[Full-disclosure] You shady bastards.

J. Oquendo sil at infiltrated.net
Wed Jun 6 16:27:01 BST 2007 

Tim wrote:
>
> Spare you what?  If this is somehow off topic, please elaborate.
>
>   
Spare me and the list legalities. One it is slightly offtopic then again 
this is fd so I retract.

That entire argument and any thread arising from what is legal and what 
is not is likelier
to be answered, dissected, studied on a legal forum.
> Right, so under federal law, single party consent is sufficient.  If HD
> didn't consent, and the former employee currently doesn't consent (i.e.
> consent under the AUP or other agreements has expired), then it could be
> illegal.  That, or if the person reading the stored communications is
> not authorized by the company, then they would be personally liable.
>
>   
Laws are not about what could or should. They're about what's written. 
In this case, he sent
an email to someone's former workplace. The worker was not there, the 
employer obviously
read the email. So the questions to ask should be 1) HD didn't give 
consent, did/does the
employer have something written to their employees which states the 
monitoring of email.
If they do, case closed there is the one party federal consent.

Secondly, did HD specify in his email any legalities of unauthorized 
reading. No.

Thirdly, you need to realize what you've stated and your 
misinterpretation of the law.
ECPA protects against INTERCEPTION. No interception occurred here, the mail
was delivered to a recipient.
> Your conjecture that it's legal because the employer somehow owns the
> communication or the networks it travels over is completely bogus. The
> recipient is this email user, not the company.
>
>   
The network is the company's and all of its communications into or out 
are property of the company.

http://www.redearthsoftware.com/email-monitoring-article.htm
Email auditing and email interception

A second distinction to make is the difference between email auditing 
(sometimes called email
monitoring), where email is checked after the actual transmission, and 
email interception (sometimes
called email filtering), where email is intercepted and checked during 
transmission.

> Yup just looked this up.  This was thrown out because Nancy consented
> under JH's email privacy policy.  I don't see how this conflicts with my
> argument.
>
> tim
>
>   
Rinse and repeat this post and my comments..


-- 
====================================================
J. Oquendo
http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x1383A743
echo infiltrated.net|sed 's/^/sil@/g' 

"Wise men talk because they have something to say;
fools, because they have to say something." -- Plato


-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 5157 bytes
Desc: S/MIME Cryptographic Signature
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20070606/155c9c13/attachment.bin

Full-Disclosure is hosted and sponsored by Secunia.