Legality issue? 1866



  • Any help on this would be greatly appreciated.
    Is it possible or even legal to retrieve someone’s email address if they visit your website?
    If not, can you please point me the direction which states that?
    Thanks.



  • Any help on this would be greatly appreciated.
    Is it possible or even legal to retrieve someone’s email address if they visit your website?
    If not, can you please point me the direction which states that?
    Thanks.
    How would one accomplish this without the user actually knowingly entering in their e-mail address?
    An e-mail address is not like an IP address, there is no way to ‘capture’ an e-mail address when someone visits your website unless you force the user to enter it in themselves.



  • It is very easy to use email spiders to extract email addresses from websites using HTTP.
    Spammers regularely use spiders (looking for mailto: HTML tags for example)
    Do not do it
    It is not a Sarbanes Oxley Issue.

    1. In the USA:
      A. CONSTITUTIONAL
      Fourth Amendment to the United States Constitution, ‘reasonable expectation of privacy’
      B. FEDERAL
      Federal CAN-SPAM Act, 2003
      permission-based email
      SEC. 5. (b) Aggravated Violations Relating to Commercial Electronic Mail-
      (1) Address harvesting and dictionary attacks-
      (A) IN GENERAL- It is unlawful for any person to initiate the transmission, to a protected computer, of a commercial electronic mail message…

    on the basis of objective circumstances, that…
    (i) the electronic mail address of the recipient was obtained using an automated means…
    (stanford.edu/dept/legal/Worddocs/canspamAct.pdf)
    C. STATE
    (spamlaws.com/state/summary.shtml)
    2. In Europe:
    Data Protection Directive
    National legislation to all member countries
    Without permission you can not collect and process information of visitors.
    Note:
    Be careful.
    More likely than not, you violate the legal/privacy policy of your company’s web site. They will not cover you.



  • I guess I was speaking from ignorance. How can this be done? Spare me the technical jargon. I guess I could see a cookie being placed within my cache and then this cookie could crawl websites where I may have placed my e-mail address?



  • As one experienced in the security field, I agree with George 100% that you should not capture email, IP, or other information from a website visitor in a sereptious (secret) manner.%0AHowever, it is legal to capture this in a Guestbook or other form based facility, where you might invite folks to signup for newsletters or other items. You can capture info as long as folks enter it themselves . If you do so, make certain you protect their privacy and confidentiality in the process.%0AHope this helps 🙂


Log in to reply