Hi all. The Subject is kinda true. I'm on the MFAT mailing list which tells me which countries hate Kiwis at any point in time. And this morning it mailed out a strange message which had a subject of "The Auster story goes back into the 1930s." And came from an xtra email address. I just wrote it off as spam. It turns out though that the email contained a virus. Now it's not MFAT's fault (although I don't know what the list was doing unmoderated. I might look at sending out an Advisory for Kiwi's living in Sydney =) (THIS IS A JOKE!) But it does bring up a good point. Do list managers have a duty of care when it comes to scanning for viruses? My mail box is now filling up with messages from people virus scanners who are auto responding to the MFAT mailing list. Thoughts, Comments, Calls for me to shut the **** up? Dean - To unsubscribe from nznog, send email to majordomo(a)list.waikato.ac.nz where the body of your message reads: unsubscribe nznog
On Mon, Nov 12, 2001 at 01:41:41PM +1300, Dean Pemberton wrote: But it does bring up a good point. Do list managers have a duty of care when it comes to scanning for viruses? In my opinion (hey you did ask!), no. Absolutely Not. No more so that any other delivery medium should be responsible for inspecting the contents of the media... should the postal service be responsible for checking all mail --- even when the mail is open or disclosed such the privacy issues are null? Now, that doesn't mean they can't or shouldn't, but I don't think they should. My mail box is now filling up with messages from people virus scanners who are auto responding to the MFAT mailing list. These scanners are broken. This is no different to other auto-responders which spam list such as mSEXchange/outlook vomit which from time to time plagues this very list. Obviously, the best way to deal with these people (administrators and authors of such software) is extreme violence with a small ball-hammer, a blow-torch and a hand cranked drill; or, to ignore moronic software with which the world now seems to have abundant supply of. Thoughts, Comments, Calls for me to shut the **** up? Dean, shut the *** up. --cw P.S. Email virii are a good thing... think of it as natural selection in the electronic world. - To unsubscribe from nznog, send email to majordomo(a)list.waikato.ac.nz where the body of your message reads: unsubscribe nznog
P.S. Email virii are a good thing... think of it as natural selection in the electronic world.
Untill youre the poor pleb who has to fix it! (Or even worse, help them to fix it over a telephone.. ) FWIW, I agreed with the rest of your post entirely - Its noones responsibility but their own to keep their systems uninfected and safe, as far as im concerned. The only time that changes is when the customer is oblivious / ignoring the situation, and refuses to do anything about it, in which case the service provider should quite happily be disconnecting the user or taking other appropriate action in the interests of reducing everyone elses exposure to malicious content... The case in point being a customer of ours who was recently having his mailbox quota being exceeded on a daily basis by messages generated by W32.SirCam originating from a client of a particular large NZ Teleco-related-ISP. After repeat requests for the client holder to sort their system out, last I heard was that the ISP actually had to threaten (or actually take action) to suspend the users account untill they got up and disinfected their PC. Either case, lack of further contact from our client is a positive sign. I therefore assume the problem is solved - and in this case, due to inattention or just plain ignorance from the infected party, it took the cooperation of their ISP to get things sorted.. For this I thank them, and I think thats an example of where the line should be drawn, as far as service-provider (whatever that service is) responsibilities go. To use the mailing list example - I would think the most you should have to do is unsubscribe someone who is distributing virii via the list... and even that shouldnt be obligatory, but more common-sense if the person behind the address isnt taking care of it themselves. Mark. - To unsubscribe from nznog, send email to majordomo(a)list.waikato.ac.nz where the body of your message reads: unsubscribe nznog
In general, if it's unmoderated, it has no single point of control. I suppose it would seem to be a "value-added" service from the List-server to check for viruses, but then you'd end up with jerks complaining that "my email didn't get through this unmoderated list, JUST BECAUSE it had a virus". It's also a bit trickier when the person keeping an eye on an unmorderated list, happens to not work for the organisation providing the list-server (eg. this one). I wouldn't like to go to UOW and make them pay for a virus scanner for this free service they offer us. Moderated is a different story, someone's taking responsibility for appropriate content, and viruses would generally be unappropriate for most topics. Arron -----Original Message----- From: owner-nznog(a)list.waikato.ac.nz [mailto:owner-nznog(a)list.waikato.ac.nz]On Behalf Of Dean Pemberton Sent: Monday, 12 November 2001 1:42 PM To: NZNog Subject: MFAT mails out virus Hi all. The Subject is kinda true. I'm on the MFAT mailing list which tells me which countries hate Kiwis at any point in time. And this morning it mailed out a strange message which had a subject of "The Auster story goes back into the 1930s." And came from an xtra email address. I just wrote it off as spam. It turns out though that the email contained a virus. Now it's not MFAT's fault (although I don't know what the list was doing unmoderated. I might look at sending out an Advisory for Kiwi's living in Sydney =) (THIS IS A JOKE!) But it does bring up a good point. Do list managers have a duty of care when it comes to scanning for viruses? My mail box is now filling up with messages from people virus scanners who are auto responding to the MFAT mailing list. Thoughts, Comments, Calls for me to shut the **** up? Dean - To unsubscribe from nznog, send email to majordomo(a)list.waikato.ac.nz where the body of your message reads: unsubscribe nznog - To unsubscribe from nznog, send email to majordomo(a)list.waikato.ac.nz where the body of your message reads: unsubscribe nznog
In general, if it's unmoderated, it has no single point of control. I suppose it would seem to be a "value-added" service from the List-server to check for viruses, but then you'd end up with jerks complaining that "my email didn't get through this unmoderated list, JUST BECAUSE it had a virus".
It's also a bit trickier when the person keeping an eye on an unmorderated list, happens to not work for the organisation providing the list-server (eg. this one). I wouldn't like to go to UOW and make them pay for a virus scanner for this free service they offer us.
Moderated is a different story, someone's taking responsibility for appropriate content, and viruses would generally be unappropriate for most topics.
Arron
Thats a good call Arron. I guess I would have also expected a list of this content to be moderated. In lieu of a digital signature, this is the only way to be able to trust the content (and even then....) Might be something for MFAT to think about. Oh and thanks to all those people who emailed me privatly telling me to 'shut the **** up' =) Did you really think it would be that easy though? Question answered - thread finished - have a great day Dean On Mon, Nov 12, 2001 at 02:21:29PM +1300, Arron Scott wrote: - To unsubscribe from nznog, send email to majordomo(a)list.waikato.ac.nz where the body of your message reads: unsubscribe nznog
On Mon, 12 Nov 2001, Arron Scott wrote:
In general, if it's unmoderated, it has no single point of control. I suppose it would seem to be a "value-added" service from the List-server to check for viruses, but then you'd end up with jerks complaining that "my email didn't get through this unmoderated list, JUST BECAUSE it had a virus".
You could also get into the potentially dangerous ground of "your list checks for viruses and you failed in your duty of care to block a particular virus which then infected my system - send $5 to xxx(a)yyy as compensation". - To unsubscribe from nznog, send email to majordomo(a)list.waikato.ac.nz where the body of your message reads: unsubscribe nznog
On Mon, Nov 12, 2001 at 02:42:27PM +1300, Andy Linton wrote: You could also get into the potentially dangerous ground of "your list checks for viruses and you failed in your duty of care to block a particular virus which then infected my system - send $5 to xxx(a)yyy as compensation". IANAL but I can't see how you could enforce such a thing. --cw - To unsubscribe from nznog, send email to majordomo(a)list.waikato.ac.nz where the body of your message reads: unsubscribe nznog
On Mon, 12 Nov 2001, Chris Wedgwood wrote:
On Mon, Nov 12, 2001 at 02:42:27PM +1300, Andy Linton wrote:
You could also get into the potentially dangerous ground of "your list checks for viruses and you failed in your duty of care to block a particular virus which then infected my system - send $5 to xxx(a)yyy as compensation".
IANAL but I can't see how you could enforce such a thing.
Let's say I run a list on my home machine and "large corporation X" gets infected and for some reason they decide it's my fault. Their lawyers get on the job and I get sucked into a legal battle. The courts don't really need to enforce anything if I can't afford to fight the case. I'll settle out of court if I can. Even if I do fight I suspect that if I've tried to operate in some kind of "common carrier" manner admitting no responsibility for policing the content of the mail I'm likely to be in better shape. Compare this with making decisions about the content of newsgroups or deciding on the appropriateness of domain names. In both those cases the advice I've seen is that as soon as you start checking in any way you can become responsible in all sorts of ways you didn't envisage. And you certainly can get sucked into legal battles as a co-defendant with those who initiated the offending message/tranaction etc. - To unsubscribe from nznog, send email to majordomo(a)list.waikato.ac.nz where the body of your message reads: unsubscribe nznog
(NOTE; aggregate reply; skirting the boundary of what is on topic or not so any replies that diverge further are probably best off the list) On Mon, Nov 12, 2001 at 03:44:46PM +1300, Andy Linton wrote: Let's say I run a list on my home machine and "large corporation X" gets infected and for some reason they decide it's my fault. Their lawyers get on the job and I get sucked into a legal battle. The courts don't really need to enforce anything if I can't afford to fight the case. I'll settle out of court if I can. But this can occur over anything whatsoever; presumably with or without (malicious) content filtering. I don't see how having or not having content filtering changes this whatsoever... ... also, is it not possible to have some kind of disclaimer and/or policy agreement as you do with software? It seems since that you cannot easily sue for software damages (which are not at all uncommon) then it should be possible to have someone draft some legalese for something which I would consider less intrusive. Compare this with making decisions about the content of newsgroups or deciding on the appropriateness of domain names. In both those cases the advice I've seen is that as soon as you start checking in any way you can become responsible in all sorts of ways you didn't envisage. And you certainly can get sucked into legal battles as a co-defendant with those who initiated the offending message/tranaction etc. Again, this would seem to apply to any medium where you are making or controlling distribution of the content is some way. On Mon, Nov 12, 2001 at 03:50:57PM +1300, Juha Saarinen wrote: NAIAL, but last time this was discussed with AL, it turned out that there are provisions of "due diligence" in Common Law, which state that you mustn't send out anything that can cause harm or damage, to others. NAIAL? Nor Am I a Lawyer? Again, I have to wonder where some kind of disclaimer isn't possible; for years large software companies not excluding Apple and Microsoft have been making software that from time to time unintentionally does considerable damage (completely erases your hard disk contents) and have thus far evaded mass legal annihilation[1] Is anyone aware at present of any lists which have disclaimers which subscribers must agree to? I would guess there are such things out there for large media organsiations, but in truth I never bother reading them myself. --cw [1] Say, sine I'm making up arbitray facts and numbers, only 0.01% of Windows installations do some kind of damage or make undesirable or unadvertised changes that require manual intervention or correction, the size of a possible class action suit would be enourmous. - To unsubscribe from nznog, send email to majordomo(a)list.waikato.ac.nz where the body of your message reads: unsubscribe nznog
On Mon, 12 Nov 2001, Chris Wedgwood wrote:
NAIAL? Nor Am I a Lawyer?
Yes. I should join Acronym Abusers Anynomous, really.
Again, I have to wonder where some kind of disclaimer isn't possible; for years large software companies not excluding Apple and Microsoft have been making software that from time to time unintentionally does considerable damage (completely erases your hard disk contents) and have thus far evaded mass legal annihilation[1]
It would be, but you would need to incorporate terms and register the subscriber's express consent somehow. The terms would have to be vetted by our learned friends, so that they don't contravene any current legislative rights that the subscriber might have, because if one or more do, the entire set of terms might be declared nil and invalid.
[1] Say, sine I'm making up arbitray facts and numbers, only 0.01% of Windows installations do some kind of damage or make undesirable or unadvertised changes that require manual intervention or correction, the size of a possible class action suit would be enourmous.
You should look at Apple's infamous "rm -rf /" update to iTunes for MacOS X... -- Regards, Juha C program run. C program crash. C programmer quit. - To unsubscribe from nznog, send email to majordomo(a)list.waikato.ac.nz where the body of your message reads: unsubscribe nznog
On Mon, 12 Nov 2001, Chris Wedgwood wrote:
IANAL but I can't see how you could enforce such a thing.
NAIAL, but last time this was discussed with AL, it turned out that there are provisions of "due diligence" in Common Law, which state that you mustn't send out anything that can cause harm or damage, to others. -- Regards, Juha C program run. C program crash. C programmer quit. - To unsubscribe from nznog, send email to majordomo(a)list.waikato.ac.nz where the body of your message reads: unsubscribe nznog
On Mon, 12 Nov 2001, Chris Wedgwood wrote:
On Mon, Nov 12, 2001 at 02:42:27PM +1300, Andy Linton wrote:
You could also get into the potentially dangerous ground of "your list checks for viruses and you failed in your duty of care to block a particular virus which then infected my system - send $5 to xxx(a)yyy as compensation".
IANAL but I can't see how you could enforce such a thing.
enforcement is not the issue. Linton is correct in making his statement. The issue in this case is when you take control of a process or proceedure - i.e. scan for viruses. In that case you have taken control of a process and as such your potential liability increases significantly. however, even in the case of a list which check for viruses, there would be mitigating circumstances. i.e. was this a well known virus that the list operator could prevent from distribution - or was it a spanking new virus. in any case i think linton is trying to point out that if you scan or in some way gurantee a virus free distribution list then there is a potential liability issue present - as opposed to a list which is unmoderated and real time. However the inability to "enforce suck a thing" as you have pointed out above would be considered a mitigating circumstance. But the argument could be a proverbial legal catch 22 situation - because although enforcement or the inability to enforce would mitigate the liability issue - in some courts the next question would be "well why did you try to gurantee a virus free list when you knew you could not enforce it". And that could result in further liability. regards joe -- Joe Baptista http://www.dot-god.com/ The dot.GOD Registry, Limited The Executive Plaza, Suite 908 150 West 51st Street Tel: 1 (208) 330-4173 Manhattan Island NYC 10019 USA Fax: 1 (208) 293-9773 - To unsubscribe from nznog, send email to majordomo(a)list.waikato.ac.nz where the body of your message reads: unsubscribe nznog
On Mon, 12 Nov 2001, Dean Pemberton wrote:
But it does bring up a good point. Do list managers have a duty of care when it comes to scanning for viruses? My mail box is now filling up
No they do not. Duty of care is to a large extend measured on ones ability to control a process. A distribution list is a place where the owner or manager has limited control. Many are real time lists - and even if moderated the list owner may simply not recognize that the message contains a virus. Now if the list was moderated and the owner intentionally forwarded that message to the list knowing that it contained a virus - then yes they are liable because there was intent to cause harm. The nature of email viruses is such that usually it is impossible to figure out who intended the malice. Victims, victims everywhere but nowhere can one find the culpret. So the primary test here is intent to cause harm which in almost all cases is impossible to determine when it comes to an email viruses. regards joe -- Joe Baptista http://www.dot-god.com/ The dot.GOD Registry, Limited The Executive Plaza, Suite 908 150 West 51st Street Tel: 1 (208) 330-4173 Manhattan Island NYC 10019 USA Fax: 1 (208) 293-9773 - To unsubscribe from nznog, send email to majordomo(a)list.waikato.ac.nz where the body of your message reads: unsubscribe nznog
participants (7)
-
!Dr. Joe Baptista -
Andy Linton -
Arron Scott -
Chris Wedgwood -
Dean Pemberton -
Juha Saarinen -
Mark Foster