| 1.1 Portfolio
57. Email Policy | |
|---|
| 57. Email Policy: | | The email policy is cloned from the email policy provided by Google, Microsoft, Apple and others. Total compliance and compatibility with these common email application services is paramount. Each company can operate their own unique email policy and may include facilities that are unique and not supported by any other email provider. | | The email address is the prefix before the at "@" symbol - the suffix is a domain name that is subject to different international standards. Business messages sent to and from the company are shared with all approved persons. | | * BMS Catalogue | | * BMS Portfolio | | * Portfolio Email Policy |
| 2. Glossary: | | Message shall mean email and every other kind of electronic communication that must comply with PECR. | | Email-Client shall mean Google Gmail and Microsoft Outlook Mail that are funded by adverts or subscription. | | Person shall mean a person who is approved to use the private web site - a person who sends messages from the company. | | Contact shall mean an address book contact who is approved to send messages - a contact who send messages to the company. |
| 3. The Law: | | 1. Investigatory Powers Act 2016 may be disputed but it legalised what has happened for many years and what happens in many other countries. To comply with the law, every communication between two people must be recorded as an Internet Connection Record (ICR). Also every communication between a person and a web site must be recorded. | | 2. The Communications Service Provider (CSP) may be ordered to provide a formatted extract of ICR data with a non-disclosure clause. Many different agencies may make a request and the CSP must pay for all data extract and formatting costs. | | 3. Bespoke application services are provided with two different tables that must be securely encrypted to provide all ICR data. ZSIN is the web site sign-in log that has a record added each time a person signs in to the application web site. ZEMA is the email envelope log that has a record added each time an email envelope is sent from one person to another. | | 4. On the first day of each calendar month, the previous months ZSIN and ZEMA data is extracted and stored in an ICR file that is replicated to a swarm of secure data centers. ZSIN data that is more than 2 months old is physically destroyed. ZEMA data that is more than 3 months old is physically destroyed. Monthly ICR files are retained for 12 months and then destroyed. | | 5. One or more ICR files may be uploaded into the ZICR table for filtering, sorting and formatting according to what has been ordered. ZICR may consist of up to 200,000 small records that have a life cycle of a few days until the extract is completed and the table can be emptied. It is expected that any disclosure order will identify one or more peoples names so the amount of extracted data could be tiny. | | 6. As an Application Service Provider, no hardware of software is distributed so an order demanding a back door to be provided is not likely to happen. No encrypted software is distributed so no court order can ask for an encryption key or for some data to be decrypted. Assume that every hardware device must (eventually) have a back door and every encrypted application must have way to bypass the encryption - thats the law. |
| 3. Requirement: Backup | | Cloud-Drive is a folder in the cloud where documents can be backed up, uploaded and downloaded. A unique email address is used to upload documents that are stored by date and time - the document name has no significance. Document names shall be alpha-numeric - any non-standard symbols shall be removed as serving no business purpose. |
| 4. Requirement: Business-Address-Book | | Every business contact and staff persons name is maintained in the Business-Address-Book. Any message to or from an email address that is not in the Business-Address-Book is classified as private and will not be archive or indexed. Every business message has both the To and From email address in the Business-Address-Book and is archived as header, as message and as optional attachments. | | Spread sheets with filters on header enable messages to appear to be in many different folders at the same time. |
| 5. Requirement: Folder Per Contact | | A copy of every message received is stored in a folder per contact and shown in a spreadsheet per contact in date and time order. The business address book of contacts who deserve a folder is managed for the whole business. | | For each contact in the business address book, a message can be sent and that message will appear in the same folder and spreadsheet. By viewing a contacts messages, all messages sent and received are shown in date and time order. This is a view of the contacts inbox and sent messages for all messages to and from the business. |
| 6. Requirement: Folder Per Person (staff) | | A copy of every message received is stored in a folder per person and shown in a spreadsheet per person in date and time order. The business address book shows the people who are approved to share messages for the whole business. | | For each person in the business address book, a message can be sent and that message will appear in the same folder and spreadsheet. By viewing a person messages, all messages sent and received are shown in date and time order. This is a view of a persons inbox and sent messages for all messages to and from the business. | | A subset is "Me Today" to show all messages to and from a person on a selected date. |
| 7. Requirement: Multiple Spreadsheets | | The requirement to manually move messages from folder to folder is eliminated. Sent and received business messages are automatically indexed and can be viewed from many different forms. Click on any row in the list to view the message and its optional attachments. | | Private messages that use the business email address are not indexed and not shared. People will continue to process private messages using existing email client program. |
| 8. Requirement: Archive | | It is a business requirement to retain a copy of all business correspondance for a period of say seven years. Regardless of if a person chooses to delete a message using their email client program, a copy has aleady been archived. The archive is indexed by date and time that the message is sent by either the contact or a person. | | To match court audit requirements, nobody has the ability to delete or change any message in the archive - this is a provable fact. Every day a copy of all messages are encrypted, frozen and archived to many safe and secure data centers. If an agency gained physical access to any archive, the encrypted data would look like a lot of meaningless numbers. | | Messages from 2015 and earlier may be archived to a unique set of tables by calendar year. A spread sheet will enable each archive to to filtered and matching messages retrieved. For example: a Subject Access Request by "Sue.Salt" will simply filter on to-from email-prefixes and show all relevant messages. |
| 9. Requirement: Track and Trace | | Where a message is sent from the private web site, that message will comply with PECR subscription management as a public envelope with private contents. The private contents will include a menu bar with a "reply" button that shows a text area where private information can be communicated without email. This enables approved contacts to communicate private and confidential information without the possibility of a security breach. | | Where the contact chooses to opt-out and unsubscribe from such messages, then this is automatically recorded and further attempts to send the same message are prevented from being sent. Where a contact ignores the opt-in and opt-out links, then the email address may be wrong or unused. By monitoring the subscription history for each message, the actions taken by the contact can be determined. | | Any contact has the right to view their entire subscription history and make changes to what they have subscribed-to and unsubscribed-from. Every message envelope must have a link for the contact to change their specific subscriptions. |
| 10. Requirement: Evolution | | People may continue to use existing email client programs. Google Gmail and Microsoft Outlook Mail are funded by adverts. People may sign-in to their private web site to benefit from more advanced capabilities and higher levels of productivity. When people must comply with PECR, then only the private web site can be used. | | File Explorer provides a common level of user-interface experience for how messages can be listed and selected with a click. Columns can be sorted by clicking on the applicable heading. In addition, any column may be filtered. |
|
|