The End of Email Pixels—the Looming Crackdown in Email Privacy

October 17, 2022

What do privacy and compliance look like? You may think about web cookies and data protection. But there’s a lot of ambiguity when it comes to customer preferences and data. And specifically, within email communications, there’s plenty of room for non-compliance.

Businesses have had to assess how they deal with data and interact with it while doing business on the internet. Regulations like GDPR and CASL have cracked down on many years of unregulated web tracking. Email will be next.

Bring Out the Brooms

The digital shift has brought massive sweeping regulatory change, starting in Europe with GDPR. That’s now bleeding into other jurisdictions, including the US.

This raises questions surrounding privacy compliance as a business and an individual within that business. What rights do you have to customer prospects’ data? And what rights do those customer prospects have when interacting with your brand?

Blocking and Tackling

Companies are very rudimentary and reactive in their understanding and approach to assessing and asserting a privacy posture.

If I’m a business owner, it’s up to me to know what my obligations are to house, protect and potentially destroy the data per your consumer rights.

What’s being overlooked is that a website is just one channel within which you can access customer prospects’ data. Email is another channel that gives you access—specifically corporate email.

Marketing email is one of the low-hanging fruits that people have recognized as a vector for potential privacy infringement. When that communication goes past the initial marketing outreach, how are you ensuring your team is fully aware of privacy regulations they may be infringing?

Maintaining privacy and compliance within email has become increasingly difficult. Unsubscribing is more challenging than the Rubix cube for some providers, with multiple link-clicking and box-checking to stop future email communications. This leaves email communications open to interpretation of what is protected and what is not.

Privacy Regulation in Corporate Email

Privacy regulations now have corporate email within its scope—messages from one colleague to another or to a sales prospect.

Chrome extensions that track the opening of emails and drop tracking pixels to those recipients provide zero transparency to IT departments on the receiving end. There is virtually no privacy perspective with these types of tools, making email a prime target for infringement of privacy and compliance standards.

This presents a problem when sending emails to multiple recipients when at least one is in a jurisdiction with strict privacy compliance requirements. Businesses can easily break these compliance regulations unknowingly, leading to possible fines and brand damage.

Hurting Your Brand

Not only can your company face fines, backlash, and potential legal action, but you can also hurt your brand reputation. While salespeople or prospects in highly regulated areas may have agreed to open your email, that does not mean they agreed to be tracked. This leaves room for massive reputational risks that are real and punishable.

Residing in a country like France, where privacy is highly regarded, creates the need for emailers to understand the regulations in that country and the potential risks of attempting to invade a prospect's privacy.

It’s not even about the fines, though they are quite significant. It’s about the overall brand image you convey when you don’t respect the privacy preferences of others. People who take pride in their privacy protection may mistake your actions as malicious and damaging.

Honoring Privacy Outside of the Norm

While it may be easy to practice safe privacy preferences within the general website and marketing communication channels, corporate email and the lack of privacy that comes with it leaves a huge blind spot.

You don’t necessarily know who is emailing who or what the content of those emails is. You also don’t know if those messages contain email tracking pixels or accurate privacy statements.

You don’t know what you don’t know. And that’s where businesses can get into trouble.

Assert Your Privacy Posture

If you’re not thinking about your corporate email communications, you should be. It’s a vector of interacting with prospects and customers that is equally important to your website communications.

For example, in France, email pixels are becoming analogous to website cookies, viewed just as invasive and disruptive. So ensuring you are compliant with privacy regulations across the globe is key.

If members of your team are tracking emails, you need to be aware and do something about it, especially if it’s happening to people within strict jurisdictions.

Like many other things in life, privacy compliance is subject to interpretation. And once there is an interpretation in the market that corporate email communications are within scope, they need to be addressed in the same manner as your other methods of communication.

Balance is the Theme

How do you balance your desire to adhere to privacy regulations and the desire to respect your customer prospect's privacy with the overall commercial interest of your entity?

By identifying your customer's preferences within your CRM or marketing automation system. And then using a third party to query that information in real-time for their preferences or jurisdictional requirements.

IT departments can’t be compliant without a purpose-built solution. This solution gives the recipient the choice of whether to be tracked or not.

And choice is what privacy boils down to. That’s where the balance occurs.