Unauthorised email access

floorpie

I don't know if this is the correct place to ask, but i'm curious about whether there are any laws in Ireland regarding people accessing other people's email accounts without authorisation?

If there is a law, does it depend on the method used to gain access? E.g. keylogging your pc, versus looking at you typing your password over your shoulder.

The only thing I can see which is vaguely relevant is "Disclosure of personal data which was obtained without authority" under the Data Protection Act, which seems to say that any unauthorised disclosure of private information is an offence. Is this relevant to this situation, given that it's a personal matter and isn't business data?

I'm asking because somebody accessed my personal email account without my say-so, and although I don't care too much (and will change my passwords and check for keyloggers etc), it got me curious about the legal aspect.

Regards

Holsten

Yes it's a criminal offense to do so under the Criminal Damage Act and can be punished with a fine or 3 months in jail.

It doesn't depend on the method used, they could tell you their password and it would still be an offense.

T-K-O

I complied a very detailed report and sent it to the data commissioner a few years back.
Yes it is an offence but in my experience any complaint will fall on deft ears.

syklops

Holsten wrote: »

they could tell you their password and it would still be an offense.

bonzodog2

Holsten wrote: »

It doesn't depend on the method used, they could tell you their password and it would still be an offense.

Surely you would then be authorised.

Holsten

I tell you my password to check my e-mail while with you - no problem.

Then a few weeks later you start to check my e-mail with the password I gave you while I'm not with you and don't know you're doing it.

See?

Dermot Illogical

Motive is important.

To make a gain or cause a loss: http://www.irishstatutebook.ie/2001/en/act/pub/0050/sec0009.html

General noseyness: http://www.irishstatutebook.ie/1991/en/act/pub/0031/sec0005.html#sec5

bonzodog2

Holsten wrote: »

I tell you my password to check my e-mail while with you - no problem.

Then a few weeks later you start to check my e-mail with the password I gave you while I'm not with you and don't know you're doing it.

See?

Security fail 101.
If you wanted to check your email on my computer, you could just type it in, no need to tell me.
If you had to tell me for some reason, you should change it afterwards.

beauf

bonzodog2 wrote: »

Security fail 101.
If you wanted to check your email on my computer, you could just type it in, no need to tell me.
If you had to tell me for some reason, you should change it afterwards.

+1

The only siutation would be where you con't have access to it, but someone else does. You should still change your password afterwards

CreepingDeath

floorpie wrote: »

I'm asking because somebody accessed my personal email account without my say-so

How do you know someone accessed it ?
Are you going by e-mails which are marked as read/unread?
Do you know someone who read your e-mails?

Did they send e-mail from your account?
Because e-mail spoofing does NOT require access to your account.
I could create an e-mail and put anyones e-mail address on it and send it out. When someone else reads it, and replies back, the replies go to you.
So spammers do that often.

Keyzer

bonzodog2 wrote: »

Security fail 101.
If you wanted to check your email on my computer, you could just type it in, no need to tell me.
If you had to tell me for some reason, you should change it afterwards.

Think bigger...

I've seen teams of people in the workplace share passwords in the event of someone being on holidays or sick so e-mail can be accessed. And it still goes on even after constant communications that sharing passwords is prohibited.

The commoner garden end user hasn't a care in the world about security until something bad happens.

RainyDay

Keyzer wrote: »

Think bigger...

I've seen teams of people in the workplace share passwords in the event of someone being on holidays or sick so e-mail can be accessed. And it still goes on even after constant communications that sharing passwords is prohibited.

The commoner garden end user hasn't a care in the world about security until something bad happens.

And senior managers share their passwords with their trusted secretaries and PAs, breaking Security 101 rules, and compromising the recipients of the passwords more than the givers.