Legal Implications was(Re: Announce: MailScanner-Console-0.1)

Julian Field mailscanner at ecs.soton.ac.uk
Tue Jun 17 11:13:35 IST 2003


The From, To and Subject are all considered private information in the EU.
People's privacy is therefore protected under the Human Rights Act (and its
equivalent in other EU countries).
Here in the EU we have *much* stricter laws about this than you do in the US.

At 09:25 17/06/2003, you wrote:
>I don't see much problem about privacy issues here. The main reason is
>because you only see, from, subject, to and so on and not the contents or
>the attachments. So, we won't know what are the contents. Thus still
>protecting the user's privacy.
>
>Secondly, for those who are really concerned, they could draft out an
>agreement to let their users know that their emails will be monitored for
>spam and virus. And that the contents and attachments will not be viewed
>thus maintaining privacy up to a certain limit. It they don't like it, they
>can use web based emails like yahoomail or hotmail for their personal
>emails which is up to their discretion since it's not work related.
>
>
>At 08:45 PM 6/16/2003 +0200, you wrote:
>
>>On Montag, Juni 16, 2003, at 08:27  Uhr, Jody Cleveland wrote:
>>
>>>>I've written a web based front-end to MailScanner using a
>>>>modified &SQLLogging routine, PHP, MySQL and JpGraph.
>>>
>>>I was looking at this, and I think it looks fantastic. I have one
>>>question though regarding privacy. I'm going to pitch this to my boss,
>>>and my network admin brought up a good point. "This program will tell
>>>us, at a glance, who is talking to who and about what."
>>>
>>>Does anyone else see any privacy concerns with this?
>>I can only speak for some of us, But let me try to explain the situation
>>for most European union members.
>>In Austria electronic communication is protected by the telecommunications
>>act an the postal secrecy law. Which basically means the following.
>>
>>If you are 100% sure that your employees pass only work related Mail
>>messages via you corporate network you may review the mail traffic, you
>>may even view the body of each message because that is believed to be
>>within right of use of the company. This means that you do not even
>>necessarily need consent from your employees. Here comes the bog but, as
>>soon as only a SINGLE message which is private passes over your corporate
>>network NO message may be reviewed without EXPLICIT consent of the whole
>>body of employees.
>>
>>However there is no real application for this yet because it has never
>>been discussed in a court of law. The basic rule is, that you need to bind
>>your employees explicitly to a contract which states "You may not send or
>>receive _any_ private messages here at work". Since most companies do not
>>have such a  policy in place and it does not seem very feasible you may
>>neither archive mail messages, nor review the contents of mail messages on
>>your corporate network without prior consent of the employees.
>>
>>I hope that helps
>>
>>-d
>>
>>-----BEGIN GEEK CODE BLOCK-----
>>Version: 3.12
>>GCC d+ s: a-- C+ UB++++ P+ L++ E--- W N+ o+++ K w--
>>O M+ V++ PS PE Y++ PGP++++ t+ 5 X- R+ tv-- b++++ DI D+
>>G e++++ h+ r++ y++
>>------END GEEK CODE BLOCK------
>>
>>

--
Julian Field
www.MailScanner.info
MailScanner thanks transtec Computers for their support



More information about the MailScanner mailing list