Saturday, 30 August 2014

Outbox.. have you heard???

Outbox apparently is a "novel" service in the US. It is refereed as a "disruptive innovation". Basically, their innovation is that they will open the mail that it was post to you (read it maybe), scan it, and email it to you.
Effectively, the idea behind this is to have your mail delivered to you through email, wherever you are. Of course there is a monthly fee that you need to pay in order to use this service.
There is a huge debate between the founders of Outbox and the postal service in the US regarding this "disruption of the postal service". The following article summarises pretty well the views from both sides [1] and give you a nice inside on what is going on.

This blog post is about the security/privacy of the contents of the postal mail, by also taking under consideration is it is ethical as well, looking into the recipient's and the sender's perspective. It is not intended to discuss/debate if the Outbox idea is an innovation or a disruption of the postal service.
When a letter is sent, you expect it to be read by the intended recipient. In a household of different people (family or sharing) this is always one of the fundamental rules; not to open mail which is not intended for you. Everybody understands and respects that. Even if you know what is it, for example a magazine you are subscribed to (e.g. Time, Fortune, which come in clear packaging) you know it is inappropriate to open it or even ask if you can open it. It is invasion of privacy and inappropriate even if you do ask, becasue you force the other person to feel uncomfortable by asking them if you can open their mail. Bottom line, you must not open and you must not even ask if you can open someone else's postal mail.

Having said the above, I would like you to think about:

The recipient's responsibilities:
  • Do you need to inform your sender's that you are using Outbox, so they can decide themselves if they want to send you a letter or not? We are not talking about what you consider to be junk mail to you or flyer from local restaurants/events. We are talking about genuine mail, which may come from companies, organisations, banks, your friends.
  • What happens if the bank decide to sent you an important unmarked letter and you have set up a rule with Outbox saying "all other mail" to be opened and scanned. So, you have authorised that third-party to open that/those letter(s), and lets assume for a second that this third-party decides to skim you because during the past year he/she has collected enough information about you, to put together how to do it. Practically, it is your fault in this case and the bank should not give you the stolen money back. He is going to be prosecuted for fraud, but it is your practically your fault not taking the security of your personal information and letter's intended to yourself seriously, allowing access to them by third-parties. 

The senders privacy:
  • When you sent a letter, do you want it to be read by someone else that the intended recipient?
  • Does the sender need to know that you are using Outbox before he/she decides to sent you?
  • What happens if the sender's privacy is compromised because you allowed a third-party to read the contents of a letter addressed to you. 
  • What happens if someone (your aunt) decides to sent you a card with $100 bill in it. Does the person you opened the letter is going to keep it? Can you prove there were $100 dollars in the letter? Maybe they deposit it to you, after a 15% handling fee. How would you feel about that?
  • Are you allowed to disclose someone's personal feelings and thoughts to a third-party? How would you feel about this as invasion of privacy?
  • What happens if the sensitive/personal information contained in the letters are posted on the Internet. Your address is there anyway, so you could be easily targeted. Can you prove who did this? Good luck if you believe you can. 

Outbox responsibility for Data protection:
  • Mail being scanned will be emailed to you. Will Outbox keep a copy of it in their data centre?
  • What happens, if they get hacked? Will they be responsible for any personal data of yours leaked to the public and compensate you?
  • What stops them to sell the sensitive information to advertisers, and generally to third parties?
  • Some will say that the agreement is not to sell the info, but none can stop what happened with WhatsApp. They were Facebook and people's phone-numbers belong to them now. So, what happens if Outbos is bought by Google, will Google own all your sensitive information which you tried to keep off-line for so long? 

Other Considerations:
  • Who is responsible for loosing the mail? What if the postal service puts it in the Outbox box outside your house and Outbox collection service looses? Do you think you will be able to win the fight between Outbox and the postal service in order to get compensated?

I do believe that one can find even more reasons to list on how the recepient's/sender's security, privacy and ethics are being affected here. Once again, this is not to discuss if the idea of digitalisation of postal mail is innovative or disruptive; it is only intended to discuss the security, privacy and ethics involved in the way it is being sold and marketed at this stage. Looking forward to hear people's thoughts.


No comments:

Post a Comment