OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
[Dataloss] fringe: ESRB accidentally releases email addresses of Real ID complainants

From: security curmudgeon (jerichoattrition.org)
Date: Tue Jul 13 2010 - 17:03:58 CDT


[While e-mail addresses are public, the specific list and their
  association with Real ID complaints is not.]

http://www.joystiq.com/2010/07/12/esrb-accidentally-releases-email-addresses-of-real-id-complainan/

ESRB accidentally releases email addresses of Real ID complainants
by Ben Gilbert on Jul 12th 2010 11:10PM

In an ironic turn of events this evening, it appears that the
Entertainment Software Ratings Board has revealed the entire list of email
addresses belonging to people who appealed to the ESA's rating group over
Blizzard's recently proposed and then retracted Real ID implementation.
According to our World of Warcraft-focused sister site WoW.com, the ESRB
issued a response letter to the nearly 1,000 folks who had emailed with
complaints about Blizzard's decision -- unfortunately, it seems that
rather than hide everyone's email addresses, someone hit "reply all."

We've dropped the letter itself beyond the break, which, as WoW.com points
out, concludes with a statement espousing the ESRB's "Privacy Online"
program. Whoops! All that said, mistakes will happen from time to time.
Unlike Blizzard, however, the ESRB can't simply take this back.

"Thank you for contacting the Entertainment Software Rating Board (ESRB)
regarding the policy recently announced by Blizzard Entertainment which
would have required participants in its official forums to post comments
using their real first and last names, and for expressing your concerns
regarding potential privacy implications.

It is our understanding that Blizzard has provided an update announcing
that it will not be implementing the above-referenced policy with respect
to its forums, and users will not be required to post using their real
names. You can read Blizzard's announcement regarding this most recent
development at
http://forums.worldofwarcraft.com/thread.html?topicId=25968987278&sid=1&pageNo=1.

Separately, if you have questions regarding Blizzard's implementation of
its Real ID option -- which by our understanding is unrelated to
Blizzard's plans for its forums -- and/or the new capabilities this option
offers, they will likely be answered by reviewing the information posted
at http://www.battle.net/realid/.

ESRB, through its Privacy Online program, helps companies develop
practices to safeguard users' personal information online while still
providing a safe and enjoyable video game experience for all. We
appreciate your taking the time to contact us with your concerns, and
please feel free to direct any future inquiries you may have regarding
online privacy to our attention.

Regards,

Entertainment Software Rating Board"
_______________________________________________
Dataloss Mailing List (datalossdatalossdb.org)
Archived at http://seclists.org/dataloss/

Get business, compliance, IT and security staff on the same page with
CREDANT Technologies: The Shortcut Guide to Understanding Data Protection
from Four Critical Perspectives. The eBook begins with considerations
important to executives and business leaders.
http://www.credant.com/campaigns/ebook-chpt-one-web.php