Legal Implications was(Re: Announce: MailScanner-Console-0.1)

kfliong kfliong at WOFS.COM
Tue Jun 17 09:25:30 IST 2003

I don't see much problem about privacy issues here. The main reason is
because you only see, from, subject, to and so on and not the contents or
the attachments. So, we won't know what are the contents. Thus still
protecting the user's privacy.

Secondly, for those who are really concerned, they could draft out an
agreement to let their users know that their emails will be monitored for
spam and virus. And that the contents and attachments will not be viewed
thus maintaining privacy up to a certain limit. It they don't like it, they
can use web based emails like yahoomail or hotmail for their personal
emails which is up to their discretion since it's not work related.

At 08:45 PM 6/16/2003 +0200, you wrote:

>On Montag, Juni 16, 2003, at 08:27  Uhr, Jody Cleveland wrote:
>>>I've written a web based front-end to MailScanner using a
>>>modified &SQLLogging routine, PHP, MySQL and JpGraph.
>>I was looking at this, and I think it looks fantastic. I have one
>>question though regarding privacy. I'm going to pitch this to my boss,
>>and my network admin brought up a good point. "This program will tell
>>us, at a glance, who is talking to who and about what."
>>Does anyone else see any privacy concerns with this?
>I can only speak for some of us, But let me try to explain the situation
>for most European union members.
>In Austria electronic communication is protected by the telecommunications
>act an the postal secrecy law. Which basically means the following.
>If you are 100% sure that your employees pass only work related Mail
>messages via you corporate network you may review the mail traffic, you
>may even view the body of each message because that is believed to be
>within right of use of the company. This means that you do not even
>necessarily need consent from your employees. Here comes the bog but, as
>soon as only a SINGLE message which is private passes over your corporate
>network NO message may be reviewed without EXPLICIT consent of the whole
>body of employees.
>However there is no real application for this yet because it has never
>been discussed in a court of law. The basic rule is, that you need to bind
>your employees explicitly to a contract which states "You may not send or
>receive _any_ private messages here at work". Since most companies do not
>have such a  policy in place and it does not seem very feasible you may
>neither archive mail messages, nor review the contents of mail messages on
>your corporate network without prior consent of the employees.
>I hope that helps
>Version: 3.12
>GCC d+ s: a-- C+ UB++++ P+ L++ E--- W N+ o+++ K w--
>O M+ V++ PS PE Y++ PGP++++ t+ 5 X- R+ tv-- b++++ DI D+
>G e++++ h+ r++ y++
>------END GEEK CODE BLOCK------

More information about the MailScanner mailing list