[BUGS] Assumed Privacy of E-Mails?

Edward Irvine eirvine at tpg.com.au
Wed Apr 9 20:22:22 EST 2008 

Hi Jerahmy,

On 09/04/2008, at 1:39 PM, Jerahmy Pocott wrote:
> Hello all,
>
> Not a technical question here, not really bsd specific, but since many
> people here admin mail servers and such..
>
> The question is about the privacy expectations of assumptions of your
> e-mail, okay so we all know that anything you send in the clear over
> the internet is pretty much not private, but we also pretty much
> expect that only the recipients are going to read our mail, right?

Er, Wrong.

> Now what about a company account? Do you expect mails sent or received
> via a company address to be private? Some companies I'v worked for
> have had clauses in their employee agreements like "while your company
> address is private, your mail may be viewed by system administrators
> inadvertently and will be surrendered if by court order" etc etc.. But
> others have had nothing.
>
> Obviously I'm not a lawyer and don't really know the legal ins and
> outs of it, but if you haven't got them to sign an agreement and you
> went and read their mail or made it available to others or even just
> printed a list of the addresses they had sent or received mail to/from
> that would be some sort of violation of privacy?

Hmmm.... there are two answers - one from my head, and one from
my heart.

< Rant >

Head
-------

In most government departments, email is scanned by all
sorts of things - always by some sort of anti-virus program, by some  
sort
of anti-spam program, and then often by some dweeb looking for
pornography. Encrypted emails, and encrypted attachments are usually
blocked by such programs -

(A demonstration of how the Windows Security Mindset has
fundamentally corrupted the IT Security industry for short - but I  
digress).

Then, there are the people who will forward your email to them to
a third party without even thinking that what you might have written are
your words. This behavior is not helped by encryption.

Heart
--------

Email is like any other form of mail or personal communication. It
should be private by default.

Conclusion
----------------

In short, there can be no realistic expectation of privacy with  
email. Pretending
there is is not a realistic expectation. Educate users, up front and out
loud, that email is like a postcard, that it is not private  
communication, and
that there is nothing anyone can do about it.

< \Rant >


> Any thoughts or comments? (I'm not worried about being sued, more
> concerned about protecting the users from illegal privacy violations
> by the big wigs =p)
> _______________________________________________
> BUGS mailing list
> BUGS at bugs.au.freebsd.org
> http://mailman.barnet.com.au/mailman/listinfo/bugs
>
>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.barnet.com.au/pipermail/bugs/attachments/20080409/c111f005/attachment.html

More information about the BUGS mailing list