Who is to blame here, user or coder?
I'm in two minds as to whether this is the fault of the software, or the fault of the user. Yes, us geeks know not to use CC for multiple addresses... but is it reasonable to expect the average appliance-user to know WHY that is bad practice?
Is a user of an electric shower supposed to study the differences between a TNC/S or a TT electrical supply before they use the appliance? Or, would they assume that provided they operate the controls correctly, they should be safe?
By the same token, suppose an 'appliance user' updates a CMS webpage and in doing so types an email address. The software they're using then automatically converts the address into a 'click to mail me' URL.
The user draws the conclusion that (a) this is marvellously helpful and brilliant software design, and (b) that there can't possibly be anything wrong with doing this, or the 'smart' software would surely have said so. On the strength of this, they decide to put all of their colleagues' email addresses on the webpage too. After all, why not, it's helping people to contact them is it not?
I shouldn't need to explain what the outcome of this will be. (Cue four vikings sitting in a cafe...)
When you think about the CC/BCC issue in the same context, maybe software should warn the user if they type more than a specified number of addresses into a CC field. Say, five or ten.
-Paris, because she knows what it's like to have your private stuff published all over the place.