On October 3, 2023, Google released an announcement entitled “New Gmail protections for a safer, less spammy inbox.” By February 2024, Google will require bulk senders to authenticate their emails, allow for easy unsubscription and stay under a reported spam threshold.
“…[T]oday, we’re introducing new requirements for bulk senders — those who send more than 5,000 messages to Gmail addresses in one day — to keep your inbox even safer and more spam-free,” according to the announcement.
Focus on Email Authentication
According to the announcement, “bulk senders don’t appropriately secure and configure their systems, allowing attackers to easily hide in their midst.” Validation that a sender is who they say they claim to be and email security is a particular focus of the new Gmail protections.
“[I]t’s still sometimes impossible to verify who an email is from given the web of antiquated and inconsistent systems on the internet,” the announcement reads.
‘You shouldn’t need to worry about the intricacies of email security standards, but you should be able to confidently rely on an email’s source. So we’re requiring those who send significant volumes to strongly authenticate their emails following well-established best practices. Ultimately, this will close loopholes exploited by attackers that threaten everyone who uses email.’
Last year Google started requiring that emails sent to a Gmail address must have some form of authentication. According to the announcement, it has seen the number of unauthenticated messages Gmail users receive plummet by 75%.
Allow for Easy Unsubscription
“You shouldn’t have to jump through hoops to stop receiving unwanted messages from a particular email sender. It should take one click.”
Google is requiring that large senders provide Gmail recipients the ability to unsubscribe from commercial email in one click, and that they process unsubscription requests within two (2) days.
Enforcement of a Spam Rate Threshold
A “clear spam rate threshold” has also been announced, one that senders must stay under to ensure Gmail recipients are not “bombarded with unwanted messages.”
“These practices should be considered basic email hygiene, and many senders already meet most of these requirements. For those who need help to improve their systems, we’re sharing clear guidance before enforcement begins in February 2024,” according to the announcement.
Takeaway: By February 2024, Gmail will start to require that bulk commercial email senders: (i) authenticate their email via Google best practices; (ii) enable easy unsubscription in one click with a two (2) processing deadline; and (iii) remain under the spam rate threshold. Google recommends that those covered (for example and without limitation, digital advertisers) to follow the guidelines in this article as soon as possible. The failure to comply may result in emails not being delivered as anticipated or being flagged as spam.
Richard B. Newman is a digital marketing practices attorney at Hinch Newman LLP. Follow FTC defense lawyer on X.
Informational purposes only. Not legal advice. May be considered attorney advertising.