Putting Emails Into The "To:" Field Instead Of "Bcc:" Isn't A Technical Glitch

from the just-clarifying dept

It's one of the oldest mistakes in mass emailing. Marketers collect a bunch of email addresses and then send out a mass mailing about their product, but instead of (a) using some list software or (b) putting all the email addresses into the "bcc:" field, they put them in the "to:" or "cc:" field, exposing the whole list to everyone. It's happened thousands of times, and by now, anyone sending out a mass mailing should know enough to avoid it -- but it still happens. In the latest case, however, it's almost sad how the company tries to blame it on a "technical error" and then claim that email addresses are "secure" and have "not been used in an inappropriate manner." Of course, there was no "technical" error. There was the very, very human error of someone putting the addresses in the wrong box and/or not using a decent mailing list program. Hey, it happens, but to then hide behind the claim of a "technical error" is just sad. At the same time, they're wrong: the emails have been used in an inappropriate manner and there's no way for the company to claim that they're now secure, as 1,500 people now have the complete list and certainly could misuses it.

Reader Comments (rss)

(Flattened / Threaded)

  • identicon
    crystalattice, Oct 25th, 2005 @ 1:30pm

    Make a new email address.

    If you're paranoid, just get a new email address. I have two email accounts: one for web site registration, email lists, etc. and one that I guard a little more closely.

    If you really wanted to track what's going on w/ an email, just set up a different one for each list, or at least each function, e.g. one for email lists, one for web site registration, one for business contacts, etc.

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, Oct 25th, 2005 @ 1:54pm

      Wow, great idea, but how do I get it past my IT de

      "Hi, this is lstorch@gsa.com, I need a couple different email addresses, so that I can use a new one for everyone I meet, just in case they intended to sell it to spammers."

      That's easy if you're an anonymous web user, but for the corporate user their email address is like their brick and mortar address. It never changes.

      People who send unsolicited email need to be stopped. It's as if they keep delivering their trash to your home address for you to throw away. You didn't ask for it, you shouldn't recieve it. And people shouldn't have to jump through hoops trying not to get it.

      reply to this | link to this | view in chronology ]

      • identicon
        Joe B, Oct 25th, 2005 @ 2:45pm

        Re: Wow, great idea, but how do I get it past my I

        The point here is to get a hotmail, or multiple hotmail addresses (in my case Gmail) and use those. You should NEVER use your corporatework address for any of that crap...

        reply to this | link to this | view in chronology ]

    • icon
      Murdock (profile), Oct 25th, 2005 @ 2:54pm

      Re: Make a new email address.

      Thats a great idea, unless you've had the same email address for 7 years. I work hard to protect my email from spam and I was NOT please when Spy Media did this to me.
      I've gotten several responses from others on the list who are very unhappy as well.
      In addition to that, within half a day of it happening I had already received 2 spam messages as a direct result of this.

      reply to this | link to this | view in chronology ]

  • identicon
    Oliver Wendell Jones, Oct 25th, 2005 @ 1:48pm

    Big and small companies

    I went to one of those Speed Dating events a few years back and the company made a big deal about how they kept your information private and wouldn't share contact information unless you both agreed to it.

    A couple of weeks later, I got an e-mail from them letting me know about their next event and it was sent without the use of BCC: and so everyone who had been before now had the e-mail address for everyone who had attended.... so much for security.

    reply to this | link to this | view in chronology ]

  • identicon
    Teilo, Oct 25th, 2005 @ 2:26pm

    Use mailing lists instead

    With web-based control panels, it is now trivial for an end user to setup a mailing list right on the mail server. Why not put your marketing addresses there instead? That way it doesn't matter whether you put your addresses in the To, CC, or BCC.

    reply to this | link to this | view in chronology ]

  • identicon
    Jordan, Oct 25th, 2005 @ 2:56pm

    No Subject Given

    All of you are missing the point here. It was the fault of the company who missadressed the emails. Not the subscribers who gave their personal email addresses. The company was careless, wether or not the subscribers were also.

    reply to this | link to this | view in chronology ]

  • identicon
    Jon Sullivan, Oct 25th, 2005 @ 5:02pm

    One word


    reply to this | link to this | view in chronology ]

Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Save me a cookie
  • Note: A CRLF will be replaced by a break tag (<br>), all other allowable HTML will remain intact
  • Allowed HTML Tags: <b> <i> <a> <em> <br> <strong> <blockquote> <hr> <tt>
Follow Techdirt
Insider Shop - Show Your Support!

Hide this ad »
Essential Reading
Techdirt Deals
Techdirt Insider Chat
Hide this ad »
Recent Stories
Advertisement - Amazon Prime Music
Hide this ad »


Email This

This feature is only available to registered users. Register or sign in to use it.