I do not read this court decision like that at all: the point of contention there seems to be that the customer was just sent a link to a webpage (where the contractual terms can be changed from under him at will by the company, thus this not being durable). The court makes it pretty clear in my (non-lawyer) opinion that attaching a PDF to the email would have been fine.
I was prepared to disagree with you, but I now have the same interpretation you have. Durable medium can be email - but the example seems a little fuzzy, for instance a durable medium is definitely when the email is stored on a HDD on a customer device. But is it still durable medium if the email only exists in a webmail? Probably yes, but maybe no. So the conservative approach would be to send paper for some things. (Or in this case, stupidly, USB devices. Banks, don't do that, please.)
Ramble Edit: it's unfortunate IMHO that there is no "read only" medium anymore. Not sure what it would look like now when USB-C is taking over the world, and that ship probably sailed, but it would be really cool and useful to have the option of a "data only" USB.
Maybe computers could have one USB port marked as "ROM". Or a switch or LED symbol indicating "ROM safe" mode.
When using such a ROM port, anything USB inserted there would only look like a DVD reader. A USB drive would get its files "mirrored" into a virtual ISO filesystem. Any other devices, such as keyboards etc would be just ignored and not connected to at all.
Most USB flash controllers support being read-only by either just being read-only or emulating optical drive. Obviously for the WORM usecase this is only an software solution inside the controller configuration as the underlying medium is still writable/erasable flash. In theory one could replace the flash with some kind of mask ROM with NAND-like interface and make it truly read only, but the cost makes that impractical for most applications.
Then there are LTO tapes that have WORM version, which is notionally not overwritable, but that is IIRC also only enforced by software (of the drive).
That doesn't fix the issue though. The issue is a killer USB or a virus on the disk. Being able to only read an infected file still allows it to be read.
Also, this is only a software solution as the USB protocol would require bidirectional transmission.
But it would bring us back to being as safe as a CD or diskette was.
I was thinking a special chip, talking bidirectionally both ways, pretending to be a PC host to the USB drive, and pretending to a DVD-ROM to the actual PC.
> There's an EU law demanding such documents to be delivered on a "durable medium". Some banks and financial institutions may have a strange approach to those, even though email attachments seem to be enough for others.
Even the (*-grand)parent never said the law actually says it can't be an email attachment, they said companies seem to interpret it that way. Which would not be surprising in the least. Then someone said they've never heard of any such law, and I pointed out that it exists.
I'm not sure who you're arguing with but it isn't me or in fact any of the people in this thread.
Putting aside the fact that the conclusion of this text is not at all what GP said... You do realize that this is not a law, not even a court decision, but that it is a prosecutor's opinion / suggestion to the court??
Putting aside what? Go back and read what the GP actually said, and what the parent comment (yours) actually said as well. All I was pointing out is that there is in fact such a law (requiring a durable medium), because you said you had never heard of such a law.
Sheesh, reading comprehension, please. That or stop moving the goalposts
