Slashdot Mirror
Canadian Privacy Law v. E-Mail Harvesting
sbowles writes "Canada's Privacy Commisioner has ruled that a business e-mail address is personal information protected under the federal privacy legislation (PIPEDA). Law professor Michael Geist (a leading e-commerce and privacy law expert) received an unsolicited request to buy seasons tickets from the local football team. His e-mail address had been harvested from a University website. The ruling indicated that 'You are allowed to collect and use publicly available information, but the use has to be directly related to the purpose for which the information appears in a directory or notice.'"
Support Celiac Disease Research
I should be able to post my email on the net without fear of some shameless spammer harvesting it. I finnaly posted my personal address on just a few forums and now I receive at least 50 spam a day. I never consented for it to be mailed to (use a hotmail account for web sign-ins) so only a damn bot could have gotten it.
Here is the professors university home page , from where i guess the email id was harvested. Looks like the spammers should have read his biography and field of speciallization before having sent that mail :-)
He even hosts this site regarding privacy issues
I could have seen much further had it not been for the giants standing on my shoulders
Au contraire; Canadian privacy laws have actually helped businesses, as individuals (customers, etc) are able to trust that their personal data is safe and proceed to do business. This was even discussed on /. a while back; I'll try to see if I can find the sources later on.
People say I'm crazy, I got diamonds on the soles of my shoes...
The Ottawa Renegades are a CFL team. That's a professional sports organization, for non-Canadians (or CFL-ignorant ones).
They aren't "university affiliates", except to the extent that I bet they use their stadium.
This is a case of a business harvesting email addresses from an organization's website and sending unsolicited messages.
Tuus crepidae innexilis sunt.
But seriously...the effort required to sidestep spam (click it into your junk box) is actually far slighter than the effort required to sidestep a solicitor's phone call or turn away a caller in the flesh. If a salesman is going to bug me, please let him (oh, please) send me an email instead of telephoning me at home!
I couldn't let this pass. I don't think you get it.
The amount of effort required to send that mail is infinitely smaller than the amount of effort required to call me. Both the costs and the time consumed in sending a bulk e-mail are orders of magnitude less than telephone or bulk mail.
That means many many organizations are doing it, both spam and legitimate, and targeting much larger groups of people.
Having a publicly available mail address is part of my job, and I post in public forums and on websites using my plain email, unobsfucated so that even the most casual browser will be able to contact me if they have questions about what I post. I have used the same email for 7 years in this role.
My price? Several thousand spam e-mail a day. Until you have had to deal with this yourself, you don't know the cost of SPAM to business, or why legislation and policies to deal with it are a good thing.
And respectfully, if you can't see there is a problem with harvesting e-mail addresses and sending unsolicited mail, then you are exactly the kind of person I hate dealing with in our marketing department.
- sarcasm is just one more service we offer -
Here it is: old slashdot story
People say I'm crazy, I got diamonds on the soles of my shoes...
I should be able to post my email on the net without fear of some shameless spammer harvesting it.
Yes, and I should be able to walk around all parts of a major metropolitan area without fear of getting mugged. Guess what? That is just not true. One must be cognizant of surroundings and protect oneself appropriately, which brings us to the next item...
I finnaly posted my personal address on just a few forums and now I receive at least 50 spam a day.
In all seriousness, what did you expect? The practice of address harvesting from newsgroups, etc. has been well known for ages.
I never consented for it to be mailed to
Not to put too fine a point on it, but where on earth did you get the idea that your consent had anything to do with people sending you email?
I want to drag this out as long as possible. Bring me my protractor.
In Europe (EU/EEA) there are whole government agencies whose purpose is to protect citizens' privacy. For the most part, it is believed to be natural that the government does this for its citizens. After all, the government is by the people for the people, there to protect citizens' interests...
(in theory anyway...)
People say I'm crazy, I got diamonds on the soles of my shoes...
Nope, the Renegades play at Frank Clair stadium, which isn't used by any of the Universities.
They're very separate organizations.
Lost at C:>. Found at C.
Can you cite a reference to this policy? All the statistical data I've seen gives only the first three characters of the postal code.
I was under the impression that Stats Can runs
a test on any data they release to make sure
that it doesn't identify anybody, even by
solving a set of equations.
In addition to this, I believe researchers have
to receive ethics clearance for the use of the
data, which obliges them to keep it confidential.
Prof. Geist came and gave a presentation to my graduating class specifically on PIPEDA just after this had occured.
He told us the whole scenario, and clearly pointed out that after receiving the first spam, he responded, specifically asking that they no longer use his email address for promotional matters.
They ignored his request and sent him a second round of spam. That's when he filed the complaint against them. And won.
It's not only a matter of spam. It's a clear-cut case of ignoring removal requests can be bad for you.
In Canada, there are rules from the CRTC specifically banning ADAD (Auto-Dialing and Answering Devices) from being used for advertising and solicitation purposes including charities.
To me, bulk-mailing is similar to such phone directory brute-forcing. It is intrusive, wasteful and annoying.
The CRTC allows ADADs for appointment confirmations and public safety announcements, both legitimate, reasonable and pertinent reasons. This law simply brings these CRTC rules to eMail. For the record, even though CRTC stands for "Canadian Radio and Telecomunication Commitee", Internet is considered an "Information service" which is not (yet) under its jurisdiction.
this is taken from smarty.php.net javascript encrypting function
// address text extra
.= '%' . bin2hex($string[$x]); }
e .'\'))</script>';
basically it means that a client whose not running js on every script on the page will not even know that he's missing content.
but thos who do, don't don't feel any adverse effects (like having to remove the EEEWE from the middle of the domain or something) !!
a challange for perl wizards, transform the code into one concise line.
----
function emailto($params)
{
$extra = '';
extract($params);
if (empty($text)) { $text = $address; }
$string = 'document.write(\'<a href="mailto:'.$address.'" '.$extra.'>'.$text.'</a>\');';
for ($x=0; $x < strlen($string); $x++) { $js_encode
return '<script type="text/javascript" language="javascript">eval(unescape(\''.$js_encod
}
----
actualy, i used to include a commented out fake random generated address, that is not encrypted to satisfy the harvesting bots.
-- Avishalom is usually vish