Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: You shady bastards.
From: "J. Oquendo" <sil () infiltrated net>
Date: Wed, 06 Jun 2007 11:27:01 -0400

Tim wrote:

Spare you what?  If this is somehow off topic, please elaborate.

Spare me and the list legalities. One it is slightly offtopic then again this is fd so I retract.

That entire argument and any thread arising from what is legal and what is not is likelier
to be answered, dissected, studied on a legal forum.
Right, so under federal law, single party consent is sufficient.  If HD
didn't consent, and the former employee currently doesn't consent (i.e.
consent under the AUP or other agreements has expired), then it could be
illegal.  That, or if the person reading the stored communications is
not authorized by the company, then they would be personally liable.

Laws are not about what could or should. They're about what's written. In this case, he sent an email to someone's former workplace. The worker was not there, the employer obviously read the email. So the questions to ask should be 1) HD didn't give consent, did/does the employer have something written to their employees which states the monitoring of email.
If they do, case closed there is the one party federal consent.

Secondly, did HD specify in his email any legalities of unauthorized reading. No.

Thirdly, you need to realize what you've stated and your misinterpretation of the law.
ECPA protects against INTERCEPTION. No interception occurred here, the mail
was delivered to a recipient.
Your conjecture that it's legal because the employer somehow owns the
communication or the networks it travels over is completely bogus. The
recipient is this email user, not the company.

The network is the company's and all of its communications into or out are property of the company.

http://www.redearthsoftware.com/email-monitoring-article.htm
Email auditing and email interception

A second distinction to make is the difference between email auditing (sometimes called email monitoring), where email is checked after the actual transmission, and email interception (sometimes called email filtering), where email is intercepted and checked during transmission.

Yup just looked this up.  This was thrown out because Nancy consented
under JH's email privacy policy.  I don't see how this conflicts with my
argument.

tim

Rinse and repeat this post and my comments..


--
====================================================
J. Oquendo
http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x1383A743
echo infiltrated.net|sed 's/^/sil@/g'
"Wise men talk because they have something to say;
fools, because they have to say something." -- Plato


Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault