By now you probably know about the New York Times’ little email error on Wednesday, December 27. But if you don’t, here’s the nutshell: The Times sent a ‘Cancellation’ email to 8.6 million people, presumably every single one of their online email subscribers. The email was meant only for those who actually subscribe to the paper’s home delivery service.

First the Times claimed it was spam, then blamed their email service provider Epsilon, and finally fessed up; The Times did it themselves.

As I’m sure we’re all wondering: How exactly did it happen? And how can you avoid it? Only people at the Times know for sure, but it’s possible, in fact easy, to guess. In fact, it’s a worthwhile exercise, because it may help you to avoid copying their mistake.

Let’s consider what we know:

• The email itself is of the ‘transactional’ variety, designed to be sent to people who canceled their subscription recently, supposedly about 300 people, not 8.6 million.
• It is very likely that the emails were triggered to send immediately after some change in the database, like an upload of canceled subscribers. This may have been automated or transferred as a .CSV or some other kind of data file compiled by the circulation department.
• It is likely that the Times uploaded, updated or moved their entire subscriber database, changing the field that is used to trigger the cancel emails, which is how 8.6 million people would wind up in the ‘Canceled’ category.
• If the database driving the auto-trigger is part of a web analytics platform or the site’s backend, it could have been altered by another department doing something that was considered purely technical and unrelated. This could mean the marketing and circulation departments had nothing to do with this. The database update was made by people whose primary focus is elsewhere, and whom are not familiar with the email system.
• Or, it is possible that someone in the marketing or circulation department was playing with the database, maybe ‘cleaning up’ fields, without considering the consequences.
• Finally, while it’s interesting to imagine that someone pressed the wrong button somewhere. It may have been an automatic change triggered a long time ago, when somebody set a transactional mailing to run for a very long time, like 24 months, before expiring and throwing the emails into the regular queue.

What doesn’t seem likely is that someone manually set up the ‘Cancellation’ email and selected the entire database by accident. I’d like to think the people at the Times are beyond that.

The bottom line:

Today’s most advanced email systems have a lot of moving parts, including triggers and filters, database connections, hundreds of fields, countless segments, dynamic content, differing browser compatibility, myriad admin levels, and multiple departments with people of varied experience. How many marketers have made manual uploads, global field changes, or set up automated systems and made a few compromises?

It isn’t just a matter of testing the content and using a browser with your email platform (though these measures help). You have to run all the scenarios. You have to think about the worst case outcome before uploading a file, integrating a database, eliminating or merging a field, or setting up a trigger.

Somebody within the New York Times is being called onto the carpet, where the explanation may be too technical and complex for the bosses to understand. That somebody, who may or may not even be at fault, is headed for the door. Don’t be that person.

Email is an extremely powerful communications tool. And remember, with great power…

Crossposted at The Net Atlantic Email Marketing Blog