Follow Up: Personal Information In Emails, Library Edition


Deleting messages

I posted a while ago about a security issue with TelstraClear’s webmail. Mainly that I could access an email account through the referring URL gathered through this blog’s statistics.

This made me think about the personal information that I have in my email account.

The library here in Christchurch includes users’ addresses in the header of all emails that they send out automatically (reminders about due books, holds, etc). I gather libraries around the country do this.

This always struck me as strange, because there’s no need to include this information.

An address isn’t the most private information in the world, but if someone broke into my email account, it’s something I wouldn’t like them to have.

So I asked the library about it. Here’s their response:

“Thank you for your recent query as to why postal address details are included in Christchurch City Libraries customer email notifications.

SirsiDynix, the integrated library system provider used by Christchurch City Libraries, have responded that identical address information is shown on both notification options [email and snail mail] because the reports draw on the same User Address information. Their opinion is that modifying the script to suit emailed notices would harm the report’s ability to print the needed addresses for mailed notices.

Unfortunately in-house report customisation is not currently a viable option because of time and financial constraints but we would certainly re-evaluate should there be further customer demand. We are not aware of any likely changes to the SirsiDynix system in the near future.”

No dice.

Image credit: Fiona Bradley

Leave a Reply