Re: [mailop] Interesting passage from the new EU Digital Services Act
On 2022-04-24 at 00:55 +0200, Jean-François Bachelet wrote: > Hello ^^) > > Haven't read the full EU stuff yet, but question : > > How can we be possibly become aware of such possible threats without > SPYING -read it all- the email passing by our mail servers ??? Well, it only applies *when* you become aware of that. The clear example I can think of would be a Facebook post saying "I will install a number of bombs next week". That is published automatically by the user (Facebook is not aware of it). Then the post is flagged by a user and reviewed by a moderator. *At that point* Facebook would "become aware" of such information, and need to report it to the Law Enforcement. On the other hand, if you are a site which accepts guest posts, with a policy of reviewing everything before publishing, you would be expected to have been become aware of that. Of course, if you are instead the NSA, you would probably want a trigger on every mention of the word "bomb", you know, for the Greater Good of National Security, even if that means getting a lot of False Positives... such as this thread. > only a jackass wana be terrst will put dangerous/alarm trigger > stuff in the Subject of his emails. I don't think the Subject line of emails would be any different than the body wrt to not spying your users. (Nevertheless, I am sure many crooks have used incriminating Subject lines on their emails) > so do the EU wants us to play as NSA for free ? and pursue us if we > don't... As mentioned above, I don't think so. Moreover, the proposal itself reminds > the prohibition of general monitoring obligations, as interpreted EN > 4 EN by the Court of Justice of the European Union⁸. > ⁸ For instance, Judgment of 3 October 2019, Glawischnig-Piesczek (C- > 18/18). Also of interest, this proposal doesn't seem to have been approved yet https://eur-lex.europa.eu/procedure/EN/2020_361 Best regards ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
Re: [mailop] Interesting passage from the new EU Digital Services Act
I'm prone to reading things like that as meaning "if you happen across something" rather than "please go digging and if there's something to find and you don't find it, you're dead." On 2022-04-23 17:55, Jean-François Bachelet via mailop wrote: Hello ^^) Haven't read the full EU stuff yet, but question : How can we be possibly become aware of such possible threats without SPYING -read it all- the email passing by our mail servers ??? only a jackass wana be terrst will put dangerous/alarm trigger stuff in the Subject of his emails. so do the EU wants us to play as NSA for free ? and pursue us if we don't... ... Le 24/04/2022 à 00:17, Jarland Donnell via mailop a écrit : Admittedly I do like the phrase "becomes aware of" as it should in theory place the burden on a third party to prove awareness. Though I can't imagine a lot of people become aware of a serious threat against someone's life and then turn the other way, at least not anyone who wouldn't now simply claim "I wasn't aware of it." On 2022-04-23 15:36, Anne Mitchell via mailop wrote: "Where an online platform becomes aware of any information giving rise to a suspicion that a serious criminal offence involving a threat to the life or safety of persons has taken place, is taking place or is likely to take place, it shall promptly inform the law enforcement or judicial authorities of the Member State or Member States concerned of its suspicion and provide all relevant information available." Hrrrm... I wonder whether the online platforms of which we are ware who know full well that phishing is happening on their platform have promptly informed law enforcement. Note that the DSA explicitly states that it applies to entities outside of the EU as well as within the EU. (Our write-up of our first impressions of how we see the DSA being applied to email is here, and includes the full text of the DSA: https://www.isipp.com/what-the-eus-new-digital-services-act-means-for-email-marketing/) Anne --- Anne P. Mitchell, Esq. CEO Get to the Inbox by SuretyMail Author: Section 6 of the CAN-SPAM Act of 2003 (the Federal email marketing law) Author: The Email Deliverability Handbook Board of Directors, Denver Internet Exchange Dean Emeritus, Cyberlaw & Cybersecurity, Lincoln Law School Prof. Emeritus, Lincoln Law School Chair Emeritus, Asilomar Microcomputer Workshop Counsel Emeritus, MAPS: Mail Abuse Prevention System (now the anti-spam division of TrendMicro) ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
Re: [mailop] Interesting passage from the new EU Digital Services Act
> How can we be possibly become aware of such possible threats without SPYING > -read it all- the email passing by our mail servers ??? only a jackass wana > be terrst will put dangerous/alarm trigger stuff in the Subject of his > emails. so do the EU wants us to play as NSA for free ? and pursue us if we > don't... I'm not sure about the EU (although I'm guessing it's the same) there is often a "knew or should have known" standard (in fact that's the standard in the section of CAN-SPAM that I wrote). So if that is the same in the EU, then people reporting to the provider about the threat would trigger it...remember I'm saying *IF* because I don't know. That said, there are full swaths of text in the DSA that talk about complaints lodged with providers. For anyone wanting the full text, you can find it down at the bottom of the article (https://www.isipp.com/what-the-eus-new-digital-services-act-means-for-email-marketing/) Anne -- Anne P. Mitchell, Attorney at Law CEO ISIPP SuretyMail Author: Section 6 of the CAN-SPAM Act of 2003 (the Federal email marketing law) Author: The Email Deliverability Handbook Board of Directors, Denver Internet Exchange Dean Emeritus, Cyberlaw & Cybersecurity, Lincoln Law School Prof. Emeritus, Lincoln Law School Chair Emeritus, Asilomar Microcomputer Workshop Counsel Emeritus: Mail Abuse Prevention System (MAPS) (now the anti-spam arm of TrendMicro) ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
Re: [mailop] Interesting passage from the new EU Digital Services Act
Hello ^^) Haven't read the full EU stuff yet, but question : How can we be possibly become aware of such possible threats without SPYING -read it all- the email passing by our mail servers ??? only a jackass wana be terrst will put dangerous/alarm trigger stuff in the Subject of his emails. so do the EU wants us to play as NSA for free ? and pursue us if we don't... ... Le 24/04/2022 à 00:17, Jarland Donnell via mailop a écrit : Admittedly I do like the phrase "becomes aware of" as it should in theory place the burden on a third party to prove awareness. Though I can't imagine a lot of people become aware of a serious threat against someone's life and then turn the other way, at least not anyone who wouldn't now simply claim "I wasn't aware of it." On 2022-04-23 15:36, Anne Mitchell via mailop wrote: "Where an online platform becomes aware of any information giving rise to a suspicion that a serious criminal offence involving a threat to the life or safety of persons has taken place, is taking place or is likely to take place, it shall promptly inform the law enforcement or judicial authorities of the Member State or Member States concerned of its suspicion and provide all relevant information available." Hrrrm... I wonder whether the online platforms of which we are ware who know full well that phishing is happening on their platform have promptly informed law enforcement. Note that the DSA explicitly states that it applies to entities outside of the EU as well as within the EU. (Our write-up of our first impressions of how we see the DSA being applied to email is here, and includes the full text of the DSA: https://www.isipp.com/what-the-eus-new-digital-services-act-means-for-email-marketing/) Anne --- Anne P. Mitchell, Esq. CEO Get to the Inbox by SuretyMail Author: Section 6 of the CAN-SPAM Act of 2003 (the Federal email marketing law) Author: The Email Deliverability Handbook Board of Directors, Denver Internet Exchange Dean Emeritus, Cyberlaw & Cybersecurity, Lincoln Law School Prof. Emeritus, Lincoln Law School Chair Emeritus, Asilomar Microcomputer Workshop Counsel Emeritus, MAPS: Mail Abuse Prevention System (now the anti-spam division of TrendMicro) ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
Re: [mailop] Interesting passage from the new EU Digital Services Act
Admittedly I do like the phrase "becomes aware of" as it should in theory place the burden on a third party to prove awareness. Though I can't imagine a lot of people become aware of a serious threat against someone's life and then turn the other way, at least not anyone who wouldn't now simply claim "I wasn't aware of it." On 2022-04-23 15:36, Anne Mitchell via mailop wrote: "Where an online platform becomes aware of any information giving rise to a suspicion that a serious criminal offence involving a threat to the life or safety of persons has taken place, is taking place or is likely to take place, it shall promptly inform the law enforcement or judicial authorities of the Member State or Member States concerned of its suspicion and provide all relevant information available." Hrrrm... I wonder whether the online platforms of which we are ware who know full well that phishing is happening on their platform have promptly informed law enforcement. Note that the DSA explicitly states that it applies to entities outside of the EU as well as within the EU. (Our write-up of our first impressions of how we see the DSA being applied to email is here, and includes the full text of the DSA: https://www.isipp.com/what-the-eus-new-digital-services-act-means-for-email-marketing/) Anne --- Anne P. Mitchell, Esq. CEO Get to the Inbox by SuretyMail Author: Section 6 of the CAN-SPAM Act of 2003 (the Federal email marketing law) Author: The Email Deliverability Handbook Board of Directors, Denver Internet Exchange Dean Emeritus, Cyberlaw & Cybersecurity, Lincoln Law School Prof. Emeritus, Lincoln Law School Chair Emeritus, Asilomar Microcomputer Workshop Counsel Emeritus, MAPS: Mail Abuse Prevention System (now the anti-spam division of TrendMicro) ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
Re: [mailop] Interesting passage from the new EU Digital Services Act
It doesn't apply to phishing. Its very clear its about emergencies, ergo threats about violence, bombs and such. Phishing is definitely not a "threat to the life or safety of persons" as it only poses a threat to property, ergo money. -Ursprungligt meddelande- Från: Anne Mitchell via mailop Skickat: den 23 april 2022 22:38 Till: Michael Orlitzky via mailop Ämne: [mailop] Interesting passage from the new EU Digital Services Act "Where an online platform becomes aware of any information giving rise to a suspicion that a serious criminal offence involving a threat to the life or safety of persons has taken place, is taking place or is likely to take place, it shall promptly inform the law enforcement or judicial authorities of the Member State or Member States concerned of its suspicion and provide all relevant information available." Hrrrm... I wonder whether the online platforms of which we are ware who know full well that phishing is happening on their platform have promptly informed law enforcement. Note that the DSA explicitly states that it applies to entities outside of the EU as well as within the EU. (Our write-up of our first impressions of how we see the DSA being applied to email is here, and includes the full text of the DSA: https://www.isipp.com/what-the-eus-new-digital-services-act-means-for-email-marketing/) Anne --- Anne P. Mitchell, Esq. CEO Get to the Inbox by SuretyMail Author: Section 6 of the CAN-SPAM Act of 2003 (the Federal email marketing law) Author: The Email Deliverability Handbook Board of Directors, Denver Internet Exchange Dean Emeritus, Cyberlaw & Cybersecurity, Lincoln Law School Prof. Emeritus, Lincoln Law School Chair Emeritus, Asilomar Microcomputer Workshop Counsel Emeritus, MAPS: Mail Abuse Prevention System (now the anti-spam division of TrendMicro) ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop