[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 06 Jun 2007 11:57:52 -0400
From: "J. Oquendo" <sil@...iltrated.net>
To: Tim <tim-security@...tinelchicken.org>
Cc: full-disclosure <full-disclosure@...ts.grok.org.uk>
Subject: Re: You shady bastards.
Tim wrote:
> As mentioned multiple times by multiple posters, but apparently eluded
> your reading, the recipient's consent:
>
> A) May have never been given
> B) May have expired with the employment contracts
> C) May not apply at all if the monitoring party was not given
>
>
> authorization by the company
You're basing your arguments on assumption...
A) I don't know ... Do you?
B) Most contracts have expiry dates on NDA's if signed. More then likely
with a security company.
C) You don't know. I don't know.
We can infer from B) and C) that 1) recipient worked for a security
company. 2) More than likely
signed an NDA or contractual agreement 3) Because they are a security
company in place, they
*should have* had some form of policy in place detailing things.
So if 2 and 3 are correct, there is no law broken period. So re-posting:
/ *SNIPPET * /
"Courts have held that the wiretap law required interception in
transmission before - finding that
seizing of a computer gaming company's email, perusing a secure website
under false pretenses,
reading an independent insurance agent's corporate email, installing and
using tracking cookies,
and even hacking into a computer and retrieving email does not violate
the wiretap law.
/ * STOP FOR A SECOND * /
See the last sentence?
/* SNIPPET * /
The courts have observed that to "intercept" something, according to the
dictionary, is "to stop,
seize, or interrupt in progress or course before arrival" and therefore
that "a contemporaneous
interception - i.e., an acquisition during flight - is required to
implicate the Wiretap Act.
/* STOP AGAIN */
See this last sentence?
/* SNIPPET */
Several court cases have upheld that checking email after transmission
is legal (i.e. email auditing),
since it is viewed as no different than searching through a file in an
employee's drawer.
/* END SNIPPET */
So before I go on... May I ask you how many times have you dealt with
these issues or
anything like them in court? Care to ask me the same?
See: "The Ordinary Course of Business Exception"
http://www.law.duke.edu/journals/dltr/articles/2001dltr0026.html
http://www.theregister.co.uk/2004/07/05/close_email_wiretap_loophole/
http://thomas.loc.gov/cgi-bin/query/z?c109:S.936:
--
====================================================
J. Oquendo
http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x1383A743
echo infiltrated.net|sed 's/^/sil@/g'
"Wise men talk because they have something to say;
fools, because they have to say something." -- Plato
Download attachment "smime.p7s" of type "application/x-pkcs7-signature" (5157 bytes)
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists