If you get stopped by a cop for breaking the speed limit and you contend you didn’t know the limit you’ll still get a ticket because ignorance of the law is no excuse. When it comes to technology the same rule applies — you don’t get a pass simply because you don’t understand it.
For example, have you ever sent e-mail to a domain you weren’t exactly sure of? Maybe the intended recipient gave you an e-mail address over the phone or you used an one from memory.
I have a “catch-all” address in my domain for e-mail that isn’t destined for a names account and every day about 100 people out there in the wide electronic world assumes their recipient is at gibbs.com when what they really is something like gibbscam.com or gibbswire.com.
When I have time and can determine who the recipient was supposed to be and can be bothered I’ll be nice and resend them. Usually, however, the rest of the messages just sit in the catchall folder until I delete them every couple of months. What’s interesting is how many messages come with dire warnings such as: “This message is intended solely for the use of the individual and entity to whom it is addressed, and may contain information that is privileged, confidential and exempt from disclosure under applicable state and federal laws. If you are not the addressee, or are not authorized to receive for the intended addressee, you are hereby notified that you may not use, copy, distribute, or disclose to anyone this message or the information contained herein. If you have received this message in error, immediately advise the sender by reply e-mail and destroy this message.”
This is something that you see on just about every other e-mail you receive and it looks serious, but is it really? Let’s look at the tone of that warning: It says quite clearly you shouldn’t consider doing anything with the message contents or, it implies, you’ll be really sorry.
That’s simply ridiculous because if the contents were that important and you weren’t certain where they might wind up (which is what your notice implies) then no amount of threatening words can prevent damage from a recipient with malicious or larcenous intent.
So, let’s say you misaddress e-mail about some financial matters that you’d rather were not made public and it winds up in my catch-all account. I could pass on the message to anyone I please and there’s no way you can prove I ever received it or acted on it for two reasons.
First, you, a priori, confessed in your warning that you are a clueless noob so it could have gone anywhere. Second, even if you could get a search warrant to forensically examine my systems you wouldn’t find anything. And even if you could “prove” from your server logs that my mail server received it from your server, you couldn’t prove I’d read it before it was deleted and purged.
But back to the demand that the sender be notified: Little do these noobs know that I am about to charge US$100 to notify them that they’ve screwed up and I will require, in writing and delivered by registered mail, a notarized affidavit confirming they were indeed the sender before I will delete their message. A cashier’s check must accompany the affidavit.
In fact, I might automate the process and arrange for all catch-all messages that are not claimed and paid for to be automatically posted publicly on my Web site. This could be, as we say in England, a nice little earner.
So, if you screw up and send e-mail to me rather than who you meant to send it to, prepare to pay. Ignorance of the law is no excuse and neither is ignorance of technology.
Shameless Plug: I will be keynoting a series of Network World/Oracle events on identity management in 10 cities over the next couple of months. Check out the schedule and come say “hello.”