The Batphone and the UK NHS Hospital

I think it has to be official. The prohibition on your batphone in a hospital has to have been to enable the hospital to charge for phone facilities. My cynicism tells me that, as the phone provision for patients has been outsourced, and as the profit on calls no longer goes to the hospital's funds, the restrictions on mobile phones in hospital wards have been relaxed.

In fact patients are now actively encouraged to have their own mobiles in the ward in order to minimise nursing time spent in relaying messages. I'm thinking of buying my mother a pay as you go phone, just so she can keep in touch from her bed!

The only real aggravation is the ring tone. An unanswered personal cellphone can disturb all the other patients totally. But, with the exception of Intensive Care, the mobile is welcomed in the Epsom and St Helier NHS Trust's hospitals, and, presumably, in hospitals nationwide.

Is this progress?

Two schools of thought:

Yes, because it allows the patient the comfort of being able to control contact with nearest and dearest. Good morale means good healing.

No, because the patient is sick. Sick people probably are unaware of what is truly best for them, and health bulletins are best interpreted by a competent nurse or medic, not by the patient themselves.

But it does seem to be official. The mobile phone is allowed in all general wards and public areas. The Intensive Care team say they really have no idea whether their equipment is affected, so, for now, they choose to ban the phones - not really a problem because most patients there have no ability to think, let alone speak.

I wonder when we'll be allowed to use them on filling station forecourts?

A friend said, "you know that e-petitions never work don't you?"

I know they don't care even about paper ones, and yet... Just maybe... An e-Petition will work?

It's about the Cutty Sark, and rebuilding her as a living, breathing ship

There is Still no "F" in Customer Service

And the worst part?

They blame "Data Protection" for being unable to do a simple thing.

My mother, as you know, is in hospital. She is pretty unwell, and is unable physically to manage her affairs. Mentally she is fine, albeit under medication.

I took two sensible financial steps:

1. I notified Barclaycard that she was unlikely to be able to make even the minimum payments, but asked them to make a note of the reason and to hold her account in good standing despite this challenge. They were pragmatic and agreed at once.
2. I tried very hard to notify her bank, Barclays, that she would be unable to operate her account properly for some time. They told me that "The Data Protection Act prevents us from even recording this information". That is, of course, untrue.

Barclays did transfer me from India when I threw my toys out of my pram and asked to speak to someone in England [apologies to Scotland, Wales and Northern Ireland] who had some authority (I am starting to hate Indian call centres with a passion) to Sunderland, where Helen (last name will remain private) backed India up and reinforced the blatant untruth about the Data Protection Act.

I hate it when people are badly educated and try to act as mini lawyers and hide behind the law, especially when their stance is wholly invalid. I also hate it when there is a refusal to put me through to a more senior person. I hate it still more when bad customer service is blamed upon the act.

I admire Amanda Chandler's Data Privacy stance at Vodafone in the UK where she is training out any reference to the law and training in an attitude of good business and good confidentiality.

Barclays, by contrast, seem not to have their Data Protection team properly in place. There are certainly DP roles either not yet or recently filled there. I may well call them and have a chat later in the week. A good privacy officer will nip this sort of idiocy in the bud.

Always remember: Good Customer Service is Good Marketing. Privacy, handled well, is good customer service. Barclaycard has it. Barclays, certainly in the way they handled me, did not. Hiding behind the law, especially getting it wrong, is sheer idiocy.

Creating and understanding an environment of privacy

I'm on vacation this week. That's good. My 88 year old mother is in hospital, that's not so good, especially since they had no idea what was wrong with her. The exploration with barium from below stopped everything working, and she hasn't eaten or anything else useful since a week ago on Tuesday. That's a lot of days. Ten days so far.

The privacy part is astounding. We arranged properly that, since visiting is really hard at present, I would be given information, full information, by phone. I had to further arrange it with the chief executive of the trust. It's recorded, with a proper consent form in her notes, though they had to design the "information consent form" specially for the case.

Yesterday I had the deeply disturbing experience of the phone being answered in the ward and someone quoting policy at me when I asked for information, along with a total unwillingness to read the file and find the consent.

Information was secure, but the patient's wishes were not being taken care of. Data was protected and private, but access was not allowed to a recognised and authorised third party. This was not helped by the staff member being unable to understand the words I used. I asked for a bulletin. "I do not know bulletin, what is bulletin?" She didn't understand "report", "progress report", "how is she doing?" and much else in common use, despite, presumably, being asked this type of question all the time. This made me question the ability to perform any procedure which required information to be transferred in oral communication, and potentially in written communication.

The call was therefore unsatisfactory, and I was left feeling aggrieved that the proper and formal arrangement to receive the information, approved and signed by the patient, was not honoured, at least without a fight.

That's the point.

A Data Protection Policy must be correctly promulgated to all parties. A formal consent is a formal consent. That consent must be honoured without question. The issue is staff for whom English is a challenge, and staff who are very busy. Those staff need a sensible indicator system to show precisely what is allowed and what is not, and it must be highly visible to them when they access the files.

I discussed with the trust's privacy guru the concept of a simple password. Anyone giving the patient's name and this password could and should receive full information. This will, fortunately(!) go to a committee to be discussed. It's such a simple idea that I have no expectation of implementation. But I will be having conversations later today with the chief executive's office to talk it through.

Latest "Carnival of the Mobilists"

I'm still not wholly sure how it works, but the latest carnival is here

Friday is obviously Rant Day

I have just initiated the reinstallation of XP on my big desktop machine. For the first tome for years I wish I worked for a corporation with an IT Department that could just reimage the brute.

When I say "just" I mean 90 minutes or more ago.

XP went on just fine, but it is SP1. I am currently downloading the second update cycle of 62 updates, all of which it will apply. I imagine it will, eventually, find SP2 and we can spend our lives downloading that.

For some reason "Windows Messenger" has turned up. I wish I could remember how to uninstall that, but it will come to me.

What a totally wasted day this is. And all because I bought a PC because I was too scared to buy a Mac. And then because I fell for the marketing of Symantec. Never again.

I expect I'll still be doing this on Tuesday, or would be if I were not taking a week to be a tourist in my own country with a good friend who is visiting England for the first time.

This is cute - I seem to be in Spain

I had no idea I'd even taken a holiday! But the month names have all changed. Always nice to know where you are in the world. I wonder when they'll go back to Americish.

Cellular Phone Marketing raises anger

We forget in the UK how lucky we are that we don't have to pay for receiving mobile calls or texts (unless we subscribe to premium rate received texts or are roaming), and also that we have the Privacy and Electronic Communication Regulations that make unpermissioned texts unlawful, and calling Telephone Preference Service listed numbers unlawful.

This article by Sujesh Pavithran from The Star Online, a Malaysian site, is a little "I have to write a thousand words before the deadline", but it also shows how much of a pest your batphone can be without the protection of the PECR.

Put bluntly, people hate mobile phone spam, be it an inbound sales call or an SMS marketing message.

I keep banging the drum of permissioning. Give me a reason why I will find your message or call useful and I'll receive it with pleasure. Get me on your side before you contact me and you may find I'll buy from you. Get used to the fact that I want useful stuff, but that I don't find your stuff useful unless I'm in the market for it.

Customer Service spelt with an F

Yes, that's right. For this bunch there's no "F" in Customer Service. And, if that's true, there's no "F" in Marketing either.

A year ago I used to run Avast! as my virus checker. It's great, it works, and it's free. It's had awards and it's a fine piece of software. I have several machines and none that runs it has been compromised in any way.

But I work in an office from time to time. I was asked what antivirus software I ran and I said Avast! It was deemed to be no good because it's free. "If you want to connect to the network you have to have a piece of software I recognise and money has to change hands"

So, off to PC World, money changed hands and I got Systemworks 2006. I confess that Ghost has saved my bacon on more than one occasion, so it was money well spent.

I have just renewed and I fell for the "Upgrade to Norton 360" message, followed by the "Put this on 2 other computers as well" message. I though "Wow, an upgrade to systemworks, with full backup (I was thinking "Ghost") and system, tuning and reliability tools. I paid, downloaded and upgraded.

Well, the marketing over promised and under delivered. Ghost has gone and some cockamamie backup has arrived that backs up only data, not system configuration, and the systemworks tuning tools are probably pale imitations of their former selves.

Then disaster.

I upgraded my big desktop machine, the one which I use as a semi-server. During the upgrade process it misbehaved. Norton 360 ate a setting, or a file.

Since that upgrade I can't power the machine down, or hibernate it, without it rebooting and reporting a serious error. We have the Blue Screen of Death.

I contacted Technical Support by Live Chat. We happily removed N360, and happily found the machine still had the same fault. But that engineer closed the chat. Two more engineers (They call them analysts, but I am starting to have another name for them) helped me to remove the already removed software. The third cut the chat on me after telling me it was my fault. This was fun since I had been in a queue of 19 other poor souls, and the queue took an hour to get me to the front.

Two further "engineers" later, one of whom is the supervisor (well, they said he was), I have been told that, despite the problem happening during the installation of N360, this is nothing to do with Symantec, and I must contact someone else, anyone else. There was no discussion. the alleged supervisor closed the chat emphatically.

OK, that puts me on the list of people globally who don't really want that piece of software anywhere near them. These people include the PC engineer from my Thomson Local directory who recommends that people run a mile from Norton.

I, meanwhile, have tried to roll the system back to before the fatal installation. No. The restart issue prevents that. I have tried to undo the rollback. Ah. No. The restart issue prevents that. It has failed to find boot files. You'll be proud of me. I found the recovery console, guessed that the command is bootcfg /rebuild, and I rebuilt it yesterday. It worked, kind of. But it failed to close down. This morning it failed to start up. Recovery console again, and it's up, but no networking, no nothing much.

It is also running like a sick cow in a storm. I'm running Adaware on it right now, and I'll follow that with Spybot Search and Destroy, but I know I will have to do a full reinstall.

The only good thing is that I have a 400Gb external drive, and I've backed the lot up onto it. But a reinstall means 2 days of solid work.

I know. Get a Mac. Or Linux. I may get Linux tomorrow and run Open Office etc.

Hmm. A vendor of backup solutions who runs away when there is a problem with an installation, who removes their product and leaves you breathless and wondering what just happened, but leaves you in a mess. The duck test says its their fault

But the marketing message here is astounding. Symantec protects over 370 million computers or email accounts worldwide. I know, because the sticker on my Systemworks box says so. Presumably it does some of them well, too. But why does it run away when things go wrong? What kind of a marketing message is that?

See also:

Larry Seltzer's experience

A Blue Turn to Terminology

I'm returning to my regular monitoring of terms to do with Spam and Bluetooth this month. With the mobile industry now providing better and better marketing techniques, and with the uptake of bluecasting, or proximity marketing, via your handset, I'm looking at the past 90 days and blog mentions of the terms, and I've added a few relevant terms.

For comparison the mentions, all mentions, of the term Spam are included. I really do hope this excludes the canned meat!

The graphs are presented together for you to draw your own conclusions. They are dynamic - they refresh whenever Technorati refreshes. They are the total of all blog posts recorded there with the terms and are thus likely to have statistical significance.

Posts that contain Bluespam per day for the last 90 days.


Posts that contain Bluecast per day for the last 90 days.


Posts that contain "Proximity Marketing" per day for the last 90 days.


Posts that contain Bluetooth per day for the last 90 days.


Posts that contain "SMS Marketing" per day for the last 90 days.


Posts that contain Spam per day for the last 90 days.


The question is, are we seeing trends?

Some are so obvious that they hit you between the eyes. People adore blogging about spam, it seems. Increasingly there seems to be a trend to blog about SMS Marketing. Well, if the artciles on spam are related to the increase we're seeing in general spam then the increase in SMS Marketing articles may well be related to an increase in SMS marketing.

The Bluespam cluster seems to have been related to the HSBC and Nissan campaigns and the PR surrounding them, but the clusters in Proximity Marketing do not seem to relate to the minor traffic in Bluecast. Maybe the term bluecast just isn't catching on

Note: This blog article will result in a spike of 1 in all the terms it surveys, and thus its value should be subtracted from the figures.

The CBI and Institute of Directors Disagree over Information Commissioner's powers

There is an article in Computer Weekly that quotes opposing positions after our pet Chihuahua has requested to be upgraded to Rottweiler status. I refer, of course, to Richard Thomas, the UK Information Commissioner, and his plea to parliament, supported by my own MP Andrew Mackay, for his powers to be increased.

Jeremy Beale, head of e-business at the CBI says:

"There is a danger that the government will latch on to populist, easy solutions that just create more problems. If powers are given to the information commissioner to burst into businesses willy-nilly, the impact would be enormous"

He seems to have missed the point, unless he is actively promoting bad data practices.

Jim Norton, senior policy adviser at the Institute of Directors says:

"It is important that it is brought home to everyone, including directors at board level, that they have responsibility for security of data throughout their organisations."

Much better. This is someone who is unafraid to take the moral and ethical high ground. Norton understands that business who take care of data are trusted and do better business. Self regulation simply has not worked. We've seen that for many years.

But how can these two heavy hitters be in such disagreement? The CBI is not usually wrong. But in this case it is so far wrong as to show it is out of touch with reality.

Or does the CBI support bad practices and lobby for the protection of corporations that weasel around the law?

An odd form of marketing, by email, and without permission

This marketing is not the sort many people would object to, yet it appears to happen by a trawl of a particular website for contact details. The trawl is highly specialist, probably automated by a bot, and then probably emailed out by a mailbot. This means that it would be unlawful in many places.

The reason no-one complains is that the emails are offers of interviews for jobs. But very many are called and very few are chosen.

The email goes like this:

From: "Brad Fuellenbach"
Date: (date)
To: (recipient)
Subject: Brad from Google.com recruiting

Hi (personally addressed recipient),

My name's Brad and I work in the recruiting department for Google.com engineering, internally known as SRE (Site Reliability Engineering). The group I work for is the most dynamic and challenging group here at Google and is highly respected. I noticed you have a deep understanding in (list of three skills), three of the areas our group is quite fond of. We've been looking for people that have a passion for what they do for a position as a Software Engineer or Unix System Admin. The Google.com engineering group is responsible for our Google website including service reliability, user facing services, capacity planning, and production.

I wanted to see if you may be interested in an opportunity in this group. We are constantly seeking extraordinary developers and Unix or Linux experts to join our exciting team and growing organization. We have positions in various locations around the world and could relocate you to a location of your choice. I've attached two job descriptions that I feel may be a great match for you, if you'd like more information feel free to contact me with any questions. I'd like to schedule a time to give you a call to inform you a little more of what our group does, to make sure this position is in line with something you might be interested in, ask you a few questions about yourself and then ask a few basic technical questions.

If you know anyone other talented people who might be interested in either of these positions we have multiple openings for each position in various locations so please forward my contact info on.

Thanks, I hope to hear from you soon,

--
Brad Fuellenbach
bradf@google.com
work: 650.214.4138

It looks good, doesn't it?

It's done the rounds. Enough people have queried it to know that it is (probably) the genuine article, though many are very suspicious. And Brad does call, though many reports do mention the call can be rather later than the agreed time.

The point is that, while no recipient is going to complain because, gosh, they are flattered at being offered the chance to work for Big G, this is in so many ways spam. Google is marketing with this email, make no mistake about that. All job adverts are part marketing and part recruitment, and Google is no exception.

This is Unsolicited Commercial Electronic Communication, with data used for purposes other than those declared by the source site, Sourceforge, thus trawled from Sourceforge (0.8 probability) or from Google's cached Sourceforge pages (0.9 probability), and then used in this way. In any event it comes via Sourceforge through the @users.sourceforge.net email address scheme

"But it's great to get an offer like this!"

Well, it may be for you, but it isn't for everyone. Some people are disturbed by such offers, others offended. Others wonder how it was that their perceived privacy was infringed.

Pretty obviously I'm none of these. I didn't get the email and I'm not a software development guru. But a friend showed this to me and asked me if he should respond, and, if he did, how he should play it. He did object to having received it since he had never stated that he was in the market for a job. He has a prodigious profile on Sourceforge. We know that is where Brad sourced the data because his profile is nowhere else. He feels a little sullied by the approach, though.

After all, if Google were really impressed and really wanted him they would not have used a standard email, now would they?

The job, by the way, is substantially lower than his skill set, and would downgrade his career substantially.

Roche Data and Security Breach - Update 7

I have just come off the phone from a very professional Rochette who called me back full of apologies for the security breach where medical records were released to the web, and for not having been able (read 'allowed') to contact me sooner.

She works in Marketing and was initially of the opinion that it was a technical fault. I think she now knows that, while technology was faulty, the fault was not a technical one, but a human one.

We had a long conversation about customer service and the fact that the lack of an earlier call generated all these update articles.

The upshot?

An apology, of course, and, naturally, I accepted. This does not remove the formal complaint to the UK Information Commissioner, nor Roche's need to answer it.

One things that did surprise me is that there appears to be no Privacy Officer. Instead this seems all to be run by Hazel Clarke in Communications. There is a large learning to be gained there, I feel. Data Privacy is a specialist job. It requires a specialist to handle it

Carnival of the mobilists

I'm not yet sure of carnival etiquette, I suspect linking to the current carnival is good form, so, here is carnival 73, with loads of information about mobiles and marketing.

Data Breaches and Public Confidence - yes, Roche Diagnostics again!

I was looking at data breaches and security breaches today and this article, in PublicTechnology.net caught my eye.

It says:

It is not only the ability to secure UK data that concerns the public. More and more British companies are choosing to outsource their database storage and management facilities overseas. However, the survey reveals that 63% of adults are concerned about the ability of data centres to protect their data, in the UK and abroad.

The survey suggests there is clearly a requirement for the issue of high-profile data breaches to be addressed on a political level as 58% of respondents want to see Government bodies, along with banks and building societies, taking greater responsibility for the protection of personal data.

For those companies which disregard the importance of the immediate communication of security incidents to their affected customers, they can expect to see their customers firstly, abstaining from using their services (53%) before secondly, opting to cancel their credit cards (48%) and thirdly, reporting them to the Police (20%) or national consumer bodies, e.g Watchdog (17%).

Expectations are high for greatly improved customer communication. In fact, 82% claim that they would expect to be notified immediately in the event of a data breach, and more than half would take their custom elsewhere in the event of such a data loss.

Interesting findings, especially the bold paragraph (my emphasis in bold type here). We are unlikely, of course, to abstain from using Roche Diagnostics products because they are a large pharmaceutical company and we would be stupid to ignore any good drugs and medical devices, so we are left with the other channels.

17% of us will report this to investigative TV shows, like Watchdog. It's awful TV journalism, of course it is. The hectoring style sucks and they look like little kids interviewing real people, but it does get adverse publicity suddenly and hugely.

Interesting that no-one reported the percentage of people who will act as investigative journalists on their own and simply place the information on their web sites or blogs or forums for search engines to pick up.

It would be churlish of me to expect Roche to have called me yesterday or to call me today. It's the weekend. In Switzerland the weekend seems to be sacrosanct. No laundry, no car washing, no lawn mowing, etc. But I'm not expecting it on Monday either

Roche Data and Security Breach - Update 6

As one might expect it has been impossible to underestimate Roche's attention to their customers' needs for reassurance in the face of significant medical details being exposed to others on the web on Wednesday. Yes, you've guessed it. They have not called me, though, when one reads OUT-LAW.com one can see that their Hazel Clarke has had time to talk to the press.

So I called the Accu-Chek care line on 0800 701000 and spoke to one of their highly professional supervisors. I do want to make it clear that these supervisors genuinely take the matter highly seriously and are genuinely customer care professionals. Their hands are tied to whatever Roche's corporate reaction happens to be, and they do assure me that I will receive a call from Roche head office.

I believe them as individuals, but I do not believe the corporate assurance, and am not going to hold my breath. I pointed out very clearly that it goes wholly against the grain when they have the time to speak to the press but don't appear to care a jot about their aggrieved customers. The care line supervisor is adding that comment to the increasing pile of emails he has sent to Roche HQ over this. He and I have agreed that he is doing all he can, personally. I'm sure he would like to say, but is too professional to say, that he feels let down by the lack of support from his corporation, but he is a consummate professional and not a hint of that even enters his tone of voice.

At 4:36 the Swiss have long gone home, I'm sure of that, because it's not only Friday, but they are an hour ahead of us. 5:36pm in Switzerland means work is ended for the week.

One wonders how well they would have reacted if the newsletter had hit over the weekend!

Rationally we all know that the damage to their brand will be minimal. It's a small ripple in a pond. The world is not about to end because of their rank stupidity, though a few careers should end there, and end suddenly. But this is a medical records escape, and it is more important than they are giving it credit for. Google, Yahoo and the rest will pick it up, and the fact that Roche Diagnostics had a very bad security breach and allowed sensitive personal data to escape is a matter of record.

They do know, you see. And they know that the press knows. I'll leave the last word in this update to OUT-LAW:

"We did have that issue this week, on Wednesday," said Clarke. "When we became aware of it we immediately acted to rectify the problem. It lasted for a number of minutes, maybe 90 minutes at most."

Follow the update trail

Roche Data Breach - Update 5

No-one, of course, from Roche has called me yet. It's 11:16 in Switzerland. They've been at work a while, but I am unimportant. In many ways this shows the size of the problem. It must be enormous, and the amount of sticking plaster they're trying to put on it must be huge.

Or they are doing nothing at all and waiting for people who are aggrieved to go away, quietly. After all, a call to use is going to be uncomfortable, isn't it. "Hi this is the guy from Roche Diagnostics HQ" is not heralding an easy call or them.

I've rechecked facts on Switzerland, by the way. Not that you knew I was wondering about Switzerland in the first place, but Switzerland is not part of the European Economic Area, and I was temporarily unsure about its status for adequacy for Data Protection as far as the EC is concerned.

It is stated to be adequate, so it is lawful to export data to it, even Sensitive Personal Data. I wanted to be sure because, though I have no idea yet where Roche Diagnostics stores its data, this is one of the questions I will be asking the very nice Rochette who will call me. I do think that, if the data is stored outside the EEA we who register should be asked for permission for that transfer to a third country and should be told where it's stored.

I'm also concerned to know who has had access to my own data record. There was more than sufficient data available to assist identity theft, though the email was an unlikely id theft target. But that also got me thinking.

Identity theft is a major public concern at present, fuelled by media stories. How on earth no-one at Roche noticed that this stuff was not behind even a simple login password is wholly beyond me.

I also registered afresh yesterday to see what permissions I was asked for and what fields were present. Something very odd in the fields. The records I saw had fields like "Warfarin" in them, with yes or no accordingly. But those fields are not present on registration. So where did they get the data that populated the fields initially?

The Accu-Chek database seems to be increasingly peculiar, as well as wholly insecure.

So, I am now waiting for a Rochette to call me. The care line has been told to make little or no comment when called and asked for information, that is clear. That means that the press is already calling and asking for comments, I'm sure.

Follow the update trail

Roche Data Breach - Update 4

It's not as if anything actually happened yesterday. Roche head office people were too busy to phone(!), so I called the care line and asked precisely how much they cared. The care line did call me back to say that I would get a call. They could not say when, but I would get one. Well Switzerland went home before I got one, and I didn't expect otherwise.

I've been pottering around their email. And I've found two further unpleasantnesses:

• There is no Fair Processing Notice on their Forward to a Friend scheme
• When you forward the email to a friend, it also forwards the link to update what I presume to be but cannot check to be my data (well it isn't my data, obviously, because this ill quality assured campaign let me edits six or so other people's data but I never saw my own)

Now I have forwarded the email to one of my other email accounts and it is wholly intact. The link to the data is identical to the link in the original email as far as I can see, though, naturally, since the stable door has been firmly, albeit slowly, shut after the data horse bolted this morning, I can't see whose data it is.

So I am going to make you a bet, one which neither you nor I can win.

I bet that anyone forwarding this email to a friend will have also sent the friend the ability to edit "someone's" data, and, had the system been working - I hesitate to use the term "correctly" - then they would have been able to edit their friend's data. Yes, you got it, no login, no password!

What will happen to the email address I forwarded the email to? That will be interesting. I suspect it will get unsolicited commercial electronic communication - that's spam - because I suspect they are using this as a lead gathering exercise. Well I suspect they were.

The more I dig into this the more I'm disgusted with the things I see. This is eMarketing gone insane.

Roche needs a full Data Protection Audit and a full set of policies and procedures. This is stuff I do all the time for my clients. I conduct an audit with a marketing bent, and show then how to get the best out of their marketing while embracing full data protection. It's not rocket science, any of it, it's just necessary. It's part of brand management and brand protection. Or, in this case, it isn't

Follow the update trail

Roche data breach - update 3

The breach has, of course, been closed. The website remains in an odd state, with the webmaster doubtless feeling content that no personal data is exposed any more. But what an odd state to leave the page in, with an update button and the ability to opt to receive or not to receive html emails on someone's behalf.

Things that were promised have, however, not happened. The phone call to me from Roche head office, something volunteered by the customer care line, is more than somewhat overdue. This had been promised by 11:15 today, and has not happened. The call is intended to make me feel somewhat better about the situation, and thus should be one of the top priorities, as it should be for all those who have called in and who are upset about their medical details being open to the curious world. One would think they had a staff member to spare for this task.

It was, apparently, "something technical that went wrong".

I know, let's blame the computer, like we did in the seventies.

It is not something technical that went wrong at all. The symptom is technical, but the entire design concept of this newsletter campaign suffers from not being signed off correctly by knowledgeable, competent people.

At the time of the design of any marketing campaign especially one that allows the recipient to see their data record, the signature of the corporation's Chief Privacy Officer is mandatory. The CPO's job is to check for:

• SSL certificates where sensitive personal data is available, ideally where any personal data is available, and protection of the transaction behind SSL

The Marketing Director must check:

• A dummy run of the campaign that must be signed off after it has been tested and all the links have been tested. This must be by someone who was not on the campaign team, and who has no vested interest in the campaign themselves

The CIO must check:

• That the data used is precisely the data that should have been used, and that the effect of following any link to amend or gather data is precisely what is expected and desired.

Marketing is not a few kids with good ideas. It never was. Marketing can have far reaching and surprising effects. The effect of this marketing exercise is brand damage. All good marketing should include brand protection.

Follow the update trail

The original reason I was going to write about Roche

I got distracted by their highly disturbing exposure of sensitive personal data. I only clicked that link to see what my communications preferences were. I don't remember signing up for a newsletter, you see. I was trying to check whether I had done so when I found someone else's data record.

The lesson I was about to draw from the email was a simple marketing lesson. Roche started to know about me when I bought my Accu-Chek meter, and when I wanted the free software to link the meter to my computer. That was back in September 2006, and I haven't heard a dickie bird from them since that time.

Then, kaboom, out of the blue today came "TimTrent, Welcome to the first issue of Accu-Chek Reach online magazine". I was surprised precisely because I hadn't expected it. If I'd given permission I had also forgotten I'd given permission. I did recognise the name, so at least they got that right (not my name, but after the data oddities I do wonder how they managed that!) and I opened the email.

The thing about Permission based marketing is that people forget. All I was going to do was to point out that I'd forgotten, and to mention how easily this message could have been perceived as spam, simply because they hadn't bothered to nurture me with happy, useful snippets in the period between September and May.

People forget. Once they forget then you are a spammer. I don't care how much you base your reliance on the fact that I once gave permission, I see you as a spammer as soon as I've forgotten.

Roche data breach - update 2

Now all the fields have gone from the update details page. They continued to go, one at a time, about one every 30 seconds.

Why do it that way?

Why not replace the page with one that says "Out of service for maintenance".

I wonder if they are going to pretend it never happened like my next door neighbour did when he let his greyhound kill one of my cats and then slunk off home fast in case anyone had seen.

Ah wait. They can't do that because people have screen dumps, and they also record the calls in their call centre. I'm being uncharitable.

Or am I?

This is not a tinpot organisation with few resources. This is a major drug company whose depth of wallet is enormous and who have professional webmasters who are meant to know how to do this.

I thought "Maybe this is some useless outsourced marketing agency," so I checked who owns the domain: DNS Stuff says Roche through and through, and with a roche.com email address. OK it could still be outsourced. If it is I would want to check the Data Processor Agreement very carefully indeed, and I, as Roche, would sue the agency out of sight.

See what made me click the link [opens in new window]

Follow the update trail

Roche Data Breach - update 1

I called Roche.

Apparently their head office is looking into it.

They are.

As I refreshed someone else's data I watched fields vanish in front of my eyes. Personal data is now not being revealed, BUT, and this is scary, I can still edit the data for a random subscriber and I have been putting the words "this data is compromised" in the records I meet.

Roche's care line called me back. They do understand it to be a confidentiality issue, of course they do, but why is the website still allowing me to edit data that is not my own, and why is SSL technology not deployed.

In fact, why is this web page still up?

My complaint to the UKIC is in, with evidence of the other people's identities, screenshots without redaction, sent to the UKIC's office under the confidentiality of the complaint.

As a professional privacy consultant this makes me seethe with anger. And I am the more angry because I know that the UKIC's powers are irrelevant in this because the data breach will have been sealed and he will thus be unable to follow it through within the law as it stands today.

As Roche call me again, I will brief you again

Follow the update trail

Roche Diagnostics releases Medical Data via the web

Hot on the heels of the Astroglide Sex Lubricant disaster where details of Astroglide free Sample requestors "slipped out", Roche Diagnostics, makers of the Accu-Chek range of diabetic meters have today released random details via their email list to each of us who has registered for their newsletter.

I registered some time ago. I was about to pen a piece on the very poor marketing of sending me a newsletter only now after I registered for it back in September 2006. I clicked the button "Update your profile" and was given the record of what appears to be a Roche employee instead of my own. I clicked again and was given the full record of a very nice gentleman in Crewe. He was aghast when I called him and told him I could see his data. I clicked again and "met" a chap in Manchester whose phone was on voicemail. Another in Lincolnshire was amazed. People are clicking and phoning the next couple on the list. A screen shot, suitably redacted is to the right.

Note that SSL technology is not used. This is Sensitive Data under the terms of the UK Data Protection Act 1998, and it is not protected properly

I've looked at the Roche website and it has an excellent privacy policy, and no useful contact details.

Next step?

The UK Information Commissioner for a formal complaint

Follow the update trail

See Also Compliance and Privacy News

Dovetailing SMS Marketing and Traditional campaigns

I'm continuing on my "wonder how to deploy SMS Marketing" theme. I confess I have more questions than answers, and suspect I'm no different from any marketer who is struggling to understand the virtues and risks of texting a mobile phone.

Let's get lawfulness out of the way. Apart from being highly desirable to have permission to market to a mobile phone, in the European Community it is against the law to send Unsolicited Commercial Electronic Communications (those things we all know to be spam). We have Directive 2002/58/EC and its national interpretations to than for that, and it's a good thing.

It does mean we're restricted in how we ask for permission. We may not text to get it, nor may we email. Not in an unsolicited manner, that is. So we have to design campaigns that solicit permission.

We know that no-one except a fool will give blanket permission for filling a mobile up with anything, though we also know that fools abound. There was a recent UK TV campaign to get you to text in the answer to a TV competition, and to prevent marketing you also had to state "No Marketing" in your entry. To me that is plain sucky, and just cheats. It looks and feels like Opt Out marketing when the law requires Opt In.

To get permission the campaign must offer something of value. It has to be worth the very few characters indeed available in an SMS message. And that message must contain details of the sender and how to unsubscribe. Fewer characters available.

I've looked at the hairdresser who texts selected regular customers when she has a short notice appointment available. I like that a lot. I'm not sure if it's marketing or notification of a spare timeslot, so I think it's brilliant. I want, somehow, to extend this into a full service marketing campaign that covers all bases.

The problem is that my thinking is running along the lines of a time critical event being the right thing for an SMS message. Clearly I need help here.

Big campaigns start with advertising of some description to raise brand awareness, or to protect a brand, or as a call to action. "Text 'hit me' to [number] and we'll send you [stuff] about [item], direct to your batphone, Free!". That's in your face and direct enough. That works on TV, on hoardings, on buses, on the radio.

But it only grabs those who want to be texted, and it requires strong opt in action. Also most products or services have no reasonable time critical "stuff" to send. I want an integrated campaign.

I want TV, billboards, web, mail, email, and SMS. I think we can ignore fax for this century!

What I don't want to do is to drive people to each vehicle in turn. This isn't an academic exercise in communicating with folk, it's an exercise in preparing folk to part with money. SO we need to take them along the buying journey wherever the see the call to action.

TV is presently full in the UK of "yougetmygoat.com" (look it probably exists, I haven't checked it, follow it at your own risk) advertising that goat insurance is cheaper with them and with no-one else.

So, just maybe there is scope for a TV campaign that gets you to text in your renewal date so it can text you to remind you to get a quite with them? Back that with a web landing page that offers to do it by email or SMS provided you have 27 years no claims discount and present yourself with all grandparents living. That starts to make sense.

Except that we lie. I've never yet given the right answer for a renewal date in a lifestyle questionnaire, and I'm not hugely likely to start now for SMS messages. Anyway I'm not really sure if I know it.

I do think I'm getting clearer on SMS validity in campaign offerings, though. I can start to see past my inherent distaste for SMS marketing and watch as the vista starts to open up. With care I can design campaigns that will benefit from this marketing tool. I must remember that the text message is not the end product. It is simply another call to action. That hairdresser has it wholly right.

The most bizarre Customer Service message ever?

Remember MyNow (my ISP) and the customer service desk that has contracted its hours to between 9am and 7pm Monday to Friday, making it impossible for you to get problems solved before or after work?

My take on that is that is that they have insufficient funds to pay the outsourced support centre. I emailed them

I said:

"There was a service outage over the weekend where http access was not geting through to initially odd sites and later to all sites I tried.

I called the support centre to note that you have contracted your support hours to 9am to 7pm.

I would like you to note that is is negative progress. It means that customers cannot get help before they go to work, and not after they return from work, nor can they get help during weekends"

They replied

"Many thanks for your email.

We have reduced our hours of coverage due to our customers being able to perform lots of the most common requests we receive on line.

I can fully appreciate that some customers may find this inconvenient, but we do offer email support for the periods we are not here in person to handle calls.

I hope your issue was resolved when you called us."

Unusual idea, that. Or, just perhaps, it means "We noticed that the longer we accept support requests, the more we get. obviously by not accepting any support requests there will be no incidents and thus perfect service. hence we decided to stop our support immediately"

So they are approaching perfection, obviously. They doubtless have the Tao of Customer Service.

Unfortunately it sends out a very poor marketing message. I have mentioned to them that their email does make precisely no sense at all, and am awaiting a response.

Analysing this from a marketing perspective, knowing that it takes at least six times the cost and effort to win a customer as to retain a customer, they are trying very hard to make sure that their churn rates increase stupendously. This will cost them dearly in acquisition costs for new customers and mean they can afford support less and less. Obviously their brand matters little to them, or Customer Service would also be tasked with brand protection.

Let's look at this sentence: "We have reduced our hours of coverage due to our customers being able to perform lots of the most common requests we receive on line." I have a very simple question.

If the customers can do these things, why are they calling the support desk?

My other thought is that I call the support desk when the service fails. How do they know the service has failed for me if I can't call them? (I know the NOC is meant to be monitoring things, but prior experience leads me to believe that I am more proactive than they are).

Also "we do offer email support for the periods we are not here in person to handle calls". It is rather unusual to suggest that I email the support centre to get help because the network is dead. Or do they have a scéance interface?

When Customer Service kills customers is the corporation in trouble?

You would think that a humongous corporation like PCCW, the Hong Kong based communications giant which owns UK Broadband, supplier of the system “Now Broadband” which was launched in the UK as Netvigator, would have sufficient money to invest in a pioneering new service that it can keep its customer service desk open 24/7, or at least the 7 part. Again this is marketing, or the lack of realisation that marketing and customer service should be synonymous.

I’m currently writing this blog in word. My normal custom is to write it directly within the blogger environment, online, but I can’t. I can’t because I can’t connect to Now Broadband, and I can’t call customer service because it’s a Sunday. In fact I couldn’t have called them yesterday either. Since Monday is a public holiday in the UK I suspect I won’t be able to call them then either. When I call them I may only call them between the hours of 9am and 7pm. Those hours used to be 8am to 8pm. And I am receiving a marketing message because of that cutback. That message is not “Our service is so reliable that we no longer need the extra hours.” That message is “Hmm, not enough customers to be able to afford the support desk.”

I could be entirely incorrect in the way I read the marketing message, I suppose, but, after the initial very enthusiastic marketing drive, a load of shopping centre booths, the usual bevy of sexy girls handing out leaflets, and their installation support team in liveried Smart cars, I’ve seen and heard very little about them. So I am adding together a very poor marketing message from what is, when it’s open, a very good support team, and a lack of visible marketing, and finding that the investment is tailing off. But why?

These people have a world beating service concept. They offer broadband internet connection wholly independent of the telephone. They use an old military radio frequency, similar to a cellular system, and their modems connect by radio. I’m saying “radio” because I don’t want to confuse this with “wireless broadband” which seems to be a generic and incorrect marketing term used for WiFi networks connected to the old landline broadband. Now Broadband is the future of internet access because it is radio linked. You can even get a card for your laptop to connect it directly. I tend to be an early adopter. I bought Betamax, for example. Sometimes I get it wrong, sometimes right. I went for this service for three reasons:

1. BT fouled up badly
2. Netvigator (as it was then, MyNow or Now Broadband today) was available within 24 hours
3. I could see that, in due course, my laptop would be able to roam on their network

We’ve had our disagreements, UK Broadband and I. Their initial customer support desk was in Hong Kong and it was challenging to understand the support team’s accent and the support team had only experience of the same system in the crowded Hong Kong city environment, where it works well, and no knowledge of UK geography. They migrated to an outsourced call centre in the UK in the T Mobile building. It shares the same music on hold! The new call centre, once it had learnt the system, became excellent very fast. It sent, with its restricted hours, a message that “We’re growing, we can’t be everywhere at once, but we’re here to help you.”

Cutting the hours down says “We can’t afford to help you before you go to work. In fact, since we close at 7pm, you’d better find you’ve got a problem fast or we won’t be able to help you today at all.” It says to me that the service level is being reduced because the budget is being cut. Budgets get cut when business targets are underachieved.

The service is fairly reliable. Almost all of the time I have full internet connectivity at decent speed from my lonely outpost at the edge of the Thames Valley original Netvigator test marketing zone. I connect to Base Station 12, which is on top of the Bracknell Hilton National Hotel. It seems to go down often, but a call to the service desk usually gets it back on the air in a short while. The technology isn’t new, so why it goes down is beyond me. Perhaps a cleaner unplugs it to plug the vacuum cleaner in? I do get concerned because I always report the failure before anyone has told the support desk, and the support desk have to tell the Network Operations Centre, who often seem not to believe them, but that is an internal issue they just need to solve. You see, I don’t really mind that because I’m an early adopter. I see that as almost positive.

Until relatively recently I asked for a small refund each time I had poor service, and I received it. I was never worried about the money, the refund was designed to make UK Broadband realise that a loyal and pioneering customer was again being inconvenienced. I did receive a solid marketing message last time I asked, though. I was given the option of either an immense refund and no refunds ever again or to cancel the service with a full refund of all money paid. And that gave me a marketing message as well. It said “It’s too much trouble to provide a decent service. We are no longer interested in you because you ask for good service, and we absolutely want you to leave.”

Now that’s marketing! It does make sense to get rid of customers who cost you money, of course it does, but why not just get it right, instead, and appreciate loyalty? How does such an approach stand with building and protecting your brand?

As a postscript the service came back about an hour ago.

As a further postscript I emailed them about the contraction of their hours

Weekends and Wildlife

It's the weekend, and we could all do with a break from work.

Remember "my" hedgehog? He (she?) "left home". No more hedgehog poo, no eating the special hedgehog nibbles, no more slug and snail chomping. But it survived the winter, which is great.

We've added a squirrel feeder to our bird feeders. The little blighters are learning how to use it instead of trying to eat steel wire, but they do take ages to understand that the lid's easy to lift.

We also added a home for Mason Bees to our back house wall in full sun. They love it. We knew we had them because we've got reused bricks in the house and they investigated and rejected all the holes. I fell for the marketing! I would have bought a bumble bee home, but the design means they fill with water. Stupid designer, that. They tend not to fly if they're drowned.

Bad customer service begets bad customer service

A post or two lower down I mention the SuperCook product from Hero called Vege-Gel and my experience of feeling that my needs and concerns were ignored, leading to a low opinion of what I imagine to be an excellent corporation.

I was concerned that they had no idea that email was to be responded to, or at least acknowledged, by email, and that this lack of immediacy of reply then set my expectation of poor service. This low expectation has been exceeded. It has been almost impossible to underestimate the level of importance given to a customer who complains.

I was naive enough to imagine that my snarlogram, would actually get a real response. I am naive, you see. I expect good service and I expect good marketing. I see the two as entirely synonymous. What I got was two things:

1. No reply to my email replying to "reception@"
2. The promised letter with a handful of vouchers

I told a friend. he said "I don't like this" - "Oh come on, just eat more and it'll be ok".

I expect I can find something to buy with the vouchers. But the point is that I don't care about vouchers. I care about service, and, so far, there has been none. I find that depressing. It's more depressing because the first paragraph of the standard letter says:

"We are very concerned that you had cause to contact us about [Vege-Gel], but would thank you for taking the time and trouble to bring this matter to our attention"

Not very concerned at all, now are they? The rest of the letter is banal platitudes as well. I know it's a standard letter because it's computer signed. Lasering a signature on to a letter like this saves time and trouble, and says once more "You may think you are important to us, but you are just a cipher. Please go and play on the motorway". Ok, it doesn't go that far!

The letter comes on Swiss letterhead, with a Swiss phone number and, if I am unfair, very poor quality paper. But it was just a low value food product, so that is, presumably, all I deserve.

You see where I'm headed with this case study?

I may not always be right as a customer, but I want to be treated right. Doing that costs money. The money they made on me so far was less than 10 pence. The money they've spent is substantially greater than that, I accept that, but I am not asking them to spend money, as I was also not asking for vouchers. I was expecting my feedback to be taken seriously. Have I said I am naive yet? Ah yes, I have. Or, if it was not taken seriously, for it to appear to me that I was taken seriously.

What I would have expected was a reply paid label or a freepost address to return the product "for investigation". That looks as though they take it seriously, even if they just bin it when it gets back to base. That's part of marketing, and its good service, too. What if the product I have is actually faulty? What if it turns out to be like the US petfood disaster and is in some manner contaminated? Surely they have a duty of care to at least start the process to find this out?

What do we take away from this?

The same message that the John Lewis Partnership understood years ago. A marketing message:

"Handle a complaint well and you have a customer for life, and they tell their friends. Handle it badly and they tell their friends."

Have a look at Chance's jcCommerce blog to see more of what I mean

Just how stupid do they think we are?

I have just been spammed by an organisation, clvr.co.uk, whose domain is registered by "A non trading individual who has opted out of being listed" in the domain name registration system, but who appears to be Stefan Gryko according to the cached version of AbuseButler. They are flogging cars, probably. Hmm, so "non trading", then?

Stefan is also listed as a director of CLVR. "non trading" indeed!

The spam is headed "You are receiving this e-mail from CLVR because you have previously indicated you wished to receive mailings of this type. To unsubscribe, please click here"

Have I ever indicated I wish to receive trash from them? No, I have not. Nor have I ever given them permission to email me, nor indicated that anyone may email me with offers of this nature.

I checked the Register of Data Controllers. A company has notified the UKIC from a geographically close address. It may be them.

Their web site, as all web sites do, looks fine. But so do phishing sites. My antennae say spam, spam, spam. Which means they pass the duck test and are spammers.

We're back to the age old message "No Permission, No Campaign"

I will buy from them only if all other car dealers have been shot and I need a car. Did they damage their brand? Well, no, because they have no brand to damage.

I suppose I could call them on 0870 383 1802 which is the number they used in their spam, but why waste a call. I've emailed them to ask where they got my data from. I may use a formal Subject Access Request later if I get no response.

Spam does not work. Or rather, spam only works for scams.

Customer Service is Marketing by a different name

The sole difference is that good customer service goes almost unnoticed and bad customer service wrecks your brand.

I have just had a customer service experience with a food manufacturer. As an omnivore I am unused to vegetarian preparations, but I had a vegetarian coming to tea on Sunday and we were having a fruit jelly. My local supermarket stocks Vege-Gel, a gelatine substitute suitable for vegetarians. I've never used it before, followed the instructions with care, and had a bad experience with it, flavour-wise. I have no idea whether I had a faulty product or whether this is the normal effect, and we are not judging the performance of the product. It simply produced a flavour I was unused to and found unacceptable.

I emailed the address on the Supercook website with a snarlogram. I had to go shopping again and had wasted ingredients and wasted time, the latter being in very short supply.

By Wednesday evening I was wondering why I had received no reply, and re-emailed the customer service address, oddly "info@", suggesting that customer service was lacking.

You can see at this point that the immediate opportunity for brand protection had been missed. My happiness could have been restored by a simple automatic acknowledgment earlier, but this was not the case. But, this morning, Thursday, I received an email of apology stating that a letter had been sent.

Now, the fact that a letter has been sent is both good and also costly. It also misses the point that email is an immediate medium and requires an immediate reply. This is where marketing comes in. Marketing is not just to create new sales, but it is to prevent loss of customers. They'd only just "won" me as a customer. I'd bought two packets of the stuff. Lack of marketing during the initial customer service experience has already caused me to doubt their commitment to service, so how is an eventual letter going to re-win me?

Interestingly they use a weird "from address" on their email. "reception@" is the email address. Does this mean I am being dealt with by the receptionist? Surely I am worth more than that? Was it too hard to create an email address "customercare@"?

Many marketing errors, here, and a great lesson for them if they will learn it.

Customer Service is Marketing. Look at your own customer service operation from a marketing perspective.

• Does it enhance your brand?
  
• Is brand protection part of its brief?
  
• Does it harm your brand?
• Are you proud of it?

Get the answers to these questions wrong in your marketplace and it matters. Customers, even in retail stores, take a lot of winning. Can you afford to lose them by addressing a service issue poorly?

I have had a reply

Chihuahua to become a Rottweiler? UKIC asks for new teeth

Will it happen? I doubt it. There's as much chance as finding Lord Lucan riding Shergar. You see the primary target is government and surveillance powers. Richard Thomas, rightly, wants his office to be able to do what it was designed to do and say NO loudly, firmly and effectively. Governments want him to wag his tail and do tricks for them.

But there is hope:

'Give me more power,' says UK Information Commissioner

The information commissioner has proposed new safeguards to ensure the UK does not become a “surveillance society”.

Giving evidence before the Home Affairs select committee, information commissioner Richard Thomas has also called for stronger powers to allow his office (the ICO) to carry out inspections and audits.

Currently, the commissioner must gain consent before inspecting an organisation for compliance with the Data Protection Act.

Thomas said, “People now understand that data protection is an essential barrier to excessive surveillance. But it is wrong that my office cannot find out what is happening in practice without the consent of each organisation.”

There is also a concern that too much surveillance will create a climate of fear and suspicion, said Thomas.

This is encouraging, and was picked up by Compliance and Privacy from Computer Weekly. But it's not going to happen.

Why should we care?

Simple. If we espouse Permission Based Marketing and the fact that individuals have rights, then we, as marketers, need to take the moral high ground. This provides brand protection as well as enhanced return on investment.

The question is, what can we do to support Thomas?

One way is to complain properly and formally about every beach we see. Sheer pressure of work is a good driver and gives him serious ammunition to base his requests for powers. Good marketers need this law enforced well. It seems that our regulator just needs a larger set of teeth and a strongr bite.

SMS Marketing: What are the applications?

I've been thinking about this recently, prompted by various discussions, and by reading the blogs of mobilists.

The demographics of text messaging are not wholly biased towards youth, but they do seem mostly youth biased. And, while youth has money, the grey cash from my generation is a huge and untapped pool. Sure, we have major commitments, too, but we also tend to have larger salaries because of longer time served, if nothing else.

Texting is a weird thing. My son will text rather than phone me even though his phone contract gives him unlimited free minutes between our phones. Text seems to appeal to him because he has no need to interact. The message is transactional, and one way only. No discussion.

So, I know why texting appeals to him, both to send and receive, with his peers and his family. I also know that he hates managing text messages in his phone's memory, and gets fed up when the memory is full because he loses inbound texts. He also likes receiving his bank balance by text. Well, me too.

I'm guessing, based on a sample of one, that he is pretty normal in his phone habits.

So, what advertising applications would appeal to him, and, come to that, to me?

• Gig ticket availability, though the gigs he goes to have often sold out the second internet booking opens, and that date and time is well publicised in advance. An interesting application there for ticket touts, though!
• Flight availability based on the timeframe for travel
• Special offers from stores, probably online stores, that are time critical
• Immediate and practical information about an initerary.
  

There'll be more of those. Maybe, just maybe, we could get a discussion going in the comments?

What do I not want?

• Generic information that I could have just as easily and more fully by email. Your trade puffery has no place in my phone
• Any message that costs me money to receive. Ringtones are ringtones. I can live with the Nokia Tune if I have to. And a paid for screensaver is..... ridiculous. As for the crunchy frog.... Ok, crazy frog....
• Obsolete information. Text messages do not always arrive the moment they're sent. Sometimes there are huge delays
• Information for a part of the world I am not in, unless I opt for it.
• Any unsolicited information. Yes I know Europe has 2002/58/EC and the UK has the PECR, but people use offshore centres for this and weasel around the law.

I do not want political messages. Tomorrow, in the UK, we have local elections. Luckily there is no "spam exemption" for political parties or I could envisage batphone meltdown as a load of "Vote for Baines" messages start arriving in double quick time. The world does not have sufficient Astroglide to allow us to use mobile phones as suppositories for over enthusiastic candidates! Come to that, with Astroglide's leaky website....

You can start to see what interests me and what does not. Since SMS marketing absolutely has to be permission based then it is no surprise to know that I, not you, will regulate what appears on my phone. Your issue is to interest me in your offering so much that I want to receive texts from you.

But I am often in the car, driving. Text messages arriving while I'm driving are a major annoyance. I may not pick up my phone and read them. I'd not only be a total idiot, I'd break the law and risk penalty points on my licence and a fine. Stopping the car and reading a text message only to find it is one that was not time critical is going to result in my unsubscription immediately because you are more trouble than you are worth. And that includes alerts like "there is a traffic jam on the M25", even if they are helpful, because I am on the M6 and heading north, or I have already hit the M25 jam.

You can see I'm trying to puzzle out applications for SMS marketing. I'm always happy to have extra thought, even huge disagreement. What's your take on it? Where is it a good thing? And why?