Slashdot Mirror
Conspiring Against Your Employer? Watch What You Email
Eric Giguere writes "In a story that has Bay Street (the Canadian equivalent of Wall Street) in a kerfuffle, the Globe and Mail writes that bank employees defecting to set up a rival investment firm didn't realize that their employer could easily track the emails and messages they sent and received, even when they're sent via a nominally-secure system like RIM's BlackBerry. In particular, the employees were assuming that the messages they sent via direct PIN-to-PIN communication (a PIN uniquely identifies a BlackBerry device) weren't trackable. But if they're on the device, they're available to the employer to see. The employees may also have thought that PIN-to-PIN messages are encrypted, though RIM has always said that they're not -- it's only the connection to the corporate email server that is secure. A lot of damning information pulled from those emails and messages has made its way into a lawsuit."
Honestly now, any communication that passes through any computer controlled by your company can be seen. Even if they were encrypted, if, at any point they are EVER stored outside of volatile memory unencrypted, they're available.
If you're doing something with their resources like plotting against them... well...
Alito: A vote for Alito is a punch in the eye to put that bitch back in her place!
"A lot of people on the Street are going to have a few sleepless nights, going through loads of e-mail to delete them when they hear about this case"
Although an employer sometimes can go through the emails on your harddrive, I think what the people in this article don't realize is that it sounds like emails are being intercepted at the server level. Who is stupid enough to use company email to conspire against the company? Setup a freakin gmail account and talk about it at home!
They deserve what they get. How is that for repaying your employer? He writes you a check, puts bread on your table, and you pay him back by using his own property to steal his business. Ridiculous.
Loyalty used to mean something in this country. I guess loyalty has gone the same way as traditional family values and faith in God.
Things are going to have to change, people.
Steve
I can't believe that this isn't even common sense for a lot of people.
People are either getting dumber, or too trustful - either way, one is a sure sign of another.
I'm sorry, but I feel no pity for people being caught this way. Its very clear when you start working somewhere that the computers you use are the property of the employer, and you should expect no privacy from these machines. They used company owned BlackBerries because they thought it would be secret (implying that they knew other company computers were not). If you use something company owned because you think it is secure, while other company propery is not secure, it just shows you dumb enough to be caught. If they were so concerned about their privacy, they should not have used any company property.
You'd think somebody trying to commit corporate espionage would be smarter wouldn't you? I mean, communication is a two party interaction, you'd think the coporation on the receiving end would provide a slightly more secure method for communication, if they were looking for secrecy :p
There are lives at stake here!
Thunderbird + Enigmail
gaim + gaim-encryption
or use gpg or equivalent.
If you're sending messages that could be harmful to yourself unencryptedly, its your own fault. Especially if its at work and you know they are spying on you.
The GeekNights podcast is going strong. Listen!
Can we please add 'kerfuffle' to the profanity filter. I don't find it profane, but I would prefer to see !#%$@#$#!@ instead.
If i am sending anything personal I do it through my webmail that has SSL, why would I want my employer knowing what I am saying on off business or to my g/f?
basic fact is, he deserved to be caught for being a moron.
The really shameful thing (aside from working on company time to screw your employer) is that these people didn't know this already. Looking at the list of those being sued, I see IT people who should have known better. Perhaps the company would have punished them more effectively by letting them go form their own company without understanding the basics of ethics, law (including allegedly trying to steal customer databases), or security.
Behold the riant ape! Beware, his crooked thumbs!
"Many of the e-mails revealed in the CIBC court documents offer an embarrassing portrait of greed and corporate rebellion, with executives boasting about the "tons of moula" they would make by moving to Genuity.
I guess it turns out, greed and stupidity don't mix.
"A man is but the product of his thoughts what he thinks, he becomes." -Mahatma Gandhi
What kind of moron sends questionable e-mails relating to plans to start a competing company through his employer's e-mail server!? You might as well print your entire plan and leave it sitting on the personal printer of the C*O. There are hundreds of free online e-mail systems, and GMail even allows connections over https, which makes the communication between the browser and the mail server less prone to snooping. Better yet, don't even do it from work! It's just . . . astounding . . . how stupid some people are.
Do not touch -Willie
These people are in charge of your money, folks.
They are idiots for two reasons.
First, because they clearly acted unethically, which is the really big idiocy. I run my own company and rule number one is due diligence. I am not going to screw myself by doing something that could bite me in the ass further down the line.
It's astonishing how many investment guys simply don't get this. I have literally had my own investment guy sit there and tell me that a particular investment 'cannot lose', in the presence of his lawyer -- who looked very uncomfortable and was forced to intervene by saying "Look, you cannot say that".
Second, anyone who uses unencrypted email on a server they do no control, ESPECIALLY if it belongs to someone they are screwing, deserves to spend the rest of their productive years flipping burgers, or possibly stamping licence plates.
I'm not wrong. You haven't thought about it hard enough.
...but what the hell is a "kerfuffle"?
Investment firms must catologue all emails for compliance and SEC inspection, in fact they must be kept for years. All transmitions including company issued handheld devices are monitored by this automated system at most firms. So if their canadian counterparts have to do similar things this is to be expected and they have a record of all of your emails for years probably.
Is it available for the RIM? That's how these people were nailed.
Trolling is a art,
Anyone who refers to money as moula is not getting their hands on my moula.
Blackberrys do support SMIME... you just have to buy the $10000 BES (BlackBerry Exhange Server) and commit to using yukky MS exhange.
Comment removed based on user account deletion
Now, you really have to be an ass if you try to fsck with the hand that's feeding you. And we are talking about people making tons of money anyways !
Loyalty still means something, but it may not be what you think it means.
Look, these people were dumb, that much can be argued. They were dumb for using a monitored service to do this, and they were dumb for (ostensibly) stealing their company's resources for the purpose of setting up a competitor.
However, you need to decouple this from the loyalty argument. The loyalty you need to have is not to your company any more. Are they loyal to you if business turns sour and they have to start slashing the payroll? Hell no. The corporate sinecure is dead. "Ma" Bell doesn't evince the image of a benevolent mother any more.
The kind of loyalty you should have is to your projects, to your work, to you as an individual and to your Rolodex (or electronic equivalent.)
If you live every day as if you might be laid off, working on projects that will escalate your worth and making sure that lots and lots of people know what kind of value you contribute, then you'll be better off; your customers (those who are the beneficiaries of your projects) will be better off, and your company will be better off.
And if things should turn sour, then you shrug your shoulders, get your Rolodex out and start calling.
So instead of "Logo Loyalty" you should cultivate "Rolodex Loyalty" (thanks, Tom Peters.)
Mit der Dummheit kämpfen Götter selbst vergebens.
sorry, but if i was trying to pull a fast one on my current place of employment (or otherwise rip someone off, or carry out some kind of espionage), i'd be a total fool to think any existing comms channels were secure -- /without/ having put in my own layer of encryption, to which only i have the key/passphrase.
install gpg, or worse than nothing, use s/mime - but if you need to ensure privacy, you need to have (put) your own privacy layer in place.
(it's no good hoping and relying on magic pixies)
Here, the techies must know about slashdot. I have the "trusted site" icon on the frame of my browser... ;)
Rule #0: If you're planning on screwing over your employer (an ethical conundrum all by itself), try not to use the employers resources to do so.
That means: keep the bits off their infrastructure. ALL of it.
"Draco dormiens nunquam titillandus."
It is quite silly to think that Email is secure in today's day and age, however what none of these bankers considered was using ssh and then say something like silc to have a secure conversation. Most large institutions with RIM have the BES and thus using ssh is an option. which is certainly more secure than email, but is it totally secure? Or still prone to eavesdropping?
People used to think I was an idiot IT schlep because of my harsh IT Security policies. Now they just think I'm a dick after 1 incident, and watch what they do because they know I'm watching:
Putting a bumper sticker on my car (from thinkgeek) that reads: "I READ YOUR EMAIL"
All that cutesy forwarded forwarded forwarded forwarded crap stopped in its tracks. Problem solved. What they don't know, however, is that every email sent and received is archived for legal reasons, per the Big Boss' instructions.
That said, if you're going to go behind your employer's back, do it from home, not from within the company, and especially not from company issued equipment. Common sense, really.
To use a cliché, I'd be rich if I had a nickel for every time I've seen an employee frantically clear his or her browser cache or send an email then delete it from the sent items folder. Surprise! The device on your desktop is not the center of the universe! Maybe abiding by policies and staying away from any shady dealings is a better way to cover your ass.
I don't think "hey, let's blow this popsicle stand and take all of its business with it" qualifies as "protected concerted activity" under the act, even if it had occurred within the US NLRB's jurisdiction.
However, don't let this dissuade you from working together to improve your workplace under the protections of Section 7. You should, however, try to avoid using company-owned computer systems for obvious reasons. (They own them, they can read whatever they want on them, you have no expectation of privacy on them.)
(Really all there is to say)
. there used to be a sig here.....
Dinna fash yersel ower muckle.
One line blog. I hear that they're called Twitters now.
This exact thing, getting caught in a conspiracy to leave the company, happened to my boss and a coworker. I was working away, and they were both told to clear out thier desks, and I was then called into the HR office. I was told that my boss and co-worker sent emails back and forth on company machines that said things like "we are going to rip these morons off so bad". They actually discussed inviting me and a secrty. to join the company they were going to start up, but decided to not take because I would not go along. They also defraued the compny by faking orders and ended up in criminal cout last I heard. the fired boss was the one who hired me, and the atmosphere was poisioned and I eneded up getting canned myself a few months later, but with a nice severance package.
http://www.geocities.com/sethseekstruth/great_out
In reading the replies to this post it is clear there are two camps. One which says they were stupid to get caught and the other that has no pity.
Remember, these turncoats gladly accepted a pay cheque to be a representative of their company. Their actions could cause the company to lay off people, perhaps you if it causes financial harm.
I for one would not look forward to calling one of these turncoats a friend. It would only be a mater of time before they framed me for their own gain.
Let these turkeys fry
Heh. Most people don't know how email works at all - they somehow think their password protects people from snooping in.
Speaking of which, GnuPG is at 1.4.0 now. For Windows users, GPGShell is a good (closed-source) frontend for it.
Obligatory South Park quote:
Cartman's Mom "Oh, a Rim Job is when you put your legs behind your head and someone licks your ass!"
You post information on a public forum? without IP protection? without compensation?
...
Damned commies
Exceptions abound, but the prevailing mindset in the world of finance is "How do I best screw the suckers out of their money?"
The naive emails were being exchanged for the purpose of starting an investment company! would you give a nickle to a banker or broker who was that clueless?
it would cost the employer less to take out an add in the financial section pointing out that the upstart company was demonstrably dishonest and joining a competitive race with its intellectual pants down around its ankles than it would to sue the dummies.
SLASHDOT: news for people who can't concentrate on work or have no life at all and got tired of yelling back at the TV.
Sheez, 60 bucks a month or something like that. Cheap insurance.
That's our life, the big wheel of shit. - The Fat Man, Blue Tango Salvage
When you're working for a company, you should work for the company. You're collecting their paycheck, so behave like a professional.
If you want to set up your own company, do it on your time with your own resources. You own them at least that.
Do people have less integrity than in past generations? I'm not sure. I think malfeasance is better publicized than before (eg, this forum).
And in Canada, "family values" has never been used much. "Canadian values" is more common, but is often used by parties on the left to suggest that if you're not socialist you're being unpatriotic.
In Canada they say "eh", not "duh."
It's friggin' PIM!!! PIM!!! GODDAMN IT!
Personal Information Manager
09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0
The latter
I just started my own company, directly competing with my previous employer. I spent nearly eight months on their payroll while I began up my own business and sought projects of my own. Here's what I learned:
1. Don't stab anyone in the back (burned bridges, insert your favorite cliche). It can come back to hurt you.
2. Don't give your bosses a reason to be unhappy with you. Work just as hard - or harder. If you're valuable to the company, leaving them will be more painful (and can produce a more profitable situation for you).
3. Encrypt every email, instant message, and web transaction that deals with your activities. Don't assume anything is safe unless you're actively doing something to ensure its security or you can verify it easily (SSL, for instance).
4. Regularly scan your machine for viruses and spyware. Use a packet sniffer to see if you're sending anything unexpected. Look through your machine to see if there are programs installed that shouldn't be there... is your company spying on you?
5. Don't use their phones. Upgrade your damn cell plan and use that.
6. Take advantage of non-company resources for communication and whatnot. Find a decent webmail provider with SSL enabled.
7. Make sure any contract or agreement you signed isn't going to come back to bite you. If you signed a non-compete agreement or whatever, don't assume it's invalid or that they won't pursue it. See a lawyer BEFORE you have legal troubles in this area.
As others have complained, there are loyalty problems in this country. I used to love my job, love my work, and love the company. Some things changed, and while I still love the work I no longer enjoyed anything about the company. Many attempts to change it from within failed. When your boss is taking advantage of you, you need to re-evaluate. When you're stuck in a dead-end, you need to re-evaluate. When you get the line, "if you don't like it, then find somewhere else to work," the time for re-evaluation has passed and it's time to end that part of your life.
Employers aren't loyal to employees any more than we are to them. I heard stories of pre-1980s-boom-and-crash Japan, where a failing company's president would give everything he had back into the company to keep it going as long as possible...and if it wouldn't work, he'd split the cash from his shares, pay, etc. among the employees. This was in return for the lifetime loyalty you gave to the company.
for all you merciless lawn-n-order tools out there screaming how "How dare They!!!!" it's important to remember that your employer actually does not own you, assuming of course you're not a real-life slave. Em-ploy-ees and I emphasize that to drive home the point that they are Employees, as opposed to Partners do in fact...
/. fuckwits who are stealing....no Raping your sacred Employers while you twaddle away on this board.
Now I know this is gonna send some of you Radical Republicans over the edge.....
Have a Right, to leave and form another company or collect sea shells or any other damn thing.
Dat's right Massr Jim, We done gwin Freed by dat Mister Lincoln.
so really what you're arguing about is, I guess that they had the temerity to negotiate a separate business deal during business hours.
OMG! Somebody call the Productivity Police.
In fact let's lock up all you
Or, you can shut the fuck up and tend to your fucking looms.
I have a web server that I also use as an SMTP relay for all my email addresses. That way there isn't any chance for someone to log the mail I send. This is a good setup if you know what you are doing and make sure to secure it against spammers.
If I wanted to send a secure communication to some body the very last device I would use is a computer especially one that I didn't build myself.
If it's not logged on your companies servers, it's logged by your ISPs servers, numerous intermediate servers, Echelon, Carnivore etc. etc. and ALL encryption is defeatable (the only difference being how much effort is required). In fact I fully expect that even quantum cryptography will be defeatable once it becomes used "in the field".
The only way to stealthily communicate is to use a completely open totally noticable system that, to the onlooker, seems like average speech. In other words:
"Hey do you like the new retardz (tm) movie ?",
"No it sucks"
translates to
"Oh great master shall we kill them all now ?",
"No we await a later date as I'm wearing my best suit today".
The idiots got what they desrved.
Sky subscribers are morons. They pay to be advertised at !
I have put my own harddrive in my laptop. When I leave my job for a new employer (which is forthcoming), I will take my harddrive with me.
Ofcourse I will format it...
Slashdot: stuff for news, nerds that matter, matter for news, stuff that nerd
9 letters.
C-Y-B-E-R-C-A-F-E.
I think there is some misunderstanding here - on either my part or the article author's.
My understanding is that BlackBerry PIN messages are not stored on the company's BlackBerry Enterprise Server (BES) at any point - they are network 'peer to peer' messages. As such, they bypass the BES and go directly between devices.
For a company to read PIN messages, either the sender or the receiver's BlackBerry would need to be physically examined. The other scenario I was thinking of is that the desktop software was set to do a backup of the BlackBerry when it was synced and the backup was examined.
Any BlackBerry experts able to shed any light on this? PIN messaging is very commonly used for 'private' messages and therefore a breach in its 'security' would be devastating to the dedicated users of it.
Loyalty used to mean something in this country. I guess loyalty has gone the same way as traditional family values and faith in God.
Yup. Sadly, man has a long history of betraying his benefactors.
Example: colonists who owed everything to king and country -- yet they threw all that tea in Boston Harbor. And what followed was worse. Ingrates!
-kgj
-kgj
Employees need to wake up; this type of surveillance is only the tip of the iceberg. If you're interested in learning more, I wrote a book that was published last year by Amacom. The title is The Naked Employee: How Technology Is Compromising Workplace Privacy. I cover everything from background checks to DNA analysis. Particular attention is paid to various types of electronic surveillance, including software, video, and now GPS. Coming to a forearm near you: RFIDs. The book is most readily available on Amazon. For additional info, please visit my website: http://www.fredericklane.com/. Thanks.
I thought it was a law that all publically traded companies had to maintain records of their communications, incase said materials need to be indicted. Anyway, you have to assume that for most companies (public or not) it is really easy for them to monitor internal communications. My employer even goes as far as to have a notice popup on every computer every time someone logs in. Seems like common sense not to talk about such things using communication methods provided by the entity you are saying things about.
SIGFAULT
...as where I live (France), email is still (maybe not for long) considered as private, even within a company. (Or at least it was last time I checked). ie: in a nearby school, some techies were sued for reading email of a student, as email has the same privacy status as snail mail. Good thing to know this doesn't apply in Canada or the US, which I thought it would!
I know for a fact that in the Netherlands (where i live) it's illegal to 'spy' on your users
Sounds more progressive than in the U.S.
While our founding fathers recognized the abuses that were possible from a powerful government and put safeguards into our constitution to protect us from the kinds of abuses they could see in the 18th century, they did not foresee the rise of corporate power in America. In the U.S. there is no inherent right to privacy except as interpreted through the protection against unreasonable search and seizure. A private contract of employment will typically permit the employer to do drug-testings, credit checks, interviews with people you know, etc. You can always choose to not work for that employer, but with a special skill and few potential employers most people choose to swallow their pride in order to eat.
Without such protections against powerful private entities, we pretty much fall back on the a legal system that guarantees specific rights of property holders from the feudal era. Monitoring, everywhere, everyway, everytime is growing in most U.S. workplaces, aided by most people's ignorance of just how widespread it is.
The U.K. has pretty intrusive government monitoring of public places using video cameras that would unnerve me if it became more commonplace in the U.S.
There was a case a few years ago where a former and disgruntled Intel employee posted an email to all his co-workers that Intel did not like. The court rulings were in favor of Intel IIRC. Replacing "Intel" with "federal government" would have probably put greater protection onto free speech in that case.
"Provided by the management for your protection."
Microsoft ISA Server at least supports transparent SSL pass through.
That is, you are SSL'd to the proxy, and the proxy makes a new SSL connection outbound on your behalf. That means it gets what is in the middle.
You'd only catch wind of this if you were paying very close attention to certificates and what not.
My opinions are my own, and do not necessarily represent those of my employer.
My wife works at Fidelity. We are pretty sure the email, IM and browsing is monitored/logged. Less clear that phones are monitored but we still avoid personal business via phone conversations at work. You wind up having these wierd conversations like "yes, uh, that item we discussed this morning...its moving too fast in the wrong lane and we should find an exit or a prime rest stop"
SLASHDOT: news for people who can't concentrate on work or have no life at all and got tired of yelling back at the TV.
America is a continent. Named after Amerigo Vespucci, latinized to Americus Vespucius, a cartographer. The name of the country laying south of Canada is United States of America (U.S.A.). The name of the country lying south of the U.S.A. is United States of México (Estados Unidos Mexicanos). When you say American, you could be refering to a citizen of any of the countries between Canada and the southmost tip of Chile, including several islands. When you say United States, you could be refering to any country in the world that is constituted as a federation of states. But I would not expect much geographical accuracy from a people that fail to identify their country in an unmarked world map more than 3 fourths of the time.
I wouldn't post anything negative using my work computer, even if I was using my outside Yahoo! mail account. Even if it's on an outside account or on Slashdot, the page is going through the company proxy server.
So, since this is going out on the company proxy, for anyone at corporate: I love working here! This place is awesome! My managers rock!
It's good to use your head, but not as a battering ram.
My wife has always been paranoid about her privately held company's e-mail policies. She warns me about sending lewd e-mails to her at work. I shouldn't waste the time to do it anyway, I guess, seeing as it doesn't get me any at home.
Seriously, though, as an assistant manager, she was asked to go into two employees' e-mail accounts and print out profane e-mail exchanges between the two guys. Just two 'tards being stupid on e-mail. The idiots were behavior problems for her branch regardless of their e-mail conversations. She used the e-mails, however, to help her manager write up the documentation for the termination of the two employees.
This is serious stuff, though, and the company does have a right to control the content going across its network and e-mail system. The idiots form the story cited got what they deserved, to some degree. Not to mention that they saved a lot of potential investors the hassle of doing business with them.
Why? Would YOU invest in their new spinoff company if you knew they were dumb enough to get caught using corporate e-mail like they did? Uh...no.
IronChefMorimoto
Wait a sec, *I'm* the email admin at my company! And I *can* read everyone's email! Tee hee!!
Comon, this is /., I think everyone here knows how "secure" their work PC's are...
They're bankers not techies. Worked for a bank a few years back... good bankers don't think well - or they don't last long.
perhaps, as it states in the article, she was the DBA, while all of the others were investment bankers and executives. Jumping to conclusions is alive and well on /.
And they smell bad.
I might also call them ugly, but that would be cruel.
- Yndrd1984
All that it takes to claim persecution of a group is to show another group that is against them. Note that the term "persecuted" does not indicate quantity.
Cna you honestly say there are no groups in America that do not dislike Christians?
If there were no other discrimination against blacks, the existance of the KK alone would be enough for me to proclaim blacks as a group were persecuted.
Also, I don't think you can really claim companies closing for Christmas as an example of widepsread support for christianity any more than you can claim all the companies closed for Thanksgiving indicates widespread support for pilgrims. Holidays are just holidays any more, original meaning has been lost for most of them and companies give time off becauase people expect it and will balk if they do not get it. Even a company run by an athiest would give time off for employees around Christmas, wouldn't you say?
"There is more worth loving than we have strength to love." - Brian Jay Stanley
Without digging through court documents, my guess is they didn't "break" PIN to PIN. I'm guessing they simply accessed the backup file, created by the desktop software, of the device. PIN messages are stored in the message store, and if the message store is backed up, they're backed up with it. The backup is stored in CLEAR TEXT. As far as I've seen, there's no way of encrypting, even trivially, the backup file via the destkop software.
The truth about Scientology, Xenu, and you: Operation Clambake
With regard to non-compete agreements, how do they work if the employer has hired someone half-time? Let's say a company hired me for 20 hours a week and had me sign a doc that said that they owned any intellectual property I created during the course of my employment. Does this mean they own all the work I'm doing for other companies during the rest of my time? I ran into this situation last year and the company's HR department said the form wouldn't be interpreted that way. I disagreed. Anyone else have an opinion?
-- SYS 64738 --
Employers cannot place hidden cameras without telling employees. The courts already settled this for the most part. Just because it is company property does not automatically give them the right to snoop without warning. If a company wants to intercept messages and phone calls, it should provide direct advanced warning that it may do such. (I don't mean every incident has to be warned about, but the practice.)
Table-ized A.I.
Shee, they should have picked a more secure medium, like sticking cleartext notes on the back of the boss' jacket.
in the US you're protected by Section 7 of the National Labor Relations Act
This case is about Canadian employees of a Canadian company. What do their laws say about it?
Dogma - "let's just say we'd like to avoid any empirical entanglements."
Don't talk about Fight Club.
Really, how stupid can you be? Planning a competing venture on your company's systems (and their time)? Meet corporate darwinism. If you're too stupid to figure that one out, then maybe you shouldn't be managing other people's money.
I was on a short gig somewhere and needed email access to keep in touch, but webmail was blocked by the firewall. I didn't want to use my client's email as it was such a short gig (7 weeks). I just then discovered that although http:gmail was blocked, https:gmail wasn't. The problem is that the signon took me to a non https page which was then blocked, I just changed the protocol prefix to https and it carried on working with a secure link.
See my journal, I write things there
The only expectation of privacy I have is what goes through my head - and even that is suspect...
Lodragan Draoidh
The more you explain it, the more I don't understand it. - Mark Twain
would you give a nickle to a banker or broker who was that clueless?
Not intentionally but we probably all have at one point or another. You probably see it at your own company; marketing makes most companies look more competent than its employees really are most of the time. While things often work out, I know my limitations and I'm frequently astonished at how naive or unskilled some of my co-workers are. I'm sure we've all conducted financial transactions with individuals of dubious intellectual prowess.
While I agree these guys were stupid, or at leave profoundly naive, bankers are not techies either. I know a lot of bankers personally (I have a business as well as an engineering degree) and most of them are pretty smart people. They can dissect financial statements and often are excellent users of spreadsheets and/or databases. But they don't generally know how technologies, including email, work underneath, nor are they interested.
While they should not have assumed their communications were secure, I'm not surprised they made this mistake either. After all, email *seems* secure at first glance to most people. Sure the folks reading this know it's not but I've pointed out to many people I know just how insecure and potentially incriminating email is and I frequently get surprised reactions. (That is when they don't think I'm a paranoid looney.) The appearance of security fools an awful lot of people and I think these guys genuinely thought they were safe. Dumb, but understandable.
And the last rule... don't let your boss find out you are reading Conspiring Against Your Employer on Slashdot. A bad combination, indeed.
Honk if you're horny.
This case was in Canada.
I know that there are /. readers in all different countries out there. I noted twice in my comment that the NLRB only has jurisdiction in the US, so that readers saw what happened in Canada and wouldn't think that the same result would happen in the US.
That is a logical extension of the conversation of the original post: comparing different legal results based on which jurisdiction you're in.
It's entirely possible that the overall body of labor law is such that there's an analagous agency in Canada just like the NLRB - in either case, it's completely relevant to talk about the result of the same set of facts in different countries.
Your post is like saying that because the Red Sox won the World Series, to talk about the Cubs is irrelevant.
Oh, wait...
A lot of people are pointing out how dumb these people are.
But I feel this points to a broader issue. If ordinary people still have an assumption of privacy in their email communications, even after all this time, it's a strong indicator that such communications should be more protected. Perhaps corporations should only have access to recorded communications under court order, just as anyone else. This should be doubly true of emails originating outside the corporation.
I understand the argument "but it's their servers!" and "they're paying you" - but suppose all the telecom companies got together and decided that they'd all put a clause in their service contracts saying they reserve the right to view your emails, record your phone conversations, etc. After all, you're using their servers, and in order to use their services, you'd have to have agreed to their terms. Legal I suppose - but is it desirable?
Yes exactly! I am an American. An American born in Canada and have nothing to do with the United States of America except that I have been there a few times in my life. Not only that but my girlfriend has a an American friend the was born in the American country of Mexico. Also this reminds me of high school! A football team from the USA came to Toronto (And to Canada's Wonderland) and still thought they were in the USA! I almost peed my pants laughing.
But depending on what state you work in, there may be statutory limits on what agreements you are able to sign away (so it won't depend on either your or their interpretation, but the limits of the law). For example, in california...
;^)
Sec. 2870. Employment agreements; assignment of rights
a. Any provision in an employment agreement which provides that an employee shall assign, or offer to assign, any of his or her rights in an invention to his or her employer shall not apply to an invention that the employee developed entirely on his or her own time without using the employer's equipment, supplies, facilities, or trade secret information except for those inventions that either:
1. Relate at the time of the conception or reduction to practice of the invention to the employer's business, or actual or demonstrably anticipated research or development of the employer; or
2. Result from any work performed by the employee for the employer.
b. To the extent a provision is an employment agreement purports to require an employee to assign an invention otherwise excluded from being required to be assigned under subdivision (a), the provision is against the public policy of the state and is unenforceable.
But of course, things will get sticky if the "other" companies are competitors and even worse if one of them is your own company...
Most real lawyers would probably suggest that you request an explicit waiver for this from your employeer to protect yourself, but since IANAL, I'll say that unless you think there is some specific thing that you worked on that is potentially in conflict (or in the rare instance you are god's gift to mankind and everything you touch is gold), don't rock the boat, most people are quite over themselves on the importance of the intellectual property they create, yet most of the stuff out there is crap. You do the math.
Not everyone can live at the shores of lake w03Bg0n...
I make all of my evil plots in my underground base. Jeez, I donno my no one else does.
"1. Don't stab anyone in the back (burned bridges, insert your favorite cliche). It can come back to hurt you."
Marge: "Well, I suppose if this doesn't work out, you can always go back to the plant."
Homer: [chuckling] "Not the way I quit. Hoo-hoo."
A company I worked for was very paranoid and badly managed (so much so that 30+ other people left within the same six week period as I did). After we left, they installed video monitoring of every desk, door monitoring and other intrusions.
However, it turns out that before that, they had installed keystroke monitors, and used this to obtain passwords to private web-based email accounts. We found this out because one of the former employees was hit with a lawsuit with "evidence" from his private Yahoo email account. The suit was bogus and never went anywhere, but he still had to start a defense.
The answer is simple, do not use ANY form of communication that intersects with any of your employer's systems. Use separate private cell phones, private email on your home computers or private laptops (off your employer's network), and talk off site.
Not only is this the safe thing to do it is also the right thing to do. Even when your employer has proven themselves to be irredeemably unfair, and that you are right to leave and compete with them, that still doesn't make it right to use their resources to do so. Get your own.
"Sorry we lost all your money. We didn't realize that stocks could go *down*!"
UTF-8: There and Back Again
Date: 13 Jan 87 12:52:00 PST (Tuesday)
From: Schuster.Pasa@Xerox.COM
Subject: use of America for the USA
She's a DBA, not an investment banker... her "partnership" is a perk.
Did you sign one of those between all the HR forms? You probably did.
And yet, every day someone claims that every word out of a Christian's mouth is about their so-called complaints about religious persecution.
Christian Guy: Geez, these ants are really all over my trash can.
Athiest Guy: Fucking Christians! Always bitching about being picked on! YEEEEAAAAAARRRRGGGGGHHHHH!!!!1
And PS: not sure about your hardon with "80%" but the amount of real (practicing) Christians is probably 20% and if 80% of the US couldn't drink the President would last about 15 minutes outside the Whitehouse. I'd put the number at around 5% of the US has restriction on booze.
Hollow words will burn and hollow men will burn.
A group of people using their employer's equipment to discuss forming a competing company wonder why they got into trouble over it. Duh. I used to think people were stupid sometimes, but now I have evidence to prove it. You know, that's why people used to use pay phones, and why we have our own cell phones and personal e-mail accounts so the employer doesn't have access, control or ownership of the conversations or messages sent.
The lessons of history teach us - if they teach us anything - that nobody learns the lessons that history teaches us.
In the banking, stock, etc. businesses, many companies are required to both record and read their employees email. Here in the US, it applies to a variety of communications (telephone, email, snail-mail, even IM!), and is mandated by federal regulations. I don't know about Canada, but in these folks' world, they should have expected to be caught.