Forwarded email about high court proceeding

frozenfrozen

Which the person who received the email has nothing to do with.

There was a follow up email asking nicely to delete the email which was sent in error.

Never dealt with any of the people before.

Anything we should do other than just delete the email? Maybe ask them to remove the address? With all this GDPR stuff they shouldn't be able to send a newsletter let alone someone else's high court details!

jimmycrackcorm

frozenfrozen wrote: »

WWith all this GDPR stuff they shouldn't be able to send a newsletter let alone someone else's high court details!

You think human error shouldn't exist?
Several times I've received emails such as quotes and receipts that were sent to someone who has the same name but obviously a similar email address.

frozenfrozen

Email is nothing at all alike a name

nuac

Mod
Apart from a wrongly addressed email what other legal issue concerns anybody?

FreudianSlippers

frozenfrozen wrote: »

Which the person who received the email has nothing to do with.

There was a follow up email asking nicely to delete the email which was sent in error.

Never dealt with any of the people before.

Anything we should do other than just delete the email? Maybe ask them to remove the address? With all this GDPR stuff they shouldn't be able to send a newsletter let alone someone else's high court details!

Maybe just delete the mail and move on with your life. Ever considered that there might be, of the probably billions of email addresses, one similar to yours?

Or else maybe explain how that could be a GDPR issue at all? Are you also a client or someone they have emailed in the past?

frozenfrozen

Jesus wept

odyssey06

Sounds like a data protection issue... if my company send customer details by email to a random external email it would be an immediate data breach alert.

Its too easy to manually mis address an email. You probably were neither first nor last person they emailed by mistake.

The sender should have more robust processes in place for very sensitive information.

hullaballoo

Without knowing the details about what was communicated in this email, we could be looking at a total non-issue or a very serious data breach that requires imminent reporting to the DPC or anything in between.

Such is life I suppose because there's no way I'm going to request or sanction that information being posted here.

OP, consider whether the information is available in the public domain or whether it's necessarily confidential and make a call as to whether you think it's worthy of reporting. You could also ignore it and see does anyone come knocking on your door at dawn to seize your computer for your vile act of innocently receiving an email that wasn't for you. Up to you.

fritzelly

It is a major GDPR breach
In my job they have become absolutely paranoid about this and any fines that come with a breach (no more verbal warnings or quick chat with the manager)

Maybe a friendly email to the company that, as odyssey06 said, they need to improve their systems - especially with this kind of information

kirving

We don't know the details, it could be harmless, or it could be a serious problem. Either way, human error just isn't an acceptable excuse with people's private information these days.

Where I work (nothing particularly crazy), email is encrypted end-to-end meaning that anyone without the correct key can't open an email I send. It's a pain to set up and manually share keys, etc, but that's what some customers mandate.

The networked printers also need a pin to be input every time I want to print something so I don't leave sensitive information lying around the office. The scanners can email too, but only to people within the organisation. Simple controls to put in place, but eliminate the vast majority or human error.

fritzelly

I would guess there is personally identifiable information in the email - or maybe I'm reading more into it.

FreudianSlippers

Glad to see everyone is a GDPR / printer expert these days!

fritzelly

FreudianSlippers wrote: »

Glad to see everyone is a GDPR / printer expert these days!

Yeah (well not the printer) because it's been drummed in to us the past few weeks (no one saw this coming for the past 2 years)

K.Flyer

Most business / confidential emails carry a footnote asking if the email has been received in error that the recipient notify the sender of the error and to delete and renove all trace of the email from their computer system.
If you follow these instructions, then you have done all you need to do.

This e-mail is intended for the addressee only. It may contain confidential information If you have received this e-mail in error, please notify the sender immediately and delete the message from your computer. If you are not the intended recipient, you should not copy the email or use it for any purpose, nor disclose or distribute its contents to any other person

The information contained in this email message and any attachment is strictly confidential and may be the subject of legal, professional or other privilege. This correspondence is intended only for the named addressee(s) and may not be disclosed to anyone else without the consent of the sender. If you are not a named addressee you must not retain, use, disclose, copy, print or rely on the contents of this correspondence and should delete all copies of it from your systems immediately. If you have received this email by mistake, please inform the sender by reply email immediately and delete the material.

kirving

FreudianSlippers wrote: »

Glad to see everyone is a GDPR / printer expert these days!

Better that than giving every gob****e a license to screw up the simplest of tasks and leak your information to God knows who.

hullaballoo

fritzelly wrote: »

It is a major GDPR breach
In my job they have become absolutely paranoid about this and any fines that come with a breach (no more verbal warnings or quick chat with the manager)

Maybe a friendly email to the company that, as odyssey06 said, they need to improve their systems - especially with this kind of information

You can't say it's a major GDPR breach, can you?

It could be anything. It could be all publicly searchable information or it could be intensely private stuff but because the OP hasn't (, correctly) shared what that is, you just don't know what the nature of it is.

It's unhelpful to post things like this. A major GDPR breach is if facebook get hacked and all user data is leaked. A minor breach is a solicitor sending information about a date for trial to a third party.

Perspective would be helpful.

fritzelly

K.Flyer wrote: »

Most business / confidential emails carry a footnote asking if the email has been received in error that the recipient notify the sender of the error and to delete and renove all trace of the email from their computer system.
If you follow these instructions, then you have done all you need to do.

Ermm no, GDPR does not allow that get out of jail clause

hullaballoo wrote: »

You can't say it's a major GDPR breach, can you?

It could be anything. It could be all publicly searchable information or it could be intensely private stuff but because the OP hasn't (, correctly) shared what that is, you just don't know what the nature of it is.

It's unhelpful to post things like this. A major GDPR breach is if facebook get hacked and all user data is leaked. A minor breach is a solicitor sending information about a date for trial to a third party.

Perspective would be helpful.

Yeah I did say I assumed there was more in the email when I probably shouldn't have

K.Flyer

fritzelly wrote: »

Ermm no, GDPR does not allow that get out of jail clause

Out of curiosity then, how come, does the recipient now need to go further by reporting it elsewhere?
I ask, because in the past, if ever I received an email in error (or a text), I would have followed this instruction and thought no more about it.

Franz Von Peppercorn

fritzelly wrote: »

Ermm no, GDPR does not allow that get out of jail clause




Yeah I did say I assumed there was more in the email when I probably shouldn't have

Everybody’s an expert on GDPR.

A miss addressed email isn’t evidence that the company is non compliant in other ways. Unless this was systematic it’s not a violation.

frozenfrozen

Thanks for the helpful replies.

I'm still unsure what to do.

IMO it's sensitive information but it's not watergate. Think a simple email stating it has been deleted and to please remove all of our details from whatever database they have as we have had no dealings with them.


The content of the email was several paragraphs discussing case law related to a high court case which was annotated in how it related to this case etc. So it's sensitive info but not going to set the world alight.

I was just asking because of hearing so much about GDPR recently.


And the miss sending was not down to forename.surname email mixup, we are seemingly in their address book.. despite never having dealt with them


Thanks again...