Slashdot Mirror
Canadian Privacy Law v. E-Mail Harvesting
sbowles writes "Canada's Privacy Commisioner has ruled that a business e-mail address is personal information protected under the federal privacy legislation (PIPEDA). Law professor Michael Geist (a leading e-commerce and privacy law expert) received an unsolicited request to buy seasons tickets from the local football team. His e-mail address had been harvested from a University website. The ruling indicated that 'You are allowed to collect and use publicly available information, but the use has to be directly related to the purpose for which the information appears in a directory or notice.'"
No, it's to have pertinent sent to. My email address appears above this post -- if you want to discuss it with me, fine, if you want to attempt to sell me V1AGRA, then kindly fuck off.
My phone number's in the book, that doesn't mean I want you to ring me and see if I'm interested in double glazing.
Athletic Scholarships to universities make as much sense as academic scholarships to sports teams.
I know I shouldn't take the bait, but...
So you won't mind if I send tons of unwanted email to you and swamp you with spam on AIM and MSN? You have both your email address and your AIM/MSN usernames available for everyone to see (on your livejournal profile), after all...
quidquid latine dictum sit altum videtur.
So, it appears that Canada again is the first one who has made a reasonable* approach to fight against spamming?
*Reasonable from a legal POW, none that it would change anything.
Canada becomes a more appealing place to move to. The fact there is an actual government post to protect citizens' privacy... it boggles my American mind. Someone actually tries to protect privacy, and they work for the government?
I think this makes an excellent assertion that placing an email in a specific location should limit it to the purpose it was placed there for. If I own a business and provide customers and interested parties with contact info on the company webpage, that address should not be spammed with penis growth ads and I should be legally entitled to damages for having to install spam filters and pay admins to further maintain them.
No penguins were harmed in the making of this post.
Yeah, just like US law. Oh, wait, that's becoming untrue.
Lost at C:>. Found at C.
If you don't want to deal with it, don't put it out in the first place.
"Hi! My name's Bernard. I'd give you out my e-mail, but i can't give it out in public. Please contact me in person or send me a post card to the following PO Box, so i can answer you back. Good day!"
Moral of the story: e-mail was meant for private communication, not for marketing purposes. Allowing spammers to harvest e-mail, is going against the very reason why e-mail was invented.
There are several places where you HAVE TO send your e-mail address and some government organizations put this information on the web. At least in Hungary: E.g. If You are a lawyer, you'll get into the index of lawyers and you have to send personal/business related information to the government, e.g. your e-mail address.
The government publishes Your e-mail address WITH THE GOAL that someone can CLEARLY IDENTIFY valid lawyers in the state.
You, and the spammers are not allowed to use this data except from the previously mentioned goal.
So how to avoid spams if you have to enter valid information into such mandatory database?
No, because the business is giving you the e-mail address, it is still their property. They cannot monitor you personal (home) e-mail at your home, but it is debatable as to whether or not the can monitor it if you check your home e-mail at work (provision of bandwidth purchased by company making it their e-mail because you used their bandwidth). when in doubt, leave home stuff at home, don't use work address for personal e-mail...
> It's a public domain, anyone who chooses to can contact you wether or not it's against the law.
Sorry buddy, thats exactly what the law is against. You have a certain amount of privacy, including your information.
>If you don't want to deal with it, don't put it out in the first place.
OR can you make a law so you can put it out there. Some laws protect corporations more, some laws protect individuals more. This falls into the later.
The surprise isn't how often we make bad choices; the surprise is how seldom they defeat us.
Completely agree. Common sense has to enter the equation at some point. Email is obviously a very useful tool for allowing customers or potential customers to contact your business.
But the use of that tool shouldn't open you up to having to sort through thousands of mass-mailed advertisements that you could care less about.
Armchairgenius.com - Where everyone is a genius.
And we'd like to keep it that way. But with the US making laws that say any of our data passing through a US company is subject to the conditions of PATRIOT act.
I'd like to see India or some other location which routinely handles US data decree those US citizens whose data passes through are subjected to local laws. That kind of extra-teritorial grab bugs me.
Here's hoping we keep a sane climate on privacy here in Canada and the rest of the world.
Lost at C:>. Found at C.
Like the American version with bigger fields, less downs, and players slightly less talented.
~on the good professor's side~
:) If it's that important to me that the red button remain unpushed, I won't put it in reach of the toddler.
Spam is evil. I hate receiving it and hate to be pestered for stuff I never wanted in the first place. This professor may have no interest in football and I respect the fact that he did not only not want to buy season tickets, he didn't want to have to turn down the offer TWICE. There are plenty of offers I have to turn down that I wish had never happened, most of them by email and crude or gross or annoying. I maintain my email account, however, because it is worth the price I pay in inconvenient SPAM.
~to these red-blooded football players' defense~
They are university affiliates, after all. Would the professor rather they stop by his office in person or stop him in the hallway? But seriously...the effort required to sidestep spam (click it into your junk box) is actually far slighter than the effort required to sidestep a solicitor's phone call or turn away a caller in the flesh. If a salesman is going to bug me, please let him (oh, please) send me an email instead of telephoning me at home!
There are folks in the world who do not want to be contacted at all, and they are entitled to have unlisted phone numbers (or no phone), never check email, never answer the doorbell, employ secretaries and security to interface between them and the world, perhaps wear a disguise every time they go outside. Celebrities have to resort to these measures; so do CEOs, public officials, jurors, and recluse writers like Thomas Pynchon. The rest of us, however, want a more moderate balance between privacy and availability to those who need to contact us. I suggest that the price of posting a public email address is that it will be used.
I'm all in favor of posting polite messages along with the email address like "please contact me only on business relating to ___" and robot-defeating formats like "me-AT-domain-dot-com" but legal action ought to be reserved for the flagrant abuse, not intra-mural etiquette breaches. Otherwise it's a bit like making a big, beautiful red button, showing it to a two-year-old, and saying "Don't press this or you'll be spanked!" (Sorry, any spammers out there reading this who take umbrage at the comparison to two-year-olds!
If the professor really wants people at the university not directly connected to his affairs not to contact him, he shouldn't give them his email address. The web is a very public place.
This kind of anti-corporate behavior reflects poorly on the entire country
This behaviour isn't anti-corporate. It's pro-corporate. What happens when Amazon decides that the purpose of their listings is only to buy stuff from Amazon, and that all other uses of that scraped information is illegal? Allowing spam harvesters is IMO a small price to pay for the rest of us being allowed to use the contents of websites for purposes unintended by their owners.
Peter
You squeal "privacy!" as if it's a dirty word, yet you hide behind an anonymous account...
And tomorrow the stock exchange will be the human race
Is your phone number in the phone book? Great! Then you won't mind if I phone you 300 times a day to sell you penis enlargement pills.
You shouldn't have to hide information that is useful for others to legitimately contact you so that it won't be abused by advertisers and sleazy marketers.
And you wife is a SPAMER. Your wife's email was unsolicited, there for spam. Even if it was addressed right to a person, it's still spam. To get reported twice as a spammer she must send out quite a few emails.
And on a business note, your wife really shouldn't be spamming "partners". A hard copy letter or phone call would work much better. It goes to show that at least two people don't feel that your wife's email are "legitimate business inquiries"
One of those countries is Italy (where I am from), and italian law has worked well (since September 2003) so far to deter spammers. Fines go up to 90.000 Euro or 3 years of jail.
It's only a pity that *all* the spam I get origins in the USA (sent through various open relays scattered around the world), is in english language and targetted to US-citizens. So there's no way for me to get one of those mortgages... :-(
ms
Absolutely. However. I live in Canada. I have a business e-mail address (the only one I use, actually). I receive tons of spam for V1AgRa and other crap. A sizable fraction of it comes from, and is routed through, a single internet domain located in Quebec, and I have ample evidence it is all coming from the same dubious business source.
This ruling gives me a reason to phone up that ISP and tell them to get off their ass and finally pull the plug on these jokers, because even if they aren't violating the terms of the ISP (apparently, because they have been informed many times of the problem and yet still route through them), they are violating the law with respect to the Privacy Act, and the ISP is facilitating that violation. If nothing else, it gives me a stick to hit the ISP with, and they can boot the spammers. If the spammers want to set up their operation in China or somewhere else, that's fine with me. I hope it causes them more expense and hassle, but even if it doesn't, it will still make filtering a whole lot easier. We don't have to stop spam -- just back it into a small enough corner that it can be blacklisted.
Yes, a law is just a law, but give them the legal tools, and people will carry it further.
Let's be fair here. I don't even know the sum total of information collected about me. A good portion of it probably wasn't even authorized by me. How can I be responsible for information I don't even know exists?
Further, how about a case of identity fraud? I am responsible for information another party has used without my consent? Where is their responsibility in this case?
The only way I can guard my personal information is to have some say in how/when it is used.
As long as any party is collecting data without my consent, it becomes their responsibility to protect that data, and speaks volumes as to how much say they have in my daily affairs (try getting a job without a SSN).
I suppose you think HIPPA is an intrusion on privacy as well.
We are pretty far down the line in Peacekeeping, in foreign aid, and we've let our military suffer serious rust-out so they've withrdrawn from many of our former UN observer missions.
We still think of ourselves as people who do the right things on the international stage, but our charitable donations per capita don't rank very high either.
In the last 10-15 years, we've become a people who cling to a certain set of values but don't pay for them in blood, sweat or dollars. As a consequence, about all we have is the 'belief' that we're a goo people doing all of these things. A simple look at our downsizing of involvement with the UN and our abysmal charitable contribution rates per capita pretty much tells the real story.
It's a nice theory. Maybe we should actually live up to it.
-- Mal: "Well they tell you: never hit a man with a closed fist. But it is, on occasion, hilarious."
Yeah, it's your own fault for wearing such a short skirt!
"The bottom line is, I hate spam, too, but sometimes people are far too trigger happy to report legitimate business inquiries as spam."
Running my own business, I can certainly sympathize. One thing strikes me as odd, though: when your wife phoned these prospective partners in order to find out if and to whom she should send an e-mail, did she get no indication whatsoever that they would report her for spamming?