Starmer dumps doormat?

Roland Perry lists at internetpolicyagency.com
Thu Jan 20 07:45:48 GMT 2011 

In article <61E52F3A5532BE43B0211254F13883AE033A58 at EXC001>, Andrew 
Cormack <Andrew.Cormack at ja.net> writes
>
>
>> -----Original Message-----
>> From: ukcrypto-bounces at chiark.greenend.org.uk [mailto:ukcrypto-
>> bounces at chiark.greenend.org.uk] On Behalf Of Roland Perry
>> Sent: 19 January 2011 10:02
>> To: ukcrypto at chiark.greenend.org.uk
>> Subject: Re: Starmer dumps doormat?
>>
>> Several years ago I also wrote a mini-paper about the situation in
>> places like an office, where a "boss" (sorry for the stereotyping)
>> diverts his phone and voicemail to a secretary, and therefore the first
>> person to get (and listen to) them is not the intended recipient. Make
>> that in spades when it's the secretary who sets up the diversion on her
>> own initiative. [nb in these scenarios, the recipient can be argued to
>> have given permission, but the sender hasn't; and many corporates use
>> what are in effect public networks as a virtual PABX, so it's not
>> necessarily being done on a private network either.
>
>Roland
>Did you consider the possibility that in that scenario the secretary 
>may actually be acting as a legal agent for the boss? It was discussed 
>on another list last year where we concluded that if the secretary 
>wasn't the "intended recipient" then there was no way out of the 
>conclusion that they were acting unlawfully, because of the requirement 
>for both parties to have consented.
>
>None of us knew the law of agency in detail (and I haven't had time 
>since to look it up).

Me neither, and this is the first time I've heard of the concept being 
applied to RIPA. Without (no, really) wishing to re-open an old debate, 
perhaps one could argue that a virus checker (supplied in the network) 
that I have subscribed to, is also my agent? [And, cough, a behavioural 
advertising platform (that I've agreed to on behalf of my family) too].

> But it seemed that if that resulted in the secretary acting *as* the 
>boss for a particular subset of his work then the secretary/boss *is* 
>the intended recipient and the interception problem goes away. That 
>seemed a reasonable fit for the paper-based world where, if I get a 
>letter signed "pp CEO" then I treat it as coming from the CEO, even 
>though it's very obvious that it hasn't.

But what about inbound items (email or postal) marked "Private and 
Confidential"?

>It also seemed to make it the boss's responsibility to define the 
>extent of actions for which the secretary could act as agent, and if 
>the boss doesn't make that clear then it's their problem and not the 
>secretary's. It seemed a bit unfair to us if the poor secretary carried 
>the can for misinterpreting unclear instructions, which seems to be 
>another consequence of trying to justify it as interception-with-consent :(

I think we are back in the situation I was describing earlier - there 
might be one outcome dictated by common sense (based on a deeper 
understanding of these 'private sector interception' issues than perhaps 
was exposed in the ICOA Review in 1999), and another by the way the 
current law is drafted.

Roland.

>--
>Andrew Cormack, Chief Regulatory Adviser, JANET(UK)

-- 
Roland Perry

More information about the ukcrypto mailing list