Marketing Merlins will soon face some tough choices on when and how to conjure up customers. To spam or not to spam? The old guideline was to follow the letter of the lagging law; if it isn't illegal, go ahead and do it. However, astute industry observers may soon feel the crack of a backlash. The consumer mudslide that swamped the Federal Trade Commission's Do Not Call Registry last year could herald the beginning of the end for unsolicited sales, especially those that take advantage of popular new consumer technologies. CSOs and their fellow executives will have to tread carefully if they plan to use instant messaging or short message service (SMS) for customer outreach.These technologies include dedicated hardware like cell phones and BlackBerrys as well as "soft" products such as variations of IM. SMS is becoming increasingly attractive to consumers because of the low cost per message unit (under a dollar to send, 2 or 3 cents to receive). This affordability has nurtured experimental consumer-to-consumer social networking like flash mobs in the United States and "thumbing" (the culture of constant one-thumb text-messaging on cell phones) in Europe and Japan. It's going to be very tempting for product managers to latch onto these trends to boost their stats. At some level, direct marketing is a numbers game; like fishing with dynamite, it's not sporting but it works.The members of generation IM are often known to their friends more by their e-mail addresses and cell phone numbers than by postal addresses or home phone numbers. This identification effect will be intensified by recently enacted cell phone portability rules that allow phone numbers that last nearly a lifetime. Marketing moss grows on these stationary addresses the longer they are used, increasing their visibility and chances they will be used by outsiders. Users are going to be angry if they're forced to give up their online identity because of the buildup of sales and marketing crud. It'd be a shame if this slows the growth of technologies like SMS, which showed such promise as an emergency communication system during the 9\/11 attacks.Of course, marketers always have rationalizations for reaching out and touching someone, although some of the excuses seem counterintuitive. For instance, in a rational world, a customer who bought something from a retailer should be rewarded by not receiving offers.Security officers are in a unique position to suggest such alternative approaches. New projects utilizing leading-edge technology will need security buy-in at some point. When that happens, consider thinking through your approach ethically rather than legally. Just because you can do something doesn't mean you should. Here are some guidelines for so-called ethical spam usage:* Use opt-in for each form of communication and for each subject area.* Offer real value when communicating with customers.* Make it easy for customers to get off the list if they inadvertently end up on it.* Factor the inconvenience or cost to the recipients into your decision.* If you do it anyway, batten down the hatches and prepare for retaliation. The Internet community has a long history of aggressive responses to commercial intrusiveness.A good way to approach the problem is to think about it as a trade-off between providing a legitimate benefit to the customer evaluated against the cost to the recipient. Cost, of course, is often about inconvenience rather than money.It's easy to start shooting blindly when technology flushes new targets out of the bushes. But accomplished hunters don't strip an area bare. They know that practicing conservation now will reward them with good hunting for many years to come.