Intended recipient

Tue Sep 13 14:28:21 BST 2011

In article <20110913134817.00004dc0 at surtees.fenrir.org.uk>, Brian 
Morrison <bdm at fenrir.org.uk> writes
>> That's very pertinent to my original question - who is the intended
>> recipient. If the sender has perpetrated a typo, who exactly (legally)
>> did they intend to send it to?
>
>Well I suppose that would be the address they wanted to type rather
>than the one they did type. But would it be any different if this were
>postal mail and a simple numerical error had led to delivery of say a
>post card to the wrong building?

It would only be analogous if you knew (for example) that lots of 
letters were sent to slightly the wrong address, and you arranged to 
assume that address yourself. For example I worked from 37a High St 
Brentwood for a while, and lots of things were addressed to Brentford (I 
blame the Nylons adverts). What if someone hypothetically in 37 High St 
Brentford thought it would be interesting to add a 37A to their 
letterbox and then read whatever dropped in?

>> >They could have done this without storing the message bodies, all
>> >they were interested in were the headers which their mail server
>> >legitimately processed.
>>
>> They also looked at the bodies I think (strongly implied by Figure 1).
>>
>> <http://www.wired.com/images_blogs/threatlevel/2011/09/Doppelganger.Doma
>> ins.pdf>
>>
>> But even if they were just "intercepting" the headers, that doesn't
>> change any of my questions (it's only where people are legally looking
>> at [only] traffic data that we have to be picky about the difference
>> between headers and bodies).
>
>I was being picky because you could argue that by not looking at the
>bodies you had not looked at anything privileged, only the outside of
>the envelope in the case of a letter in the post.

I don't think that's a defence if a member of the public is intercepting 
emails.

>> >It should be sufficient to simply list the number of incorrectly
>> >addressed emails they received.
>>
>> That would be a different, and simpler, study than this appeared to
>> be. If done in the UK would you be looking at a RIPA 3(3) exemption
>> for that? My questions are probably about interpretation of 3(1).
>
>I think the automatic collection by the server is fair enough, even if
>the domain name is deliberately weird it isn't as if other such weird
>domains don't exist. It's looking in the message bodies that crosses
>some sort of legal line,

Although throwing away mis-delivered items isn't perhaps interception, 
failing to bounce these emails may have given the senders a false sense 
of security that they'd been delivered. Or perhaps they did send a 
bounce message too?

> but you can see why a researcher (rather
>than some sort of crook) would do that for relatively innocent reasons.

Research isn't an absolute defence either.
-- 
Roland Perry