Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: You shady bastards.
From: Tim <tim-security () sentinelchicken org>
Date: Wed, 6 Jun 2007 11:16:31 -0400

Spare me and the list...

Spare you what?  If this is somehow off topic, please elaborate.

/ * SNIPPED * /
What about an employer's right to read e-mails as
they come in? As they hit the inbound server? ...
If the e-mail is not subject to the consent of
all parties, and one of the parties (either the
sender or recipient) lives in a jurisdiction
that mandates all party consent, then this could
be an unlawful interception under state law.
(Federal law requires only one party consent.)


http://www.securityfocus.com/print/columnists/412

*NOTE Federal Law*
/* END SNIP * /

Right, so under federal law, single party consent is sufficient.  If HD
didn't consent, and the former employee currently doesn't consent (i.e.
consent under the AUP or other agreements has expired), then it could be
illegal.  That, or if the person reading the stored communications is
not authorized by the company, then they would be personally liable.

Your conjecture that it's legal because the employer somehow owns the
communication or the networks it travels over is completely bogus. The
recipient is this email user, not the company.

Or search ... Nancy K. Garrity, et al. v. John Hancock Mutual Life Ins. Co

Yup just looked this up.  This was thrown out because Nancy consented
under JH's email privacy policy.  I don't see how this conflicts with my
argument.

tim

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault