* Case Number: a20101025.1 * Status: closed * Claimants: Chris G, Frederic S (C2) * Respondents: CAcert * Initial Case Manager: UlrichSchroeter * Case Manager: JoelHatsch * Arbitrator: BernhardFröhlich * Date of arbitration start: 2012-03-24 * Date of ruling: 2012-12-16 * Case closed: 2013-11-13 * Complaint: removal of posts from mailing list * Relief: See ruling Before: Arbitrator: BernhardFröhlich (A), Respondent: CAcert (R), Claimant: Chris G (C), Frederic S (C2), Case: a20101025.1 <> == History Log == . 2010-10-25 [[https://lists.cacert.org/wws/arc/cacert-disputes/2010-10/msg00007.html|cacert-disputes@l.c.o direct post]] . 2010-11-11 (iCM): added to wiki, request for CM / A . 2011-04-25 (issue.c.o) case [s20110425.146] . 2011-04-26 (iCM): added to wiki, request for CM / A, cc (C) . 2011-04-28 (C): requests address of the domain owner . 2011-04-28 (iCM): escalating to (DRO), (Board) . 2011-04-29 (iCM): notification to (C) regarding escalation to (DRO), (Board) . 2012-03-24 (A): I've picked up this case, JoelHatsch will be Case Manager. . 2012-03-24 (A): Sent initial mail to C, asking for acceptance of DRP till 2012-04-07. . 2012-03-26 Marek M, Claimant of [[Arbitrations/a20120117.1|a20120117.1]], proposes to merge a20120117.1 into this case. . 2012-03-27 Frederic S points out that he has a similar problem and wants to be added as an additional Claimant . 2012-05-18 (A): Sent mail to Arbitration mailing list proposing to create a precedence ruling for this and similar cases. . 2012-05-18 (A): Sent mail to mailing list operators asking for opinions and technical options to avoid mails being indexed by search machines. . 2012-05-19 The iCM forwards some mail communication that indicates that the original claim was already satisfied (the posts were deleted) on order of the CAcert Inc. board around 2011-05-02. The communication has now been added to private page of this case. . 2012-12-16 (A): Ruling is given == Original Dispute, Discovery (Private Part) == * Link to Arbitration case [[Arbitrations/priv/a20101025.1|a20101025.1 (Private Part)]] <> ==== EOT Private Part ==== == Discovery == * 2010-11-10 (iCM): dispute not filed thru (Support) channel * 2010-11-10 (iCM): users email not found as CAcert account * 2012-03-27 The mail/thread referenced by C2 was initiated in mid 2008 by using the web site's contact form. * The original claim of C was already satified by deleting the posts on order of CAcert Inc.'s board around 2011-05-02 === Technical Options === ''Extracted from the answers of list owners to mail sent 2012-05-18'' * There are some protection mechanisms from mailaddress harvesters, but most of them won't protect from something like Google alerts or similar search engine mechanisms * robots.txt and/or some of the protection methods may be used to prevent search engines from indexing the archives. * There seems to be no simple way to add specific access restrictions to single mails in an archive === Other proposals === Modifications to contact form to reduce accidential forwarding to Support List: * Tag the mails sent using the contact form by type of request [[https://bugs.cacert.org/view.php?id=795|Bugtracker case 795]] * Switch the two forms on the contact page so the form for confident data is on top. Typically a novice user will use the first form which jumps to the eye. Defining that one as confidential one increases load on Support but reduces confidential posts on Support List. == Deliberation == === Overview === . In general, posts to mailing lists are subject to [[https://www.cacert.org/policy/CAcertCommunityAgreement.php#1.3|Section 1.3 of the CCA]], that is they "can be used freely by the Community for CAcert purposes". . For mailing lists, publishing messages to other subscribers of the mailing list and archiving the messages for later research is considered as an essential purpose. In case of Public Lists this also includes making archives available for external indexing (let's call it "Google" for sake of simplicity). . Nevertheless errors and misunderstandings happen, for examples when a users accidentially selects the wrong target address for a message with sensitive content, or a user is not aware of the public nature of a mailing list. It is considered fair that CAcert helps its commuity members as well as non related persons to reduce the impact of such errors, as long as operations of CAcert are not unduly impaired. This may be concluded from the "We do not act to the detriment of NRPs" statement, as well as from the "We strive to provide security. This means that we cooperate in securing ourselves and others." statement of the [[http://svn.cacert.org/CAcert/principles.html|CAcert principles]]. . Please note that this Arbitration does not adress standard maintenance of a mailing list. If, for example, a mailing list policy states a maximum archival time of postings then postings exceeding the archival time may be removed without further notice. === Emergency Actions === . For all list types emergency actions by support or the list owner may be necessary, for example if obviously confidential information is posted unneccessarily, an act of vandalisation has to be fixed. Or some external party with authority (courts, lawyers or similar) demand deletion of a post. . If removal from the mailing list's archives is not explicitly authorized by the rules below, the list owner may delete a post as an emergency action. In this case a dispute must be filed to get this emergency action authorised. A copy of the deleted post must be archived by other means, for example by attaching the post to the dispute filing, until a ruling on the emergency action has been given by an Arbitrator. === Public Lists === . Public Lists are all CAcert mailing lists which have archives that are publicly accessible. Usually they can be subscribed by everyone without any further confirmation. Examples are cacert@cacert.org or cacert-policy@cacert.org. . Removing a post from a Public List archive usually helps only marginally since posts often are mirrored in other archives, like gmane.org, which are not managed by CAcert. So the prime responsibility is on the user, to avoid such a situation. . If the author of a post requests the removal of a post from public archives, her reasons should be evaluated benevolently by Support and the list owner. If the reason is considered valid the post may be deleted from the archive without opening a dispute. Of course the author of a post may opt to open a dispute if her reasons are considered not valid. . If anyone claims that private data of her own has been published on a public message list by someone else, this should be handled like an Emergency Action unless the claim is obviously unjustified. That is the post should be deleted but archived otherwise. If the original author's consent to deleting the post can be achieved within one week of the emergency action, opening a dispute for authorizing the deletion is optional. But of course a dispute against the author for publishing confidential information should be considered. . If a list owner notices posting of personal data on a Public List, an Emergency Action like described above should be considered. If the original author's consent to deleting the post can be achieved within one week of the emergency action, opening a dispute to authorize the Emergency Action is optional. . '''Note''': It is not CAcert's, but the original author's responsibility to remove posts from mirror servers! CAcert should support the original author in this task if resources are available. === Restricted Lists === . Access to Restricted Lists' archives is restricted to users which have accepted the Community Agreement. They may not be mirrored on other servers. Examples are cacert-arbitration@cacert.org or cacert-members@cacert.org. . These lists are the least critical as far as accidential posts are concerned. Since the subscribers accepted the CCA they are also bound by the [[http://svn.cacert.org/CAcert/principles.html|CAcert principles]]. This includes that security breaches in form of accidential posts must not be exploited and personal information must be kept confidential. . Nevertheless a user may want to have her post removed from the list archives for some reason. . If the author of a post asks for her post to be removed from archives Support and/or the list owner have to decide if the user's reason is plausible enough to do this without opening a dispute. A valid reason for example is an obviously accidential post, which is not related to the list's topic. If there are doubts about the validity of the request, a dispute should be preferred. === Support List === . The "Support List" is defined as the target of messages which are sent using the web form on https://www.cacert.org/index.php?id=11 for "non confidential data". Currently this is cacert-support@cacert.org. . At the moment the Support List is a public list. Everyone may subscribe, archives are publicy accessibly and indexed by Google. This was intentionally done so to allow (potential) users of CAcert an easy way to research solutions for their own problems. Everyone was allowed to join to give the mailing list a broad basis of users. . The main problem is that, though the web form explicitly states that the message is sent to a public mailing list, this is a somewhat unusual approach. All three posting connected to this Arbitration Case, and several others, concern postings on the Support List, where users were surprised that they could google their support requests. . Since many mails to support@cacert.org are forwarded to the Support List, there is an increased probability that a mail containing sensitive data is forwarded in this way accidentially. This is the problem in one of the related cases below. . From this background I have come to the conclusion that the distribution of the Support List should be somewhat reduced. In the ruling I try to set not the actions but the goals, to allow implementing better ideas. But the ideas in my mind were: * '''Restrict access to the list archive to subscribers only.''' This avoids the archive being indexed by Google. Still subscribers of the mailing list may search the archives by using the features provided by the Sympa server. * '''Set a "non-disclosure" policy for subscribers of the Support List.''' Such a non disclosure policy may be stated at the information page shown to a potential user before subscribing. Personal or other sensitive information may only be forwarded outside the list if necessary to fix the problem and the recipient is also bound by this policy. Ideally the subscribers should also be bound into Arbitration, but that's not a hard requirement by this ruling. * '''Disallow external mirroring.''' This should be part of the list policy, otherwise a non disclosure doesn't really make sense... . Nevertheless the contact form on the website should be technically improved, some proposals are listed in the Discovery section. == Ruling == . As outlined in the Deliberation I have come to a ruling: === Precedence Ruling: Removal of Posts from CAcert Mailing Lists === . A single post to CAcert mailing lists may be removed by support personnel or mailing list owners if one of these conditions are given: * The original author of the post requests the removal of the post for a valid reason. Support personnel and mailing list owners decide whether a given reason is valid. Typical valid reasons include "accidential posting" and "disclosure of confident data". * Anyone claims personal data concerning him-/herself is published in a posting, and the original author agrees the deletion of the post. * An emergency action is necessary, as outlined in the deliberation, subject to confirmation by an Arbitrator. * For completeness: An Arbitrator rules so in a regular Arbitration . Removed posts shall be recorded on this page for statistic reasons. This is to allow followup rulings in case any special patterns can be identified. . The restrictions given here do not apply to standard maintenance actions of a mailing list. === Modifications to the Support List === . The Support List as defined in the deliberations shall be modified so that the archives of the list are only accessible to users which have agreed not to disclose confidential information gathered on the Support List. === Action Order / Authorisation of Emergency Actions === . The removal of the post referred by C was in accordance to the Precedence Ruling (author's request on a valid reason) and is hereby authorized. . The post referred by C2 shall be removed from the Support List's archive. Though strictly speaking it does not contain private data, it contains very detailed data of the domain and links C2 to the domain. The post is not essential for the archive's goals. Munich, 2012-12-16 == Execution == . 2012-12-16 (A): Sent mail to Support List owners to remove the post referred by C2. . 2012-12-17 List Owner of Support List replies and confirms that the post has been deleted from the archive. . 2013-01-19 Procedures for deleting mailing list posts are created in the [[Support/Handbook/PrecedentCases/a20101025.1|Support Handbook]] . 2013-03-20 Received notification that a mailing list policy has been chosen and published on subscription pages and mails. . 2013-11-13 The case is closed now. === Statistics === . The statistics have been moved to [[Arbitrations/Audit/a20101025.1|Arbitrations/Audit/a20101025.1]] please continue logging cases there. <> . ''[[Iang]]: Ted, can we move this Stats page to a wiki page of its own?'' . ''[[BernhardFröhlich]]: Of course, any proposal? https://wiki.cacert.org/Arbitrations/Stats/a20101025.1?'' == Similiar Cases == || [[Arbitrations/a20090913.1|a20090913.1]] || [[Arbitrations/a20090913.1|user want that we remove his name and email from lists archive]] || || [[Arbitrations/a20120117.1|a20120117.1]] || arbitration case against myself to remove mailing forwarded to public list || || [[Arbitrations/a20120518.1|a20120518.1]] || Please remove post || ---- . CategoryArbitration . CategoryArbCaseSystemTasks . CategoryArbCaseOthers . CategoryArbCaseExternal