« The Name of the IT Security Game | Main | Measuring Security Progress in an Uncertain World »

The Importance of Email Disclaimers

CSO's web site has a blog posting about an alleged accidental data leakage via a misdirected email from a lawyer to a news reporter. Nothing exceptional about that. It's the sort of cock-up that happens from time to time. But what's particularly interesting about this story is that the journalist didn't report the content of the email.

Now there can be many reasons why reporters hold back information. The content might not be interesting enough. It might be counterproductive to compromise a potential useful source. But it might also be because the email disclaimer did its job. That last thought got me thinking about the value of email disclaimers.

The blog posting contains some useful comments from a lawyer. But the situation is never clear cut. And the legal position can vary from country to country. I'm not a legal expert but my understanding is that under English law a recipient of a communication is obliged not to disclose the content of an expressly marked confidential communication. (It would be interesting to some expert thoughts on this.)

With all the current concern about data leakage, it clearly makes sense to ensure that email disclaimers and corporate policies for business communications are as good as you can get them. They might be your last line of defence.

Tags:

Posted by David Lacey on February 8, 2008 9:34 AM |

TrackBack

TrackBack URL for this entry:
http://www.computerweekly.com/cgi-bin/mt/mt-tb.cgi/21070

Comments (2)

mark:

I wonder how valid such a disclaimer is if it is routinely applied to every email leaving the building. As a journalist I'm used to getting press releases by email which sign off with an auto-generated threat of dire consequences if I reveal a single word. Presumably the organisations involved aren't really hoping I'll keep their product launches, industry recognition and other great achievements to myself. In which case, how do I tell when they really mean it?

Posted by mark | February 8, 2008 11:43 AM

Posted on February 8, 2008 11:43

Sadat:

Dear sir

Email encryption is a sure way to combat fraud rather than some holier-than-thou disclaimer footnote. But awareness of this simple mechanism is woefully lacking in the mainstream.

Posted by Sadat | February 10, 2008 7:33 PM

Posted on February 10, 2008 19:33

Post a comment

(If you haven't left a comment here before, you may need to be approved by the site owner before your comment will appear. Until then, it won't appear on the entry. Thanks for waiting.)

Search


About

This page contains a single entry from the blog posted on February 8, 2008 9:34 AM.

The previous post in this blog was The Name of the IT Security Game .

The next post in this blog is Measuring Security Progress in an Uncertain World .

Many more can be found on the main index page or by looking through the archives.

Subscribe to this blog's feed
[What is this?]
Powered by
Movable Type