emails are not shared with you

9+ Why Emails Are Not Shared With You (Fixes!)

by

9+ Why Emails Are Not Shared With You (Fixes!)

The condition where electronic mail communications are restricted from certain individuals represents a deliberate measure to maintain privacy and control over information flow. An example of this is a scenario where sensitive financial reports are transmitted exclusively among executive management, excluding other personnel to prevent premature leaks or unauthorized access to confidential data.

This practice is critical for safeguarding competitive advantages, upholding legal and ethical obligations, and ensuring the integrity of internal processes. Historically, the need for such controlled communication arose alongside the increasing volume and speed of digital information exchange, prompting organizations to implement stricter protocols for data dissemination to mitigate risks associated with unintended disclosure.

The following sections will delve into the specific mechanisms, organizational structures, and technological implementations designed to facilitate controlled access and distribution of electronic mail, addressing the implications for data security, compliance, and overall operational efficiency.

1. Confidentiality protocols.

Confidentiality protocols are foundational in dictating the circumstances under which electronic mail communications are restricted from specific individuals or groups. These protocols establish a framework for managing sensitive information and ensuring its protection from unauthorized access.

  • Data Classification and Access Levels

    Data classification schemes categorize information based on its sensitivity and potential impact if compromised. Access levels are then assigned to employees based on their roles and responsibilities, dictating who can view, edit, or share specific types of information. For instance, a document classified as “Highly Confidential” might only be accessible to senior management, ensuring that employees without a direct need for the information do not receive it via email or other means. This directly influences whether emails are not shared with certain individuals or departments.

  • Encryption and Secure Transmission

    Encryption protocols transform email content into an unreadable format during transmission, safeguarding it from interception by unauthorized parties. Secure transmission methods, such as Transport Layer Security (TLS), ensure that emails are transmitted over encrypted channels. These measures prevent sensitive data from being exposed should an email be inadvertently forwarded to or accessed by unintended recipients, thereby reinforcing the condition where emails are not shared inappropriately.

  • Internal Policies and Training

    Organizations implement internal policies that outline the proper handling of confidential information, including guidelines for email communication. Training programs educate employees on these policies, emphasizing the importance of adhering to them and the potential consequences of non-compliance. Regularly updated training helps ensure employees understand their responsibilities in maintaining confidentiality and prevents accidental sharing of information via email, contributing directly to emails are not shared with you scenarios where appropriate.

  • Auditing and Monitoring

    Regular audits and monitoring of email systems can detect potential breaches of confidentiality protocols. Monitoring tools can identify unusual patterns of email activity, such as large volumes of emails being sent to external addresses or attempts to access restricted information. These mechanisms allow organizations to proactively address potential security risks and ensure that confidential information is not being inappropriately shared through email, thereby upholding the principle that emails are not shared with you unless authorized.

The implementation of robust confidentiality protocols, encompassing data classification, encryption, employee training, and system monitoring, is essential for maintaining the integrity and security of sensitive information. These protocols directly support the strategic restriction of electronic mail communications, ensuring that “emails are not shared with you” when access is unauthorized or inappropriate, thereby mitigating risks associated with data breaches and maintaining regulatory compliance.

2. Restricted access permissions.

Restricted access permissions are a primary mechanism for controlling the flow of electronic mail and ensuring that emails are not shared with you when you lack authorization. These permissions dictate who can access, view, and modify specific email content or mailboxes, directly influencing the visibility and dissemination of information.

  • Role-Based Access Control (RBAC)

    RBAC assigns access rights based on an individual’s role within an organization. For instance, an accounting clerk may have access to invoices and financial statements, while a human resources manager may have access to employee records. This structure prevents unauthorized personnel from accessing sensitive emails containing information outside their purview, ensuring emails are not shared with those lacking the appropriate role. Example: A marketing intern would not have permission to access emails concerning a merger negotiation between the CEO and legal counsel.

  • Mailbox Delegation

    Mailbox delegation allows a designated user to manage another user’s mailbox, including reading and sending emails on their behalf. However, such access is typically granted with explicit consent and is subject to strict auditing. If an individual does not have delegated access to a specific mailbox, they will not be able to view or receive emails directed to that mailbox, exemplifying “emails are not shared with you.” Example: An executive assistant may be granted access to the executive’s inbox for scheduling purposes, but other employees will remain restricted.

  • Distribution List Management

    Distribution lists facilitate sending emails to multiple recipients simultaneously. Management of these lists involves controlling who can send emails to the list and who is included as a member. If an individual is not a member of a specific distribution list, emails sent to that list will not be shared with them, ensuring information is directed only to relevant parties. Example: A project update email sent to the “Project Alpha Team” will not be shared with employees outside that team unless explicitly added to the list.

  • Data Loss Prevention (DLP) Integration

    DLP systems monitor email content for sensitive information and enforce policies based on predefined rules. These systems can prevent emails containing confidential data from being sent to unauthorized recipients, effectively preventing them from being shared with individuals lacking the necessary access permissions. Example: A DLP system might block an email containing credit card numbers from being sent to an external email address, preventing potential data breaches and ensuring compliance with data protection regulations.

These facets demonstrate how restricted access permissions are integral to upholding the principle that emails are not shared with individuals lacking authorization. By implementing RBAC, carefully managing mailbox delegation and distribution lists, and integrating DLP systems, organizations can maintain control over sensitive information and mitigate the risks associated with unauthorized access to electronic mail communications.

3. Need-to-know basis.

The principle of “need-to-know” is a core tenet that directly dictates whether “emails are not shared with you” within organizational communications. Its implementation dictates that individuals should only be granted access to information essential for performing their specific job duties. This practice directly limits the distribution of emails, serving as a cause: if an employee does not require certain information to fulfill their responsibilities, they are excluded from receiving communications containing that information. For example, an engineer working on a specific component of a larger project would not typically receive email correspondence related to the project’s marketing strategy, because such information is extraneous to their immediate tasks. Thus, the “need-to-know” principle becomes a fundamental component in operationalizing the concept where emails are not broadly disseminated.

Consider a real-world scenario within a law firm. Emails discussing confidential client strategies and sensitive case details are strictly limited to the attorneys and paralegals directly involved in that specific case. Support staff, such as administrative assistants or IT personnel, are deliberately excluded from these communications unless their explicit involvement is required for a specific task like document preparation or system support. This selective restriction ensures client confidentiality, protects against potential leaks, and prevents unauthorized access to privileged information. Consequently, the majority of personnel at the firm find that certain emails are “not shared with you” as a direct result of the firm’s stringent “need-to-know” policies.

In summary, the need-to-know principle creates a controlled environment regarding electronic communications, promoting efficiency and security. Challenges can arise in consistently applying this principle across large organizations, particularly where roles and responsibilities may overlap or shift. The practical significance of this understanding is vital for maintaining confidentiality, protecting intellectual property, and ensuring compliance with data privacy regulations, highlighting the intrinsic link between the strategic implementation of “need-to-know” and the assurance that sensitive “emails are not shared with you” indiscriminately.

4. Data leakage prevention.

Data leakage prevention (DLP) mechanisms are intrinsically linked to the principle of restricting email distribution, ensuring that “emails are not shared with you” when such sharing violates established security protocols. DLP systems operate as a critical control in identifying and preventing the unauthorized transmission of sensitive information via electronic mail. The cause-and-effect relationship is straightforward: the activation of DLP policies results in the blockage or modification of emails that contain data flagged as confidential or restricted, thus preventing its unintended dissemination. DLP’s importance lies in its active enforcement of the concept that “emails are not shared with you” without proper authorization. Consider, for instance, a DLP system configured to detect and block emails containing customer credit card numbers. If an employee attempts to transmit a spreadsheet with this data to an external email address, the DLP system intervenes, either blocking the email entirely or stripping the sensitive information. This functionality ensures that sensitive information is not broadly shared via email.

Further applications of DLP in controlling email distribution include content analysis that identifies specific keywords, patterns, or metadata indicative of sensitive documents. DLP can prevent the transmission of emails containing classified project details to individuals outside the project team. In healthcare, DLP systems can prevent the transmission of patient medical records to unauthorized recipients, thus maintaining HIPAA compliance. In the financial sector, DLP systems can prevent the transmission of insider trading information or proprietary financial models to competitors. Each of these examples illustrates how DLP acts as a protective barrier, preventing “emails are not shared with you” contrary to established policies. Such proactive intervention is essential to guarding against inadvertent data breaches or malicious intent.

In summary, DLP mechanisms play a pivotal role in safeguarding sensitive information by actively enforcing email distribution restrictions. By analyzing email content and attachments, DLP systems prevent “emails are not shared with you” without proper authorization. Challenges in implementation include balancing security with usability, ensuring that DLP systems do not unduly impede legitimate business operations. However, the practical significance of DLP in mitigating the risk of data breaches and maintaining compliance with data protection regulations underscores its essential role in securing electronic communications and upholding the principle that “emails are not shared with you” unless access is explicitly granted.

5. Compliance mandates.

Compliance mandates serve as a primary driver for restricting access to electronic mail, directly impacting whether “emails are not shared with you.” These legal and regulatory requirements necessitate the implementation of controls that limit the dissemination of sensitive information, thus preventing unauthorized access and ensuring adherence to applicable laws and industry standards.

  • Data Privacy Regulations (e.g., GDPR, CCPA)

    Data privacy regulations, such as the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA), impose strict requirements on the handling of personal data. These regulations often mandate that access to personal information be restricted to only those individuals with a legitimate need to know. Consequently, emails containing personal data are not shared with individuals lacking such authorization. For example, under GDPR, an organization must ensure that emails containing customer data are only accessible to employees involved in customer service or data processing, thereby preventing unnecessary exposure to other staff members. This directly contributes to scenarios where emails are not shared with you due to these regulations.

  • Industry-Specific Regulations (e.g., HIPAA, PCI DSS)

    Specific industries are subject to regulations that govern the protection of sensitive information within their domain. The Health Insurance Portability and Accountability Act (HIPAA) in healthcare and the Payment Card Industry Data Security Standard (PCI DSS) in finance mandate strict controls over protected health information (PHI) and cardholder data, respectively. Compliance with these regulations necessitates that access to emails containing such data be limited to authorized personnel. For instance, HIPAA requires that emails containing patient medical records are only shared with healthcare providers directly involved in the patient’s care. PCI DSS similarly restricts access to emails containing credit card information to employees with a need to process or manage such transactions, thereby directly enforcing situations where emails are not shared with you.

  • Legal Hold and eDiscovery Requirements

    Legal hold and eDiscovery processes require organizations to preserve and collect relevant electronic documents, including emails, in anticipation of litigation or regulatory investigations. Compliance with these requirements necessitates that access to emails subject to a legal hold be restricted to authorized personnel involved in the legal process. For instance, if an organization is involved in a lawsuit, emails relevant to the case may be placed on legal hold, preventing them from being shared with individuals outside the legal team. This restriction ensures that the integrity of the evidence is maintained and prevents unauthorized alteration or deletion of relevant emails, reinforcing the situation where emails are not shared with you.

  • Financial Regulations (e.g., SOX, Dodd-Frank)

    Financial regulations, such as the Sarbanes-Oxley Act (SOX) and the Dodd-Frank Wall Street Reform and Consumer Protection Act, impose requirements on the handling of financial information and internal controls over financial reporting. These regulations necessitate that access to emails containing financial data be restricted to authorized personnel involved in financial reporting and auditing processes. For example, SOX requires that access to emails containing financial statements and internal control documentation be limited to employees responsible for preparing and reviewing these documents, as well as external auditors. This restriction ensures the accuracy and integrity of financial reporting and prevents unauthorized access to sensitive financial information, thus contributing to conditions where emails are not shared with you.

In summary, compliance mandates play a crucial role in dictating whether “emails are not shared with you” by imposing legal and regulatory requirements that necessitate restricted access to sensitive information. These mandates, including data privacy regulations, industry-specific regulations, legal hold and eDiscovery requirements, and financial regulations, each contribute to establishing controls that limit the dissemination of emails to authorized personnel only, thereby ensuring compliance with applicable laws and standards and mitigating the risk of unauthorized data exposure.

6. Internal policy enforcement.

Internal policy enforcement is a critical component in ensuring that electronic mail communications are appropriately restricted, thereby solidifying the principle that “emails are not shared with you” unless explicitly authorized. These policies establish the framework for acceptable email usage, data handling, and access control within an organization.

  • Email Classification and Labeling Policies

    Email classification policies categorize emails based on their sensitivity and confidentiality levels. These policies dictate that emails containing sensitive information must be labeled appropriately (e.g., “Confidential,” “Restricted,” “Internal Use Only”). Enforcement mechanisms, such as automated scanning and user training, ensure adherence to these labels. For instance, an email containing financial forecasts may be classified as “Confidential” and restricted to senior management. Internal policy enforcement ensures that this labeling is consistently applied, preventing inadvertent forwarding or sharing with unauthorized individuals. Therefore, without proper authorization, “emails are not shared with you”.

  • Acceptable Use Policies (AUP) for Email

    Acceptable Use Policies (AUP) define the permissible uses of organizational email systems, explicitly prohibiting activities such as forwarding confidential information to external accounts or sharing login credentials. Enforcement typically involves monitoring email traffic and conducting periodic audits to identify policy violations. Consider a scenario where an employee attempts to forward proprietary research data to their personal email address. An AUP enforcement mechanism would detect this violation and block the action, thereby preventing the unauthorized dissemination of sensitive information. Due to such internal policies, it ensures that “emails are not shared with you”.

  • Data Loss Prevention (DLP) Policy Integration

    Internal policies often integrate with Data Loss Prevention (DLP) systems to automatically detect and prevent the unauthorized transmission of sensitive data via email. These policies define the types of information that are considered confidential and specify the actions to be taken when such data is detected in an email. For example, an email containing customer credit card information may be blocked from being sent to an external recipient. DLP system integrated policies ensure that any attempt to violate the rule will be blocked immediately, thereby ensuring “emails are not shared with you”.

  • Access Control and Authorization Policies

    Access control policies govern who can access specific email accounts or distribution lists. These policies define the criteria for granting access, such as job role or project involvement, and require periodic reviews to ensure that access remains appropriate. For example, access to an email distribution list containing executive-level communications may be restricted to senior management only. Internal policy enforcement ensures that these access controls are regularly audited and updated, preventing unauthorized individuals from gaining access to sensitive emails, leading to emails not shared with you.

The effectiveness of internal policy enforcement directly correlates with the organization’s ability to control the flow of information and maintain the confidentiality of its electronic communications. When policies are rigorously enforced, organizations can significantly reduce the risk of data breaches and ensure that “emails are not shared with you” unless specifically authorized, thus bolstering overall data security and compliance.

7. Information segregation.

Information segregation is a critical determinant in ensuring that “emails are not shared with you” when you lack the appropriate authorization. The establishment and maintenance of distinct information silos within an organization directly influences who receives specific electronic mail communications. The operational principle is that data and systems are partitioned based on sensitivity, access requirements, and functional responsibilities. This practice, in turn, defines email distribution lists and access permissions, ensuring that individuals only receive email content directly relevant to their roles and responsibilities. For example, within a large multinational corporation, financial data pertaining to European operations should be segregated from data concerning North American operations. Consequently, employees in the North American division would not receive email communications containing sensitive financial details specific to Europe, enforcing the condition where “emails are not shared with you.” Similarly, legal correspondence regarding ongoing litigation should be strictly limited to authorized legal personnel, thereby preventing its dissemination to other staff members.

Consider the implementation of information segregation within a research and development (R&D) department of a pharmaceutical company. R&D activities are typically divided into distinct project teams, each working on proprietary drug candidates. Information segregation dictates that email communications pertaining to one drug candidate should not be shared with teams working on other candidates. This prevents cross-contamination of research findings and protects the company’s intellectual property. Practical applications extend to the segregation of customer data within a customer relationship management (CRM) system. Customer service representatives should only have access to the data of customers they directly support, preventing them from accessing information about customers outside their assigned territory. Thus, when a service update is disseminated, the emails pertaining to it are only shared with those internal staff members.

In summary, information segregation is a foundational security measure that directly contributes to the enforcement of “emails are not shared with you” principles. It facilitates the controlled distribution of electronic mail, ensuring that access to sensitive information is restricted to authorized personnel only. Challenges in implementation include the complexity of establishing and maintaining appropriate data silos, the need for robust access control mechanisms, and the potential for accidental data breaches. The practical significance of this understanding lies in its ability to mitigate risks associated with unauthorized access to sensitive information, protect intellectual property, and ensure compliance with data privacy regulations, thus highlighting the integral link between information segregation and the assurance that “emails are not shared with you” indiscriminately.

8. Privacy expectation.

The concept of privacy expectation forms a foundational basis for determining whether “emails are not shared with you” represents a legitimate assumption. This expectation is shaped by legal precedents, organizational policies, and societal norms regarding the confidentiality and security of electronic communications.

  • Legal Framework and Regulatory Compliance

    Legal statutes, such as data protection laws and electronic communications privacy acts, establish a framework for protecting the privacy of email communications. These laws often mandate that individuals have a reasonable expectation that their emails will not be accessed or disclosed without their consent, except under specific circumstances (e.g., lawful interception). For example, the GDPR in Europe and the Electronic Communications Privacy Act (ECPA) in the United States both contribute to the expectation that emails will not be shared with unauthorized parties. Non-compliance can result in substantial penalties. This legal foundation directly supports the assertion that “emails are not shared with you” without proper legal justification.

  • Organizational Privacy Policies and Employee Agreements

    Organizations frequently implement internal privacy policies and employee agreements that outline the expectations regarding email privacy within the workplace. These policies typically state that employees should not expect their personal emails, sent or received on company devices or networks, to remain entirely private. However, they also often establish guidelines for the handling of business-related emails, emphasizing the importance of confidentiality and restricted access. For example, a policy may state that employee emails are subject to monitoring for legitimate business purposes but will not be shared with unauthorized personnel. Adherence to these policies helps shape the expectation that business-related “emails are not shared with you” without a justifiable business reason.

  • Technological Safeguards and Security Measures

    The implementation of technological safeguards, such as encryption, access controls, and data loss prevention (DLP) systems, contributes to reinforcing the expectation of email privacy. Encryption ensures that email content is protected from unauthorized interception during transmission. Access controls limit who can access specific email accounts or distribution lists. DLP systems prevent the unauthorized sharing of sensitive information via email. These measures collectively create an environment in which individuals can reasonably expect that “emails are not shared with you” due to the technical barriers in place to prevent unauthorized access or disclosure.

  • Societal Norms and Ethical Considerations

    Societal norms and ethical considerations also influence the expectation of email privacy. In many cultures, there is a general expectation that personal communications will be treated as confidential and not disclosed without consent. This expectation extends to email communications, particularly those containing sensitive or personal information. Furthermore, ethical considerations dictate that individuals should respect the privacy of others’ emails and refrain from accessing or sharing them without explicit permission. Upholding these norms and ethical standards fosters a culture of respect for privacy and reinforces the belief that “emails are not shared with you” without a valid reason.

The interplay between legal frameworks, organizational policies, technological safeguards, and societal norms shapes the landscape of privacy expectation in relation to email communications. While there may be limitations to this expectation, particularly within organizational contexts, these factors collectively contribute to the reasonable assumption that “emails are not shared with you” without proper justification, thereby underscoring the importance of respecting and upholding email privacy.

9. Secure communication channels.

The establishment of secure communication channels directly supports the principle that “emails are not shared with you” without authorization. These channels implement encryption and authentication protocols, creating a protected pathway for electronic mail transmission. The employment of such channels serves as a primary cause for the effect: preventing unauthorized interception or access to email content. Without secure channels, emails are vulnerable to eavesdropping, allowing malicious actors to compromise confidentiality. Therefore, secure communication channels are an indispensable component of a system designed to ensure emails are not accessible to unintended recipients. An example of this is the use of Transport Layer Security (TLS) encryption, which safeguards emails during transit between mail servers, hindering the ability of unauthorized third parties to read the contents. Another instance is the employment of end-to-end encryption, where only the sender and intended recipient possess the keys to decrypt the message, thus ensuring that emails are not shared with anyone else, even service providers. The practical significance lies in maintaining confidentiality and regulatory compliance, preventing data breaches, and protecting sensitive information from unauthorized access.

Further enhancing this security are Virtual Private Networks (VPNs), which establish an encrypted connection between a user’s device and a secure server. This is particularly pertinent when accessing email from public Wi-Fi networks, which are inherently less secure. Digital signatures, often integrated with email clients, provide a means of verifying the sender’s identity and ensuring the email’s integrity, reducing the risk of phishing attacks and email spoofing. Secure email gateways filter incoming and outgoing emails, detecting and blocking malicious content or suspicious attachments, adding another layer of protection against unauthorized data access. For example, a financial institution employs secure communication channels, including encryption, multi-factor authentication, and intrusion detection systems, to protect sensitive customer financial data transmitted via email.

In summary, secure communication channels are integral to upholding the principle that “emails are not shared with you” without permission. The challenges in implementation include managing encryption keys, ensuring compatibility across different email clients, and keeping pace with evolving security threats. Nevertheless, the benefits of securing email communications far outweigh the complexities, safeguarding sensitive information, ensuring regulatory compliance, and fostering trust in electronic communication systems. The implementation of robust security measures transforms email from a potential vulnerability into a safe means of communication.

Frequently Asked Questions

This section addresses common inquiries regarding the circumstances under which access to electronic mail communications is restricted.

Question 1: What determines whether an individual receives specific email communications?

Access to email communications is typically governed by factors such as job role, project involvement, data sensitivity, and compliance requirements. Individuals receive emails only if they have a legitimate need to know the information contained within.

Question 2: What measures prevent unauthorized access to email content?

Organizations implement various measures, including role-based access control, encryption, data loss prevention (DLP) systems, and regular audits, to prevent unauthorized access to email content.

Question 3: How do data privacy regulations impact email access?

Data privacy regulations, such as GDPR and CCPA, mandate that access to personal data within emails be restricted to authorized personnel only, based on the principle of data minimization.

Question 4: What is the significance of the “need-to-know” principle in email communications?

The “need-to-know” principle ensures that individuals only receive email communications containing information essential to their job duties, minimizing the risk of unauthorized data exposure.

Question 5: What role do internal policies play in restricting email distribution?

Internal policies define the acceptable use of email systems, data handling procedures, and access control mechanisms, ensuring that electronic communications are restricted appropriately.

Question 6: How do secure communication channels contribute to email privacy?

Secure communication channels, such as those utilizing encryption, protect email content from unauthorized interception during transmission, enhancing the confidentiality of sensitive information.

In summary, restricted access to electronic mail communications is a multifaceted issue influenced by legal, regulatory, organizational, and technological factors.

The next section will delve into strategies for improving email security and access control.

Safeguarding Email Confidentiality

Effective management of electronic mail security requires diligent adherence to established protocols. The following recommendations aim to minimize the risk of unauthorized access and disclosure.

Tip 1: Implement Role-Based Access Control (RBAC): Organizational roles should dictate email access permissions. This ensures that individuals only receive communications relevant to their job responsibilities.

Tip 2: Enforce Strong Password Policies: Robust password protocols, including complexity requirements and regular updates, are essential for preventing unauthorized account access.

Tip 3: Utilize Multi-Factor Authentication (MFA): Employ MFA to add an additional layer of security beyond passwords, making it more difficult for unauthorized users to gain access.

Tip 4: Employ Data Loss Prevention (DLP) Systems: DLP solutions monitor email content for sensitive information and prevent its unauthorized transmission, both internally and externally.

Tip 5: Provide Regular Security Awareness Training: Employees should receive ongoing training on phishing scams, social engineering tactics, and other email-related threats to minimize human error.

Tip 6: Encrypt Sensitive Email Content: Utilize encryption technologies to protect the confidentiality of email content both in transit and at rest.

Tip 7: Segregate Data and Implement Information Barriers: Divide data into distinct silos and implement information barriers to restrict access to sensitive information based on need-to-know principles.

By implementing these proactive measures, organizations can significantly reduce the likelihood of unauthorized access and disclosure, thus bolstering overall data security.

The subsequent section will provide a concise summary of the key concepts discussed in this document.

Conclusion

The exploration of circumstances where “emails are not shared with you” underscores the multifaceted approach organizations must adopt to protect sensitive data. The principles of restricted access, data loss prevention, compliance mandates, and robust internal policies collectively work to ensure that electronic mail communications remain confidential and accessible only to authorized personnel. These measures safeguard proprietary information, adhere to legal and regulatory requirements, and prevent potential data breaches that could compromise organizational security and integrity.

The ongoing commitment to refining email security protocols, reinforcing employee training programs, and adapting to evolving cybersecurity threats is paramount. The future of secure communication hinges on proactive measures, vigilant monitoring, and a culture of security awareness. Diligence in these areas will ensure the continued efficacy of controls designed to protect sensitive information by ensuring “emails are not shared with you” without appropriate authorization.