I genuinely can’t think of a situation where this makes sense, either as a way to keep the email clean for discovery or anything vaguely related (like concerns about employees leaking to journalists). On the other hand, it makes a lot of sense for phishing prevention. Seriously, if you can think of an example, tell me. I’m stumped.
I have no idea, I was thinking in terms of outsiders informing people of problems. It would be more for downstream products than anything else. But you’re probably right and this whole line of thinking is irrelevant.
On reading this post, I immediately thought of sending companies email about risks as a way to inject potential liability into their decision process. “Hey, I cut my finger on your sharp holiday ornament. You should get that looked at.” Then, when there’s an ornament class action suit, it can be shown that they ignored the information. More to the point, in theory they might be motivated to preemptively address the risk to avoid this newly enlarged liability, especially if legal counsel is copied. It’s slightly fanciful in the real world, but that’s the theory.
So yes, I would not be at all surprised if the email whitelist practice is in part to avoid liability.
I genuinely can’t think of a situation where this makes sense, either as a way to keep the email clean for discovery or anything vaguely related (like concerns about employees leaking to journalists). On the other hand, it makes a lot of sense for phishing prevention. Seriously, if you can think of an example, tell me. I’m stumped.
I have no idea, I was thinking in terms of outsiders informing people of problems. It would be more for downstream products than anything else. But you’re probably right and this whole line of thinking is irrelevant.
On reading this post, I immediately thought of sending companies email about risks as a way to inject potential liability into their decision process. “Hey, I cut my finger on your sharp holiday ornament. You should get that looked at.” Then, when there’s an ornament class action suit, it can be shown that they ignored the information. More to the point, in theory they might be motivated to preemptively address the risk to avoid this newly enlarged liability, especially if legal counsel is copied. It’s slightly fanciful in the real world, but that’s the theory.
So yes, I would not be at all surprised if the email whitelist practice is in part to avoid liability.