I sincerely hope that Rocky Mountain Bank customers have heard about this story and hope that they close their accounts at Rocky Mountain Bank PRONTO and find another bank to do business at. Rocky Mountain Bank needs to take responsibility of their own f**k up instead of blaming someone else or trying to pretend that a criminal phantom exists when it doesn’t.

Just who the hell does Rocky Mountain Bank think they are to take away someone’s right to have an email account? Corporations like them seriously disgust me. I hope that whoever the person is that had their email account taken away, I hope that person sues the living sh** out of Rocky Mountain Bank AND Google.

So there’s no guarantee that shutting down this account helped. If this user did the same thing, that file is on his/her computer. So much for bullying people, stupid bank.

I’d also feel punitive damages would be in order, since this was the result of initial criminal negligence on the part of the bank’s agent.

I have had a similar experience: being the recipient of email that contained information intended for someone else (but nearly as egregious as this case with SS numbers etc.) I too am very suspicious of phishing so did nothing but put in the trash the first couple of times. When it continued to happen I did a search for the firm sending the emails and found them to be legit so I contacted them and informed them that I was deleting the attachments but that they had the wrong email address and they needed to fix the situation. I also figured out who they were intending the email for and I contacted that person as well. I don’t think I had to do any of this but I was not comfortable not getting it straightened out.

I attempt to keep up on anthropology, hence reading Greg’s blog, but there are so many other areas that there is no way I could keep up with all of them. The judge has chosen his areas to watch and it is apparent cyberlaw is not one he follows.

I think it is more a situation of not understanding ramifications and just not being tech savy. I am friends with many people who, even though they own computers, do not use them. Other people in their family do, but not them.

Did you get a permanent IP address from your ISP?

Haven’t the banks heard of phishing? I get about 10-15 emails a day from ‘banks’. The incompetence of banks in all areas of expertise is astounding.

While I actually do get email alerts from my credit union, they provide no information about my account excepting the alert that my debit account had dipped below a certain point. Anything else that comes in from a bank – or claims to, never makes it to my inbox. I would be happy to cooperate with folks in the event of a problem, but in case of a problem like this, I would never be aware it happened. I suspect that few gmail users would be, as it is gmail’s general spam filter that keeps it all out.

And I would totally be fucked about if my main gmail account were closed. I email anything important to myself for safe keeping – precisely because google fucking rules when it comes to keeping shit safe. Unlikely or not, I have opened yet another gmail account and will be forwarding everything I need safe to that one as a backup.

I ultimately suspect the biggest problem here, is that the judge wasn’t tech savvy enough to understand the problems with his ruling – not the least being that no one actually knows if the information was secured by simply deleting the account, much less that it wasn’t the only way to solve the problem.

Greg: “The problem is the social security numbers. That is the weak link in the chain!”

SS numbers shouldn’t be in the chain at all. They can be trusted to be secret as much as your street address. They are addresses to data records, and were never even intended to be secret in cryptographic sense.

There are numerous better ways to securely authenticate people. The banks, of all companies, should have their own ID management solutions. Ask any Scandinavian bank for details. They even do extra business by offering their on-line secure authentication service to web shops. Here in Finland even the tax collector trusts your bank authentication – but not your SS number.