Sorry, but that is just a huge blunder. I can see from your comment that you think it's no big deal, but I read that item and immediately blacklisted 37Signals as a vendor that looks at customer files.
Your explanation makes it worse, not better; you shouldn't even be looking at filenames.
You should of emailed the user that their picture was #100'000'000 and if they would give you permission to look at the picture to feature in their blog post. That would of been the ethical way to do it.
Terribly bad judgment to post that. Like apparently numerous others, that bit caught my eye and made me pause and reflect on the downside of SaaS.
Even looking at the filename seems pretty suspect, as an aside. What if the filename was BankruptcyPreparation.docx, or TerminationOfBobDobbs.pdf, etc? The metadata about a file should be confidential as well.
themcgruff|14 years ago
sunchild|14 years ago
Your explanation makes it worse, not better; you shouldn't even be looking at filenames.
mahyarm|14 years ago
huggyface|14 years ago
Even looking at the filename seems pretty suspect, as an aside. What if the filename was BankruptcyPreparation.docx, or TerminationOfBobDobbs.pdf, etc? The metadata about a file should be confidential as well.