[Bigbang-dev] on privacy impacts of email list archiving
Nick Doty
ndoty at cdt.org
Mon Oct 24 20:11:25 CEST 2022
Two relevant pieces:
There is an existing, informal header to request that an email or
newsgroup message not be archived, X-No-Archive:
https://en.wikipedia.org/wiki/X-No-Archive
It sounds like default mailman installations will respect the header
and not archive messages with an XNA header. IETF specifically notes
that they ignore this header and publicly archive messages anyway. As
I believe headers are typically archived as well, it might be
interesting to measure how frequently this header is used, or what
kinds of messages are being sent with the no-archive header and are
being archived.
There has been some controversy stemming from someone sending a
message to an IETF mailing list without realizing it was a publicly
archived mailing list, and then being upset that there message and
email address were publicly posted. That included some argument that
GPDR gave a right to have that information deleted.
I think this partly stems from IETF not giving an email sender warning
ahead of time that a message will be publicly archived. W3C has an
"archive approval system" in which you receive an automated email the
first time you send to a list, and are informed and have to click
approval before your message will be distributed and archived:
https://www.w3.org/Mail/FAQ.html#aa
IETF doesn't have that, and I think maybe they should implement
something like that to decrease the likelihood of this situation.
Or if there were a commonly used technology to inform senders about
the practices of a mailing list and to confirm public archiving
preference, that could be usefully applied to IETF, W3C and many other
mailing lists which are likely to encounter the same problems.
We had briefly discussed on some previous BigBang calls whether there
should be a header regarding opting out of research on mailing lists,
which is a proposal that I apologize that I didn't pursue further. But
I think opting-out of archiving is likely the more relevant step -- it
would be good if it were more effective and more understood by email
senders whether a message is going to be archived or whether or not
the sender wants it to be archived. And we could consider modifying
bigbang to skip messages or warn about messages that have an
x-no-archive header.
—Nick
More information about the Bigbang-dev
mailing list