Here's my current favourite disclaimer because it clearly distinguishes the
delivery role and most importantly draws immediate attention to the possibility
that the item might well have been altered en-route (believe at your own risk).
In a practical sense, if your recipients get used to seeing this disclaimer,
they may well question any completely faked items purporting to be from you.
On the other side of the coin, what's the point of all this if whenever anyone
tries to sue you, you can always claim you never sent it, it was a fake ?
The middle section came from Arthur Andersens verbatim - copyright issue ;-)
The source of the top section also used a clause at the end which I wouldn't
dare use, but see what you think ...
-----------------------------------------------------------------------------
Unencrypted electronic mail is not secure and may not be authentic.
If you have any doubts as to the contents please telephone to confirm.
------------------------------------------------------------------------------
Privileged/Confidential Information may be contained in this message. If
you are not the addressee indicated in this message (or responsible for
delivery of the message to such person), you may not copy or deliver this
message to anyone. In such case, you should destroy this message, and
notify us immediately. If you or your employer does not consent to Internet
email messages of this kind, please advise us immediately. Opinions,
conclusions and other information expressed in this message are not given
or endorsed by my firm or employer unless otherwise indicated by an
authorized representative independent of this message.
-----------------------------------------------------------------------------
If you are not the intended recipient you must not distribute or copy this
transmission and should please notify the sender. Your costs for doing this
will be reimbursed by the sender. (hackers please send me your invoices !)
-----------------------------------------------------------------------------
Encrypted mail using Public Key encryption (PGP etc.) prevents interference
without recipient knowledge leaving complete non-delivery to be considered
where the sender is prevented from receiving a non-delivery message from the
mail server.
Using such encryption makes the sender indisputably responsible so need for
clarity in which legal entity they represent, company or individual, as decided
by company policy (and by how the encryption keys are deployed to match policy)
NB. Even without encryption the DPO clearly acts only as the Office, as their
employees do not have individual external addresses.
I'm currently struggling with the following:
The Company owns the E-Mail facility
Individual usage of the facility should(not must) be restricted to business use
Each individual author is responsible for E-Mail content ...
So who OWNS an External mail address in individual's name at Company address ?
If an employee (against company policy but claimed not to have read Policy)
responds to an unsolicited e-mail advert or chainmail using such an address:
Is the company liable for allowing global access to employee address details ?
Is the company liable for consequences anyway due to "insufficient education" ?
Is the company liable if disclaimer is not automatic and employee forgot it ?
Is the company liable even with a disclaimer because it's a company address ?
Can the company claim costs/damages from the employee ?
Does the company have grounds to sue the unsolicited mail/chainmail sender ?
Does all this seal the fate of company e-mail use for any personal reasons ?
...I won't bore you with yet another "serious" disclaimer here :-)... however
"I'm not sure these opinions are even my own" and ...
"These opinions are purely fictitious, and any resemblance to any other
opinions, living or dead, is purely coincidental"
are both in my "personal use" jokes library :-)
John Hanson
Information Security
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
|