Having already discussed the effects of automated image display on email marketing in the upper part of the article, I would now like to examine the legal aspects of this change in more detail . According to Google, the automated downloading of external images is done solely to protect users. The check for harmful content is comparable to a kind of extended SPAM filter . Legally, both data protection and telecommunications law aspects are relevant here.
German law applies
According to the German Federal Data Protection Act (BDSG), personal data may only be collected, processed or used with consent or with legal justification. Since in this case the contents of emails are scanned and processed, a personal reference within the meaning of the BDSG cannot at least be ruled out. Whether the information is processed manually or automatically is irrelevant when applying German data protection law. German law is also binding for Google. Although the processing of data is most likely carried out outside the European Economic Area (EEA), but Google Mail is also aimed at German customers, German law applies to Google in accordance with Section 1 Paragraph 5 of the BDSG.
Google offers an objection solution
Currently, Google does not ask for your explicit consent when automatically displaying images. Instead, the email service displays a one-time notice box informing you about the new features.
gmail image display screenshot
Is Google legally on the safe side?
If a user wants to turn off the automatic image display, they must change the function in the settings. From a purely legal perspective, this procedure is to be classified as an objection solution and does malta phone number data not meet the statutory consent requirement. However, Google could rely on the statutory exception in Section 28 of the Federal Data Protection Act. According to this, the processing of personal information is permitted as long as the legitimate interests of the responsible body (i.e. Google) require this and there are no legitimate interests of the users that conflict with it. Telecommunications law (TKG) then plays a role in this balancing of interests. Section 100 Paragraph 1 of the TKG stipulates that in the event of a possible disruption, subscriber and user data may be collected and processed. It is precisely such "disruptions" that Google tries to prevent by automatically displaying images and downloading them to its own servers. The TKG could therefore serve as a justification for Google. Since this also benefits the respective user, the measure would be justified and therefore permissible under data protection law.
Processing the image files for other purposes is excluded from this. This would raise concerns about data protection and copyright. Google would not be allowed to evaluate the image files and use them for advertising purposes, for example. Further use of the images would also be prohibited.
Conclusion:
Google's automatic image display results in some limitations , but these are manageable for marketers. In any case, the measurability of the net opening rate remains , provided a one-pixel gif is named individually. However, multiple openings on different devices remain hidden , as it is no longer possible to determine which IP address opened the email. The same applies to geolocation.
In terms of data protection, Google is probably on the safe side, as the new function is intended to protect users. However, this does not apply to further use of the image files for advertising or other sales purposes. Whether Google is doing itself a favor with the function remains to be seen. Security experts are already pointing out that the new function puts Google at risk of exposing itself to DDOs attacks through targeted SPAM emails .