Slashdot Mirror

← Back to Stories (view on slashdot.org)

Alabama IT Whistleblower Fired For Spyware

Posted by timothy on from the insult-injury-and-all-that-jazz dept.

chalker writes "Vernon Blake, an IT sysadmin for the Alabama Department Of Transportation, wanted to get evidence that his boss spent the majority of his time playing solitaire on his computer. Since emails to higher up supervisors were ignored, he installed Win-Spy, which grabbed screenshots several times per day over a period of 7 months. 70% of the resulting screenshots showed an active game of solitaire, and another 20% showed his boss checking the stock market. When he reported this to superiors, he was fired, even though he had 21 years of service in the position. His boss got a reprimand to 'stop playing games'. He is appealing his termination in court since he claims it was part of his job description to 'confirm and document' computer misuse for ALDOT. His complete story is here."

7 of 751 comments (clear)

  1. Re:That's 90% by fuctape · · Score: 5, Informative
    According to the article:

    10. An analysis of the screenshots yielded the following results:

    • 293 (approx. 71%) of the screenshots documented active, on-going games of solitaire.
    • 87 (approx. 21%) of the screenshots documented web site visits, email subscriptions, and other miscellaneous non-job related activities consisting mostly of personal financial and stock market research.
    • 29 (approx. 7%) of the screenshots indicated some job related activities, mostly consisting of an "I concur" in an email response. However, solitaire was minimized (hidden) for quick retrieval on most of these screens.
    • 1 % or less of the screenshots were inconclusive as far as the type of activity.
    • No screenshots (0%) documented any job-related activities such as word processing, spreadsheets, databases, job related websites, electronic document management, right-of-way plans standards, etc.
    Additionally,

    5. A screen capture utility was used to automate this process. The utility behaves like a camera by capturing photographs of the computer screen. The utility did not target any specific activity or application usage by the user.

    6. Screenshots were automatically recorded at times randomly selected by the screen capture utility. The installer of said utility had no control over the randomly selected times.

    7. Periods of computer inactivity on the part of the user de-activated the utility until such time that user input was detected. This feature prevented generation of redundant screenshots at night, weekends, holidays, days off, etc.

    8. Also, A minimum time interval of approximately 30 minutes transpired between screenshots to prevent a large volume of redundant images. The purpose of the utility was to take a representative sample of computer activity. The pattern of computer usage on the part of the user ultimately governed the interval between screenshots. When no activity was detected, screenshots were halted.

    I really hope this guy gets vindicated in the end. He did his job, documented his case very well, and got screwed.

  2. Re:That was appropriate by lifebouy · · Score: 5, Informative

    Any government computers I have ever heard of require you to give consent to be monitored BEFORE you are authorized to use them. It's usually part of the IT policy which must be signed as part of employee indoctrination. Under normal circumstances, I would agree with you, but not for a government position.

    --
    Drop me a line at:
    Key ID: 0x54D1D809
  3. Re:That was appropriate by Tassach · · Score: 4, Informative
    Any government computers I have ever heard of require you to give consent to be monitored BEFORE you are authorized to use them
    That's been my experience as well. Here's the login notice on the machines where I work (A US Gvt. agency):
    Warning Notice!
    This is a U.S. Government computer system, which may be accessed and used
    only for authorized Government business by authorized personnel.
    Unauthorized access or use of this computer system may subject violators to
    criminal, civil, and/or administrative action.

    All information on this computer system may be intercepted, recorded, read,
    copied, and disclosed by and to authorized personnel for official purposes,
    including criminal investigations. Such information includes sensitive data
    encrypted to comply with confidentiality and privacy requirements. Access
    or use of this computer system by any person, whether authorized or
    unauthorized, constitutes consent to these terms. There is no right of
    privacy in this system.     [emphesis added]
    We had a similar disclaimer on all our system when I worked in State government.
    --
    Why is it that the proponents of "one nation under God" are so eager to get rid of "liberty and justice for all"?
  4. Re:Everyone knows by kzinti · · Score: 4, Informative

    It's also got some good e-mail addresses:

    dobbsg@dot.state.al.us - George Dobbs, the Solitaire King

    bowlinp@dot.state.al.us - Paul Bowlin, the head of the ROW Bureau, who thinks George's work ethic is above reproach.

    aldotinfo@dot.state.al.us - E-mail address for ALDOT, apparently the only published address through which ALDOT director Joe McInnes (who signed the termination letter) can be reached.

    governorbobriley@governor.state.al.us - "In Birmingham, they love the gov'nor - Hoo Hoo..."

    Drop these folks a line, let 'em know what you think. "Now we all did what we could do..."

  5. Re:That was appropriate by Maestro4k · · Score: 4, Informative
    • Being the sysadmin does not grant you the right to spy on another employee even if that employee is your boss. There is a certain amount of trust that an employer has to grant a sysadmin but when that trust is taken advantage of as in this case it becomes abuse.
    Actually most workplace computer policies permit exactly what this guy did. Perhaps you should read yours more thoroughly, I know I haven't worked anywhere that doesn't in fact include a clause similar to this one, take from the ALDOT's Computer Usage Policy (posted on the guy's site[emphasis added by him]):
    • Any individual who utilizes any ALDOT computer resource consents by that use to the potential monitoring of such use.

      Because the Internet services are to be used only for government business, all records in these systems are hereby considered government records. As such, these records are subject to the provisions of state laws regarding their maintenance, access, and disposition. Employees using these services do not enjoy any right of personal privacy.

      A user who utilizes ALDOT computer resources for any purposes other than for official ALDOT purposes, is guilty of theft or misuse of state resources and may be subject to both ALDOT personnel action and appropriate criminal prosecution.

    I won't post it all here but you should look at the documents on his site, the same one contains the definitions of System Administrator. He didn't break any rules. Also I should note that this is standard for non-classified government work. Because of open secrets laws every detail of what a government employee does, including their personnel files, are public records. Government employees effectively have no privacy at their jobs, it's something fairly unique to the job sector.
    • Proper channels should have been followed. If his employer was unwilling to take action he should have left it alone. We all work with people who are lazy and unjustly promoted. But that doesn't give us the right to spy on them.
    Proper channels were followed, he documents it all on his site, shows the policies, tells each step he took. There's even this statement: "On my part, no laws were broken, ALDOT's own policies and procedures were followed in letter and spirit, and actions taken were in ALDOT's and the taxpayer's best interest."

    He explains he took the action he did because the boss's game playing was causing problems within the division of employee moral and supervision. Another quote: "Not only was this behavior wasteful, it impeded my ability to effectively supervise subordinates, including my ability to discipline employees for wasteful behavior of any type. The situation deteriorated to the point where cartoons were being distributed that mocked my supervisor's behavior." He includes two examples of those cartoons.

    So I have to ask you, how much did you read about this issue before you passed judgement? And while I understand you aversion to "spying" on users (having done sysadmin work for quite a while myself) I find it odd that you don't realize that sometimes it is not only necessary but required. If someone if using company resources to violate laws the company will require proof before they can act to protect themselves from future prosecution (and defend themselves if such prosecution occurs). Even if they're not breaking laws but violating company computer usage policy often monitoring to gather proof will be required before they can be disciplined and/or fired.

    • As a sysadmin I find this guy's behavior pathetic. It's an abuse of his position. I would have fired him, too.
    Well frankly I must say I'm glad you don't work for my organization. Protecting user privacy is important but also is understanding that monitoring must occur sometimes, no matter how much we find it distasteful. Also he didn't abuse his position, if you read all the info presented you'll find he followed their polices and procedures properly and did his job. If that's a fireable offense, well I suppose we'd all better start playing card games at work all day instead of working.
  6. Re:No it wasn't by Maestro4k · · Score: 5, Informative
    • Playing Solitaire is not misuse. It's not the best use of time, but it is not misuse. He sent the emails to the higher-ups, they obviously weren't that interested. In other words, he must still have been getting his work done. (Or his job wasn't so consequential, but it's not a syadmin's job to trim the fat.)
    Actually if you look at the excerts from ALDOT's computer usage policy he has up any non-work related usage of the computer is defined as misuse/abuse. So in this case it was in fact misuse.
  7. Sweet Jesus. YOU'RE MISSING THE POINT by Pahalial · · Score: 4, Informative

    Right, it seems this link (an actual news story on the issue rather than just the one guy's point of view) has already been posted here more than once.

    It stuns me that despite ~50 +5 replies, no one has bothered to point out that the program this guy installed HAD A BACKDOOR.

    Yes, that's right people. That's why they're calling this spyware. Because it is.


    Read this:

    Bobby Mitchell, an employee contracted to DOT to do computer network support and computer programming, told the hearing officer that DOT's computer firewall crashed in January 2003 and had to be rebuilt.
    ....
    Mitchell said he found WinSpy on Dobbs' computer when transferring material and programs in his computer to a new one and at that time saw that the program had an "imbedded address" that allowed someone outside the department to have access to DOT's computer system. The imbedded address was traced to Australia.

    So, who still actually believes he should get his job back? He was so focused on proving his boss was in the wrong that he compromised the security of the network he was a sysadmin for.
    --
    Stuff.