wp2e58929c.png
wp251a67bc.png
wpb9df868c.png
© 2004  (revised) Dunardry Heritage Association  All Rights Reserved
wp58c86d31.png
DHA
DHA
DHA
Contact webmaster
wpd96a2edc.png
wp6e9ce5e8.png
wpb96a43e5.png

Official Clan MacTavish Society

                                    since 1997

wp19c3e03a.png
wp01c62042.png
wp0836a293.png

· Donley Tomey rewrote the DHA Privacy Policy to provide Steven MacTavish with personal information about our members and contributors as evidenced by the email dated October 30, 05 12:57 PM stating he had added a third sentence to comply with chief's request. (atch 6)

· This was followed by a second email dated October 30, 2005 1:03PM referring to another change in the section "Access of Personal Data" "Are these changes adequate for your needs?" (atch 7)

· Upon discovery of these proposed changes, Donley Tomey was called by the treasurer and told that these changes had not been presented to nor authorized by the DHA Board of Directors and he was not authorized to make them. Furthermore, that Steven MacTavish's position as "chief" gave him no rights to this information. This conversation was followed up by an email dated October 30, 2005 at 8:14 PM. (atch 8) We thought the issue had been resolved.

 

On February 4, 2006 we discovered that Donley Tomey had ignored our instructions and passed the DHA database to Steven MacTavish without any notification to the members that their personal information including address, telephone numbers, email addresses, spouses, children's names and dates of birth, work phone/email information and their assigned membership numbers had been released to an unauthorized person outside of  DHA. Members began reporting that they were receiving emails from Steven MacTavish and, since that date, both members and contributors have been subjected to unsolicited emails from him and other connected individuals. This is apparently identity theft.

 

On February 4, 2006 we discovered that our access to the DHA webpage (http://www.mactavish.org) had been terminated in spite of the fact that Mary Thompson was the primary webmaster and was sharing the only password with Tom Thompson of Colorado who had just been appointed as webmaster. Email dated February 4, 2006 9:41AM (atch 9) from Mary Thompson to Tom Thompson (new webmaster) questioning why her login no longer worked to access the webpage. His reply, dated February 4, 2006 10:05 PM, showed that he knew the login had been changed and referred her to the "chief" (Steven MacTavish) as the controlling authority behind Tom's changing the login. (atch 10) Mary forwarded her correspondence with Tom Thompson to Steven MacTavish for an explanation. In an email dated February 5, 2005 12:39 PM from Steven MacTavish to Mary Thompson he acknowledges that the login to the website had been changed. He requested that we wait for a letter of explanation. (atch 11)  No letter was never sent to us (added 3/9/08).

 

- Subsequent investigation with the assistance of the Liquidweb (the hosting company for the DHA website) System Administrator, Security/Abuse Team revealed that Steven MacTavish illegally transferred ownership of the DHA website to his personal home address and that his credit card was now listed as the billing source. Liquidweb security procedures require knowledge of password and credit information as currently listed on the account in order to make any changes in ownership. This meant that Steven MacTavish had to obtain the login information and Mary Thompson's DHA credit card information in order to effect any change in ownership. Donley Tomey, as secondary DHA financial officer, was the only individual other than the treasurer (Mary Thompson) who had access to the DHA