lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-id: <470E1CFE.17117.350E612A@nick.virus-l.demon.co.uk>
Date: Thu, 11 Oct 2007 12:54:22 +1300
From: Nick FitzGerald <nick@...us-l.demon.co.uk>
To: full-disclosure@...ts.grok.org.uk
Subject: Re: Email Disclaimers...Legally Liable if
	breached?

gjgowey@....blackberry.net to Kelly Robinson:

> They don't carry any legal weight at all because they're after the
> content of the message and forcibly trying to order a 3rd party into
> some sort of legally binding agreement after the fact (reading the
> contents of the message) would never hold up in a court.  An EULA
> would have a far better chance of holding up that the waste of
> badwidth that these words pose.  They're just someones feel good
> precaution. 

In general I agree, but the reason I didn't mention that in my own 
recent response to Kelly's question is that, this morning, among the 
usual bounces/OOO/etc junk I got from last night's mailing list posts 
was the following...

========================================================================

This email is to be read subject to the disclaimer below.

I will be out of the office starting  05/10/2007 and will not return 
until 06/11/2007.  

I will respond to your message when I return from annual leave.

--------------------

NOTICE - This communication contains information which is confidential 
and the copyright of Ernst & Young or a third party.  

If you are not the intended recipient of this communication please 
delete and destroy all copies and telephone Ernst & Young on 1800 655 
717 immediately. If you are the intended recipient of this 
communication you should not copy, disclose  or distribute this 
communication without the authority of Ernst & Young.  

Any views expressed in this Communication are those of the individual 
sender, except where the sender specifically states them to be the 
views of Ernst & Young.  

Except as required at law, Ernst & Young does not represent, warrant
and/or guarantee that the integrity of this communication has been
maintained nor that the communication is free of errors, virus,
interception or interference.

Liability limited by a scheme approved under Professional Standards
Legislation.
--------------------


If this communication is a "commercial electronic message" (as defined 
in the Spam Act 2003) and you do not wish to receive communications 
such as this, please forward this communication to 
unsubscribe@...ey.com  

========================================================================

Most of the stuff after "NOTICE" is the kind of stuff I've previously 
suggested seems likely to be deemed legalistic nonsense if ever tested 
in court, but the interesting and new (to me) twist here is that they 
clearly state _up front_ that they consider that there are, possibly 
special, conditions on your reading/acting on the message.

IA(still)NAL but I think that in general this twist does not greatly 
help.  If they only put such disclaimers on "especially sensitive" 
messages to help protect themselves in the case of truly accidental 
disclosure (an employee accidentally mis-addressing the Email maybe???) 
they could claim to be practising a duty-of-care, but slapping such a 
notice on an auto-generated out-of-office message (and one that should 
not have been sent in response to a bulk mailing-list message anyway!) 
shows the limits of that duty-of-care, even suggesting that they are 
really applying a blanket "cover your arse" procedure rather than 
practising a real duty-of-care...


Regards,

Nick FitzGerald

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ