British Judge Uses Personal Email To Send Details of Sensitive Court Case

New submitter evolutionary shares a report from The Register: Concerns have been raised over a British judge's use of his personal email address to send out a ruling in a family court case, which contained sensitive personal information. The Register has seen evidence that the judge in question used two personal accounts to send out a draft ruling and final ruling: one using a domain owned by his son and another email account associated with iCloud. The use of personal email seems highly unusual - with all government departments subject to the mandatory guidance for securing government email. [One legal expert, who asked not to be named, told The Register that the judge's behavior raised a number of issues such as a possible breach of mandatory standards, and "may pose a risk to the organization he works for and those he interacts with outside the organization."

evolutionary adds: "The article doesn't specify the tone suggests emails sent were unencrypted."

Can we please stop letting children post stories

BeauHD never seems to fact check or spell check anything he posts, can he please not be allowed near the submit button.

Judge too stupid to understand technology

[Opportunist]

Story #36/2017...

The only thing that really scares me is that these are the people that make legally binding decisions about IT, and they prove again and again that they are by no means qualified to make such decisions.

Re: Judge too stupid to understand technology

[dougdonovan]

judges are smart enough to keep their salary. they dont need to know IT. they have people to do that for them but we have known that for years.

Re:Judge too stupid to understand technology

[Chrisq]

Story #36/2017...

The only thing that really scares me is that these are the people that make legally binding decisions about IT, and they prove again and again that they are by no means qualified to make such decisions.

Who'd have thought it. A British judge who's obviously fully qualified to sit on the bench in an East Texas patents court

Re:Judge too stupid to understand technology

[Mr+D+from+63]

Story #36/2017...

Stupid = Yes
News = No

Re:Judge too stupid to understand technology

[s_p_oneil]

As I mentioned in a separate post from my cell (which wasn't logged in), this is an almost hidden feature in Mac mail.

If you try to send an email from one email account (e.g. your "I'm a judge" account), and Mac mail fails to send it through that mail server a certain number of times, it can automatically decide to "help" and send that email through one of your other accounts (e.g. your "I'm also a dad" account or your "I also use iCloud" account). My wife just became a lawyer, and this happened to her a few times. She freaked because she can be dis-barred for that, and when she figured out what was causing it, she had to stop using Mac mail for professional/work emails.

The only real surprise is that the Mac mail app hasn't been outright banned by all companies everywhere. I know software developers who work on Macs have mentioned having the same problem when I asked about it (which makes it a lot less likely to be user error), and they couldn't find any way to disable this "feature". For the most part, they're stuck with using Outlook for business and Mac mail for personal.

Re: Judge too stupid to understand technology

[Opportunist]

Then I guess they should fire those people and hire better ones. The average 10 year old knows better than that.

Re: Judge too stupid to understand technology

[volodymyrbiryuk]

The average 10 year old will Twitter, Facebook and Instagram her/his stuff publicly. Still no excuse for the judge's behavior.

Re:Judge too stupid to understand technology

That is an interesting feature that, as a user of mac mail with multiple email accounts for the last ... decade? have never encountered.

I *have* encountered the failure to send and you *can* select to send from a different account. However, my mother isn't very tech savvy and when she gets a fail to send problem is unable to figure out how to change that.

Anecdotes, yadda yadda, but other than some anti-Apple rhetoric (suggesting Mac mail should be banned) you offer nothing other than anecdotes to support your contention that it will do this hidden from the user. I call BS. A user with multiple accounts can easily forget which one they are sending from -- and I'll stick with Occam for how emails get mis-sent. It isn't a crime to be human, but so many people have trouble accepting that they made a mistake.

Re:Judge too stupid to understand technology

Yeah I'm not a mac user but this sounds dubious. Perhaps there was some point in time where a prompt came up and asked "Would you like to try using a different account wen sending emails blah blah blah" (make it sound good/succinct) and the user hit "Yes" for whatever reason. Then, 7 years later they pass the bar and get their 'official' account, and maybe this setting transfers automatically to that account as well, and they're none the wiser.

Mac or not, I'm of the opinion these kinds of prompts need to be asked every 6 months. It's a nuisance, but this is a good case for affirmative, repetitive consent. These quality of life and convenience settings do a ton of stuff these days, and users only see a dialogue box once. Yeah, syncing everything to the cloud sounded like a good idea when the sales rep was talking about contacts, calendar and photos. And then some years after the fact hackers have your sexy selfies and TheFappening happens. People rage against the hackers for not having morals when they should have been raging against a system that posts 100% of your personal data to the internet where you should just assume 100% of everything posted is public. That case also happened to be centered on Apple/iPhones but it could just as easily have happened to anyone else, because the targets are celebrities and their sexy selfies are worth $$$$$ to whoever can get them.

Re:Judge too stupid to understand technology

[dwye]

This has nothing to do with technology. His ruling, which is a public document except in national security cases (even there, maybe, after whatever the wait for Official Secrets document - an American Revolutionary spy was outed in the mid-1960s, so it seems that about 175 years is the current figure) had sensitive information in it, which it shouldn't have had, unless the ruling rendered the "sensitivity" moot.

This is a judge too careless to understand "sensitive information" is supposed to be bandied about in public.

Re:Judge too stupid to understand technology

[dwye]

This is a judge too careless to understand "sensitive information" is not supposed to be bandied about in public.

There. Fixed it for me.

Re: Judge too stupid to understand technology

This has nothing to do with technology. His ruling, which is a public document

No. RTFA. This was a family court ruling. Proceedings are public but the specific content of all submissions, evidence and rulings still defaults to private.

Sounds like the judge needs to take his personal mail accounts off his work computer to avoid this kind of mistake in the future.

This is a Mac mail "feature"

This is a Mac mail "feature". My wife is a lawyer, and she's had Mac mail send emails is ng the wrong account. Apparently, it does this automatically if the send fails through the first account you choose. Some of my co-workers have had the same problem, and came to the conclusion that Mac mail should never be used for anything but personal email.

Re:This is a Mac mail "feature"

[guruevi]

No it doesn't do it automatically. Your wife is a moron as Mac Mail automatically chooses the right account based on current mailbox selection or previous interaction with the recipients.

If anything, you can just disable the personal accounts on work computers if sensitivity is an issue because at some point, someone will send an installer to your wife in her personal account and she will open it and install it and type in the admin password and have some malware on it.

Re: This is a Mac mail "feature"

So it doesn't do it but you can disable it...

Re: This is a Mac mail "feature"

[timftbf]

It doesn't do it *for the reasons originally stated*, to the best of my knowledge.

What it does do by default is try to pick the "best match" for the destination. I have a gmail account, which I had to have to get access to a Google calendar, and I do occasionally use as my emergency password recovery email. It's not my primary email, and it's not set up on all my devices.

At some point, Apple Mail started sending from that account if any of the people I was sending to were on gmail. It took a few days of ranting at people to please reply to my real address, not my gmail one, before I worked out I was sending stuff wrong.

Once it's picked an account, I've never seen it fall back to a different account due to delivery difficulties.

Re:This is a Mac mail "feature"

[s_p_oneil]

While I won't disagree with the "your wife is a moron" part, you're still wrong.

"Mac Mail automatically chooses the right account based on current mailbox selection or previous interaction with the recipients."

That is true unless Mac Mail tries to send the email from that account multiple times without success. If you're still watching the screen, you will see it up a window to ask if you want to retry with the same account or try sending from a different account, but if you're AFK, if the lid is closed, or something along those lines, it can switch accounts and send the email from the wrong account without asking. As I mentioned in my previous post, this has also happened to co-workers. We're all software developers, and two of them work exclusively on Macs. You can try to claim that we're all morons, but you'd still be wrong.

In this case, I suspect it's not the judge who screwed up. It's the IT staff that couldn't keep his office mail server up (and the same IT staff that didn't warn him not to use Mac Mail for work emails).

Re:This is a Mac mail "feature"

[guruevi]

I've never seen that happen, if it can't send the e-mail from the address I've tried, it will sit there and wait until I press OK to send with another server (not unique to Mac Mail either, Thunderbird does the same thing).

Even with a different e-mail server, your From address should stay the same (if you have a proper SMTP server). Eg. when I click "Send with Gmail" it politely refuses because now my From address doesn't match what Gmail SMTP accepts. I know Exchange can silently rewrite addresses on their end, perhaps that's where things go wrong?

Re:This is a Mac mail "feature"

I don't think you are a moron. You are just unwilling to accept that you made a mistake. Accept being human. Be happy.

Re:This is a Mac mail "feature"

[s_p_oneil]

I've seen it happen with test emails I've tried to send from her Mac. I'm a software developer, so I'm really anal when testing things like this. I made absolutely certain her "@bellsouth.net" account was selected, I double-checked the "From" address in the Outbox after attempting to send it, and when I checked the next morning (with no one touching the Mac overnight), the Sent Items folder showed the "From" address under her "@gsu.edu" account. It doesn't just try a different server, it actually changes the email to another account automatically it if the retries fail for too long a period of time.

I've had two developers who write code on Macs every day confirm that this had happened to them as well, so it's not just my wife's Mac. I suspect most people don't notice this because it's unusual to lose access to your mail server for that long. If it happens to you once in a blue moon, you will assume you made the mistake yourself (which is only natural). It's only when it happens to you consistently that you dig until you find the culprit.

Re:This is a Mac mail "feature"

[guruevi]

As I said, I've only seen it happen where Exchange will rewrite the header when sending through their accounts. Since gsu.edu is handled by Office365, it's very likely that is the culprit. Proper SMTP should refuse to send if the From header isn't allowed to send, Exchange and/or Gmail API will often rewrite the mail on their end, so yes, in your sent folder you'll see the rewritten header because your provider has rewritten the e-mail.

It's a big issue for me because I have multiple subdomain on one of my Office365 accounts and even though I'm "permitted" to send as @example.com and @sub.example.com, Exchange/O365 will simply rewrite it to the primary @example.com after it has sent.

Re:This is a Mac mail "feature"

[s_p_oneil]

I get what you're saying, but the fault still lies with the mail client. It's not like the server noticed the email stuck in the client's Outbox and said: "Oh, please let me send that for you!" The client had to go out of its way to try sending that email through the GSU server. I get the whole "Neither snow nor rain nor ..." concept the Apple devs were probably aiming for, but it can literally get people fired, so it needs to be a feature you have to consciously enable (not a feature that's automatic and there seems no way to disable).

OTOH, since it has such a big impact on lawyers and judges, they could probably bring a great class action suit against Apple for this. I'm not going to suggest that to my wife though (just in case). I don't particularly like Apple, but I don't hate anyone enough to wish a lawsuit on them. ;-)

I bet he also printed stuff out, unencrypted

You know, where everyone who got hold of the sheet of paper could have just read it. Email isn't public.

Judge probaly did nothing wrong - a defence

[outlawuk]

The Gov in the UK set up a free email system for lawyers which allows the sending of 'Restricted' level material, which in reality is everything generated in the criminal justice system. In order to defend clients and receive electronic material from the Crown Prosecution Service, or to prosecute as a self-employed independent prosecutor, it is necessary to obtain a secure Gov email address. Not always easy, the system has many issues, is slow and has a tiny mail storage allowance. The significant feature of the system though is that you can ONLY send to or receive from other systems with 'Restricted' (or the newer 'Confidential' level) access. So cjsm.net can contact other CJSM users, police.pnn.uk, any gsi.gov.uk (also gsi-x ) address etc. but you Cannot contact ordinary people. Legal Aid has been removed from many (most) classes of criminal/civil/family hearings, due to cuts, which leads to a truly desparate situation for many, so it is likely that the parties in this case were ordinary unrepresented clients who obviously would not have access to a 'Restricted' level email service. In fact not all lawyers use it either. There is a valid question about security in that anything sent via secure mail is stated to be subject to potential for being read by others. GCHQ? MOJ? Their contractors? Encryption by the user is absolutely forbidden. When I last looked, the webmail encryption was using old/poor quality/deprecated versions. Consequently many private lawyers just refuse to use the Gov email system. The MOJ were encouraging lawyers to use the CJSM system generally for their day to day inter-firm communication, but for this reasons I believe the idea died a quick death. Apart from that security concern, most judgments of the Courts are available to the public in any event, albeit family proceedings with childrens names would not. What I am trying to explain is that the Judge has probably not done anything wrong. Judges do have their own, parallell, 'restricted' email system and I'd be reasonably confident that it works exactly like the cjsm.net system, hence in order to email something to a litigant-in-person, the only way to do it would be via ordinary email. Fax is often no longer an option because of a recent slash-and-burn policy to remove every fax machine in Government existence! Quite crazy reaqlly. I suppose client/litigant consent would be relevant. Did the judge ask if they were content? Judges are often criticised for lack of understanding of the World and lack of diversity and I firmly believe that in some cases the correct applicants are not being appointed, but in this instance I suspect this is an unfair criticism, directed at an easy target that cannot answer back.

Re:Judge probaly did nothing wrong - a defence

paragraphs are your friend. why do you hate them?

Re:Judge probaly did nothing wrong - a defence

Apart from failing to indent the first line paragraphs were used correctly. The post is one paragraph, broken up into valid sentences.

Re:Judge probaly did nothing wrong - a defence

Confidential was on the old protective marking scheme same as Restricted. Both have been retired now, the new scheme specifies Official, Secret & Top Secret.

Re:Judge probaly did nothing wrong - a defence

Bullshit. That post would fail grade school English for not properly using paragraphs.

Re:Judge probaly did nothing wrong - a defence

[coofercat]

Nothing wrong? I'll let a judge be the judge of that! (and if we can't find one, then we'll settle for the Daily Mail)

Re: Judge probaly did nothing wrong - a defence

This. A thousand times this. I have worked in the UK criminal justice system and have had a CJSM and GCSx account.

Neither can send email to any account which is not part of this network.

Essentially you can either follow procedure, or you can do your job. You can't do both.

Re:Judge probaly did nothing wrong - a defence

[Calydor]

It is also completely unreadable. Besides, have you tried indenting a paragraph in HTML since, well, ever?

Who does the judge think he is?

[Nova+Express]

Hillary Clinton?

Encrypted?

But I thought that's only for tarrists, drug dealers and child porners! Not for honourable people. Those have nothing to hide, no, Sir!

Re:Encrypted?

[Errol+backfiring]

I think that if you look at a drug dealer's income, you will find him very honourable.

Re:Encrypted?

:-)

And there's a few honourable child porners, especially in the UK, it seems.

Re: Encrypted?

what the fucking is a tarrist? I tar, therefore i am.

So, Just like the US secretary of state?

Seems to be the normal way to treat confidential information these days.

Re:Can we please stop letting children post storie

[jandersen]

Why all the BeauHD hate around here? I watched one of his videos on YouTube and he seems like a nice enough guy. You trolls should just lay off and get a life.

I agree, there is no need to spew poison. That said, though, I find BeauHD deeply annoying - he seems to mainly post references to superficial pop-science with big, glossy pictures that stretch all across the screen and a gawping, "wow, cool" style of wording, and presenting old knowledge as some fantastic, new discovery. He probably hasn't realised that there are many non-sales people on slashdot, or perhaps he just doesn't care.

Re:Can we please stop letting children post storie

Those pop sci types of stories are much better at generating discussion, which is, after all, what this site is all about. Posting the "real science" stuff you seem to be asking for would be of interest to relatively few around here.

evolutionary adds what?

[wonkey_monkey]

evolutionary adds: "The article doesn't specify the tone suggests emails sent were unencrypted."

Can we have that in English?

Re:Can we please stop letting children post storie

He may very well be a nice guy. That is not the point. He is supposed to be an Editor; Editors edit. They check for spelling and grammatical errors, structure articles so that they are easy to follow, and make at least an attempt at fact checking.
Take theRegister for instance, where this story originated. They have taken Editorial Stances in the past that have irritated their audiences, but they do a pretty good job at actually Editing. They also have something else that Slashdot has lost- A sense of humor.... um... humour.

That mangled observation by "evolutionary" is _still_ there, hours later. It just shows how little attention is paid once a story gets posted. This is unprofessional.
We don't expect the Editors here to be experts on all the articles posted here; Technology has a wide and deep reach. But BeauHD doesn't seem to have _any_ technical knowledge, doesn't seem to have any qualifications to be an Editor, and doesn't seem to give a damn.
Just how did he get this job anyway, and just why does he still have it?

Hilry

v2.0

Of course they were unencrypted...

...the British are going through a phase where encryption = literally Hitler.