[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 06 Jun 2007 11:27:01 -0400
From: "J. Oquendo" <sil@...iltrated.net>
To: Tim <tim-security@...tinelchicken.org>,
full-disclosure <full-disclosure@...ts.grok.org.uk>
Subject: Re: You shady bastards.
Tim wrote:
>
> Spare you what? If this is somehow off topic, please elaborate.
>
>
Spare me and the list legalities. One it is slightly offtopic then again
this is fd so I retract.
That entire argument and any thread arising from what is legal and what
is not is likelier
to be answered, dissected, studied on a legal forum.
> Right, so under federal law, single party consent is sufficient. If HD
> didn't consent, and the former employee currently doesn't consent (i.e.
> consent under the AUP or other agreements has expired), then it could be
> illegal. That, or if the person reading the stored communications is
> not authorized by the company, then they would be personally liable.
>
>
Laws are not about what could or should. They're about what's written.
In this case, he sent
an email to someone's former workplace. The worker was not there, the
employer obviously
read the email. So the questions to ask should be 1) HD didn't give
consent, did/does the
employer have something written to their employees which states the
monitoring of email.
If they do, case closed there is the one party federal consent.
Secondly, did HD specify in his email any legalities of unauthorized
reading. No.
Thirdly, you need to realize what you've stated and your
misinterpretation of the law.
ECPA protects against INTERCEPTION. No interception occurred here, the mail
was delivered to a recipient.
> Your conjecture that it's legal because the employer somehow owns the
> communication or the networks it travels over is completely bogus. The
> recipient is this email user, not the company.
>
>
The network is the company's and all of its communications into or out
are property of the company.
http://www.redearthsoftware.com/email-monitoring-article.htm
Email auditing and email interception
A second distinction to make is the difference between email auditing
(sometimes called email
monitoring), where email is checked after the actual transmission, and
email interception (sometimes
called email filtering), where email is intercepted and checked during
transmission.
> Yup just looked this up. This was thrown out because Nancy consented
> under JH's email privacy policy. I don't see how this conflicts with my
> argument.
>
> tim
>
>
Rinse and repeat this post and my comments..
--
====================================================
J. Oquendo
http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x1383A743
echo infiltrated.net|sed 's/^/sil@/g'
"Wise men talk because they have something to say;
fools, because they have to say something." -- Plato
Download attachment "smime.p7s" of type "application/x-pkcs7-signature" (5157 bytes)
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists