
Ask HN: Twoo.com creating accounts on invite, how legal is this? - cyberfart
Following some friend invite, I received an e-mail from twoo.com, something like:<p>&quot;Congratulations, you&#x27;re now a twoo member. Welcome to twoo, here are your login details.
E-mail: &lt;my email&gt; Password: 8-character random hex&quot;<p>Is this legal?
======
celticninja
All they have done is create an account linked to your email address,
essentially just a string of text. Not sure what you think is illegal exactly.

------
troydavis
What celticninja said. I’d be surprised if any jurisdiction had a law
preventing this; the US does not.

Their SMTP or Internet transit provider’s terms of service is another story.
Some allow single opt-in subscriptions and memberships, some don’t, and some
(most?) don’t mind unless it generates complaints.

Twoo is known for this ([https://techcrunch.com/2013/08/03/a-year-of-spam-
twoo/](https://techcrunch.com/2013/08/03/a-year-of-spam-twoo/)), so if you
don’t like it, their SMTP or transit carriers are probably the only recourse,
and probably doesn’t care.

------
borplk
As another person said it's just "semantics" so it's going to be legal.

They can't pretend that you checked the "I agree to the terms of service ..."
checkbox just yet.

So technically they can't "make you a member" against your will they are just
bringing you very close to becoming one.

------
claudiulodro
That part is probably legal. Not sure what their TOS is, but their TOS might
be unenforceable since you never had an opportunity to inspect or accept it
before your account was automatically created for you.

(Disclaimer: Not a lawyer. Don't know much about law.)

------
glorkk
Yes, facebook is doing the same thing (google shadow profiles). Really scummy
practice, but nothing illegal there.

------
1000units
They're free to record whatever data they've gathered about you. Whether you
become a "member" of their service is semantics.

I suspect this thread is an act of guerrilla marketing.

~~~
cyberfart
It's not. I'm just a pissed of person annoyed by scummy user acquisition
practices.

And I suspected that in EU, storing e-mail addresses without user's permission
might actually be illegal.

~~~
throwaway4816
The EU has the ePrivacy Directive 2002/58/EC. Article 13 prohibits the use of
email addresses for marketing purposes. The Directive establishes the opt-in
regime, where unsolicited emails may be sent only with prior agreement of the
recipient.

The Internet is the wild wild west, lots of scummy practices (including shadow
profiles).

