Google Ordered To Shut Down Gmail Account Of User Who Received Unsolicited Banking Info

from the well-that-sucks dept

Yesterday, we wrote about Google being taken to court because Rocky Mountain Bank screwed up and sent confidential information to the wrong person’s gmail account. It’s still not clear why they were sending confidential info to anyone’s gmail account, let alone to the wrong person’s. The bank tried to contact the person at the email address, but had no luck. They asked Google about who it was, but Google refused without a court order. However, the court has gone even further, and ordered Google to deactivate the entire account. While you can absolutely understand why the bank wants the account shut down, to protect that info, it’s quite troubling that someone’s email account just gets deactivated, despite them doing absolutely nothing wrong. Especially in an era when people rely on their email accounts for all sorts of important things, having a judge deactivate the account of someone who did nothing wrong seems quite problematic. Yes, the bank screwed up. And yes, lots of information was potentially exposed, but that should be the bank’s problem — and not the email recipient’s.

Filed Under: , , ,
Companies: google, rocky mountain bank

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “Google Ordered To Shut Down Gmail Account Of User Who Received Unsolicited Banking Info”

Subscribe: RSS Leave a comment
Anonymous Coward says:

Why couldn’t the bank simply ask google to delete the specific E – Mail. If it’s already been read then shutting down the account is useless anyways. If it hasn’t been read then deleting the E – Mail will remedy the problem.

Regardless, this shouldn’t be Google’s problem, it shouldn’t be the courts problem, and it shouldn’t be the E – Mail recipients problem. But of course, in America if I make a mistake someone else has to pay. This is the kind of behavior our legal system encourages. This person had to pay with his/her Gmail account for the banks mistakes.

Now if someone doesn’t like me all they have to do is send me someone else’s personal info via a bank (ie: if they work at a bank) and then order a court to shut down my Gmail account. This can be used as a tool for malicious purposes or perhaps even extortion.

Or if the court does/did order personal information about the E – Mail recipient to be revealed, someone can make a phishing scam out of this in order to collect private information from people based on their E – Mail address.

Or if someone doesn’t like me over the Internet based on something I said that disagrees with them and they only know me and my E – Mail address over the Internet they can use this as a tool for either malicious purposes or to collect information about me.

Se7en says:

That is totally screwed up, and I hope that this story gets enough publicity that the Bank in question loses business. Who would want to trust them anyways, at this point? They can’t manage their own private information, and have no compunction destroying someone else’s private information, to cover their own asses? Disgraceful.

slackr (profile) says:


Does anyone else wonder how the hell this judgement ever happened? I can understand covering your mistakes can be a pain but who on earth sent the email in the first place?

“the bank mistakenly sent names, addresses, social security numbers and loan information of more than 1,300 customers to a Gmail address”

I can’t say that I’ve ever sent an email to the wrong person. Forgotten to attach something, yes, accidently mailed 1300 confidential pieces of info on an email, umm Not Even Close.

I really really want this to be a business email so that the bank is forced to reimburse the poor person who’s email account gets randomly shut down. They should just out of principle, it might help lessen the blow.

Ben Zayb says:

Re: Reimbursement

The idiot who sent the email must be the owner or one of the top people. Otherwise, such an idiot would have just gotten themselves fired then IT and PR ordered to remedy what they can.

Anyway, someone should just send the bank some “sensitive” information and have them blown out of the Internet as well. Rocky Mountain Bank my foot!

Anonymous Coward says:

I have a GMail account that I rarely use (perhaps once or twice a year at most). Given that no reply was made to the bank’s email request, it is not beyond the realm of possibility that the account is not one customarily used by the account holder. If this is the case, and certainly Google is in a position to make some kind of a preliminary determination, I fail to see how what is almost certainly a temporary measure is a meaningful violation of whatever legal rights the account holder may have.

If by some miracle the information was sent to my account, I can say with confidence that it will not be seen, if ever, for a very long time.

Chronno S. Trigger (profile) says:

Re: Re: Re: Re:

The court absolutely douse not have the right. It is a violation of free speech and privacy. It’s also definitely unjust punishment.

Think about it this way. You get some random E-Mail from a bank called Rocky Mountain Bank. You make a random Test-cicles joke and delete it. Latter you get another one and delete it again without looking. Why would you look at an E-Mail from a bank you don’t use? The next week you don’t have an E-Mail account. You latter find out it’s because a court ordered the entire account deleted because some fake sounding bank that you never worked with before send you over 1000 people’s account info (and the bank isn’t getting punished). That sound right to you?

jeadly (profile) says:

Re: rights

Its not about a person’s legal right to a gmail account. Google could decide to stop offering gmail tomorrow and we’d have no recourse. Its about a court’s ability to order a company to terminate a user account based on the independent actions of a separate third party.

Someone spills some DDT in your yard and has your water legally permanently disconnected so it doesn’t spread. Problem solved!

Anonymous Coward says:

The correct response is obvious: inform the customers whose account data was released, and issue them new account numbers/logins/whatever when possible, and otherwise inform them to be on the lookout for identity theft (in the case of exposed SSNs, etc). If the victims have a problem with that, they take it up with the BANK, who made the mistake in the first place.

AmusingMuse says:

It was probably someone an employee of the bank knew and won’t admit too…I will admit that I have accidentally sent things from work to the wrong person in my address book before because I just entered the first name and let it autofill the rest in a hurry. (I don’t work at a bank or deal with sensitive info) It is still the bank or some employee therein’s fault as this sort of info should not have been being emailed in the first place.

Anonymous Coward says:

If I received an email that was ADDRESSED to me, ie, was not received in error (maybe transmitted in error) then screw Rocky Mountain Bank and I’d be trying to send emails to all those names I had that Rocky Mountain Bank had screwed up and letting them know that Rocky Mountain Bank are idiots.

The reality is, Rocky Mountain Bank is NOT doing the right thing because they should be proactively protecting the customers such that the contents of the email has no value and/or mitigate its value. Going after Google doesn’t do anything to protect the customers. For all Rocky Mountain Bank knows, the addressee got the info, sold it to some Nigerian and its customers are getting screwed. Instead of spending $100K in lawyers to go after Google, it should be protecting the customers.. they can NEVER really know that it has been contained and they can NEVER provide it.. What Assholes.

I’d tell Judge James Ware to go screw himself and tell Rocky Mountain Bank to immediately mitigate the damages or face comtempt of Court.

The Bank’s libility is open for class action, and in fact, I wish I was on the list to drive their lawyers and CEO nuts.

Ed C. says:

The judge must have been a luddie

Simply deleting the message from his account would have been enough IF he hadn’t seen it, but otherwise, there’s NOTHING that Google could have done. Seriously, why would anyone but a silly luddie think that deleting the account would stop the recipient from using the information if he’d already seen it? Hell, even if the guy was another luddie that didn’t even know how to copy-paste text, he still could have taken screen shots with a Polaroid!

Anonymous Coward says:

Not the end

I suspect that the user will be able to sue, successfully, for the inconvenience.

It’d be even funnier if the spam filters got it.

Of course, that information is not only still on Google’s servers, but it’s now in Google’s indexers. Regardless of if the user can get to it.

Maybe the reason the account holder couldn’t be reached is that they are using it as a forwarding address, in which case, the email is now somewhere else. For instance, I have many gmail accounts I use IMAP to access. So the mail would already be on my clients.

Methinks the cat is long out of the bag.

Anonymous Coward says:

Strange world.

I think the bank reaction is fine even though it was overreacting in how it did it, but the security of their clients should be paramount to then and that is what they did or tried.

Google’s reaction is ok to, they did it by the book.

What I think it should happen now is the poor SOB should go and sue Google for damages for having his life disrupted and then Google sue the banks to get those damages back.

And if you people don’t do it already please remember:

– Use more then one account and use software to mirror the contents of those accounts.

– Those accounts have no cryptography and are open to the world, if you really want privacy and some degree of security start encrypting your channels now there are many, many ways to do it.

Gary (profile) says:

Does the bank not understand that shutting down the account doesnt stop the email. heck by the time the banks goes “oh shi#@” email sent to my gmail account in on my smartphone and my desktop email program has grabbed copies of it and put it in my email archive. Did anyone at google even check to see if it was read, maybe its in a spam folder.

Anonymous Coward says:

I auto forward all my email to 100 gmail account. Through a simple process all 100 accounts stay all synced up. Power through redundancy. Mind after reading this I will have to push my accounts up to 1000 gmail accounts and a few 100 hotmail/yahoo accounts. Can not be to careful and miss out on some special offer from a Nigerian National who desperately needs my help!

GregSJ (user link) says:

Judge Ware

Shocked Judge Ware was the author of this deactivation order. From my personal experience I believe he is very knowledgeable about technology and the internet. I can’t understand how this wouldn’t be a temporary deactivation until the email can be recovered and the a quick investigation into whether the information had been further disseminated.

phil says:

Motion papers are here:

August 12 bank emails confidential information
August 13 bank attempts to contact email account holder. No response; banks determines that it is a valid account
September 1st, Federal Reserve tells them they need to take steps to freeze and/or determine status of the account
September 17th Bank files complaint
September 22 Bank files for TRO against Google
Yesterday the order comes down.
So. It’s a temporary restraining order. Meaning temporary.
The person was asked about what happened to the information, and didn’t answer. Some of you may think that you have the right to not answer legitimate questions and not have somebody draw conclusions about your behavior, but that’s not this country-nor any country on earth. Sure, it may be entirely innocent-in fact, the most likely explanation is that the gmail account is valid, but inactive, in which case this order is almost a nullity and nothing to be calling a judge a jackass over.

Before people get their knickers all in a twist, imagine if somebody accidentally mailed confidential information to you to your house and when they came to ask you what you did with, you refused to answer? What do you think would happen then?

Phil says:

Re: Absurd

I guess you’re suggesting that it makes no sense to shut the barn door after the horses have run out.

Only in this case, no one even knows if the horses have left he barn, or even if the door is open in the first place. You seem to be taking the position that it’s wrong for the Judge to order Google to close the door and find out if the horses are missing.

hiptech (profile) says:

More banking incompetence...

I thought all the big mistakes in the banking industry were fixed?

As for the mis-sent email – I don’t see any problem. After all how could Bernie Madoff make any possible use of the information from behind bars?

But seriously, why don’t the bank do what banks do best… offer a large sum of money as a reward?

Oh, never mind I just remembered – the guy that got the email isn’t a CEO 😉

cb on bonanzle (user link) says:

Rocky Mountain Bank is wrong

This just blows my mind. I’m sorry, but Rocky Mountain Bank was in the wrong here. Totally in the wrong. They should have reprimanded their employee instead. I would have to question as to WHY did the employee have to email ANYONE a list of sensitive information? Do people NOT know or realize that emailing from one address to another is NOT safe or confidential as we are lead to believe. Emails can be intercepted along the route by hackers and those who use script programs to spy on mail servers and such.

I sincerely hope that Rocky Mountain Bank customers have heard about this story and hope that they close their accounts at Rocky Mountain Bank PRONTO and find another bank to do business at. Rocky Mountain Bank needs to take responsibility of their own f**k up instead of blaming someone else or trying to pretend that a criminal phantom exists when it doesn’t.

Just who the hell does Rocky Mountain Bank think they are to take away someone’s right to have an email account? Corporations like them seriously disgust me. I hope that whoever the person is that had their email account taken away, I hope that person sues the living sh** out of Rocky Mountain Bank AND Google.

steven griffiths says:

close my gmail account

can you plaese close my g mail accopunt as this is some think that i don.t need close the dame thing for me if you can as i what by uiseing it as from the 5-4-2013 kind regareds steven griffiths and do me afather stop messing around and get reall thank,s and i get no intrest in going to iland ever so fuck off

Add Your Comment

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...