Paul Smith wrote:
On 13/06/2016 19:31, Jay Hennigan wrote:
What legitimate reason would an ESP have to shield the identity of a
permission-based sender from its recipients? What legitimate sender
uses an ESP to send permission-based mail anonymously?
The problem is that there are privacy laws (eg data protection laws in
the EU).
Not really a problem.
(I suppose the ESP could have the user sign those away in their Ts &
Cs, but I am not a lawyer so I don't know how easy that would be.)
Its very easy, make it part of the contract of service. "We may at any
time disclose your identity to third-parties." (though you'd probably
want to restrict it to specific cases, like abuse handling/complains/law
enforcement.... etc.)
Privacy laws are different in different countries which makes it a bit
of a nightmare and the penalties for revealing information without a
court request can be severe.
Privacy laws in pretty much every country I've had reason to check seem
more concerned about the collection, storage and processing of data, and
I don't think there is a single place where stating up front within a
contract of service that your data maybe disclosed does not trump all
the privacy laws.
I'd expect that every request to reveal the information would need to
be passed through a lawyer who understands the laws of the requester's
country and the sender's country and how they interact. It's a lot
cheaper & safer to just refuse requests.
Its cheaper to put it in the initial contract with every "customer" and
disclose with any legitimate request.. because you don't have to worry
about lawyers after the contract terms are drawn up. If you play the
'refuse all requests' game you could end up with subpoenas and legal
action against you, which will require lawyer(s).
OTOH. I'd expect mailing list services not to allow anonymous email,
and to suspend/cancel the accounts of anyone who sends it. They have
their own reputation to protect jealously, and anonymous email is
likely to damage that.
Well yeah, but that's your whitehat vs not so whitehat vs hey look at us
we're whitehat, really, honestly, we are we're just following the law.
--
Michelle Sullivan
http://www.mhix.org/
_______________________________________________
mailop mailing list
[email protected]
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
