[Note: I don't know law, I don't do law. IANAL. This is only valid for Germany, perhaps not even there]
On Wednesday 20 April 2005 14:42, Dominic Amann wrote: > in germany you must not delete mails from other users. the *only* > > solution would be to get an explicit permission per case by every > > individual user *before* deleting their trash folder. > Would this not imply that a spam-assasin type solution would also be > illegal if it 'auto-deletes' detected spam? Mostly. Summarising from an article in the German monthly "Linux Magazin" [1] and my own inquiries: 0a. If it is your own mail, do whatever you want 0b. If it's not your mail, you can't touch it. You _must_ not look at it (except for correct delivery), you _must_ not change the contents. You _must_ not suppress it 1. No deletion (auto-deleting users' trash cans should probably be OK) 2. Automated spam- oder virus scanning only allowed as opt-in-solution 3. If it does contain spam/viruses you _must_ not silently delete the message. The only way out: assign it to a spam-folder. Which the user has to empty himself any way he wants. Some people use another opt-in for automatic deletion, I don't know if that's allowed. 4. If you are a company: just forbid your employees to do private mail. Then all incoming mails are, by default, the company's, which you can scan and throw away at will. This is a position that is mostly, but not universally, accepted If you think that's difficult to live with, you are right. A university I know was unable to install a spam filter at their incoming line due to these regulations (and boy, they'd have needed a *huge* trashcan). If you're an ISP, it's living hell. If you think it's cool that somebody's taking good care of privacy, I tend to agree with you nonetheless. Come on over and we'll have a beer. [1] Fred Andresen: "Leeren verboten!", Linux Magazin, September 2004, pp. 78-79 -- With best regards, Florian Weber PGP key ID: A34C32F9
pgplllb5kJGpD.pgp
Description: PGP signature
