= Incident i20140814.1 =
  * Incident Number: i20140814.1
  * Status: execution
  * Incident Manager: BenediktHeintel
  * Date of incident opened: 2014-08-14
  * Date of incident closed: 201Y-MM-DD
  * Incident title: Attempted privacy data breach


== History Log ==
 . 201Y-08-14: Incident i20140814.1 created
 . 2014-08-14: Full names in [[Audit/Incidents/priv/i20140814.1|private part]]

== 1. Incident Response Team ==
 . internal Auditor

== 2. Incident Description ==
Post (Answer to a web form request) on a public mailing list (cacert-support@lists.cacert.org) of a support member:
{{{
Hello [requester name],

> Email: [requester email]

I did not find a CAcert account related to this email address. If the
problem cannot be solved, please write to support@cacert.org and tell me
your main email address of your account.
}}}

The support member looked up the requester’s e-Mail address.

== 3. Containment Actions ==
No action was done to contain the incident, there is no available data to look up. 

== 4. Root Causes ==
The Requester did not ask the supporter to look up the email account data, nor an arbitrator did, nor a precedence case gives him the right to do so. The supporter violates § 8 in conjunction with § 9 Privacy Policy.

== 5. Permanent Corrective Actions ==
Dispute [[Arbitrations/a20140712.1|a20140712.1]] was requested: 

{{{
Dear Arbitrators,

As CAcert's internal Auditor, I would like to open a dispute against supporter [supporter's name].

Reasons:
Audit got aware of a attempted data privacy breach and abuse of supporter power by named supporter, documented in i20140814.1 [1]. Audit has not the tools and power to prosecute an individual based on his/her misbehaviour. Therefore, I'd would like to ask arbitration to take over the case and handle the individual prosecution against named supporter.

The Supporter violated § 8 in conjunction with § 9 Privacy Policy [2] by attempting to look up the data related to an email address posted to the public mailing list (cacert-support@lists.cacert.org) with a support question. Based on his statement, the attempt was not successful, since the address does not exist in our database.

This case might be related to [4].

Best Regards
Benedikt

[1] https://wiki.cacert.org/Audit/Incidents/i20140814.1
[2] http://www.cacert.org/policy/PrivacyPolicy.html
[3] https://wiki.cacert.org/Arbitrations/a20140624.1
[4] https://wiki.cacert.org/Audit/Incidents/i20140625.1
}}}

== 6. Verify Corrective Actions ==
''Case still pending''

== 7. Preventive Actions ==
The Auditor already proposed preventive actions the a similar case [[Audit/Incidents/i20140625.1|i20140625.1]] to be implemented.

== 8. Approval & Closure ==
|| '''Approved'''    || 2015-08-11 [[https://community.cacert.org/board/motions.php?motion=m20150803.3|m20150803.3]] ||
|| '''Date closed''' || ||

----
 . CategoryAudit
 . CategoryIncident