Eric Mack just recently posted about the danger of reading misaddressed email. I get a lot of email that wasn't intended for me. I get a lot of email here at rhs.com that is really intended for the Royal Horticultural Society, whose domain is rhs.org.uk. Apparently, they must have an address email@example.com, because the messages come in to my "consulting" address. I also get messages that are the result of students using the initials of their school to register fake addresses on web sites or discussion boards. There are a lot of high schools that go by the initials "RHS". The messages intended for the Royal Horticultural Society are easy to respond to with a polite request to please update your records with the correct address. The messages intended for the high schoolers can usually be ignored completely, but sometimes they present ethical quandries.
Here is the latest such message. This particular kid has not even succeeded in creating an account yet, because MySpace is responsible enough to require an email confirmation to activate accounts, but the message sent by the MySpace confirmation robot contains something in the kid's account information that caught my eye. I've highlit the part that raises a question of what to do.
Hi -RHS -- Thanks for joining MySpace!
Here's your account info for logging in:
Keep it secret. Keep it safe.
Please confirm your MySpace account by clicking here:
http://www1.myspace.com/reloc.cfm?c=3&.....etc., etc. etc.
I've gotten a few messages over the years that carried much more clear evidence that they were intended for a troubled teen, and I have taken action in a couple of cases where there were sufficient clues in the message (e.g, school location, name or nickname of the kid, etc.) to notify someone. In this case, there's no information available to me, but MySpace may have much more info in the pending registration. The evidence that there's anything to be concerned about at all, though, is anything but clear. This could be a kid who desperately needs someone to reach out, and while MySpace may not be in the habit of monitoring their users for signs of such things, if they find out about it they should be obliged to do something -- and since I have accidentally gotten such a sign I should make sure they find out. Or, this could be a kid who isn't really at risk, who was perhaps just joking around or referring to an inside joke amongst friends, but who will be extraordinarily embarassed that someone three times his (or her) age actually got this message and reported it, and who could become embroiled in all sorts of unnecessary fallout as a result.
I'm not telling what I have (or haven't) done. What would you do? Contact MySpace and request that they check their registration data, locate the kid who used that password and notify parents or school? Or do nothing?
1. andy b08/23/2006 02:43:25 AM
As a parent of a pre-teen that thinks she is a tween already, I think we have an obligation to respond in a manner similar to how we would wish the situation be handled if it were our child that was the intended addressee.
Erroring on the safe side in this case is a perfectly reasonable thing to do.
2. andy b08/23/2006 02:51:57 AM
BTW, I think that I would be more interested in learning what MySpace's response would be if you do indeed contact them...the black eye they have gotten in the press lately might affect their actions.
I have a vice of playing online Texas Hold'em on PokerStar's play money side. I was at a table that had a kid claiming to be playing under his Dad's account...and more importantly claimed that he played on the 'real money' side as well. I reported him. Amazingly, I received a nearly instant live person response from PokerStars who suspended the account immediately pending investigation. About a week later, I got a follow up phone call from the same support tech expressing the father's gratitude for someone turning in his kid who had run up a meager $500 tab on his dad's credit card.
3. Chris Linfoot08/23/2006 06:40:55 AM
Report it to MySpace - assuming that the email verifiably is from MySpace.
4. Andrei Kouvchinnikov08/23/2006 09:31:13 AM
In this case MySpace would not do anything as there is no evidence about any potential danger to user or someone else. Are they supposed to alarm Homeland Security for every user who uses "kill Bush" as password?
I have used passwords like "dead-by-noon" and "kill_them_all", but now I've grown up and use "lotus666"
5. Richard Schwartz08/23/2006 10:11:25 AM
@4 Andrei: I have to disagree. The password of "Suicidal!" could, however, be considered evidence of potential danger to the the user. Not proof, but evidence. At this point, certainly, I can't be sure what MySpace would or would not do.
6. Greyhawk6808/23/2006 10:26:33 AM
Actually, the user could simply be a fan of Suicidal Tendencies, the seminal punk band.
Jumping to conclusions based solely on a password seems a bit much to me. Some of my passwords are WAY out there...
What if this was simply a bot spamming my space?
Anyway, I would have deleted the email and moved on.
7. Richard Schwartz08/23/2006 11:03:29 AM
@6 All you say is possibly true. Or not. I'm not jumping to conclusions. Just to suspicions. Some suspicions may be worth acting on, regardless of lack of proof. Hence the ethical and/or practical question here.
8. Pete Lyons08/23/2006 12:26:09 PM
In my spare time I work with a suicide prevention organization (See A New Sun Foundation, 4sans.org) that is advocating and providing schools with the funds to implement the SoS - Signs Of Suicide program. (http://www.mentalhealthscreening.org/highschool/index.aspx)
The program teaches kids and educator to be on the lookout for certain patterns of behavior that are good indicators of depression and suicidal thoughts and provides them with a game plan for responding to it. If this piece of data got back to people who had already observered a disturbing pattern it could make a difference.