Local Navigation
- S&G Home
- S&G About
- Policy
- Infrastructure
-
Technical
-
Application Development
- Audio-Video Standard
-
Barlesque Implementation
-
Barley Implementation
- Browser Support
- C++ Coding
-
Clickthrough (Go-) Tracking
- Cookies
- CSS
- Customising Content
- Database Design & Development
- Downloads
- File Extensions
-
.htaccess
- JavaScript
- Mapping
- Multimedia Plug-ins
- Perl Coding
-
RSS
- Semantic Mark-up
- XHTML Integrity
- XML
-
XSSI (eXtended Server Side Includes)
-
Application Development
- Design & Editorial
- Interactivity
- Accessibility
- Glossary
- Contacts
Email Standards v1.0
1. Introduction
This document describes standards for the collection of user email addresses and the processing, formatting and delivery of email from BBC websites and/or applications.
2. Gathering email addresses
This section describes how to collect, use and store user email addresses and the rules around this. These rules are required for compliance with the Data Protection Act and restrictions on the use of personal information contained therein. This is therefore a legal requirement, contraventions of which could result in legal action against the BBC.
2.1. You MUST NOT request an email address unless it is necessary to provide the service you wish to use it for.
2.2. A Fair Collection Notice guaranteeing the privacy of the email address and stating the circumstances in which you intend to use the email address MUST be displayed on the same web page when requesting an email address. This notice MUST be as close as possible to the 'submit' button on the relevant page. [Business Affairs are able to assist with the drafting of the notice.]
2.3. Permission for any other use (e.g. a specific newsletter) MUST first be obtained from the user by means of an 'opt-in' check box, which MUST be clearly and prominently displayed above the 'submit' button. You MUST NOT request permission to use an email address for arbitrarily general use.
2.4. An email address MUST be verified by its owner (responded to), before activating a BBC member service to the address, unless it's a one-off email.
2.5. Permission for any use of an email address beyond the original use of data notice, MUST first be obtained from the user, by explicitly requesting that they agree to a new Fair Collection Notice.
2.6. Personal data (as defined by the DPA 1998, including email addresses) submitted to BBC websites MUST be submitted using the POST method to prevent the data being cached by the logs of Internet proxies.
2.7. Any sensitive personal data (as defined by the DPA 1998, including. data relating to ethnicity, religion, a disability, political opinions) MUST be transferred using HTTPS or similar strong encryption.
2.8. Anyone intending to collect personal data MUST notify the Information Policy & Compliance department on ext. 0281119.
2.9. All personal data (including email addresses) MUST be stored securely and MUST NOT be made available to employees who do not require access in order to do their job, as defined by section 6.4 of the BBC Online Editorial Guidelines.
3. Sending emails
This section describes how to structure and format outgoing emails. This serves to:
- ensure quality of email across different email clients
- prevent the abuse of email applications by 3rd-party spammers, which might result in BBC email being blacklisted (as an open relay)
- prevent abuse of the BBC email system to send offensive emails
- prevent emails which purport to come from (impersonate) BBC staff
3.1. All email headers MUST contain a valid BBC 'From' header email address, through which problems can be resolved. A 'Reply-To' header may be used if you wish to have genuine user replies delivered to a different email address.
3.2. Every email MUST include a 'Subject' header appropriate to its purpose and content; and clearly indicate the email is from the BBC.
3.3. An email from the BBC MUST contain the identity and details of the application sending the email. This is to enable support teams to identify and resolve issues.
3.4. Every outgoing email to a subscribed service MUST contain an 'unsubscribe' link, or instructions on how to prevent further email being sent to that address.
3.5. If sending email in HTML format:
3.5.1. You SHOULD test the rendering of HTML email in the most popular email clients.
3.5.2. You MUST have the correct headers (MIME types), at the very least, including:
Content-Type: text/htmlMIME-Version: 1.0
3.6. When developing new email applications or using existing applications, which allow the user to populate form fields:
3.6.1. You MUST check whether the IP address from which the email originates, comes from outside the BBC network; and if so block email addresses which purport to come from a bbc.co.uk email address, so as to prevent fake emails attempting to impersonate BBC staff.
3.6.2. The 'Subject' of an email MUST make it clear the email is from the BBC, so as to prevent abuse of the system by 3rd-party spammers. Furthermore, you SHOULD design and structure the template, so as to make it useless to Spammers.
3.6.3. Any user-generated content MUST be checked for profanity and any profanity removed. Please refer to BBC Online Editorial Guidelines for guidance on dealing with profanity.
3.6.4. The use of your application MUST NOT send email to anyone specified in the official opt-out lists. Refer to the Applications Development Work Group (appdev.workinggroup@bbc.co.uk) for access to opt-out lists.
3.6.5. You MUST include a disclaimer on all emails. This disclaimer MUST include details on how to opt out of removing emails from bbc.co.uk email systems.
3.6.6. To ensure adherence to these standards you SHOULD use the standard BBC perl module BBC::SendEmail, when developing Perl-based email applications.
4. Maintenance of mailing lists
Owners of mailing lists MUST take responsibility for responses to any public complaint or query relating directly to the mailing lists they maintain.
5. Email delivery
These rules describe how to send bulk email to large numbers of users. Failure to follow this can lead to 'blacklisting' of bbc.co.uk, thus leading to a loss of outbound email capacity across the entire BBC network, or overloading of the BBC email infrastructure, resulting from bounced email.
5.1. You MUST NOT send more than 100 emails per hour from your desktop without consulting the NM Technical Form WG – Email at: email.wg@bbc.co.uk.
5.2. Any automated application sending email from bbc.co.uk MUST include a mechanism to restrict volumes to 500 emails an hour. Permission for any increase on this figure MUST first be sought from the NM Technical Form WG – Email at: email.wg@bbc.co.uk.
5.3. You MUST have a contingency mechanism to check for 'Bounced' messages. For example, you could unsubscribe accounts where an email bounces or generates an 'Out of Office' message for more than 20 days.
6. Triggers for updates
- Change in BBC email policy
- Changes to associated legislation, primarily the Data Protection Act
- Security or outage incident
- Change to capacity of infrastructure architecture
- Any change to personal data capture requirements
7. Document history
| Date | Version | Change | Author |
|---|---|---|---|
| 18/11/2005 | v1.0 | Minor edits, delete 2.5.3 | Technical Forum |
| 15/11/2005 | v0.3 | Further revisions and edits as requested by WG members | Mark Hewis, Tred Magill |
| 10/11/2005 | v0.2 | Included various comments from WG members | Damion Yates, Tred Magill |
| Oct 2005 | v0.1 | New standard created by Email WG | Email WG |
Document editor: Editor, Standards & Guidelines. If you have any comments, questions or requests relating to this document, please contact the Editor, Standards & Guidelines.
Like all other Future Media Standards & Guidelines, this page is updated on a regular basis, through the process described on About Standards & Guidelines.
© MMIX