On Wed, Feb 5, 2014 at 4:12 AM, Nathan Larson nathanlarson3141@gmail.comwrote:
What if all of the email addresses that a user has ever used were to be stored permanently? Then in the event of an account hijacking, he could say to WMF, "As your data will confirm, the original email address for user Foo was foo@example.com, and I am emailing you from that account, so either my email account got compromised, or I am the person who first set an email address for user Foo." The email services have their own procedures for sorting out situations in which people claim their email accounts were hijacked.
This is definitely something to consider, but I feel like it would involve changing our privacy policy. Or at the very least it would cause some controversy related to that.
*-- * *Tyler Romeo* Stevens Institute of Technology, Class of 2016 Major in Computer Science