The HN title is misleading - it wasn’t a bug report but the Yubikey 4 replacement. The process by which it happened seems understandable: they used their existing store to process replacements (you got a coupon code for the same model as your old key) and notified all past customers when a major new standard shipped.<p>They should have handled that better and made it clearer under which conditions you’d get email but it’s way down the list of annoying corporate email practices.
I've experienced similar issues with sites where someone else used my e-mail address to sign-up for something, I purposefully <i>did not</i> follow the authorization URL, and the companies have flatly refused to delete my fraudulent accounts or remove me from their mailing lists.<p>One in particular tried to tell me to reset the password on the account so that I could sign in and opt-out of the mailing lists. I refused, saying that doing so would be acknowledging the account as mine and putting the onus on me to manage something I never signed up for. They refused to budge, despite numerous escalations.<p>I swear I feel more like Hank Hill every day.
> Sadly I have no idea what is a viable alternative to Yubikeys, but at least we're not likely to buy any more any time soon.<p>Nitrokey: <a href="https://www.nitrokey.com/" rel="nofollow">https://www.nitrokey.com/</a>
> If you are a registered user of a Yubico website and have supplied your email address, Yubico may occasionally send you an email to tell you about new features, solicit your feedback, or just keep you up to date with what’s going on with Yubico and our products.<p>If they made the author a "registered user" when he submitted his address to the replacement program, they should make it clear that's what is happening. Or they need to expand their TOS language a bit...
Yubico is a Swedish company, so you may want to consider filing a complaint with the Swedish data protection authority:
<a href="https://www.datainspektionen.se/in-english/contact-us/" rel="nofollow">https://www.datainspektionen.se/in-english/contact-us/</a>
Marketing teams really need to be kept in check. I get it they're pressed for results with often limited budgets and tools, but there needs to be some basic ethics at every company. To me, this is just as bad as bundling security updates with mandatory new features....
My policy: if email is interesting/relavent. Do nothing.<p>If I remember subscribing and haven't attempted to unsubscribe in the past, attempt to unsubscribe. Spending max 10 seconds.<p>All other situations, hit "mark as spam"
Take a step back and look at the system.<p>Venture backed companies are required to grow fast to be competitive.<p>They do whatever they can to achieve this goal. Complain about that, not an individual. The individual is just trying to survive.<p>Sad thing is that this tactic works.<p>It’s likely that more people will end up buying because of this tactic then will care about it.
In the pantheon of tech company misconduct, opting users into marketing emails when they open a support request seems pretty minor (especially if they can easily opt-out).<p>This is at worst, a trivial annoyance. I don't see how we need regulation to outlaw this behaviour.