On Fri, Jul 18, 2014 at 10:48 AM, Martin Rex <mrex(_at_)sap(_dot_)com> wrote:
Article 2 "Definitions" of this EU directive (page 7 of above PDF)
The following definitions shall also apply:
(a) "user" means any natural person using a publicly available
electronic communications service, for private or business
purposes, without necessarily having subscribed to this
service;
I am certainly no lawyer (are you?), but it seems to me that a corporate
domain owner that chooses to use DMARC to protect its brand might have
users within that domain -- employees, for instance. I would claim that
such an employer's email servers do not comprise "a publicly available
electronic communications service", so I don't think employees using a
protected domain are "users" under this definition. And even if that
doesn't wash, an employment contract (here, at least) typically grants the
Article 5 consent that makes this point moot, and is not typically a "Click
OK and forget" situation.
I imagine email service providers could secure the same sort of consent
through a privacy policy, though "I had no idea" might be a more successful
counter-argument there because nobody really reads those.
-MSK