A site I am involved in to a certain degree is currently receiving a certain degree of media attention due to a comment posted there by someone. The comment, which was not pleasant, was removed by one of the moderators and the user banned.
This kind of thing happens on bulletin boards all the time. It might be a cause for irritation if you are the moderator, but it’s hardly “newsworthy”.
Unfortunately in this instance the comment was spotted by someone else who took screenshots of it and posted on his own site (blog) demanding that details of the person who posted the comment be revealed.
We cannot simply handover the details to the media or a 3rd party. That would be an abuse of online privacy. If we did it once then we would be setting a precedent.
I would have no issue with handing over the information if we were approached by the Gardai. But anybody other than them has no right to ask for that information.
Ebay, for example, have contacted us in the past about phishing sites on our IP space. We will respond swiftly to these reports and take the sites offline or get them taken down (usually they aren’t hosted on our servers but those of a 3rd party colocating with us). In the standard email from ebay there is a demand for the user’s details citing US Federal legislation:
“We sincerely appreciate your immediate attention to this important matter. We would also appreciate if you would take steps to confirm the accuracy of any contact information that your user may have provided to you in establishing the account. Should you have any accurate information that could assist eBay and law enforcement in tracking this individual, we greatly appreciate your assistance, as we know that you do not condone the use of your services for such criminal purposes.
Finally, please be advised that we have referred this issue to the Federal Bureau of Investigation for their investigation. The F.B.I. has requested that we convey to you in this message their request that you preserve for 90 days all records relating to this web site, including all associated accounts, computer logs, files, IP addresses, telephone numbers, subscriber and user records, communications, and all programs and files on storage media in regard to all Internet connection information, pursuant to 18 U.S.C. Section 2703(f). While we do not act as an agent of the FBI in conveying this request, we do intend to fully cooperate with their investigation, and encourage you to do so as well.
“
Although we are more than happy to co-operate with agents of the law we cannot handover client details without a warrant from the Irish authorities. Irish and European privacy laws are quite strict about these things, which is a good thing.
It does, however, make things quite complicated when the case in question is making news headlines.
Privacy laws are an interesting area. They can protect you as an individual against any number of things, including spam. However they do not offer the same level of protection to business, at least not in the Irish context.
The difference between the individual and business can be quite unclear, especially when you are dealing with sole traders. It is partially for this reason that I have started using email from this domain for “personal” matters in order to differenciate from “work” matters.
Another interesting case was brought to my attention recently where a company operating in the same sector as ourselves gave their client details to a “partner company”.
The “partner company” then emailed the client database with offers.
My interpretation of Irish law governing client details was that we, as a provider of services, could use our clients’ details to communicate with them with regard to the services we offer them. The clients have the right to “opt out” of such communication if they choose. Unless we were to specify at the time of gathering their details that we intended to share their details with a 3rd party we would not have any right to do so.
This has been confirmed to me by the Data Privacy commissioner’s office.
Surely this is a clearcut case of spamming?
Michele Neylon :: Pensieri
Technology, Marketing, Domains, Thoughts
Footer
Site hosted in Ireland by Blacknight - Content copyright Michele Neylon
‘a clearcut case of spamming’
Perhaps it would be appropriate to restrict your opinion to things you have actually verified? Have you actually seen the mail headers for example?
“a clearcut case of spamming”
Why yes it does sound like that
“Perhaps it would be appropriate to restrict your opinion to things you have actually verified”
Erm because if it looks like spam, sounds like spam, smells like spam – more then likely it is spam
Lets put it this way – if I recieved unwanted email from any company – I would treat it as spam – even if (as has been claimed by several American companies) it was a “one off info-mail”
Spam is well defined. Communication from a company you have signed up with is not spam as long as that communication is in accordance with the companies terms, conditions and privacy policies, which were what you signed up to in the first place. Have you never received an email from a site you signed up or bought something from?
Communication from a company with whom you have a business relationship is not spam provided that:
– It is from the company and is clearly labelled as such
– You have not opted out of such communication
I have recieved emails from sites where I bought something or signed up for, but that is because I specifically asked for said information, and said information is all I have ever recieved.
On the other hand I have recieved emails from companies that I have never dealt with at all. I mean there are only so many emails I can read telling me the benefits of one sex aid over another, or how XYZ offer great hosting at ABC prices.
I have reported any and all offenders, but these offending companies will always find some loophole to suit themselves, and continue to annoy the average joe bloggs, like me
Communication from a company with whom you have a business relationship is not spam provided that:
– It is from the company and is clearly labelled as such
– You have not opted out of such communication
Agreed 100%.
But what would you do in these cases
Case 1:
Where a company you have never had any dealings with whatsoever emails you more then once – subject matter is irrelevant – the fact that you have never had any contact with them or partners, etc – what would you do in that case? Would you consider it spam
or
Case 2:
Or if a partner of a company was given your email address, even though you specifically asked them not to – would you consider that spam
In my humble opinion – any company that does either of the cases I made – are guilty of spam and should be punished.
Pete
Case 1 – spam
Case 2 – spam + breach of privacy.