In message
<[log in to unmask]>, at
11:02:50 on Mon, 28 Nov 2011, "Baines, Jonathan"
<[log in to unmask]> writes
>Thinking further about this. Both these fines (and Surrey's before
>that) appear to have arisen because of problems with distribution lists
>or auto-complete facilities in email programs.
>
>Do any organisations represented on this list have specific
>policies/software to prevent or mitigate the risk of this happening
I'm a bit concerned about the advice to encrypt emails, because if a
public-key system is in use then the email will simply be encrypted with
the key of the *un*intended recipient, so they can read it and we aren't
any further forward.
The only safeguard would be if the unintended recipient doesn't have a
public key available to the sender, whereas the intended one does. And
that lack of a key might alert the sender that something was amiss.
How many people on this list send encrypted email, using which scheme,
and what percentage of their correspondents have they exchanged keys
with?
[I could, using PGP, but have only a handful of keys, so it's turned off
by default].
--
Roland Perry
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at http://www.jiscmail.ac.uk/help/commandref.htm
Any queries about sending or receiving messages please send to the list owner
[log in to unmask]
Full help Desk - please email [log in to unmask] describing your needs
To receive these emails in HTML format send the command:
SET data-protection HTML to [log in to unmask]
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|