If you want to collect personal information about someone on a site, say before you let them download software or something, why would you not validate the form fields. If you’re extreme, you’ll check the existence of the address, even. Or do one of those email loop-back checks (send the URL of where to download via email, so you’ll at least get a real email address). But even if you don’t do any of that, it makes sense to at least validate the format of the entry. Phone numbers, email addresses and zip/postal codes all follow standard formats that are easy to test against. Phone numbers should be all numeric (apart from perhaps parentheses, hypens, periods and spaces). Zip & postal codes both follow standard formats. There’s only so many permutations of email addresses. and if there’s no @ or two .s in a row, you know it’s bad. A quick Google will give you a variety of regular-expression match cases for all of these. So go on, validate your forms, or don’t bother having them at all.