Showing others your e-mail
It's fairly easy (if you know how) to gain access to and read others' Webmail without permission, either legally or not, notes Jeremiah Grossman, founder and chief technology officer at WhiteHat Security, which tests Web sites for vulnerabilities. "Webmail should never be considered private, ever," he says. "It can be read in many, many different ways," including rogue customer service reps at the e-mail provider, law enforcement with a subpoena or a national security letter, or a curious hacker sniffing packets on the Internet.
It was simple for the SANS Technology Institute to get a subpoena when it noticed a Gmail user was stealing its exam questions and posting them on the Internet, says Northcutt. People think that just because they don't use their real name or identifiable information in their e-mail sign-on -- using some obscure jumble of numbers and letters instead -- that no one can tie it back to them. "Of course, we can," says Northcutt. For example, an ISP can be subpoenaed to reveal the contact information that a person used when signing up for the account.
Google Privacy Policy Sample clause: "When you sign up for a Google Account or other Google service or promotion that requires registration, we ask you for personal information (such as your name, email address and an account password). For certain services, such as our advertising programs, we also request credit card or other payment account information which we maintain in encrypted form on secure servers. We may combine the information you submit under your account with information from other Google services or third parties in order to provide you with a better experience and to improve the quality of our services. For certain services, we may give you the opportunity to opt out of combining such information."
Yahoo Privacy Policy Sample clause: "Yahoo! collects personal information when you register with Yahoo!, when you use Yahoo! products or services, when you visit Yahoo! pages or the pages of certain Yahoo! partners, and when you enter promotions or sweepstakes. Yahoo! may combine information about you that we have with information we obtain from business partners or other companies."
Microsoft Online Privacy Statement Sample clause: "Microsoft collects and uses your personal information to operate and improve its sites and deliver the services or carry out the transactions you have requested. These uses may include providing you with more effective customer service; making the sites or services easier to use by eliminating the need for you to repeatedly enter the same information; performing research and analysis aimed at improving our products, services and technologies; and displaying content and advertising that are customized to your interests and preferences."
Those of us who spend a lot of time working with online and offline technology tend to shrug when confronted with bothersome details such as manuals, EULAs, and privacy policies. However, if you take a few minutes to really read them, you may find that the privacy policy of your Webmail service provider may include a few provisions that you want to at least be aware of. Here are links to the privacy policies of the Big Three Webmail providers -- Google, Yahoo, and Microsoft -- together with a sample of what they contain. Forewarned is forearmed.
IDG Member Login
VeCommerce Launches Top Ten List of Personal Security Breaches In Lead Up to National ID Fraud Awareness Week 2008-10-07 15:10:00+10
Multimedia Technology signs exclusive National distribution agreement with Freecom 2008-10-07 14:30:00+10
Symantec State of Spam Report - October 2008 2008-10-07 11:58:00+10
AIIA to Reward Sustainability and Green IT Champions at the 2009 iAwards 2008-10-07 11:56:00+10
WD Unveils Affordable, High-Capacity Network Storage For Small Offices And Homes 2008-10-07 11:40:00+10
