- Case Number: a20140925.1
- Status: closed
- Claimant: CAcert
- Respondent: Werner D
initial Case Manager: EvaStöwe
Case Manager: MartinGummi
- Date of arbitration start: 2014-09-25
- Date of ruling: 2014-09-25
- Case closed: 2014-09-25
- Complaint: Dispute for privacy violation
- Relief: TBD
Before: Eva Stöwe (A), Respondent: Werner D, Claimant: CAcert (C), Case: a20140925.1
- 2014-09-25 (issue.c.o): case [s20140925.7232]
- 2014-09-25 (iCM): added to wiki, request for CM / A
- 2014-09-25 (iCM): notified R about case
- 2014-09-25 (CM): I'll take care of this case and select Eva Stöwe as (A)
- 2014-09-25 (A): init mail to R
- 2014-09-25 (A): send ruling to R, CM
- 2014-09-25 (R): informs iCM that it may be a good idea to tread this case, soon
- 2014-09-25 (CM): case closed
Link to Arbitration case a20140925.1 (Private Part), Access for (CM) + (A) only
EOT Private Part
Hello Arbitrators, by mistake I forwarded a support mail directed to my own address [email-address] to firstname.lastname@example.org instead of email@example.com as intended. I immediately deleted this mail from the archive of firstname.lastname@example.org but the emails went out and cannot be reverted. I am sorry for this.
Part in  anonymised.
The dispute shows the following:
R is a support team member and was addressed with a support case via his personal mail address. He wanted to forward it to the support address, so that it could processed correctly.
Doing so he seemed to have accidently send the mail to a mailing list that is named in a similar manner. By this he violated the privacy of the data of the person who had asked for help, without intention.
After he discovered the error, he tried to contain further privacy violations by deleting the mail from the archive of the mailing list. He also filed the dispute against himself.
There is no reason to assume, that the mail was send by intention. Also neither (A) nor (CM) can think about any sensible action that could prevent likewise mistakes. R is an experinced support member and is not known to do such mistakes regulary.
The deletion of the mail from the archive was done with intention. Something like this should not be done regularly. However there is a precendets case that allows for this in special cases:
A single post to CAcert mailing lists may be removed by support personnel or mailing list owners if one of these conditions are given: * The original author of the post requests the removal of the post for a valid reason. Support personnel and mailing list owners decide whether a given reason is valid. Typical valid reasons include "accidential posting" and "disclosure of confident data". * Anyone claims personal data concerning him-/herself is published in a posting, and the original author agrees the deletion of the post. * An emergency action is necessary, as outlined in the deliberation, subject to confirmation by an Arbitrator. * For completeness: An Arbitrator rules so in a regular Arbitration
The first point applies. The deletion was appropriate for the given situation.
- R violated the privacy of a member by sending the mail to the mailing list. However this was not done by intention and he did everything possible to contain further privacy violations based on the sending of the mail. He also filed the dispute for this case. Both actions show, that he is seriously sorry about his error.
- As there is nothing known to prevent the mix-up of two mail-addresses and R probably had managed to select the correct one in a lot other cases, as he is a well known support team member, no action against R is ruled in this case.
- The deletion of the mail from the mail archive was appropriate and authorised by a20101025.1.
- If not already done, R should inform the affected member about his error.
In the train between Hannover and Bielefeld, 2014-09-25
removal of posts from mailing list
removal of post on mailing list
Please remove post