Shaw email customers are scrambling after an interruption of Shaw’s email services Thursday led to millions of emails being deleted.
About 70 per cent of Shaw’s email customers were affected when the company was troubleshooting an unrelated email delay problem and an attempted solution caused incoming emails to be deleted, a spokesman told The Sunday Province.
Shaw has about 1.9 million Internet subscribers across Canada, with the majority in Western Canada.
Emails were deleted for a 10-hour period between 7:45 a.m. and 6:15 p.m. Thursday, although customers did not learn about the problem until Friday, and only then by calling customer service or accessing an online forum for Shaw Internet subscribers.
Shaw promised to email affected customers some time over the weekend with a list of deleted messages and details such as sender, subject and time sent. The actual content of the emails, however, is unrecoverable.
Count this amongst the many reasons I just don’t trust ISPs to host my email. It’s great that Shaw does this, really, given how it generally interferes with ports used for email: not only are they screwing consumers in how they treat email protocols (you can pay a monthly fee for full port access) but they’re also screwing them by not properly managing their email systems. I bet that Shaw customers don’t receive any restitution beyond an apology.
For the past two months I’ve been trying to figure out what to say about something Peter Fleischer, Google’s Global Privacy Counsel, wrote about his personal email retention and deletion policies. After talking about whether people should worry about “covering their tracks” from government snooping, he writes (emphasis added):
In the meantime, as users, we all have to decide if we want to keep thousands of old emails in our inboxes in the cloud. It’s free and convenient to keep them. Statistics published by some companies seem to confirm that the risks of governments seeking access to our data are extremely remote for “normal people”. But the laws, like ECPA, that are meant to protect the privacy of our old emails are obsolete and full of holes. The choice is yours: keep or delete. I’m a pragmatist, and I’m not paranoid, but personally, I’ve gotten in the habit of deleting almost all my daily emails, except for those that I’d want to keep for the future. Like the rule at my tennis club: sweep the clay after you play.
His comments struck me as being incredibly poignant when I first read them, and remain so today. I’ve stopped archiving email. I delete email (as best I can, given cloud data retention policies and all…) on a regular basis. Over the Christmas break I removed an aggregate of about 6 GB of mail that had just…accrued…in my various accounts over the past decade. In short, his post motivated me enough to spend the better part of 3 or 4 days sifting and sorting through my digital life. Ultimately I removed an awful lot of what was there.
At some point I hope to spend more time writing about, and thinking through, some of Peter’s points. At the moment, however, I’d just recommend you think about what it means when Google’s Global Privacy Counsel - the guy who is best able to go to the mat to protect the privacy of his own inbox - chooses to routinely delete his email from the cloud. If he takes that precaution, and he has the influence that he does, shouldn’t you at least consider following his lead?
In the aftermath of Hurricane Sandy, some of the polling stations that would have been used by Americans to cast ballots are gone. Moreover, some citizens in New Jersey are unlikely to either find their new polling station or take the time to find a station and vote. Quite simply, they’re rebuilding their lives: presidential politics aren’t necessarily centre of mind at the moment.
In the wake of the disaster, New Jersey will let some voters cast their ballots by fax and email. One American expert has identified a range of possible attack vectors that could be used to compromise people’s votes. He’s quoted as saying,
Those are just some of the more obvious and potentially catastrophic ways a direct security failure could affect this election … The email voting scheme has so many ways it can fail or that doubt can be cast on the integrity of the results, that if a race somewhere in New Jersey is decided by email ballots, it seems almost guaranteed that we’re going to have a bunch of mini-2000-in-Floridas all over the state.
In addition to basic security concerns around voting, it’s critical to understand that voting by email (effectively) removes secrecy provisions. Messages will not have to be encrypted, meaning that if employees cast their ballots at work then their employer(s) could ascertain how their employees are voting. This is an incredibly serious issue.
In the best of worlds, the New Jersey elections won’t rely or depend on the emailed votes to determine a winner. This said, even if the votes don’t change the local results - if individuals win seats by sufficient margins that the emailed ‘ballots’ wouldn’t affect who won - the national vote could the endangered if the New Jersey voting system is connected to the national system. The risk, here, is that if an attacker could compromise the New Jersey voting infrastructure (perhaps by sending an infected attachment to an email message) then the rest of the infrastructure could also be compromised. Such an attack, were it to occur, could compromise not just the New Jersey results but, potentially, races across the United States.
While it’s evident why the government decided to let people vote by email - to ensure that Americans could cast their ballot despite the horrific natural disaster - these good intentions could result in very, very bad results. Worse, it could encourage trust and confidence in online voting systems more generally, systems that simply cannot be adequately secured (for more as to why, see this and this). While paper ballets are infuriating for many they remain an ideal means of confidently expressing voting intentions. While alternate approaches certainly need to be considered to let people vote, especially in times of crisis, voting by email is not an idea that should have been contemplated, let alone adopted, as a solution to the Sandy-related voting problems.
National mail carriers are important for loads of reasons, including legal protections around letters carried by them versus those carried by couriers. These mail carriers are far less agile than their private competitors and have been incredibly slow to recognize the need to change existing processes and practices. They desperately need to find new growth avenues to remedy declining gross and net revenues.
As a demonstration of how little Canada Post ‘gets’ the market and business it’s in today, we can turn to this comment:
Canada Post chief executive officer Deepak Chopra foresees a future in which consumers receive and pay their bills, get their paycheques, renew drivers’ licences, pay parking tickets, buy magazines and receive personalized ad pitches – all online, through ePost.
This isn’t a future: it’s the present. The only ‘future’ part of what he is outlining is that all these (already daily) functions would be routed through ePost. Unless Canada Post has an incredible value proposition - security, government mandates, or somehow implementing these functions better than existing services are mechanisms that immediately come to mine - I can’t see how the organization will exist in any semblance of what it is today, tomorrow.
There needs to be a term to describe the condition where you keep an email unread in your box because you’re not prepared to deal with it yet, but then you start to hate and resent the person who sent it because it is the only unread email in your box and it sits there silently accusing you with its boldedness. Or maybe I am the only sufferer of said disease.
I suffer from this condition. Some email causes me to bleed hate, but I can’t express such emotional positions that are directed as much at the mail as the person in polite (or impolite) company. So instead certain email festers like a gangrenous intellectual limbs, despoiling the entire body of my Inbox. Which generates more hate.
It’s a circle. Not necessarily virtuous, but a circle.