Comment an email address that's in use... (Score 1) 265
...should be considered public information. The street address comparison seems analogous here in many ways - just like anyone can see your address from the street, any time you use an e-mail address as a UID, it should be assumed that it's public. In other words, there should be no expectation on the part of someone sharing their address that it'll be kept secret.
I'm not saying this is a good thing (I think that, in general, sites that collect private information have at least an implicit responsibility to keep it private), but the bigger issue is that the average internet user needs to be aware of these really basic facts. Just like he/she needs to be skeptical enough not to click through to phishing attacks.
Until the state of awareness on these issues increases, there will always be opportunities for these sorts of marginal attacks on people's privacy.
I'm not saying this is a good thing (I think that, in general, sites that collect private information have at least an implicit responsibility to keep it private), but the bigger issue is that the average internet user needs to be aware of these really basic facts. Just like he/she needs to be skeptical enough not to click through to phishing attacks.
Until the state of awareness on these issues increases, there will always be opportunities for these sorts of marginal attacks on people's privacy.
