Prevention is Key: Multiple-Recipient Emails Can Become A Data Protection Risk
The mass and bulk mail functions of commonly used email clients are very popular among businesses. These functions allow for the swift distribution of emails to multiple recipients. Although they simplify the process of providing the same information, such as newsletters, to a certain circle of recipients, inappropriate use of the functions can quickly lead to expensive data protection risks. The email experts of GROUP Business Software AG (GBS) caution their clients about this issue. "The most common mistake in this context is that recipient email addresses are not entered into the ‘Bcc’ field, but the openly visible ‘To’ or ‘Cc ‘fields,” explains Andreas Richter, GBS’ Vice President Marketing.
Since email addresses are considered personal data, they are subject to the German data protection law (BDSG). The Bavarian state agency for data protection (BayLDA) has recently fined a company, whose employee sent an email to multiple recipients without using the blind copy function. The company’s entire mailing list could be viewed by all recipients. "In addition to fines, one should also not underestimate possible damages to a company’s image, which can result from misuses of this nature", Richter points out.
To counteract negligence of this kind, GBS provides iQ.Suite, a central email management solution for the leading email platforms. Using the solution, companies can avoid the loss of data, as well as fines and resulting damages to their image. The use of iQ.Suite ensures that the recipients on large distribution lists are always added to the blind copy field, even if the sender accidentally entered the list into ‘To’ or ‘Cc.’ For this purpose, the solution employs a rule-based approach and counts whether the number of recipients exceeds a defined threshold level. If the level is exceeded, recipients are automatically copied into Bcc. “It ensures that employees –purposely or not – can no longer send out emails with open recipient lists. This improves data protection and compliance with legal guidelines in companies”, says the GBS expert.