gave you my email address, that did not come with an open invitation to use my computing resources for your own purposes.
So by your own description, ANYONE sending you a newsletter, by complying with Google’s rules, they piss you off and make you mark their email as SPAM because, according to you, they made “javascript execute on your computer”. Actually, gmail is the one executing tons of javascript. The mandatory unsubscribe LINK uses HTTP, not even HTML. Google just requires that the unsubscribe instant.
It is an unwinnable situation.
With all respect, why would I care what an impossibly hardass tech person would do if I sent them an email in an unwinnable situation? The vast majority of our users are not this technical, let alone a hardass HN denizen who advertises the fact that the mere compliance with Google’s rules will piss them off due to a misunderstanding of how unsubcribe works.
Here is what we might both agree on: email sucks. You shouldn’t be reachable by anyone who just has your address, and it is not your job to be vigilant. Then all these problems go away.
> So by your own description, ANYONE sending you a newsletter, by complying with Google’s rules, they piss you off and make you mark their email as SPAM because, according to you, they made “javascript execute on your computer”.
Are you deliberately being obtuse, or is it natural? I don't need to use gmail's web interface if I don't want to, but as it happens, I do let google's javascript execute on my computer.
> The mandatory unsubscribe LINK uses HTTP, not even HTML.
Two links are required. One in the header, and one in the email. As I wrote, if I read to the end of the email to make a decision, then I will click on the link in the email. Which often goes to a webpage with javascript on it.
> It is an unwinnable situation.
Did I write that I mark everything as spam? No? Why not, I wonder? Did it ever occur to you that if I am describing when I mark things as spam, that there are things that I don't mark as spam? No? Do you even read what you yourself write? No? You should try it sometime.
> With all respect, why would I care what an impossibly hardass tech person would do if I sent them an email in an unwinnable situation?
With all respect, if you wrongly believe the rules I gave are unwinnable, you shouldn't care. I won't be receiving further missives from you, and nature will take its course in determining whether I was an outlier or the canary in the coalmine.
>So here's where I'm a hard-ass and maybe even worse than google's rules. If I see the RFC8058 unsubscribe link, it is too late. I only notice that link after I've decided to mark your email as "spam" and google asks if I'm sure, or if I merely want to unsubscribe.
The way I read it, this is an unwinnable situation. We must supply this link, in order to comply with Google's rules. If you see this link, it's too late. You're making it as spam. Because I may run javascript on your computer.
Having re-read it, it sounds instead like: you're likely mark it as spam before you get to this link (even though the web interface surfaces the unsubscribe button right in the list of emails -- but you don't use that interface).
Well, I guess there is a narrow path to "victory": mention that it may have been someone else who signed up, then if you see the unsubscribe link, you click it, then I'm supposed to say "thank you" and not serve any javascript. Anything else, and you click SPAM. Or maybe you already did.
> The way I read it, this is an unwinnable situation. We must supply this link, in order to comply with Google's rules. If you see this link, it's too late.
That's an obtuse reading.
I am looking at the email. The email has a different link, mandated by the can-spam act in it.
Gmail has a bunch of icons at the top. There is not one for "unsubscribe".
So, I read your email, decide it is legitimate but I am not interested. I click on the link (not RFC8058) in the body of the email message itself to unsubscribe.
If that link takes me to a page that does nothing because it wants to execute javascript on my computer, then we are done.
Look, I'm not a terrible writer and this isn't that difficult.
> Well, I guess there is a narrow path to "victory": mention that it may have been someone else who signed up, then if you see the unsubscribe link, you click it, then I'm supposed to say "thank you" and not serve any javascript.
Oh, well, you did understand. Sort of. Except I view this as a common-sensical extremely wide path. If it's the first time that you're emailing me, you damn well better realize that it might have been a fake signup, and how the fuck am I supposed to know your intentions if you attempt to serve javascript? What part of removing me from your database requires you to execute shit on my computer?
And by the way, about this part of that statement:
> if you see the unsubscribe link
If you're playing "hide the link" then you've already shown that your intentions aren't honorable.
> Anything else, and you click SPAM.
I don't actually click spam all that often. Only on, you know, spam.
Look, you're the one who mentioned that you might have collected some of these email addresses 10 years ago. I'm just giving you a heads-up. Not only may they have forgotten about signing up, but the addresses themselves might have been recycled by now.
> Or maybe you already did.
Nope. I've been upfront and transparent. I thought you were being that way, too, given your first comment. I even upvoted it because I thought all the downvoting was a bit excessive.
But the intransigence and mischaracterization here is stunning.
Look, there are two possibilities here. (1) is that I'm not that extreme, in which case you're probably fucked. (2) is that, yes, I'm an outlier, and if you satisfy my needs, then you probably won't have enough emails marked spam to trigger google's filters.
Now, if you truly feel that my conditions offer only a narrow path to victory, then you're probably not really someone I should be offering this advice to in any case, because our interests are not congruent. My only solace is that maybe you won't take the advice and you'll receive a banning for your efforts.
> Instead, send them a politely worded one-time announcement with an invitation to subscribe.
NO. DO NOT DO THAT !
That is terrible advice and it is against the law.
Opt-in has to be done without inducement and of a person's own volition.
Sending a mail to someone saying "pretty please sign up" is not valid opt-in. It is spamming a bunch of people hoping they will opt-in. It does not matter if you got their mail another way (e.g. if they purchased a product, you can't then spam them trying to get them to opt-in for your mailing list).
One of the fundamental reasons the opt-in law exists is to stop people doing the shit you suggest and ensure that lists are correctly built in a clean manner.
Under GDPR, can someone send an email to people who 1) downloaded our app, 2) voluntarily entered their email, viewing a message that says if they do that, we can send them a newsletter about how to be more efficient with the app, and 3) selected what kind of person they are, e.g. a teacher, marketer, etc.
But it's been 10 years. Can we send them a newsletter now with an unsubscribe link? Does GDPR have an expiration date on that stuff? Yes it was affirmatively opt-in.
I'm no expert, but I think that in principle you'd legally be okay. But the 10 years makes it more difficult on a personal level; many, likely most people will have forgotten about you and the permission they gave. Hence my earlier advice.
Be aware that under various regulations, you're potentially already at risk of accusation in terms of unwarranted data retention. If you haven't got a good reason to have kept those email addresses, something like the GDPR might not interpret that favourably. While the GDPR doesn't specify actual time limits, they are expected to be proportionate. Financial records are generally 7 years unless otherwise legally required, so for a decade, you would be saying that these email addresses are more critical/valid than that. That may be the case, I don't know your business, but be careful if you don't want some very awkward questions asked. Just the hassle of having to deal with complaints you might get (and various regulators would take notice of 1 million instances) is likely to be more than it's worth for most.
The suggestion downthread to send a very clear "we still have your address, would you like to opt in to this newsletter, otherwise we'll remove it" is not a bad one, but even then, some people will object to you still having it at all.
People originally opted in and provided it expecting to get a newsletter on how to use the app. We never seemed to have the bandwidth to create a good enough one, so we never sent it. We kept improving the app until it became very good and still never sent the emails. But retained the addresses, so that one day we could tell people the app has improved, to give it a try, include animated GIFs of it in action and gradually educate them on ways to use it. For that I get chastizement on HN, figures.
Yes, there is a clearly valid business purpose under GDPR for retaining the email addresses of users who want to learn how to use your app better and opted in. If you plan to send a newsletter out.
Other than those voluntarily entered emails (which aren’t even linked to the user), we haven’t retained literally any information about our users, despite having millions of users download and use the app over a decade. Which is far beyond pretty much any social app I know. But almost no one actually cares.
I really wasn't trying to chastize, honestly it was intended as a friendly dollop of advice as someone who's dealt with this kind of thing. But since you have replied, I would say:
> Yes, there is a clearly valid business purpose under GDPR for retaining the email addresses of users who want to learn how to use your app better and opted in.
Relevance is likely to be seen as contextual. Someone wishing to do something a full decade ago is not likely to be seen as sufficient evidence to justify contacting them now in case they still wish to. That's a big chunk of the point about time-limiting data retention - the data gets less relevant and more problematic over time. I get that you're not trying to colour outside the lines here, but from the perspective of your users, and anyone looking at their potential complaints from a regulatory perspective, the window in which they reasonably consented to contact has closed (and probably some time ago).
The regulations are there, ostensibly, to protect consumers. They will be interpreted in that light. I can almost guarantee that if you sent an email to your downloader base 10 years after they last heard from you, being ignored will be the best case, and the worst will be reports to local regulators.
Is there an actual regulation or case law showing what the cutoff time is du jure?
I would be glad to respect it if there was.
As it is, laws do allow for things they didn’t explicitly prohibit, and especially good-faith things like welcoming people to try the free app again, which they themselves downloaded and asked to be exucated about, since it’s improved, and showing them how and why to use the improvements.
Yeah, that's fair enough, and it is annoying that there is rarely a specific time set in regulation (or even case law which is broadly applicable). Most regulatory bodies will tend to say things like "as short as required/possible" for retention, which is clearly open to interpretation [0].
I would personally see 10 years as "a long time" in this kind of context (although that may be contextual depending on what your product does, obviously). If you can honestly claim/show good faith, that is usually acknowledged, but my point was rather how it would be seen out of the blue from an organisation that has been silent for 10 years (my personal first thought would be "why the hell have they still got my information?", but I am well aware that I'm not the average).
Genuinely, I don't mean to imply bad faith on your part, only to suggest the reactions it may receive, and how careful you should be with your messaging.
>Is there an actual regulation or case law showing what the cutoff time is du jure? I would be glad to respect it if there was.
I'm sorry but what sort of BS excuse is that ?
The whole point is that YOU are supposed to know:
a) What data you have
b) What you need it for
It is simply not possible for data protection law to spell out an exact cut-off time because there are so many permutations.
For example, if its for tax reasons then you need to keep it for the duration dictated by tax laws.
But if its email addresses you randomly harvested a decade ago, I think every man and his dog would agree that a decade is too long. Even more so if there is a material difference in permitted use of the harvested address.
P.S. There is no such thing as "good-faith things" in GDPR legislation. Please don't make shit up.
Most consent doesn't work like this in people's minds (never mind what you "recorded"). I'd be furious and immediately flag as spam and review the app 1 star (if possible) for good measure.
- non-legally speaking, consent for anything is never illimited in time. So whatever the law says, you're probably doing a dick move, I'm sure you can conceive that most people you're going to email would rather not get this email and you're planning to do it anyway. So if you act against these people's interest, don't be surprised if they react negatively (reporting the email as spam, complaining, reporting you to authorities)
- legally speaking... IANAL, but I don't think that you're correct that you have a legal basis to have kept this data, and even less to use it for marketing purposes. I don't think that you'd win the argument that the consent is still "informed" after many years of not hearing from you. If a reasonable person would no longer expect to hear from this company, then I don't think you still have consent under GDPR (could be wrong, IANAL)
So basically — you are affirming the point of the OP whose article was shared.
Wait too long — respect people’s attention and time so much that you don’t send them anything unless it is ready and benefits them - and apparently it’s spam when you finally do contact them. Meanwhile, if you were just drip feeding them slop once a month, then you’re fine.
I happen to agree with the article author, the email ecosystem is totally broken, that’s far more of a problem than small teams who have well-meaning intentions and respect for their users’ time. You’re blaming the victim, rather than the email system that’s open to SPAM and dominated by gmail.
Sure. I took it as I think you intended - a statement of your understanding. I guess I just was irritated in, the moment as people are constantly reacting to unverified assumptions when there are many real things to react to. Apologies if I added to the pile of annoying things on the internet for you!
True, it's not so much a dictatorship, more like just a certain type of mindset. Shared by Trump, Vance (I guess), Elon, and the AfD party, Le Pen (maybe) and more.
What do we call this mindset? Right wing authoritarianism? Anti-immigrant sentiment? Poland next door to Hungary is also very anti-immigrant and proud of it (everyone from Duda onwards).
Emphatically, no. These are industrial experiments, in a similar vein to various Canola oils but much worse.
You probably heard of aspartame but there are worse things. A chemical byproduct of sucralose known as sucralose-6-acetate has been identified as highly genotoxic, meaning it breaks down DNA and may increase cancer risks. Found in common sucralose-based sweeteners, it causes a "leaky gut" by damaging intestinal walls and poses serious health risks, even at low, allowed consumption levels.
Heart Attacks (Erythritol): The sweetener erythritol, common in "keto-friendly" drinks, has been linked to increased blood clotting, potentially doubling the risk of heart attack or stroke.
Sugar-free drinks are increasingly linked to serious health risks, with studies suggesting they are not harmless alternatives. Key concerns include a 20% higher risk of AFib (irregular heartbeat), increased stroke and cardiovascular disease risks, and potential links to type 2 diabetes. They may also trigger digestive issues, gut microbiome disruption, and tooth decay.
The artificial sweeteners may not even do the very thing people choose them for. Contrary to their purpose, some studies show artificial sweeteners may raise type 2 diabetes risk by up to 38%.
Other Potential Dangers: Research has linked consumption to metabolic syndrome, kidney disease, nonalcoholic fatty liver disease, and potential gut bacteria disruption.
Dental Damage: Acidic components can cause enamel erosion despite the absence of sugar.
Xylitol and Stevia may be exceptions, but they are also more naturally occurring. People sometimes try to use xylitol gum to stave off caries bacteria, but frankly, a diet rich in animal fats (butter etc) can do a lot more for teeth and bones.
>These are industrial experiments, in a similar vein to various Canola oils but much worse.
Ah, a "seed oil" guy. This is the indication to everyone what level of discourse and scientific fact you're bringing to the table.
In fact, I'll just cite one single bit in your claim-
>Contrary to their purpose, some studies show artificial sweeteners may raise type 2 diabetes risk by up to 38%
This suffers from the same "aha!" nonsense as the garbage submission (and it is garbage). The "study" you are citing was an observational, epidemiological study. And wow, crazy and hard to believe, but it turns out that people with weight problems (and all that comes with that) are more likely to have partaken of "at least one" sugar substitute drink. This is similar to studying people who chew nicotine gum and for obvious reasons finding a higher rate of lung cancer, so then declare that nicotine gum causes lung cancer. It is so staggeringly stupid it belies belief, but it makes for a headline to fool some rubes.
To address your point:
Potential for reverse causality cannot be eliminated; however, many sensitivity analyses were computed to limit this and other potential biases
multiple studies have shown various side effects associated with the use of these sweeteners. These side effects include gastrointestinal symptoms [9], neurologic [10] and taste perception changes [11], allergic reactions [12], insulin and metabolic effects [13], and cardiovascular effects [14]. In addition, ASs have been shown to affect the gut microbiota that may mediate certain side effects [15]. Most importantly, many researchers have assessed the potential effect of ASs on the cancer risk of people who consume these products [16,17].
and
Human studies performed by Suez et al. evaluated the impact of ASs on the human microbiome. A total of 381 individuals without diabetes who self-reported regular consumption of ASs, as determined by a food frequency questionnaire, were included. The study demonstrated a significant association between the consumption of ASs and the development of central obesity, elevated fasting blood glucose levels, increased hemoglobin A1c levels, impaired glucose tolerance, and elevated alanine aminotransferase levels. In addition, a subgroup analysis was conducted to compare those who consumed higher amounts of ASs with those who did not consume any ASs. The results of this analysis revealed a statistically significant elevation in hemoglobin A1c levels, even after controlling for body mass index.
Both studies directly and outright measure only correlation. There is no magical confounding variables adjustment.
They outright state this. The first directly says that their higher sugar substitute group had a higher BMI, lower activity, less fibre, and so on.
"To address your point: Potential for reverse causality cannot be eliminated; however, many sensitivity analyses were computed to limit this and other potential biases"
I've actually read the study (given that certain sorts cite it constantly), and do you know what "limited" that bias? Nothing. Literally nothing.
It is a correlation study. People with weight problems are more likely to utilize sugar substitutes. Reversing the causation is the root of an enormous amount of idiot science, though.
And just to be clear, researcher who post this bunk know exactly what they're doing, and usually it is to yield a "more research should be done" conclusion. It's when laymen start building their little notepad.exe listing of everything that supports their nonsense that it becomes a problem.
I would argue that KV caching is a net gain for Ant and a well-maintained cache is the biggest thing that can generate induced demand and a thriving third party ecosystem. https://safebots.ai/papers/KV.pdf
That's because everyone else is the enemies of the people! They have a mandate!
Get out of the way, so-called judges, RINOs and communists in Congress, the failing Media, and also the low IQ former MAGA people who helped get them elected. This was a landslide! Also, true republicans don't believe in mob rule, we don't have a democracy, we have a republic. Except if our guy wins by 1% then we totally believe in mob rule and have a mandate, compared to that 1% marginal win, what are laws passed by a supermajority? A mere trifle!
to the people on HN who are against blockchain but bullish on AI
With blockchain and smart contracts or stupid even memecoins, you can only lose what you voluntarily put in. You had to jump through a few hoops, then maybe you got rugpulled, maybe you became a millionaire.
With AI, regardless of whether you consented or not, you can lose your job, gradually your relationships and sense of purpose. And if some malicious actors want to weaponize it against you, you can lose your reputation, your freedom, get hacked at scale, and much more. The sooner we give biolabs to everyone the sooner someone can create an advanced persistent threat virus online infecting every openclaw machine, or a designer virus with an incubation period of half a year.
And I know what someone on here will always say. There will always be a comment to the effect of "this has always existed, AI is nothing new". But quantity has a quality all its own. Enjoy your AI slop internet dark forest. Until you don't.
Is your definition of bullish "believes the technology will be widely adopted across society and accrue significant wealth to its owners?" - if so, I think it's very clear how someone could be bullish on AI and not blockchain. You don't have to like AI to see it as an inexorable transformer (ha!) of society and wealth.
Is your definition of bullish "believes the technology is a major net good for society?" - if so, you're comparing two technologies with significant social aspirations that come from very different philosophical backgrounds. While both are techno-optimist, Blockchain is a fundamentally libertarian technology, while generative AI comes from a more utilitarian, capital-focused background. People who value individual freedom above all else will get excited about blockchain and feel mixed-to-negative about AI, while people who want to elevate the overall capability of the human race to the exclusion of anything else will get excited by AI and see blockchain as a parlor trick.
Since when have arms merchants been liable for military scenarios? Lockheed doesn't get sued for building the planes that bomb orphanages. Maybe the world would be a better place if they did, but obviously it's not in the interests of a government to have their own contractors getting sued out of existence for something that government is doing.
Apparently bitcoin foundation is already working on SHRINCS and SHRIMPS. But whether they will forcibly revoke keys of satoshi and all early bitcoin whales or not is another question!
https://www.theguardian.com/technology/2026/apr/13/meta-ai-m...
reply