Email communication, while convenient, often becomes the Achilles’ heel of data privacy. The misuse of ‘Carbon Copy’ (CC) and ‘Blind Carbon Copy’ (BCC) features in emails is a common cause of unintended data breaches. So, should we use CC, BCC, or neither? Let’s explore further.
The Pitfalls of CC and BCC
CC is a way to include multiple recipients in an email conversation, with each recipient’s email address visible to all. On one hand, it fosters an open line of communication. On the other, it can lead to privacy violations if sensitive information is involved, for example, copying another individual in an email that infers an individual’s medical condition when they didn’t have any reason to know about it.
BCC offers more privacy, hiding the recipients from each other. However, it should not be used to send sensitive information to individuals. If an individual selects the CC option in error, this will very likely result in a data breach as this would expose individuals’ email addresses and potentially sensitive information without their permission.
The Information Commissioner’s Office (ICO) Guidance
The Information Commissioner’s Office (ICO) warned against relying on BCC for sending sensitive information and suggested alternatives like bulk email services, mail merge, or secure data transfer services.
The ICO issued reprimands to two organisations in Northern Ireland for improperly disclosing personal data in an email. In a separate incident, NHS Highland was reprimanded after a data breach occurred, in which sensitive details about individuals accessing HIV services were inadvertently exposed. This breach was due to the use of the ‘CC’ (Carbon Copy) field in an email, leading to the unintended sharing of sensitive information.
The error meant that recipients of the email could see the personal email addresses of other people receiving the email. One person confirmed that they recognised four other individuals, one of whom was a previous sexual partner.
The ICO emphasises that organisations must have appropriate measures in place to ensure the security of personal information, such as implementing appropriate technical and organisational measures and by documenting processes and procedures for sending bulk emails.
Best Practices for Email Communication
This type of data breach is all too common but is easily avoidable. To mitigate risks, the ICO expects organisations to do the following in order to comply effectively with the law:
- Use Secure Email Tools: Opt for dedicated bulk email platforms or mail merge services that offer better security and privacy controls when sending emails to multiple individuals.
- Educate Your Team: Regular training on how to comply with data protection law and email best practices is crucial in reducing the risk of a personal data breach.
- Implement Technical Measures: Consider setting up rules to alert senders when using CC, delay email sending to allow for a window of opportunity for error checking and disable auto-complete for email addresses to reduce the risk of sending emails to the wrong people. This helps ensure you are not sharing personal information with other people by mistake.
Conclusion
In conclusion, while CC and BCC have their uses, they should be employed with caution, especially when handling sensitive information. We recommend the use of more secure communication methods, such as mail merge or bulk email services, to protect privacy and prevent data breaches.
When you’re implementing a new system or software that handles personal data, such as a bulk mailing system, we highly recommend completing a Data Protection Impact Assessment (DPIA). This assessment is a crucial step in ensuring that you assess and manage the risks associated with the use of the system.
Our Data Protection specialists can help you with this process. Please get in touch if you would like to speak to one of our team members.
