[Spambayes] Breach of Privacy
jsp at PKC.com
Wed Jul 25 19:25:43 CEST 2007
Please see http://mail.python.org/mailman/listinfo/spambayes
<http://mail.python.org/mailman/listinfo/spambayes> , the sign-up page
for the SpamBayes discussion list. Among other things, it says the
following: "Please note that this is a public mailing list: all messages
sent to this list are visible to the public, and are publicly archived."
Some archives are beyond the control of the people who run the list.
(For instance, a quick search turned up copies on readlist dot com.)
Posting anything to a public list is conceptually equivalent to
broadcasting it on a radio frequency that anyone can choose to tune in
to - forever after. You might also want to read a recent message thread
on the same topic:
(Maybe it's time for someone to write up a FAQ entry about this; it
seems to be coming up with increasing frequency.)
In other words, a) you put this information out there, despite the
warning that it would be public, and no disclaimer can change that, and
b) it probably is not possible to retract it. Furthermore, your previous
message compounded your error by adding links to the offending messages.
Also note that sending sensitive information in an unencrypted e-mail
message is an invitation for interested snoopers to tune in while the
message is routed from its source to its destination. You appear to be
using Outlook; I'd strongly encourage you and any technical staff you
have to search for "encrypt messages" in the Outlook help system, read
the results carefully, and act on what you learn. While Outlook's help
system refers you to providers of digital IDs (aka certificates) that
charge a fee, there are other services that provide certificates free of
charge. I use Thawte (www.thawte.com <http://www.thawte.com/> ) myself.
From: spambayes-bounces at python.org [mailto:spambayes-bounces at python.org]
On Behalf Of Thomas Mark
Sent: Wednesday, July 25, 2007 11:52 AM
To: spambayes at python.org
Subject: [Spambayes] Breach of Privacy
I sent an e-mail earlier about some e-mails from my company to your
company regarding tech support. These e-mails found on google.com
contained confidential information and had disclaimers as such in the
e-mails. I have since found several of these e-mails easily searchable
on google.com and free for the world to see. This puts my company at
financial jeopardy as we are held liable for content that was supposed
to be kept in private and via your servers with the rest of the world.
We consider this an egregious breach of security and privacy between my
company and Spambayes. I would appreciate a full scan of your database
for any and all reference to IMERGE Consulting and have it cleared from
public record. This breach could cause serious trouble for my company
and we are placing utmost concern with this issue. An Immediate response
would be very appreciated.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the SpamBayes