| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 11 Oct 2007 00:34:38 +0000 From: gjgowey@....blackberry.net To: nick@...us-l.demon.co.uk, full-disclosure@...ts.grok.org.uk Subject: Re: Email Disclaimers...Legally Liable ifbreached? Someone's getting smarter now. Still doesn't hold weight though. If you're not able to make some sort of system that prevents accidental disclosure of the information then you're still relying on coercion to force a legal state to exist. Geoff Sent from my BlackBerry wireless handheld. -----Original Message----- From: Nick FitzGerald <nick@...us-l.demon.co.uk> Date: Thu, 11 Oct 2007 12:54:22 To:full-disclosure@...ts.grok.org.uk Subject: Re: [Full-disclosure] Email Disclaimers...Legally Liable if breached? gjgowey@....blackberry.net to Kelly Robinson: > They don't carry any legal weight at all because they're after the > content of the message and forcibly trying to order a 3rd party into > some sort of legally binding agreement after the fact (reading the > contents of the message) would never hold up in a court. An EULA > would have a far better chance of holding up that the waste of > badwidth that these words pose. They're just someones feel good > precaution. In general I agree, but the reason I didn't mention that in my own recent response to Kelly's question is that, this morning, among the usual bounces/OOO/etc junk I got from last night's mailing list posts was the following... ======================================================================== This email is to be read subject to the disclaimer below. I will be out of the office starting 05/10/2007 and will not return until 06/11/2007. I will respond to your message when I return from annual leave. -------------------- NOTICE - This communication contains information which is confidential and the copyright of Ernst & Young or a third party. If you are not the intended recipient of this communication please delete and destroy all copies and telephone Ernst & Young on 1800 655 717 immediately. If you are the intended recipient of this communication you should not copy, disclose or distribute this communication without the authority of Ernst & Young. Any views expressed in this Communication are those of the individual sender, except where the sender specifically states them to be the views of Ernst & Young. Except as required at law, Ernst & Young does not represent, warrant and/or guarantee that the integrity of this communication has been maintained nor that the communication is free of errors, virus, interception or interference. Liability limited by a scheme approved under Professional Standards Legislation. -------------------- If this communication is a "commercial electronic message" (as defined in the Spam Act 2003) and you do not wish to receive communications such as this, please forward this communication to unsubscribe@...ey.com ======================================================================== Most of the stuff after "NOTICE" is the kind of stuff I've previously suggested seems likely to be deemed legalistic nonsense if ever tested in court, but the interesting and new (to me) twist here is that they clearly state _up front_ that they consider that there are, possibly special, conditions on your reading/acting on the message. IA(still)NAL but I think that in general this twist does not greatly help. If they only put such disclaimers on "especially sensitive" messages to help protect themselves in the case of truly accidental disclosure (an employee accidentally mis-addressing the Email maybe???) they could claim to be practising a duty-of-care, but slapping such a notice on an auto-generated out-of-office message (and one that should not have been sent in response to a bulk mailing-list message anyway!) shows the limits of that duty-of-care, even suggesting that they are really applying a blanket "cover your arse" procedure rather than practising a real duty-of-care... Regards, Nick FitzGerald _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists