Verifying That Emails Are Received
When does the law require you to follow up an email to see if it was received? Is that a matter of prudence only, i.e. if you really have to know, you had better follow up? Are you liable for negligence for not following up, in important cases, or all cases, if the message was not received?
A recent Swiss case – in the Federal Supreme Court – held that senders of emails have a duty to verify receipt in almost all cases. On the facts of the case, the result may be OK: an agent for a taxpayer emailed its client to warn of a tax filing deadline; the email went astray and the client was penalized. The risk was that of the agent. (It’s not a case about the law of agency.)
The case states a general proposition that the risk of non-delivery of an email is always on the sender – because delivery is known to be not thoroughly reliable.
Would this be the law in Canada, or where you are? is that too strong a proposition? Suppose the sender could prove that the email got to the addressee’s computer but was filtered out or lost once there. When does the risk (and responsibility) shift to the addressee?
(The questions are the civil side of those I posed last week about whether a regulatory or prosecutorial body could start a proceeding by email notice, without statutory or contractual authorization. Would it be acceptable if the regulator or prosecutor checked to see if the notice of hearing – e.g. – had been received?)
Is it a situation like signatures, where the risk that a signature is forged always lies on the person relying on the signature?
Is it true that the delivery of emails less reliable than that of postal mail, or faxes? Is it sufficiently true that rules of law should be built on that proposition?
The SMTP (email) protocol has all the hallmarks of a properly designed safety critical system[1,2], but PC implementations of mailboxes and final delivery are, in my humble opinion, shoddy.
Email to a blackberry, for example, can be every bit as good as postal mail. To an as-cheap-as-possible phone or pc, you could lose as many as one in a thousand messages.
I consider non-reply to email or fax as predominantly a human problem, and check if I don’t hear back. This catches the human blunders, and the occasional technical one.
Therefore:
– email is less reliable than postal mail, approximately as reliable as fax, but far more reliable than the mail recipient
– depending on humans is a risk to the person doing the depending (:-))
– I don’t think it needs to be distinguished from fax or surface mail, but it is distinguishable from registered mail.
–dave
[Full disclosure:
1. I implemented SMTP on Honeywell GCOS
2. I also analyzed it in a safety-critical software course]
Options for improving email communications security include:
(1) Some sort of official communications or security infrastructure. A decade or more ago, the Federation of Canadian Law Societies explored the establishment of a nation PKI CA, or something along those lines. Seems to have not materialized.
(2) Some other third-party service in which there is a sound basis for reliance, such as Canada Post’s epost service (possibly; I don’t know much about it).
A recent New Zealand Auckland District Law Society News article covered some of the problems of email and the 2007 case of Brett Larsen v Rick Dees Ltd involving fax. The court found that a contract for purchase of land is not validly completed where settled with a transfer of funds electronically within the time limit, while notification of this transfer was just 7 minutes out of time because a fax machine was busy. To avoid such problems, the Law Society contract for sale of land now provides that a notice is deemed to be served when received by a “Secure Document Exchange” system, as opposed to when the notice is downloaded/received. Such a system is now in operation in NZ.