Spam Folder Case: Judgment of the Regional Court in Bonn
by M. Schröder
The spam folder is the holding pen for unwelcome emails, usually lacking any meaningful content, with which the digital gateway of a company is bombarded in large numbers. It is a great help if spam filters protect the employees from this flood of spam and assign it to a separate folder so that they no longer have to take any notice of it.
However, according to a recent judgment of the Regional Court for Bonn, an obligation exists to check the spam folder of business email accounts on a daily basis.
The decision concerns the unfortunate communication between a solicitor, his client and their opponent. Among other things, an extremely important email sent by the opponent ended up in the solicitor’s spam folder, which led it being passed on to the client with a long delay. As a result of that delay, settlement negotiations failed, which had considerable negative consequences for the client.
The judges found that the solicitor could not invoke the fact that the email ended up in the spam folder, because if you state an email address as a contact option in business relations, for example on a letterhead, you must also ensure that relevant correspondence reaches you. This includes daily monitoring of the spam folder. If this is not done, it constitutes a failure to exercise the care required in legal transactions in a business context.
This strict standard renders the purpose of a spam filter absurd, as the whole point of it is to save the user the trouble of having to deal with the flood of spam.
How can companies respond to this precedential ruling?
Technical solutions should be determined with the company’s IT service provider or the email provider. The following considerations could be discussed:
- White lists (list of approved senders) are not the right solution as the company cannot know in advance who will contact it.
- Black lists (list of blocked senders) that result in the email and message being sent back to the sender are one alternative. However, they confirm to the sender of the spam that the email address exists, which may lead to a further wave of spam being sent to the address.
- Spam filters before the inbox, which send emails suspected of being spam back to the sender with an error report. In this case as well the existence of the email address would be confirmed.
Initially, the EU Whistleblower Directive was supposed to be effective by December 17, 2021. However, the legislative process failed.Right of Access by the Data Subject
The right of access, enshrined in Art. 15 of the GDPR, gives data subjects the right to obtain from the controller.Subject Access Request Automation
Individuals have the right to access their personal data, commonly referred to as subject access. But can this process be automated?