Slashdot Mirror
Goldman Sachs Demands Google Unsend One of Its E-mails
rudy_wayne (414635) writes A Goldman Sachs contractor was testing internal changes made to Goldman Sachs system and prepared a report with sensitive client information, including details on brokerage accounts. The report was accidentally e-mailed to a 'gmail.com' address rather than the correct 'gs.com' address. Google told Goldman Sachs on June 26 that it couldn't just reach into Gmail and delete the e-mail without a court order. Goldman Sachs filed with the New York Supreme Court, requesting "emergency relief" to avoid a privacy violation and "avoid the risk of unnecessary reputational damage to Goldman Sachs."
Ha. Hahahaha. Ha.
Already blocked
[FUCK BETA]
If this is interesting information, it has already been copied from the Google server to somebody's personal computer.
Barbara Striesand never returns my e-mails either.
Massive privacy breach....e-mailed a report...containing sensitive details...e-mailed...
The problem here isn't that it was sent to the wrong account. It's that it was e-mailed AT ALL.
"Tell me doctor, with all of your defenses, are there any provisions for an attack by killer bees?"
"avoid the risk of unnecessary reputational damage to Goldman Sachs." I'd say it's too late for that now, mate.
At least every lawyer type e-mail I get has a giant disclaimer at the end if you are NOT the intended recipient. Perhaps GS should have considered using that? Over paid dopes.
...companies in the world.
This is a test case for them, it's all about control and it's all about the money.
Do you guys remember this: "Give me control of a nation's money and I care not who makes the laws."?
Well, you better remember it - and understand what it means, because your FREEDOM is at stake!
Cryptic to you?
READ BETWEEN THE LINES!
What this world is coming to - is for you and me to decide.
This all seems fairly reasonable to me.
You have enough people doing enough things, eventually someone is going to make a stupid mistake. In hindsight there is probably plenty of stuff that could have or should have been in place to prevent this, but then there always is when looking back at a problem.
Google seems to be acting reasonably. Putting a process in place where companies can quickly and conveniently "take back" emails seems like a bad idea. Requiring a court order ensures that this goes through a strict process and is well documented. Google doesn't seem to be "fighting" this so much as saying "get a court to tell us to and we'll happily do it for you".
And I don't get the impression that Goldman Sachs is pounding their fists on the desk here either. They are doing everything they can to repair or prevent damage caused by a mistake they made. They are seeking out the court order and probably other stuff internally.
hate it when it renders my information sensitive :)
- I choked on the red pill and now I'm stuck in limbo
First of all they shouldn't be emailing that to anyone.
Second of all, why was it not encrypted???
Step back and see what Goldman Sachs is asking. What if they are lying? How does Google know what Goldman Sachs is asking is valid. What would happen if the user was suppose to get email, suddenly finds that email not longer present because Goldman Sachs or someone else asked Google to delete it.
Think Potsy, think.
There are more than a few email filtering products, some designed specifically to prevent sensitive data from being emailed at will via heuristics designed to detect sensitive information.
You would think as heavily regulated as Goldman is they would have these kinds of systems in place to prevent this kind of thing from happening.
The real question is: should the court order such an action, and under what conditions?
Analogy alert: GS mistakenly sends me a letter by physical mail, then asks the post office (or asks a judge to order the post office) to send a mailman round, break into my house, and retrieve the letter. That clearly won't happen; worst case is that the judge would order me to surrender the letter. In case of email, is Google (under their terms & conditions and the letter of the law) allowed to "break into" my mailbox and remove the offending letter? And should they be?
If construction was anything like programming, an incorrectly fitted lock would bring down the entire building...
"By contrast, Google faces little more than the minor inconvenience of intercepting a single email - an email that was indisputably sent in error," it added.
Losing a few thousand dollar is little more than a minor inconvenience for GS.
So how about it GS... send me a few thousand dollars.
Google is abso-fucking-lutely right to require a court order. If they don't, it'll just open the flood gates for other companies and people to "retract" damaging e-mails. The news here isn't that Google required proper legal procedures before violating it's users rights, it's that GS sends highly sensitive data by e-mail.
Slashdot social media options: AIM, ICQ, Yahoo, Jabber and Mobile Text. Why no MySpace?
Well, that's what the court is for. They get to decide if deleting this email is the right thing to do or not.
Who else would you suggest? Goldman Sachs is out, obviously. Would you rather Google be the one to decide?
That oughta larn 'em to check before they click send. But it probably won't.
Ooh, moderator points! Five more idjits go to Minus One Hell!
Delendae sunt RIAA, MPAA et Windoze
...and used Microsoft's legal team. They would have gotten the gmail.com and google.com domains and then it would just have been a matter to use Microsoft name servers to commit a DoS attack against gmail's hackers, erm, users.
The Federal judges in Nevada are suckers for a good story, I hear, even if it's blatantly false.
How the fuck did they reach anyone at Google to get that response?!
Or what if this email was going to be evidence in a case against Goldman Sachs.
This is exactly why this goes through the courts. Sorting stuff like this out is kinda why courts exist.
It isn't simpler to ask the destination address to delete it? As for security NSA already had a copy and so deleting it from google server is futile!!!
Granted it all seems reasonable, the issue I see is that it's not practical. You can't un-send an e-mail, not really. I have to control my desire to chuckle, in that sad sort of way, every time we get this sort of request internally. Unless the message was just messed in some way that keeps it from being sent, it's gone pretty much as soon as you hit send. We don't have a practical way to pull it off a system that isn't running Outlook (and even then if it's been read, it's a no go) and if the recipient has a Blackberry, pretty much all bets are off. I'm left wondering what real result or final state Goldman thinks they are going to achieve, the damage is already done. P.S. Wondering why anyone at Goldman ever sends anything to a GMail address . . .
Is google gonna have to run tech support everytime someone mistakenly sends an email?
Should the USPS intercept a letter upon request everytime someone made a mistake in sending it out?
No, it's not doggone reasonable. In fact, it's so unreasonable, that only a company with the pull of Goldman Sachs can demand it.
Do you think you go to google with the same request, they'll bow down to you? Do you think the courts would have granted it so fast?
Of course not, because it's a drain on their resource to help some dumbass rectify his own damn mistake.
Aren't these legally binding? :-)
Not an entirely accurate analogy. You own the house (and even if you didn't, the *mailbox* from which you retrieved the letter is distinct from the dwelling where you're likely to store it afterwards).
In gmail's case, google *owns* everything, and they just let you use the storage and mailbox assigned to you. So given a court order, they could remove the email without technically accessing anything that's actually yours.
Now, if the recipient makes a local copy, then your "break into my house" analogy would be more accurate, applying to the copy in the recipient's system.
I agree. I think the most reasonable action is to try to contact the owner of this email address and explain the situation.
Maybe give him $1000 to sign a retroactive non-disclosure agreement. Odds are it's just a random normal person
that would gladly take $1000 to keep quiet. I get confidential emails for a large company that has a similiar domain
to one I own all the time. I probably average about 20 a day. I sometimes notify them but I mostly just delete them
and move on with my day. I sometimes feel bad as many of them are things like "I didn't receive my shipment" but
it's no different than it going into a black hole elsewhere and never getting read.
As always, the analogy is flawed.
If the court ordered someone to break into your house and delete the attachment you saved locally, your analogy would hold. As it is, what GS is asking would be analogous to the court ordering the post office to remove the letter from your PO Box. Seems much more reasonable to me.
Write boring code, not shiny code!
By about a decade.
There are two types of people in the world: Those who crave closure
make the same request when I accidentally reply-all to save myself 'reputational damage'? Or does this only work for large companies with lots of money?
Someone should tell Goldman Sachs that you cannot unsend an email. Usenet articles can be cancelled, even though most servers ignore cancels, but like snail mail, once email is posted it cannot be recalled.
What I'm wondering is whether or not the person whose email account was blocked because they received an email from Goldman Sachs has any form of legal recourse against Goldman Sachs.
"avoid the risk of unnecessary reputational damage to Goldman Sachs."
I think the reputational damage is quite well deserved in this case.
Here is a lesson from this:
This is why divisions with critical info use some form of IRM/RMS. A mistake with a document being sent results in an encrypted document landing in the destination mailbox. Not a good thing, as the name and length of the file is readable... but not a complete leak either -- damage is mitigated. Plus, in Outlook this is as simple as clicking "do not forward" when attaching a document.
The parent has it right. These are two companies doing proper process/procedure to deal with a fuck-up, and nothing more.
Requiring a court order ensures that this goes through a strict [corrupt] process...
Because we all know the courts never just rubber stamp orders from powerful people. This is how the "right to be forgotten" will evolve. Goldman Sachs would like nothing better than to have K's flashy thing to help us forget we elected it to be king of the world.
“He’s not deformed, he’s just drunk!”
They asked google to do something, google said they can't without a court order, and now they seem to be getting one.
I always wondered what happened to Oscar Goldman after the Six Million Dollar Man wound down.
Get thee glass eyes, and, like a scurvy politician, seem to see things thou dost not.--King Lear
Everyone makes mistakes. I understand that. I make mistakes too.
But here's what I don't get. I am sending an email to dude@gs.com and accidentally type dude@gmail.com. But I also I just happen to have dude@gmail.com's PGP key and a sufficient trust path to know the key is correct, for the confidential information in question? That's the part I simply don't believe. All of Goldman Sachs' protestations that the sender just happened to also know dude@gmail.com and that they key was verified, ring hollow.
Of course, the silliness here, is that Goldman Sachs isn't really saying that happened. I'm totally making up the bullshit about their "protestations." And that is the problem, because if the information is confidential and if this is important enough to go to court over (and maybe it really is), then their routine security practices are a joke and they should have a reputation for having complete disregard for protecting confidential information. They are telling the public that they can't be trusted. So, everyone: listen to them.
You get what you pay for.
Yes, Goldman Sachs bought themselves a nice compliant government. I would say they got a bargain.
“He’s not deformed, he’s just drunk!”
After 2008, Greek crisis etc what damage will this do to their reputation?
Unfortunately your analogy is also flawed... the mail _was_ addressed to the recipient. GS "wrote" the wrong address on the envelope.
My question is, what law gives a court the right to do such thing? While there may well be laws that compel companies to keep their own data private, I find it hard to believe there is a law that gives a court the right to undelete stuff in a scenario like this. Courts don't tend to do stuff no matter how reasonable unless there is some law that says they should.
The disturbing thing about this is that the real owner of that mail box, whoever he may be, doesn't get to show up in court and put forward his viewpoint.
Ah, but by definition, the email that the unmentioned gmail.com user has is addressed to him or her. GS may have made a mistake in the address they sent it to, but it IS addressed to that gmail.com user.
https://www.youtube.com/watch?...
The real question is: should the court order such an action, and under what conditions?
Analogy alert: GS mistakenly sends me a letter by physical mail, then asks the post office (or asks a judge to order the post office) to send a mailman round, break into my house, and retrieve the letter. That clearly won't happen; worst case is that the judge would order me to surrender the letter. In case of email, is Google (under their terms & conditions and the letter of the law) allowed to "break into" my mailbox and remove the offending letter? And should they be?
Believe it or not in some countries e-mail is treated the same way as regular mail in law. You can be sued and ordered to destroy any copies you may have made of it legitimately such as by backing up your hard-drive. In Iceland a guy just got sued by a businessman who sent this guy an incriminating e-mail by mistake, the guy then passed the mail on to his friends and duly got sued for breaching telecommunications laws when one of the copies found it's way onto the desk of a special financial crimes prosecutor. Even if you duly destroy the e-mail the sender can still SLAPP sue you at a later date, he might loose the lawsuit but you'll still have to lay out large sums of money for lawyers.
It makes sense if the email hasn't been retrieved yet. GS wants SMTP to have a Recall Unread Message feature which it doesn't. So in the meantime, they expect Google (or the postman) to do the retrieval for them. Should this be possible? Sure, for a fee until SMTP (or another protocol) will let users recall their own messages.
FWIW - You can recall internal messages with Outlook/Exchange. I'm sure others do it too.
Keep the Classic Slashdot.
Data Loss Prevention, they sell them You could buy one, and implement it. Then you wouldnt be able to send out sensative crap you weak minded fools.
You might benefit from following your own advice. He's supporting the idea that the correct channel for this is for GS to have to get a court to agree to order the email be removed. He made no judgement on the obvious theoretical issues, which you seem to think are novel insights, because it is self-evident that a court can and should examine these matters before it orders Google to do anything.
There is considerable difference between the two cases. Post is only more controversial because it requires someone to trespass, and potentially break and enter, your physical home. If the post service could 'vanish' your paper letter by pressing a button then I'd suggest that yes it should use that ability when a court decides there is sufficient need rather than involving an innocent third party in a technical legal issue.
If GS can persuade a court that the letter was of no interest to the recipient, and that its distribution breaches the rights of someone else then in 99.99% of cases requiring a potentially global manhunt to find the recipient and order him through the courts to delete the email is a monumental waste of money and a burden on the third party. In the small fraction of cases where the recipient cares then one would hope they would be informed of what has happened and have the chance to appeal the removal.
The ancient Roman Horace (65-8 bce) said: "Once a word has been allowed to escape, it cannot be recalled."
More recently, Omar, the Tentmaker (died ca 1123 ce) said:
"The moving finger writes; and, having writ,
Moves on: nor all your Piety or Wit
Shall lure it back to cancel half a Line,
Nor all your Tears wash out a Word of it."
How would you feel if the postman was just supposed to check to see if it was still in your box, and take it if it was?
I'd be fine with that, provided a court was the one to decide it should be done.
Your gmail account is your mailbox, not your house. If you were to save the contents of that message somewhere else, that would be akin to bringing the letter inside from the mailbox.
For large sets, this will be our guide even unto death, for the LORD will work for each type of data it is applied to...
I disagree with your disagreement of the analogy. What if your house is rented or you have put the physical letter is in a safety deposit box in the bank? In both these cases the physical location is owned by someone else and you are just renting the space. Is this any different from you renting the e-mailbox space on the google (or other ISP) servers?
> That clearly won't happen
Not until Scalia gets the case!
If someone offered me $1000 to NDA an accidental email? Then I'm sure they would also offer $10k or more.
"Some states do in-fact, prohibit a person from opening mail that is not addressed to them, in which case it would still be a crime to open your wife's mail."
It IS addressed to him, that's sorta the point.
It depends how the headers were populated. It is possible to include both a recipient name and a mailbox specification in RFC 822. If it was addressed like:
Jane Smith then one could argue John Doe should not open the message.
As crazy as it sounds to do something like this on the Internet, there is precedence in some messaging services. Skype, for example, lets you delete messages after they have already been sent. Obviously there is no guarantee that the other person didn't read it yet, but if not, then it is effectively unsent. If it had been read, the other user has to go by memory unless they copied and pasted the email.
Google has the ability to do the same thing with mail sent to a GMail account in many situations. IMAP clients will tend to sync up and would likely go and remove the message at the next sync. If the user had not read it yet, it would be effectively 'taken back'. If the user had opened and taken a cursory glance at it they would in essence accomplish the same purpose. If the user has a POP client they are obviously out of luck.
What I wonder though is what sort of data it is and whether this is a sole measure of protection or an additional measure. Depending on how quickly they discovered the error and got a hold of Google, there is likely a very slim chance the message wasn't read at all. Further, they have no guarantees that the message wasn't copy and pasted or otherwise stored. Perhaps it is a best effort type of deal.
Comment removed based on user account deletion
Most people use Google mail by simply accessing Google's servers via web. Since the email is stored on Google's own server, they can delete it. Now, if it had been *me*, they'd have been SOL, because I have all my Google mail forwarded to my private IMAP server, and it's out of Google's hands. But the average Gmail user, yeah, Google would be able to kill the mail.
If the email contained credit card numbers and such and you don't want to go to jail then $1000 is fairly generous.
You could possibly figure out how to sell it on the black market but most people are not willing to break the law and
risk jail time especially if their identity is already known. Now, on the other hand, if it's stuff that I could sell to a
newspaper about corruption then I would probably be willng to sell it to the highest bidder.
Kind of stuff having DLP software in place would prevent.
Personally I think Google should be able to charge them for wasting there time. How many people are they expected to employee to wipe up other peoples stupidity.
You're analogy is great. Now imagine GS calls the post-office and asks them to pull a letter out of your box. What is the proper response of the postmaster?
this signature has been removed due to a DMCA takedown notice
Google has no fault in this scenario. GS has the problem, they want Google to help them out.
Instead of stating no, Google should have asked :"whats it worth to you?"
Google is a business, this is a service that they do not offer. you want a custom one-time service offering? Sure thing. Let me run some numbers on that and check your credit score and I'll get back to you.
If GS gets a court order and Google has to do this and they get nothing for it, then the situation is even more screwed up.
Warning: Teh poster of this messaeg is lysdexic
If the mail has not yet been delivered, then Google can stop the deliver and bill Goldman for the cost of stopping the delivery. If it has already been delivered, it is the property of the recipient. You can't do anything about it. At best Goldman can go after the recipient and get a gag order from the court. But Google is out of the picture.
sed -e 's/Chuck Norris/Rajnikant/g' joke > fact
Is this any different from you renting the e-mailbox space on the google (or other ISP) servers?
Yes. It's called "Contractual Terms" or "EULA".
...gis sdrawkcab (usually not responding to ACs; don't bother posting as AC)
He's an analogy? Damn!
...gis sdrawkcab (usually not responding to ACs; don't bother posting as AC)
I can see one way that the court is authorized by law to do that. Under common law, we each have a duty to not be reckless about doing things that might cause harm to another. Had Google chosen to deliver the email after having been notified that it could bring harm to Goldman _and_its_customers, Goldman could then file a suit for negligence. The judge or jury would then decide if Google failed to exercise ordinary care in preventing the leak, or if they did all that a reasonable person would do to protect the customers.
If Goldman intended to file such a suit, the normal and proper legal procedure would be for them to request a temporary injunction ordering Google not to release the information until the suit was settled. That is well and good because if Goldman were to win, Google can't very well take back the information they've already released.
Since Google didn't object to the request, why make Goldman formally declare their intent to file a suit for negligence if Google doesn't comply? Everybody knew that was result in an injunction, and a perfectly proper one, so why not save time and just go straight to the injunction hearing? The court can issue an injunction in the end, and I don't know of any common law or statutory requirement for pointless rounds of paperwork when everybody agrees it'll end up as an injunction hearing.
Maybe. The GP raises an interesting point though.
Is the "address" (johndoe123@example.com) the same as its user (Mike Somehow who uses the previously mentioned e-mail address)?
Real life example: I rent an apartment which was previously occupied by a foreign citizen. I receive snail mail addressed to:
- The owner
- Previous renter
- Me
- My wife
- Unspecified recipient (SPAM)
- Others (named people who don't live at my address).
I am legally entitled to open mail addressed to me and "unspecified recipient". Now, in case of an e-mail address, the same could apply. The actual recipient might not be the one who "lives" there, and there might be elements that specifically mention a different recipient than me. Since an e-mail is a non-physical item, I can't really "return without opening" but I could destroy it (after or instead of reading its contents).
Is this covered by the GMail EULA? I confess I've never read the whole damn thing.
...gis sdrawkcab (usually not responding to ACs; don't bother posting as AC)
:-)
this signature has been removed due to a DMCA takedown notice
Yes, in the case of Gmail, the property in which the letter is stored (your inbox) is owned by the deliveryman, who does have legal access to that inbox. That's the difference.
Not that they should be allowed to; and it seems they know this, which is why they're insisting upon a court order.
APK quotes people (including myself) without context and should not be trusted. Just thought you should know.
For the physical analogy, it may not always be that simple. There was this case, but there were more details involved.
If the email contained credit card numbers and such and you don't want to go to jail then $1000 is fairly generous. You could possibly figure out how to sell it on the black market but most people are not willing to break the law and risk jail time especially if their identity is already known. Now, on the other hand, if it's stuff that I could sell to a newspaper about corruption then I would probably be willng to sell it to the highest bidder.
No, I'm not talking about selling the email on the black market. I'm saying if somebody offered me $1000 to sign a retroactive NDA I would treat that as a first offer, and a lowball at that. I'm not compelled to sign an NDA, and I don't have to if I don't want to. I don't even have to read the email, I can just move it to my computer and let it sit there. I would probably zip it up and let the zip file show the date of compression. then I would bargain.
think of it another way. If GS is sending its lawyers to court to get a court order to compel google to do this, then they're already spending $50k in lawyer fees I bet ($500/hr * 100 hours add up). So this is a high value email. From my perspective, if they were to give me enough to pay off my mortgage, I would feel pretty happy and in my happy state would be amenable to entering a contract.
on the other other hand, I'm not going to sign a contract with GS lawyers without a lawyer of my own, so I'm going to have some costs on my side as well that need to be made whole.
so yeah, show me the money.
I'm going to weep when they get this power. Because it's Goldman Sachs and you know they will.
Sometimes the truth is arrived at by adding all the little lies together and deducting them from all that is known.
Why wouldn't you be allowed to sell sequences of numbers you have received in the mail?
Custom electronics and digital signage for your business: www.evcircuits.com
Good point. What if it's proof of illegal activity. The account holder should forward it to the police, several different news outlets, and wikileaks just in case. ;P
And then do it again using something other than Gmail just in case they put up a filter to prevent that.
As far as I'm concerned, Goldman Sachs totally screwed up by sending confidential information to a member of the public in the first place. Their error is not sufficient reason for Google to panic or violate the trust of their entire user base just to fix someone elses stupidity.
Can, Should, and Will Only Due So With A Valid Court Order are very different things.
;)
Sure they can, but how do you think every user of Google products will think if any company out there can say, "oops, didn't mean to send that, google, go fix my screw up and delete that from peoples inboxs."?
Should they do it? Maybe, but again, at this point we only have Goldman Sachs word that they 'should'. Maybe their entire story was fabricated and it was proof sent out by a whistleblower. Maybe it wasn't sent by a whistleblower, but it is proof of illegal activity that should be turned over to the appropriate legal or regulatory agency. We only have the companies word for it, and do companies ever lie about stuff like that?
So Google is going with "Will only due so with a valid court order" on this. Good choice. You won't piss off the customers because a court made you do it, and you won't get yourself in legal trouble because a court made you do it. Yep, this is the right choice if they have any functioning brain cells at all.
There's also a fourth option of just plain refuse. Claim the mail system is sacrosanct and it won't be messed with. Of course there are two big problems with this. First is almost nobody will believe you. Second is you are then looking at a big as legal battle you probably won't win because you are not the federal government. That's why I didn't list this one in the beginning, though I did mention it at the end to avoid having a million responses pointing this one out.
That's my say, disagree or whatever
Because now Google is censoring people's emails without a court order if the entity demanding the censorship is rich and powerful enough!
"[Regarding the 'cloud,'] ownership was what made America different than Russia." -- Woz
You're almost the only one addressing the legal-theory side.
Stepping aside from the technics, what becomes the theory for this?
"Material that is believed to be owned by the recipient but is in fact leased or rented may be removed by the lessor/provider if it causes reputational damage from the sender (and maybe to other parties?)"
Lawyers have a fun job. (Things to do with a 170 IQ). Take can take one word and use it to create billions of client dollars. There was that one other article in Rolling Stone about how Goldman Sachs borrowed one paragraph from their federal government bailout, jammed it into a 15 year old finance bill, and now they get to run oil pipelines while bidding on oil futures and stuff.
Or the one from earlier today where that review board authorized the NSA to keep spying by abusing the words "adequate" and "reasonable".
My first Journal Entry ever, in 8 years! http://slashdot.org/journal/365947/aphelion-scifi-fantasy-horror-poetry-webzine
So, give them 10k and save 10 times that on lawyers.
small minds think small. this email is very valuable to GS, or at least the costs of it getting 'out in the world' are very high. They're spending mad money on lawyers and they don't even know if anybody recieved or read it! It could be an old or unused account, or the email could be deleted right away.
now imagine if you're the recipient, and you let GS know not only that you recieved the email but that you know it's a valuable email and you saved a local copy. Now GS has crazy amounts of incentive to get you under contract to keep it confidential. I would be negotiating to get this amount.
true, they could try to do it the hard way, and sue you instead, or try to sic the cops on you, or whatever. But they know there will be a Streisand effect and even if they squash the email, the story of them going after the email will get in the wild which will be expensive in terms of bad press.
so i would say the guy with the email has some pretty good leverage, and he should use it to get as much as he can.
The mail is probably sitting in someone's pop3 inbox. Plus, when he received something obviously in mistake it probably got deleted. Either way, wouldn't it make more sense to contact the addressee and stress that the mail is proprietary and disclosing it would rain down a whole heap of trouble on the guy?
Wired had a story about what they thought you would need to send a message that could not be read if intercepted or I guess in this case misdirected. You would have to know a lot about encryption, use the deep web and more. The recipient would need to use the same methods.
A better translation of Rubiat 51 is:
The Moving Finger writes; and, having writ,
Moves on: nor all thy Piety nor Wit
Shall lure it back to cancel half a Line,
Nor all thy Tears wash out a Word of it.
Notice "Piety nor Wit". See http://www.gutenberg.org/files...
I am very sure Google lawyers will be pointing out to Goldman lawyers the exact clause and paragraph where Goldman pledged the everlasting life and soul of all the board of directors to Google when they clicked on the "accept" button of the EULA agreement of the Gmail.
sed -e 's/Chuck Norris/Rajnikant/g' joke > fact
Google could comply all they want, but it's laughably pointless if the unintended recipient has already read the email, possibly even downloaded it to their device via POP access or IMAP caching.
Can't wait for the forthcoming lawsuit where they try to make this unwitting recipient sign an NDA.
"To err is human, to forgive, beyond the scope of the Operating System."
Apparently not
No you couldn't. Well, I'm assuming you live with your wife and didn't steal the letter from her mailbox. The relevant law is 18 USC S 1702 "Obstruction of correspondence"
Notice that it includes taking, opening, and destroying, all equally. If it was a felony to open your wife's mail, it would be an equal felony to remove it from the mailbox and bring it inside. It's not a felony. Mostly because this only applies while the mail is in the possession of the post office. Contrary to a related urban legend, your mailbox is not considered property of the post office. Once the letter is placed there, it is considered delievered. Taking mail from somebody else's mailbox is considered "theft" which is not a federal crime. Some states make mail theft worse than regular theft, but it's stealing regardless.
Because the law is "delievered to the person to whom it was directed" it is may still be considered "obstruction of correspondence" if you open or destroy somebody else's mail, if it was delievered to you accidentially. However, the key is still that your intent was to prevent them from getting the mail, or to pry into their secrets. If you get a letter, open it, and realize "hey, who is this from?" you are not a felon. You still need to get it back to the post office so they can deliver it properly (if they put it in the wrong box) or return it to the sender (if the person has moved without a forwarding address), otherwise you are obstructing the deliever (this is the "secreting" part of the law). But again, the law requires intent. It's not a crime if you just forget to do it.
ASCII stupid question, get a stupid ANSI
or let me put it this way, they offer you $1000, and you say "no way dudes, I want $10,000 or the puppy gets exposed to the world". Next thing you're up on blackmail charges. They have their own lawyers already paid for, so using them against you is just business as usual for them.
Take the $1000 and don't be a dick about it.
It probably states in which shell account their CEO is storing his non-taxed gains or something like that.
This was an email about a test, not a test about an email. The email was a summary report on testing they had been doing on their "internal processes". AKA they had a new checklist or flowchart or whatever, and they were making sure that this new process meets the federal reporting requirements, while also not sucking (or whatever other requirements they have for an "internal process").
ASCII stupid question, get a stupid ANSI
If GS and anyone else for that matter who was going to send data that could result in ""needless and massive" breach of privacy." start insisting on encryption? I know my wife's company basically sends an email with a link, and you have to go log in to see the data.
They are sending this stuff over the internet where anyone along the line can read it
MAYBE, just maybe, if the financial companies started insisting on say a public key encryption method to send confidential data, ALL of us would be much better off (GPG anyone?)
-- 73 de KG2V For the Children - RKBA! "You are what you do when it counts" - the Masso
Fuck 'em. No sympathy for the devil.
When my Karma level reaches 0 I feel in piece with the Universe
Righto, unless you're renting your house from the postal service, or are using their "USPS bank" for your safety box, they are completely different entities, so I still maintain it's a bad analogy. Google owns both the post office and the safety deposit box where you put your letter.
Through a combination of carelessness and cluelessness, this employee managed to put hundreds of millions if not billions of dollars of customer funds at risk.
Sending information like this via email is where the mistake happened, not mistyping the address. Email is not secure even if it is sent to the right address you have no control over how it gets there and it could be easily intercepted and read enroute. Their reputation loss has already occurred by admitting that they use email for highly sensitive information like this.
no man, you just don't get it. here's how I would do it:
"hey, i hear where you're coming from, it's an easy mistake to make and I've done it before. And I understand that because it's so sensitive you're not comfortable unless you have an NDA in place. But if you want me to sign a binding contract then we need to come to an understanding of the value of my participation."
only a chump takes the first offer. if you ask for too much it's not like they're going to get offended and walk away.
FYI, the US post office considers itself the owner of your mailbox. That's why it's a felony to steal somebody's mail - you're stealing from their property. The analogy is actually pretty accurate - the "post office" owns the mailbox and only the recipient can remove stuff from it without a court order.
Citations: http://msgboard.snopes.com/cgi-bin/ultimatebb.cgi?ubb=get_topic;f=107;t=000617;p=0 and http://www.mackinac.org/5394. Both have a lot of people complaining about it but it seems to be true.
I have developed a truly marvelous proof of this comment, which this signature is too narrow to contain.
'Undo reputational damage' ? Exactly how is it undo? It would seem to me that this is EXACTLY the kind of repetitional damage they deserve.
Why the fuck do companies think that when they fuck up they don't have to take the associated hit that goes with it?
Persistent Volume manager for Kubernetes - https://github.com/dwimsey/openshift-pvmanager
You, sir, fail to recognize the difference between a house and a mailbox. Once you understand the difference, you'll see why the analogy fails.
APK quotes people (including myself) without context and should not be trusted. Just thought you should know.
Are you 12?
In a situation like this there is no need to say the threat out loud.
Lawyers are experts at blackmail without crossing the legal line into blackmail. In this situation the first place to go is a good lawyers office.
Offer the lawyer a % of the settlement, so he will truly rape GS for you.
John McAfee 'It was like that time I hired that Bangkok prostitute; to do my taxes, while I fucked my accountant'
sigh. it's sad that's where your mind goes.
why? it's not like we're dealing with a little old lady or a church. if goldman sachs wanted to cut a deal with me, why wouldn't I exploit that as much as possible? I have no inclination to do them a solid.
my brother, who works in finance, has a favorite expression for when he gets the extreme upper hand in a deal. "ripping their faces off".
What about a mail slot that is built into the house?
... :D) and apparently a mail slot built into the house is NOT property of the US Post Office.
Hmm I actually decided to read the article cited (thanks for citing it
All the world's a CPU, and all the men and women merely AI agents
first, you do realize what you suggest is called extortion, and it's illegal obviously. for a minute i was thinking that was your line but i guess not.
if goldman sachs wanted to cut a deal with me, why wouldn't I exploit that as much as possible?
if you saw someone drop $20 on the street, would you pick it up and walk away?
if you saw an unlocked car w/ a briefcase, would you open the door and take it?
if a business left their bank bag on the counter unattended, would you grab it?
if you were a used car salesperson and had the opportunity to unload a lemon on a young, first time car buyer, would you do it?
with your attitude, the answer to all these questions is "of course, why wouldn't I"? the reason you wouldn't is because you realize that we live in a society and despite laws and law enforcement and courts, it largely depends on people "doing the right thing" to maintain order.
for most of us, this is just ingrained in our personalities. call it empathy. we subconsciously put ourselves in the place of others and give it the "how would you like it?" test. i know this type of thinking is completely alien to you, but i just wanted to give you a little glimpse into how the humans think.
my brother, who works in finance, has a favorite expression for when he gets the extreme upper hand in a deal. "ripping their faces off".
i'd love to get your parents in a room and just tell them what a great job they did on you and your brother. clearly upstanding, pillars of our society you two are.
it's not like we're dealing with a little old lady or a church
GS is an investment firm that manages the money of many old ladies and churches, so yeah, you are dealing with them indirectly.
Yeah but... if it could be considered negligence of Google not to do a certain thing because it is their responsibility to do such a thing, then they wouldn't wait for the court to tell them to do it. They'd just do it. The very fact that they refuse point blank to do it without a court compelling them to do it, seems to indicate they don't think fiddling with people's mail boxes in any circumstances is "exercising ordinary care". And rightly so, I think.
Nothing in the story I saw said that Google disabled the email account until the court could rule on it. Maybe they did, but I didn't see it. The story said GS tried to contact the owner but they didn't reply. Presumably if they'd been listening they could have read the offending email, and then you'd be at their mercy of good will.
> if it could be considered negligence of Google not to do a certain thing because it is their responsibility to do such a thing, then they wouldn't wait for the court to tell them to do it. They'd just do it.
Nobody knows what a jury will decide. A judge or jury could nail them either way. If the information caused millions of dollars inlosses tfor thousands of Goldman customers, a jury could certainly decide that Google should have taken five minutes to prevent that from happening. Google is safe either way if they do as ordered by a court. Lacking a court order or knowledge of the future, they decided it was better to leave the email alone. That doesn't mean they were certain that they'd not be sued - just that doing nothing was not as bad as doing what Goldman asked.
meh. in this scenario they're asking me to sign a contract, something I'm by no means obligated to do. This contract puts me at risk for significant penalties. I want to be compensating for taking on this extra risk.
by no means would I ever shop around the info or try to sell it. I never said that. That would be unethical and unnecessary. If it said something controversial I may leak it to a news agency, but not sell it to them either. I'm an upstanding person. Aside from that, goldman can kiss my ass.
Then I demand Goldman Sachs to undo the financial crisis to avoid unneccessary reputational damage to myself.
There is an ad for gmail business on this page.
http://michaelsmith.id.au
Sack the incompetent staff member who sent the email, instead of "cheating" your way out of it?
Ah, its Goldman Sachs. Carry on cheating the system.
It is very likely that if the unsuspecting recipient were to have logged onto their Gmail account and checked for new e-mail that it would have already been in the Spam/Junk folder due to Google's awesome filters! I mean who in their right mind would think even if that e-mail was not marked as SPAM that it was not a forged Goldman Sachs e-mail. That and the fact that it had confidential client information. In this day and age with privacy and encryption, no one would have suspected this to be a legit Goldman Sachs e-mail.
The real question is: should the court order such an action, and under what conditions? Analogy alert: GS mistakenly sends me a letter by physical mail, then asks the post office (or asks a judge to order the post office) to send a mailman round, break into my house, and retrieve the letter. That clearly won't happen; worst case is that the judge would order me to surrender the letter. In case of email, is Google (under their terms & conditions and the letter of the law) allowed to "break into" my mailbox and remove the offending letter? And should they be?
You analogy would be better if the mail had been left in the mailbox, which is regulated by the USPS and Federal Law, and which the postman has rights to access.
So it would be more like:
GS sends you a letter by mistake. They get a court order to order the USPS to remove it from the mailbox that they put in it, which happens to be yours. The postman then looks at the contents of the mailbox, verifies it is still there, and then removes it, sending it back to the sender or as otherwise directed by the courts. If, however, you checked your mail and took the mail out and into your house, then there is nothing for the USPS to do - it is no longer in the mailbox. If, however, you keep all your mail in your mailbox then the USPS would be within their ability to remove it from the mailbox.
So, to keep all your e-mail on Google's servers (or any ISPs servers) opens up the opportunity for this to happen. To keep the opportunity from happening then you need to download your e-mail from anyone else's servers and store it locally, deleting it from the providers servers after you have your local copy.
Alternatively, you can rent your own server and host your own e-mail server; but then you get into another situation in which the service you are renting from may be required by the courts to turn over the server to the courts, or get shutdown and you've now lost everything except what you had backups for. And yes, that has happened where the FBI shutdown a hosting provider and took all the servers in order to get to one of their clients; everyone else was screwed for a while.
Truth is like the sun. You can shut it out for a time, but it ain't goin' away. - Elvis Presley (source: imdb.com)
Goldman Sachs core business data/info ..., looks like they don't own a/o act responsible for the data. Goldman Sachs should be fined for the core-business data breach by their contractor, and rehab their core-business model. Goldman Sachs has become just another brand-name that contracts out their core-business requirements ... much like many others in the .Gov, .Mil, .Com domains. They are in name only an institution without actual substance. IMO
Unaccountable leaders are masters, and unrepresented people are slaves. How do US and EU fare?