Hmmmm
Group policy to ensure external email addresses can't be added to Exchange address book.
Job done.
Where do I send *my* bill for £250,000 ?
Dyfed-Powys Police in Wales, UK, sent confidential information that could identify convicted sex offenders to a member of the public by accident. Although the leak was minor, Brit watchdog the ICO fined the force £150,000 as it indicated sloppy internal processes. An officer sent an email chain containing the names and …
Well, the names certainly appeear in court reports and are recorded by the media, so it is entirely untrue to say with that News International innuendo "the identities of sex offenders are kept confidential", There's also a procedure for people who have genuine suspicions about an individual with whom they or their family have contact to have them checked out.
Even the US don't give you their phone numbers and e-mail addresses, though. And given the database reports that in DC alone there are 1100 registered offenders, knowing where a few of the locals happen to be doesn't really increase your security, it simply encourages the local paediatrician-haters to ignore the rather mealy-mouthed warning:
Abuse of this information to threaten, intimidate, harass, or harm registered sex offenders, their families, or their property will not be tolerated and is subject to prosecution.
> The mistake occurred because an officer sent the email chain to the first entry that auto-completed from the address book, which turned out to be to one “AB”, a member of a community scheme.
> Amongst the recommendations of good practice are the creation of an email address that takes first place in the address book, that only goes to an internal recipient (e.g., “Aaron Aardvark”).
Perhaps it's been too long since I last used Micro$oft Outhouse, but doesn't it provide auto-complete suggestions as one types? So, as I type each character of "Joe Bloggs" into the To box, it might suggest "James Dean", "Joan Smith", "Joe Axe", etc? In which case, simply adding "Aaron Aardvark" to the address book isn't exactly a great fix—and not just because there might (now, or in the future) happen to be an "Aabha Aaberg" in there too.
How about some technologically literate suggestions instead—perhaps:
(1) not permitting external contacts to reside within address books that are used for auto completion, either by maintaining separate address books or by disabling auto completion; and/or
(2) not sending sensitive information via plaintext email, but instead utilising encrypted messaging with a decent PKI.
There's a slightly odd tone to this report, like you are wanting to say "Burn the Paedos!", but can't quite bring yourselves to do it. As Warm Braw says, there's a perfectly good reason we don't publicly track and name those on the, er, register, as it would just encourage vigilante attacks. That might make a few feel better in the short term, it's pretty bad for society.
Lets think of some sensible reasons for the offenders names to be kept secret.
People can be on the offenders register for reasons that most people would not regard as particularly vile.
e.g. In UK, most public toilets now closed, if someone is "caught short" & urinates in public (as no toilets available) then possible to be convicted of indecent exposure and go on the offenders register, even if happens at night, when dark & person trying to hide as much as possible e.g. not spraying in the middle of the town square but in a quiet corner.
With sexting & similar digital image transfer activities prevalent amongst kids, lots of kids ending on register for sending pics of their (underage schoolkid) unclothed self to their (underage schoolkid) boyfriend / girlfriend.
And of course, potentially dubious convictions can easily happen. I'm sure many readers of an IT site would be able to think of ways in which it's easy to plant images on someones computer, add short lived self killing after a while trojan that makes unnoticed internet calls to dubious sites etc.
Even if, magically, the offenders list was 100% full of people who were guilty of vile crimes (lets not even get onto questions of how many likely to re-offend, probably less than 100%), would you really want to publicise it and risk vigilantism / mob "justice"? The criminal justice system may be flawed, but it's part of the social contract as citizens that if someone has served their time then they get released (unless they are deemed unsuitable for release for various reasons)
Sorry have not some of the previous articles written by you guys been on how easy it is to be placed on the sex offenders register even if it's not really a proper sex crime? Extreme porn laws and such. And yet now you seem to be implying that this info should be released so they can be treated like rapists. Wow man, thought at least the people who wrote for this site had some iota of intelligence and shame.
How much do you think the British public could be trusted with access to sex offender information? The repressed UK is like a constant Carry On film - permanent and prurient obsession with all things sexual. Convicts can rehabilitate after committing murder, armed robbery etc, but it seems there's no way back for a sex offender in this country. That's the "reason" the public doesn't have open access to the information. There are plenty of satisfactory legal measures in place to make sure known offenders are properly monitored and the risks minimised. Nosey parkers and vigilantes aren't part of that.
"names and addresses of eight registered offenders, along with the phone numbers and email addresses"
I can't help feeling that goes a little beyond "could". Short of mailing out copies of their birth certificates it would be difficult to be much more explicit in identifying them.