Google, Rocky Mountain Bank Ask Judge To Restore Deactivated Gmail Account
from the bring-'er-back dept
Last week, we noted that a court had ordered Google to shut down a Gmail account of a user who had accidentally been emailed confidential information by Rocky Mountain Bank. The two companies have now both asked the judge to reinstate the Gmail account, saying that the original request is now "moot." The article notes that the judge has adjourned the case until next week, so the account will remain deactivated until then. Still, it's not at all clear why the issue is now "moot." Did Google delete the email in question? Was it determined that the account itself was dormant? It would seem like these details are relevant, and not anything that would need to be hidden.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: confidential information, court order, deactivated, email
Companies: google, rocky mountain bank
Reader Comments
Subscribe: RSS
View by: Time | Thread
What?
Because it was *always* moot. Once the info was compromised, it was... what's the word? Let me think... Oh yeah... Compromised! You can't get the bits back.
[ link to this | view in chronology ]
Moot Smoot
If it was a technical issue and Google was able to act without this court drama then good, we'll know for next time. However it is very disturbing how this case played out so easily without any involvement of the person who's account was in question!
[ link to this | view in chronology ]
Re: Moot Smoot
How is it a 'technical issue?' It was a data security issue. From the start. The court basically impounded a cab because some doofus might have left his wallet there.
Yes, good that the court is undoing the damage it wrought. But not exactly a shining moment in jurisprudence.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Tricky Problem
In this case, the judge has to measure the inconvenience of temporarily locking down a single, free, consumer-level, non-SLA'd email account against the possible substantial and widespread financial damage to a very large group of other people, resulting from an accident at the bank.
With electronic data, you have to act quickly or not at all. This buys Google enough time to run the logs to see if that data has spread (ie: has anyone/anything accessed the account, has the account forwarded the data). If the data has been SMTP'd, POP'd, or IMAP'd, locking the account is moot. If not and Google deletes the data, locking the account is also moot.
No offense to the account holder, but if *my* data was in that pile, I'd prefer that their account be temporarily locked, while the data is tracked and removed.
And the bank would be hearing from my lawyer.
[ link to this | view in chronology ]
Re: Tricky Problem
Is the sky blue in your world?
Here on earth, once the data was compromised, it was (say it with me) COMPROMISED. You have to assume you sent it to Osama Bin Laden and act accordingly. The fact that Rocky Mountain Bank wasted time with this, and the fact that the judge did likewise, undermines the credibility of both. I sure as shit won't be setting up an account with RMB any time soon.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Perhaps it was more widely sent...
[ link to this | view in chronology ]
Bolted. Gate. Horse.
If the email was not encrypted, then shutting down the Google account achieved nothing. Every SMTP relay that the email hit between the bank and Google would also have a copy of the data. If the user had already downloaded the email via POP or IMAP (or just saved the attachment), then they would have a local copy in addition to the copy on Google's servers.
Purging records is remotely conceivable in the context of a corporate intranet. On the general internet? Pointless waste of time.
[ link to this | view in chronology ]
Re: Bolted. Gate. Horse.
Moreover, the only SMTP servers likely to be involved in this are those of the bank, and those of google, so all parties that would need to be involved with scrubbing them are already involved.
[ link to this | view in chronology ]
Re: Re: Bolted. Gate. Horse.
The bank needs to assume that the file has escaped and is in the wrong hands regardless of what they think they know. If the file has escaped they are doing what they need to do and if the file hasn't escaped they have taken prudent action where they can't be 100% certain.
[ link to this | view in chronology ]
Maybe...
Still, it amazes me that the recipient never published this data in any way, nor did he ever draw attention to himself. Or maybe he finally did, to Google and this bank, threatening some legal actions against these two for violating his privacy, first amendment rights and whatever more. Losing 1300 account records is bad, losing a lot more in damages for some civil case would really be worse. I think this bank already has more than enough damage to it's reputation and therefor wants to stop it.
[ link to this | view in chronology ]
Re: Maybe...
Of course.. we'll never know.. unless someone (google.. the court.. the bank...) tells us.
But why would they want to do that?
[ link to this | view in chronology ]
Why it's moot
[ link to this | view in chronology ]
Moot
[ link to this | view in chronology ]
violation of every information security policy known
Rocky Mountain Bank's account holders need to seriously reconsider their choice of financial services partner. I've changed banks simply because I didn't like their color scheme. But to so thoroughly screw up data security?! I'd be gone so fast the shockwave would pull the vault door off it's hinges.
[ link to this | view in chronology ]
Maybe because of the publicity?
Once they realized someone noticed, and that their clients might have heard about their screw up, they decided to contact them all, as they should have in the first place. Now their hoping to avoid further potential legal damages by getting the account reactivated.
I'm just throwing another idea out there everyone. I don't know this is the reason. But it seems reasonable.
[ link to this | view in chronology ]
Re: Maybe because of the publicity?
In any event, the only thing I learned from this is that RMB is run by a bunch of douche canoes.
[ link to this | view in chronology ]
Seems this bank has a history of bad practice
http://www.fdic.gov/bank/individual/enforcement/2009-04-06.pdf
Then God help 'em cause the Feds sure won't.
-Ross
[ link to this | view in chronology ]
You missed the point
[ link to this | view in chronology ]
newest jordan shoes
[ link to this | view in chronology ]