|
FastMail Forum All posts relating to FastMail.FM should go here: suggestions, comments, requests for help, complaints, technical issues etc. |
|
Thread Tools |
18 Dec 2015, 03:16 AM | #1 | ||
The "e" in e-mail
Join Date: Feb 2006
Location: EU
Posts: 4,945
|
Fastmail privacy policy: theory & practice
FM's privacy policy says:
Quote:
Quote:
There is a potential conflict here. I appreciate that FM staff may want to know e.g. how many folks use this or other facility, and the simplest way to do that is to go through all accounts and count :-) On the other hand, such an investigation, BTW quite likely beneficial to the service and users, contradicts the self-imposed privacy rules. My first, and so far only, conclusion is that in some circumstances sticking to the letter of T&C would cause more harm than good. |
||
18 Dec 2015, 03:55 AM | #2 |
Essential Contributor
Join Date: Sep 2008
Posts: 260
|
It may depend on how you define 'account'. They may define it as the actual mail storage, not the account configuration settings.
|
18 Dec 2015, 04:15 AM | #3 |
Ultimate Contributor
Join Date: Dec 2001
Location: Canada.
Posts: 10,355
|
The fact that Fastmail took the trouble to inform you, that they were poking around in your account settings, is good.
Most companies (imho) would likely not have bothered |
18 Dec 2015, 05:30 AM | #4 |
Master of the @
Join Date: May 2012
Location: Melbourne, Australia
Posts: 1,007
Representative of:
Fastmail.fm |
I see your point.
What we usually mean by "account" there is your mail/calendar/contact/note/file data, that is, the actual content of your account that you own. The stuff you would want to move in or out when you join or leave FastMail. The stuff you've be most upset about if it ever leaked out. What isn't as clear is where other data related to your account fits in. This includes logs that record the activity around your account (logins, mail delivery, notifications), config and and settings that define how your account works (which your aliases are), and even more grey things like message headers, which are stored in the same file as the actual message content and contain loads of important and useful information created by us, by you, by your mail client and by every mail server in between. In your case, it could be argued that there wasn't an "account access". We ran a query against the central alias database, which maps email addresses to numeric user IDs. Your user ID would have been in the output of that query. Did we access your account? Is the distinction at all important? There's operational concerns here too. Certain header information (From, To, Subject) is logged while mail is in transit for various reasons, mostly to track a messages's movement through the system. If I read those logs, is that "account access"? Another fun one that we're dealing with at the moment is mail store replication. We're having to add support for folders with unusual characters so we can move Pobox Mailstore customers onto our infrastructure. That broke a few times (it's been good for a couple of days) which meant we had to find the unusual folder name and figure out how to support it. That was done with logs, but does it count as an "account access", since it's user-created data? For any given task, if I know there's data available somewhere that can help me complete my task, should I use it or not? What if it's in a message header in a user's account? If it's a task that I do a lot, and I decide to create automated tools to do the work for me, is that then an "account access" by an admin user? What if I go half way and set up an auto-updating index of information I need for this task, and I only look at that? I'm asking a lot of rhetorical questions. I think I'm trying to make the point that for the most part, it comes down to intent. We've got to keep a service running; you've don't want us to touch your data. It's not always possible to satisfy both. Our goal is to minimise those cases as much as possible. But, all that said, the privacy policy is supposed to be easily understandable by normal people, not a legal definition, so it's important to consider what most people would mean by "account access". If you want the legal definition , then you want the Terms of Service. I would argue that section 2 allows access for this purpose (but then, I'd argue it allows us to do pretty much anything to keep the service working the way it's supposed to. That's legalese for you ) I'll will mention this to the team today to see if there's anything we can do to make the privacy policy clearer without making it harder to understand. Thanks for bringing it up! |
18 Dec 2015, 06:05 AM | #5 |
The "e" in e-mail
Join Date: May 2003
Location: mostly in Thailand
Posts: 3,095
|
@Rob
I am perfectly happy with your explanation and the privacy policy in general. For Fastmail's own protection, I would suggest a link labeled "small print" that takes people to an explanation like yours above. This covers you against claims of deception while still retaining the clarity of the policy itself. |
18 Dec 2015, 03:34 PM | #6 |
The "e" in e-mail
Join Date: Feb 2006
Location: EU
Posts: 4,945
|
Thank you, Rob, for your detailed explanation.
IMHO, this extract from your posting perfectly summarises the point of the thread. |