i think there is a clear precedent of trust with telephone operators, although less so with tech support. for example, when you place a credit card order by phone (if people still do that,) you're trusting them with sensitive data that the operator could easily run away with. although there are more safeguards in place with credit cards, the risk is the same. i would assume that there are legal documents along the lines of an NDA between the company and the operator/techie, and that the disgruntled employee would very clearly be in breach of that agreement. standard caveat: IANAL... from a developer's perspective, i don't understand why they're not crypt()ing the password before they put it in their db. in web-backend-land, that's what we do, generally speaking. if you're still worried, contact earthlink about it: Where to Direct Questions About EarthLink's Privacy Policy If you have any questions about this Privacy Policy or the practices described herein, you may contact: Customer Service EarthLink, Inc. 1375 Peachtree Street, N.W. Level A Atlanta, Georgia 30309 service@private, or privacypolicy@private jacob rothstein jbr@private
This archive was generated by hypermail 2b30 : Tue Jun 11 2002 - 19:21:35 PDT