Few amenities in the modern digital workflow are so widely available but so widely ignored (or outright abused) as the the email BCC function. If you’re guilty of misusing or neglecting its power (and there’s a good chance you are), it’s time to repent and, in the process, cut down on spam and protect the privacy of your friends and family.
What Is BCC and Where Did It Come From?There are three address slots in every email client: TO, CC, and BCC, which stand for “[deliver] to”, “carbon copy”, and “blind carbon copy”, respectively. These denotations are a holdover from the world that preceded electronic mail: physical letters and memos.
In mid-century business memos, for example, there would be a TO slot for the primary recipient, a CC slot for individuals who needed to be in on the communication but who were not the primary recipients, and a third slot, BCC, for individuals who needed to be in on the communication too but, for whatever reason, their identity would be withheld from the memos circulated to the recipients in the TO and CC address slots.
Upon the advent of electronic mail, the same conventions used in paper mail and memos were copied, both out of familiarity and because they remained useful even though the message was no longer physically copied and delivered.
If these conventions existed for decades before the advent of email and have continued to exist in the intervening half century or so, where then does the trouble arise? There are two forms of BCC misuse: passive-aggressive blind carbon copying (the malicious form form of trouble) and neglect to use blind-carbon copying to protect privacy (trouble which arises from ignorance). Let’s take a look at how and why to avoid each.
Say No to Passive-Aggressive Blind Carbon Copying
The worst use of the blind carbon copy is to passively aggressively ensnare a coworker. This kind of BCC abuse crops up when employees resort to using the BCC function as a way of indirectly tattling on their coworkers, sucking up to their boss, or otherwise engaging in dysfunctional workplace hijinks.
Image courtesy of EC Comics.
An employee, for example, might put their boss as the BCC addressee on an email they are sending to another employee so that their boss sees that they are communicating with the other employee or that the other employee is failing to meet some sort of obligation or deadline. This kind of secret-squirrel communication is generally frowned upon in the workplace and we’re not about to endorse any sort of behavior that breeds a petty and passive aggressive work environment.
Our only advice on the matter is: Stop it.
Unless your HR department or your boss explicitly comes to you and instructs you to BCC your communications, you should avoid the practice.
If people outside the primary communication need to be kept in the loop, even higher ups, the best practice is to include them as CC addressees and to notify the TO addressees as to who was included and for what reason.
Not only does this build a more mature dialog in the workplace, it also helps you avoid a particularly embarrassing event: if your boss or other BCC recipient uses the reply-all function they effectively unmask themselves and reveal that they have been privy to the content of the prior email. Try explaining that one to the coworker you were conspiring against at the water cooler.
Fortunately, the number of people maliciously using the BCC function is small, which leads us to those who make up the bulk of the abuse: the unwitting.
Friends Don’t Carbon Copy Friends
If the majority of people aren’t maliciously using the BCC function as part of a psychological warfare campaign against their coworkers, then where does that leave us? It leaves us with the millions of people who unwittingly neglect to even use the BCC function in the first place.
Image courtesy of the Denver Public Library, Western History Collection.
Why is the BCC function so important? It allows you to send an email to someone without that person seeing everyone else that receives the email, effectively safeguarding their private information. Here is an example email forward, culled from our own email archives:
Every blue blur in the privacy-filtered image above is an email address. Not only were there over 40 email addresses in the list of forward recipients we were included in on, but there are two sets of leftover forward blocks in the forwarded email (seen above) that include 13 and 8 email addresses, respectively. This means that there are over 60 email addresses in the complete body of the email.
Now, you may be asking yourself “So what? What does it matter?” It matters for several reasons. First and foremost, there is the simple issue of privacy and treating the privacy of the people on your contact list (be they friends, family, or business associates) respectfully. It goes without saying that the people who fire off forwards and mass emails with dozens of their friends and associates do not take the time to personally contact each of those dozens of recipients and ask if they would like their contact information shared with everyone else on the addressee list. It’s outright disrespectful to share contact information without the permission of the individual in question.It becomes even more disrespectful and troublesome the more diverse the crowd of people you’re email is. If you’re emailing ten people in a small civic organization that already know each other, the issue might be moot. If you’re a teacher and you’re emailing dozens (if not hundreds) of students some supplemental material, suddenly you’re sharing the personal contact information of a lot of people with a lot of other people they may not wish to share with.
Worse yet, if anyone accidentally hits “Reply All” to any of the emails you send out with fully loaded TO and CC slots, every single person on the original recipient list receives the reply. At best, that’s relatively harmless but certainly wastes the time of everyone else as they open the email to see what’s new in the discussion. At worst, as has happened many times in corporations across the world, the email can take on a life of its own as hundreds of employees reply, argue, and otherwise interact with the email. Such a reply-all chain reactions can span thousands of emails and can even spawn flame wars (there was one such flame war at Tandem Computers in the late 20th century that lasted for years).
Second, and of more practical concern to those of you that could care less about good email etiquette and protecting your friends’ privacy, these kind of bulk emails inadvertently create neat little lists of email addresses for malicious software and spammers to harvest. If your email address ends up on a huge email forward sent around the proverbial world, you can rest assured that somewhere along the line you’ll end up on a spam list. Worse yet, if one of the users who ends up with your forwarded email sitting in the bowels of their inbox ends up hit by malware that replicates via contact lists and email addresses found in the inbox, you’ll likely end up with a malicious email finding its way to you.
Using BCC Wisely
If you’re in the latter camp, those who ignore the BCC function, you’re likely asking yourself what you can do to avoid the privacy and security faux pas we outlined above. Don’t worry, once you’re aware how terrible it is to ignore the BCC function, it becomes readily apparent what you need to do to wash yourself of your previous poor email behaviors.
First, and above all else, you start by asking yourself “Do I really need to send this email to everyone on my contact list? Thirty of them? Any of them?” The answer to those questions for most emails is: No. No you do not need to blast out a personal email or forward to everyone in your contact list.
Second, when you do find yourself with a legitimate reason to email a whole lot of people at one time. Like, for example, you’re switching to a new email provider or you want to send your new mailing address to a hundred of your friends and relatives, the only appropriate thing to do is to put their addresses in the BCC slot. This ensures that all the evils of mass TO/CC emailing are eliminates: the email addresses of all the recipients are kept private, there is no chance of a spam bot or piece of malware on one recipient’s computer harvesting the email of another recipient, and if any of them need to reply to you to ask a question or such, they won’t blast out their question or comment to every other person.
BCC increases privacy, increases security, and cuts down on the inbox crud your friends and associates have to wade through. There’s absolutely no reason to avoid using it when doing so is as simple as putting the addresses in a different address slot.