From the desk of: Sam C. Chan

April 15, 2007 

Confidentiality Issues Surrounding "Reply to All"
and Disclosure of: To/cc/bcc Lists

  To cc bcc Sender
Identity disclosed to all recipients yes yes no n/a
Able to Reply-to-All (to: To + cc) yes no yes yes
Able to Reply (to sender) yes yes yes yes

Important Points:

  • only sender can see the bcc list, in the private copy of original message, in sent items
  • all externally circulated copies (including bcc recipients) show only To + cc lists
  • bcc recipients are always omitted from any Reply-to-All action
  • cc recipients are unable to Reply-to-All, as they are merely observers, not active participants of the thread
  • bcc recipients are able to Reply-to-All

Conventional Wisdom:

  • Always use bcc for announcements
  • For group discussions, use To/cc as appropriate
  • Use bcc to discreetly keep private recipients apprised

But wait, there's more...

  • If any bcc recipient uses Reply-to-All, deliberately, or inadvertently while intending to reply to sender; then their shadow recipient cover will be blown, and sender's covert act will be broadcasted to all.

To avoid such faux pas...
Don't use bcc for discreet informing in highly sensitive situations. Instead:

  • omit the bcc field when sending. Forward the sent message to your bcc group, with blank To + blank cc list.
    • Beware that in this case, the subsequent forward recipients can see your original bcc list, if you actually used it.
    • This is the nature of forwarding a "sent" item, with subtle (but serious) implications!
  • bcc to yourself, then forward your inbound message to each discreet recipient
    • each of them is isolated, and can't Reply-to-All
    • they get a sanitized external copy--not a private original
    • you may add any confidential commentary intended for that specific individual, in the main message body which contains the forward
  • Remember: with both of these alternative methods, your discreet recipients can still glean the open recipients list(s) with their descriptive names--sometimes along with actual email addresses (depending on your email program, and how you compose the message, etc.)
    • with efforts, they might be able to contact all the open recipients, but
    • it won't happen accidentally via a single button press
    • Finally, you can manually censor open recipient list, prior to forwarding.

SEE ALSO

Copyright @2005-2006   Bravo Technology Center  *  Bravo:GO  *  Contact Us