Who’s at fault?

I know each and everyone of us has had that feeling: children most likely refer to it as having butterflies in their stomach. Your palms get all wet and you start feeling sweaty. You have just made a mistake and have lost a lifetimes worth of data.

From various news reports and the court ruling an employee of the Rocky Mountain Bank felt the exactly the same way or worse when he or she mistakenly sent confidential bank information to the wrong Gmail account.

A customer of the Rocky Mountain Bank in Wyoming had previously asked for this information from the bank and something unfortunate happened when the employee sent the e-mail which included an attachment of confidential information on over 1000 accounts to the wrong email address. The attached data file included names, addresses, tax identification numbers and loan information.

On realizing the mistake the Rocky Mountain Bank employee tried to recall the e-mail but to no avail. They also sent a follow-up message to the recipient in attempt to persuade him or her to destroy the message and the attachment without reading the contents. They also requested the recipient to contact the bank to discuss the next step of actions.

A request was also sent to Google for information on the Gmail account, however the giant search engine provider declined to reveal such information without a court order. Rocky Mountain Bank then filed a suit to force the disclosure of the account information. To make matter worse for them a federal judge denied their request to seal the case on Friday 18th September, 2009.

So who is to blame? The bank employee made two costly mistakes: typing the wrong e-mail address in the To: input box and sending a file which should not have been sent. It is unfortunate for him or her. We all make mistakes, and some cost us dearly. Even more, I sympathize with the bank customers whose life savings are probably not safe due to careless handling.

Rocky Mountain Bank should have emplaced better systems to prevent confidential information from being sent to the wrong recipient. Data encryption is a known security measure, this would have prevented the wrong person from reading the data. Furthermore, for crying out loud it is a Bank and covering up their mistake would have avoided negative publicity. The bank argued that sealing the case was to prevent needless customer panic. They should have looked into a better method to correct the mistake and reassured monitory support to the customers affected.

In my opinion the bank’s response was unsatisfactory. They want Google to turn over proprietary information and the Gmail account owner to contact the bank. They also want the court to seal the proceedings and protect their own reputation but this leaves you wondering what the bank is doing to resolve the issue?

What about you? Take a poll on who bears the blame for Rocky Mountain Bank’s erroneously-sent e-mail?