Slashdot Mirror
Keystroke Logging Declared Illegal in Alberta
Meshach writes "The Globe and Mail has a story about how
keystroke logging has been declared illegal in Alberta Canada. The ruling applies to companies using logging as a means to track employees." From the article: " The employee, who was not named, worked as a computer technician for six months in 2004. Ms. Silver said it was a job where productivity was hard to measure. 'We thought that using an objective check through the computer would be the most fair and objective way to do that,' she said Wednesday."
There are times when keystroke logging could be appropriate, like if you are in data entry- and they need to see how many wpms you are at.
I for one expect no privacy at work, because I am being paid and am using their equipment. Then again, the toilet belongs to my company, and I don't want them watching me pinch a loaf....
And All I Ask is a Tall Ship And a Star to Steer Her By
"We thought that using an objective check through the computer would be the most fair and objective way to do that,' she said Wednesday."
That's all very well, but did she say it objectively? I have to know.
We recently had heard in the office over one of the Yellow Machine that's made by Anthology Solutions.
The first thing that popped into my head when I read this line "...the most fair and objective way..." was Fox News and their "fair and balanced" reporting.
What crackhead honestly thinks keystroke logging is "fair and objective"?
Learning HOW to think is more important than learning WHAT to think.
I don't much mind if an employer of mine monitors what I'm doing at work while being paid. In my specific line of work, sometimes I'm asked to stay late to finish a project or meet a deadline. In exchange for doing this, I expect (and receive) a reasonable tolerance of doing personal things (like surfing to slashdot) during normal working hours. But if I started doing no work, and the employer didn't have to wait until my project got screwed, and the deadline missed by months before realising that I'm not working, then I say it's well worth it. Even more so if they get one of my coworkers, since that saves me work in the long term... Privacy be damned, as long as it's not abused, I welcome it.
---
Programming is like sex... Make one mistake and support it the rest of your life.
They should apologize to all of the people who have to disengage their keylogging operations in Alberta.
So what else can you not do in Alberta with computers you, you know, technically own?
Can you track what programs your employees run? Can you track what websites they visit?
And does this apply to anyone who owns a computer, or just businesses with employees? Like what if you own a web kiosk in a public place, or you lend your personal computer to a friend? Can you log keystrokes from that?
In this productivity assement, fatties would have an advantage, what with all the mashing of the hands against the keyboard.
taking screen captures every 5 seconds on any employee computer under surveilance.
-Jesse
Nothing says "unprofessional job" like wrinkles in your duct tape.
I guess we will be seeing a lot more of daytime comments from Albertia now, eh? ;)
Six years ago, I was contacted by a stock brokerage company in New York. They were looking for ways to track the computer use (of their developers, I believe. I think they were concerned about Internet Surfing) Like a dummy, I rambled off some ideas that could help them track usage without the employees noticing it. At the time, I thought it was a very strange call! Why would anybody secretly want to know what their employees were doing? Didn't they trust them? I never heard back from the people, and I always thought that I had "given away too much" by specifiying the programming during the interview.
Now that weird scenario has become all too commonplace, and it's just as secret as I feared. FTA, "When the employee discovered that he had been monitored, he lodged a complaint with Alberta's information and privacy commissioner."
The guy didn't even know the software was there. Now it's one thing to tell people "We're watching you. This will go on your evaluation" It's another thing entirely to do it secretly.
In the present day, clients are modeling their business practices more and more, and would like a way to track metrics. I'm all for it: if I were a businessperson or employee, I wouldn't have a problem with my boss measuring how long it took to do my work. Where I surfed during my lunch hour? Forget it. But my productivity? Sure.
Welcome To My World
Take up arms! Our nations keyboards are in jeopardy due to these evil logging tactics, soon our keystroke supply will exist only in preserved forests and small wildlife areas.
Don't anthropomorphize computers: they hate that.
If keylogging is declared illegal, how much of a stretch would it be to declare that scanning EMails or even net traffic for inappropriate material is illegal?
Wouldn't that require 7?
if it is a performance issue, then simply counting the keystrokes per minute would be enough, without actually catching the keys. But, by the same token, just checking daily output would be easier.
Not only should this be illegal but I believe it should be a form of discrimination.
Why was the employee in question the only person to be monitored? This a a clear case of bad leadership and they need to find another method of evaluating performance.
Maybe they could have asked the guy to keep logs of his perforemed work.
There goes my idea of logging all keystrokes, mouse movement, and monochrome screenshots every minute from every system on the network thru VNC. I calculated that I could get it all down to only 200mb per day for 25 systems. A 250gb hard drive could hold many years of this data.
http://slashdot.org/ ...
(refresh clicked)
(refresh clicked)
(refresh clicked)
(refresh clicked)
(refresh clicked)
(refresh clicked)
(refresh clicked)
(refresh clicked)
Paying taxes to buy civilization is like paying a hooker to buy love.
This is especially important in the north woods, where bosses of some tech firms commonly threaten to discipline employees by putting them on lumberjack duty. It can really keep them on track.
Where were you when the voynix came?
It *will* be abused and there is no ifs, ands or buts about it. CS-
If keystroke logging is outlawed only outlog strokers will have keys.
...which is bullshit.
If you try to determine productivity by simply counting keystrokes, someone who's chatting with a bunch of friends all day on AIM looks significantly more productive than someone, say, doing work-related data entry. You almost HAVE to look at the keystrokes to see what's going on, or failing that, monitor some other aspect of the computer use in conjunction with keystrokes to best determine what apps are being used and how frequently.
Sounds reasonable. Except for one thing. Why did they hire some one for this job? What problem needed to be solved? Did that problem get solved?
Presumably the problem was that not enough people were typing. So they hired some one to type, and measured the typing, right?
They should've hired some guys off of IRC. They type a lot.
SCO employee? Check out the bounty
This doesn't affect me one bit. I know that there is no keystroke logging where I work. The sys admins here are complete idiots and have their heads so far up their ass they wouldn't know how to implement key logg&*%$^
!NO CARRIER
This comment was generated by a Squadron of Ultra Ninjas
"How did people ever look busy before computers?"
But to make this acutally substantive, I have a hard time imagining a job where keystroke logging, even just for counting purposes, is the ONLY way to track productivity. Productivity implies you are producing something, making progress somewhere. That has to be trackable somehow. If nothing else, make the guy account for his time in certain increments. I know that's not a great thing to do and not foolproof either, but what I'm saying is there have to be better, more objective, more thorough solutions that counting keystrokes. If not, I'll just jam down my Enter key and take a 3 hour lunch.
[sarcasm]Why not let the employer and police monitor everything you do? You only have something to hide if you are a criminal.[/sarcasm]
Fight Spammers!
'We thought that using an objective check through the computer would be the most fair and objective way to do that,' she said Wednesday."
/sarcasm
Because the amount of typing is a sure indicator of productivity.
Sorry, but about the only thing it will tell you is whether someone is spending time using email, message boards, and instant messages for personal use.
And it's poor at that, because unless they're doing A LOT of non-work related typing, you don't really know how much time they're spending doing non-work related stuff. We all type at different speeds. Maybe it's all on their lunch hour.
Besides, you can check all that stuff in other, less intrusive ways.
Objective? Please. Except in obvious cases (like data entry as another poster mentioned) this requires subjective review by its very nature.
clearly the 'productivity' excuse is just a smoke screen, and their real goal is finding good free porn.
I want the job where they have no measure of your days work other than the number of times a key was pressed:
1.turn on key repeat
2.leave heavy book laying on keyboard
3.take rest of the week off and PROFIT!
Starsucks
managers never looked at any of the computer files that were logged.
So if they were keylogging, but weren't looking at the logs what were they looking at? Number of keystrokes? Counting keystokes isn't a great way to measure performance, because it penalizes people who are more proficient at the keyboard.
We don't know the details of the case, but it seems like the employeers said that they were using a keylogger to measure performance. This is doubtful, because there are many better ways to measure performance (Did the job get done?).
It's more likely that they were trying to monitor the actual activites of the employee.
"Can of worms? The can is open... the worms are everywhere."
In addition to writing software for the company I work for, I am also the system administrator. And I have been working in the IT world for about 6 years now. In that time, I have never read another persons email. I have never gone through their personal files. This is, of course, unless asked to do so by the owner of said objects. And to this day, I still find it completely ridiculous that anybody would find it necessary to spy on their users/employees by means of logging all keystrokes.
I believe that if a person cannot be trusted to perform the operations (s)he was assigned to, that they have no business working in the same company as me, in the first place. Maybe I'm too trusting. I don't know. But what I do know is that I am respected by my coworkers for being fair and not letting my power go to my head.
Having said that, I wish key logging were illegal in all states. IMHO, certain people need to lighten up.
My lame blog.
This is an interesting issue because, as far as America is concerned, keystroke logging could be warped and molested into an argument about privacy in the workplace in most courts. But where I don't really think it should be illegal is the fact that almost every company I've ever seen details the fact that company computers are to be used only for company work. Conducting personal business is to reprimanded in most cases.
But with cubicle farms being so prevalent in even small offices, you really have no other way to monitor your employees. There really isn't an effective way to block all non-work related websites without letting a few through and blocking some related to clients per se. If keystroke logging is to be illegal, then so should cameras, and network traffic loggers. If employees feel like they're being watched somehow, they're less likely to spend the day playing Yahoo! Games and checking their email. Besides, how can you confront an unproductive employee without proof that they've been breaking the company policy because your logging was banned? It's not so easy then.
Perfecting Discordia
www.stevenvansickle.com
You can't tap a phone you "technically own" either, not even in the US. If you want to record a phone conversation, you have to let both parties know. Nothing odd about that.
The privacy commissioner ruled that the library had been collecting personal information. That's not the same as saying that keystroke logging is illegal. Presumably keystroke logging would be legal if no personal information were collected. The library denied that they actually looked at or used the files other than to confirm activity. The commissioner obviously didn't believe them.
The commissioner didn't say you couldn't monitor employees. He also didn't say that you have to tell employees when you are monitoring them.
This is a pretty narrow ruiling.
The idea of needing to secretly log keystokes on an employee is ludicrous.
If you, as an employer, manager, etc, cannot trust the people below you to do the work you put before them, then why are they your employees?
When it comes to computers at work, I might need to fetch files from home, they'd log my personal passwords, and all other data; that's not only unnecessary, but unfair. I trust them to not snoop my personal data that may be transmitted through a work computer, and they trust me to get my work done.
Error 407 - No creative sig found
So it would make it illegal to have video surveillance too? If you can SEE the keyboard and the keys being pressed...Other than key logging being cheaper and the obvious format differences, what's the difference?
Why didn't they just have the employee log the work they did in the day? If you're questioning how they're working why not just make them tell you what they've done in the day. That's MUCH more effective than keylogging, and then not looking at the logs. And for some reason thinking that you're getting an objective view of how much work they're getting done during the day.
Hell, if all they were doing was looking at the size of the file, all the employee would have to do is mash the keyboard for an hour a day to make the log a few hundred kilobytes long. He'd probobly win an award for being so productive.
An employer should have the right to expect reasonable performace from their employees. No one puts a gun to an employer's head saying "employ that person", and no one is putting a gun to the employee saying "work for this person".
The employer should have the right to approach their employees and tell them up front, their work is being monitored. As long as it's done in the open, the employee can't complain about invasion of privacy. If they feel their privacy is threatened, perhaps they are not doing their job. They are after all being paid to do their job. Why then should an employee feel they are being mistreated when the employer finds out through monitoring devices, they are surfing for porn or spending 50% of their time using IM with their friends or doing seriously poor work?
OTOH, as someone else pointed out, I'd expect 100% privacy IN the bathroom or in areas of the building where work is not expected to occur. However, I wouldn't feel overly offended if the boss put up a camera pointing at the bathroom door to see how much time I spent doing my business.
When I was in high school about 2.5 years ago, the Sysadmin there decided he wanted to install keyloggers on all the computers in
a) The school library (they were also running NetOP to spy on students who were trying to work....)
b) The Cisco Lab (thereby unknowingly to us breaking our signed contracts which stated we would not distribute the cisco networking academy curriculum)
He then gave the password to access these keyloggers to his lackies, who were no more than stupid students, who blatently used these key loggers to steal people's passwords, and get others in trouble...
We never did anything about it, we were going to complain to the board, but we figured no one would listen to us anyways... Now that I think about it, I regret getting that dumbass fired for revealing private information... It could have also contributed to the student records server getting hacked later in that year...
For those wondering, I went to Denis Morris High School
It had to be done... It had to be said...
The problem with keystroke logging is how completely pervasive it is.
It's one thing to say "We'll read all your e-mail, and any files you save." That's reasonably "what you're doing on the company network."
On the other hand, suppose you get a phone call on your cell with fairly personal information. Your doctor's phoned you up to tell you the name of the clinic to get your AIDS treated at, for example.
It's not reasonable to say "employees shouldn't take calls like that during work," because doctor's offices run the same work hours as everyone else. So you take the call, you have to write down the name of the clinic. Ok, so you pop open notepad.exe to do it. You're going to write it down after, but the doc's talking fast enough, you don't have the writing skill to do it on paper.
You *know* it would be stupid to save this file on the company network, or e-mail it to yourself. But with a keystroke logger, even though you haven't saved it, it's recorded.
There are a hundred things like this. Who hasn't gotten a phone call from his or her boss, some extraordinarily irritating interference, and typed into his or her code "I would strangle this man if he weren't in charge of my paycheck..." then deleted it?
Finally, and most importantly, keystroke loggers intercept passwords. While it may be fine to check up on what your employees are doing at work, it is abhorrent to destroy their security on every single site they might visit.
Moreover, that information is not magically placed in the hands of "The Company." The Company is not a person. The administrator is a person, and while you as an employer may trust that administrator with corporate records, your employees have a right to have their bank account passwords kept out of that administrator's hands.
Computers are, at this point, far too much an extension of our minds to log every single keystroke. It's just too detailed, too internal. There are far too many easy ways to check employee productivity without resorting to this intimate spying.
In almost all cases, you can check employee productivity by watching out for sol.exe, checking the weblogs for things like slashdot or porn, and seeing whether the employee's work actually gets done.
The ends don't justify the means in this case. Keystroke logging is insane.
by giving your keyboards to monkeys. Maybe just maybe your company make more profits by selling novels created from the logging.
Felt Better! Big headache is gone.
If you use Firefox, the command to open a URL is Alt-D...then to get to Slashdot (assuming you've loaded it once before), just hit "S" and the URL autofills.
Coincidentally, the command to sort a field of data in an Excel spreadsheet is Alt-D,S.
Bill Clinton: Pimp we can believe in. - The Shirt!!!
I didn't look this up, but I'm pretty sure the Alberta Privacy Commissioner only has authority over government employees/employers.
I think the submitter is wrong: I don't think this ruling has any effect on a private employer. So it's not really "illegal."
One thing I have not noticed mentioned yet is that no one is questioning the "productivity" angle. Are not most jobs quantifiable in some way? I mean, this worker was not conjuring spirits or some such? When you hire someone, you usually tell them you need to do such and such, in such amount of time, or something like that. Did they hire this person to perfect the fung shei of the library?
Once again managers, bosses, supervisors not giving a whole lot of thought into what their people are supposed to do and how that work gets evaluated. If you can not figure out an employees productivity fairly easily, then you have problems.
Ok, I see people just itching to reply about writing software, how it's so hard to define progress, how you can not do it just by lines of code per day or functions per week. This is true (mostly), but if you give at least rough timetables for when things should be done, who cares if only one line of code is done on Tuesday if the module is done on Thursday?
My guess, the boss knew the employee had access to better porn and was just trolling to find it.
Vote monkeys into Congress. They are cheaper and more trustworthy.
first no pst and now no keylogging law!! now i wanna move to alberta!!
Does anyone else find it ironic that the name of the commissioner involved in this case is named Mr. Work? Perhaps we should monitor his activity to see what his productivity is like...
Go, and never darken my towels again! -- Rufus
No, you can't *make* them work. But you can hire them, provided that they want the job. I don't see why this should be against the law. I know a lot of kids my age (~16) that break the labour laws of their own free will so they can make more money. It works out well for everyone involved.
If I own an ATM, should I be able to keylog your ATM password?
Ownership doesn't have a fucking single thing to do with it. I assume that where you work, the land is privately owned. Is the owner of that property allowed to do things to you that are against the law? No.
This ownership bullshit is such a weak argument, especially since it appears that the extention of the argument is that the government apparently shouldn't be able to create laws that dictate the way people treat folks who use their private property. The law supercededs ownership rights, and thank for that, otherwise we'd have a tough time going after child pornographers, drug labs, etc on private property.
But hey, if you support the notion that the laws should be set around the singular wants of private owners, you're invited to my house for a beati - er, tea party.
"Old man yells at systemd"
No, with the title, it'd be 9. keystroke logging records characters, not metadata.
Could you reasonably be expected, as part of your job, to purchase something and then be reimbursed by the company? For example, might you have a business lunch?
In order to pay for that business lunch, might you have to log into your bank account?
In the perfomance of this work-related duty, is it fair that the network admin for your company now has your bank id and password, which would allow him, if he liked, to take your life savings and those of fellow employees who did the same, then run to Aruba?
Keystroke logging records passwords. No matter how scrupulous you are about not discussing your sex life on work time, any non-work passwords must remain sacrosanct. Keystroke logging goes over the line.
By no means should anyone think that keylogging is an "objective" way of measuring performance. Because employee A takes care of all her work and has some free time so she gets online and chats on IRC and employee B spends all day working on the same issues (and still doesn't get them fixed), employee B is not more productive then employee A.
We need to understand that a productive worker is one who makes sure the job is done, and it doesn't matter what he or she does in their downtime. Want to measure the productivity of the tech at the library? Are the computers he is responsible for functioning properly? If yes, he is a productive worker. If it seems like he has too much free time, give him more resposibility. If he struggles with it, can him or lighten his workload.
The Internet is generally stupid
If only keystrokes are logged, try:
// . com org (insert custom signs here)
abcdefghijklmnopqrstuvwxyz 0123456789 http :
and save it into "test.txt". Then it's only matter of copying and pasting text. You can use the mouse if you want.
results: Shift, right, ctrl-c, right right right right... etc.
It's not that there aren't workarounds. It's just that they haven't been found yet.
Because keystroke loggers are often invisible on the process table, they can be a "safe haven" for viruses and other malware - non-priv software won't detect them, so can't inform you of them. A real concern, when you consider that buffer overflows are a major source of vulnerabilities and loggers are going to have to do buffered I/O.
Now, onto the politics and privacy issues. Any company trading with Europe that also does keystroke logging COULD violate EU law on privacy, even if it is not in Europe. (EU law prohibits the transfer of personal data to countries that don't protect that data against copying and use that violates the originator's privacy. You don't know who has access to the keystroke logs and the originator certainly won't. That means, US companies can't guarantee compliance, which means those companies trade with the EU on a semi-legal to illegal basis.)
Also, if the workplace is so politicized and so badly managed that it is actually necessary to know what is typed in order to do anything, the company has bigger problems than the user they are monitoring. Companies are like organisms - if an organism's brain tried to managed ALL the internal functions of EVERY cell in the organism, it would probably explode. Either that, or be very, very inefficient. And chronically codependent, but that's more a corporate mental illness than a political or privacy concern.
It's a small world and it smells funny; I'd buy another if it wasn't for the money; Take back what I paid (SoM)
Isn't the government already keylogging all of us anyway? (takes off tin foil hat) Oh wait, that's Canada. Never mind.
I object!
In Soviet Russia, Keystrokes log you?
~~"Of course, that's just my opinion. I could be wrong." ~~Dennis Miller
>Mr. Work said he didn't have the jurisdiction to
>rule on whether or not the employee was
>dismissed as a result of his complaint.
>Ms. Silver confirmed the employee no longer
>works at the library but said his departure had
>nothing to do with the privacy complaint.
Riiiiight... he just found out he was being keylogged, filed a complaint, and then randomly 'stopped working' there.
You can't talk about Wikipedia's flaws on Wikipedia
If I own an ATM, should I be able to keylog your ATM password?
Not the same argument. Owning an ATM or keylogging customers' PINs has nothing to do with this.
Ownership doesn't have a fucking single thing to do with it. I assume that where you work, the land is privately owned. Is the owner of that property allowed to do things to you that are against the law? No.
Show up to work, do your fucking job.
"I cannot think of any need in childhood as strong as the need for a father's protection." -- Sigmund Freud
All the porn and warez my employees have been so diligently finding for me?
www.olin.edu
Then again, the toilet belongs to my company, and I don't want them watching me pinch a loaf....
i wouldn't want to work for a company that kept logs from the bathroom either!
Sounds insane, doesn't it?
There's at least one vendor out there who sells software that contains essentially this functionality. It tracks what websites you visit, and how long you surf on them, by seeing whether or not IE is in the foreground, whether the mouse/keyboard are in use when it it in the foreground, etc. I imagine it would be pretty easy to monitor damn near any application this way.
The argument in its favour, so I was given, was that the proxy server couldn't tell with enough precision how LONG people were spending looking at a given website. Management actually wanted to-the-minute counts of what employees were looking at.
I suggested to my co-workers that we might as well throw away any facade of privacy, and install video cameras behind each employee's shoulder. This way we could not only know what they did on their computer during office hours (and every single minute of it!), but also whether or not they were wasting valuable minutes doing non-work related things like reading a magazine.
As I see it, if you need to resort to these tools in the first place, you have far deeper problems with your management style. It's not *that* hard to know who's being productive and doing their work, if you have any clue what your employees are supposed to be doing.
Anyway, as an Albertan I welcome rulings like this - I only wish they would be country-wide. Paranoid employees are far less productive in the end. But hey, if I don't have anything to hide, I shouldn't mind, right?
Endless arguments over trivial contradictions in books written by ignorant savages to explain thunder in the dark.
How can it be the company's responsibility to police employee use in order to prevent kiddie porn, piracy, death threats, etc. on company computers if your hands are tied behind your back? Companies have been often charged for crimes their employees have committed...
At a place I used to work, half the people were salesmen, who, because they went out on the road all the time, had laptops. They would change their Windows XP passwords and not tell management. They would change MANY passwords (to supplier e-commerce sites, etc.) and not tell management. They would use Hotmail to avoid corporate email (which was logged). Our IT guy would go onto their computer when they were out at lunch to run Ad-Aware and the antivirus (salesmen don't give a damn) and would find MOUNTAINS of porn, half-finished resumes, and a copy of our entire corporate network on the guy's hard drive! That's not acceptable, and the guy was warned, but all he did was a) change his password, b) set his screensaver to password protected and had a hotkey to launch it whenever he got up from his desk.
The pendulum has swung too far against the OWNERS of the property in favour of the USERS of said property.
This just makes corporate espionage, like stealing customer lists and selling them to the competition undetected all the easier.
There's the rub. Did he consent to the monitoring as a condition of employment? Or subsequntly? Did the Court rule that this was overreaching?
Performance issue? If you are going to measure performance, it would be tough to gauage performance based on stats gathered from only one person. This guys beef had to do with the fact that nobody else was being monitored. It's a bit of an issue when equal level employees aren't being monitored in the same fashion.
... any chance of it staying secret will be gone.
Just because it CAN be done, doesn't mean it should!
I worked for Revenue Canada last year while I was in school at a Data Entry Clerk.
We used to have our wpm logged all the time and at the end of each week, our manager would tell us how productive how many wpm we had and how many errors we made on the tax forms(there were ppl who used to re-check the data entered). And based on how good ur keystrokes were, you would be elig.. for the next season. And depending on how many years you worked they increase the requirement.
Seems like a pretty good system, however sometimes you can be slow and its not even your fault. I've had ppl who forget to enter their name, address, postal code, sin#, or ppl who can't add etc.. and then everytime they screw up, we have to go through the manual to figure out how to deal with it.
I wonder how this ruling would affect the CCRA employees.
Some see the vessel as half full; others see it as half-empty; We pour it out on the floor and laugh
When you accept a job at a private business, you are accepting the terms of the job. If you don't like any of those terms you are free to refuse the job. I don't think there is anything wrong with key logging as long as the employer explains that they will be used before you accept the job. I was hired to upgrade a posh restaurant about 6 years ago and I installed a POS system and some cameras in the kitchen and the bar...guess what? Revenue mysteriously rose and theft mysteriously waned. Surveillance (either cameras or keyloggers or computer inventory systems) works. It should be an employers right to deploy any technology they see fit so long as they inform their employees of the practices before hiring them or renewing their contract. People don't have a "right" to a job. if you want complete control, start your own damn business and work for yourself.
And by the way, I think the law should have a tough time coming onto my private property or telling me what I can or can't do on it. It has no right to pass laws about how I use my private property. So long as I'm not hurting anyone, I'll do whatever the hell I want (it's a shame I had to move to the caribbean to enjoy the rights laid out in the US Constitution).
PS...you should be allowed to beat as many people as you want on your property so long as you tell them beforehand that that's what you're going to do when they trespass. Your property, your law.
I think, therefore I doh.
I am an employer and I feel that trust should not be an issue. That is what contracts are for. We both agree that instead of trusting each other, everything will be clearly explained and tracked. This increases efficiency and (dare I say) communication. If I'm paying you to come to my office, and work on my computer, then I have every right to track you while you are on the clock. If you are downloading porn or writing personal emails instead of doing your job, then why should I pay you? However, during "personal time" such as a lunch break, etc. I have no right to invade your privacy and track you. I found it unfair and stupid not to tell the employee he was being tracked. By telling the employee, the employee would most likely be more efficient (out of fear of getting caught doing what they are not supposed to be doing).
"If I own an ATM, should I be able to keylog your ATM password?"
No - because ATM users have a right to keep their personal financial information secret (or at least keep it between themselves and the bank). In this case, however, it appears that the government is asserting a right for employees to keep their actions secret from their employers while at work. That seems like a rather strange assertion. I despise analyzing situations with analogies, but this seems almost exactly akin to telling UPS that they can't put GPS trackers in their delivery trucks to ensure that their employees aren't stopping over at their friend's house for a few hours while on the clock.
"Ownership doesn't have a fucking single thing to do with it. I assume that where you work, the land is privately owned. Is the owner of that property allowed to do things to you that are against the law? No.
This ownership bullshit is such a weak argument, especially since it appears that the extension of the argument is that the government apparently shouldn't be able to create laws that dictate the way people treat folks who use their private property. The law supercededs ownership rights, and thank for that, otherwise we'd have a tough time going after child pornographers, drug labs, etc on private property."
In general, you should be able to do whatever you want with your own property UNLESS it collides with someone else's rights. Although you have a general right to do whatever you want with your baseball bat, you don't have a right to beat someone senseless with it because it would violate the rights of the other guy. It is difficult, however, to figure out what rights are being violated if you use a key logger to monitor what employees are doing with their work computers. Most people would agree that an employer has the right to monitor what their employees are doing while on the clock. That could include something as simple as a supervisor walking around to make sure no one is loafing or something more sophisticated like a casino using a network of surveillance cameras to ensure that their employees aren't stealing money or helping people cheat. I think the only counter-example that someone might be able to come up with would be that employers probably shouldn't be able to install surveillance cameras in bathrooms, but that's something of a special case; everyone has to go to the bathroom from time to time, but it's seldom necessary for someone to use their work computer for personal purposes. Also, it's universally accepted that you have a right to privacy while in the bathroom - I'm not sure why someone would expect to have a right to privacy regarding what they do with a computer at work.
Set heavy object down on space bar and go to lunch; let auto-repeat do the rest! Seriously, anybody that is counting key-clicks to measure productivity is just asking employees to spend 8 hours hitting random keys, and not encouraging them to do useful work. They are rewarding the typists that make lots of mistakes, then need to go back and correct them, rather than the typists that enter everything correctly the first time!
I've abandoned my search for truth; now I'm just looking for some useful delusions.
Since no-one has appeared to gone off to find this yet, here is the report of the privacy commissioner.
.. paranoid crackpot leftover from the days of Amiga.
It seems to me that keystroke logging would be a way of measuring non-productivity. I mean, you'd think that a computer technician would be working potentially on OTHER terminals and not necessarily the employee's primary system (depending on the job role). Why not just utilize software to capture technical issues and resolutions -- most of which probably have some sort of time-stamp functionality.
I give men fish.
IIRC, in the US courts have used the "reasonable expectation of privacy" as a litmus test to see if a monitoring activity is intrusive.
Under this paradigm, NOTHING you do in the workplace other than going to the bathroom carries a reasonable expectation of privacy, unless someone with certain powers (such as the CEO) tells you (usually in writing) that a particular communication is private.
Most courts have taken a pretty open view about what an empoloyer may do to monitor employee behavior while on the jobsite. Essentially if you have an office or cube, all your conversations that might reasonably be overheard on accident are fair game. Certainly any communication via email is fair game.
This is simply because of the number of ways that a person might be publicly observed. The long and the short of it is that if you do it at work, you had better hope that your employer doesn't mind.
"We don't know what we are doing, but we are doing it very carefully,..." Wherry, R.J. Personnel Psychology (1995)
Well, if you look at everything in life as something that will somwhow be used against someone, you will be an unhappy person. Child abuse is child abuse, and nothing is going to stop that. The fact is that more people will benefit from this policy than will be hurt by it, and those who are hurt by it no doubt have some legal recourse (threatening people isn't legal).
if they're trying to log keystrokes along with internet activity, now the employer will have to go to their ISP to find out...since they are required to know what ppl are doing online. ;-)
i wonder if they'll need a subpoena for records about themselves...
Alberta is a strange place to live. We arguably have one of the most conservative (both C and c) provincial governments in the entire province, but the rulings on parts of social policy always seem to swing in every which direction.
The "as young as 12" thing doesn't surprise me, for years kids that age having been working through a loophole in the system where the "parent" is hired to do a job like being a paperboy or fast food but the kid does all the work and gets the money. What happened was the parents name and age would go down on the application, but the kids SIN (Canadian Social Security #) would be put down, so the kid even got the tax forms.
What I want to know personally is how this ruling applies to students (currently a university student in Alberta). I know that my High school had some hacked up version of tightVNC installed on each computer that at times would saturate the network, and made compiling when drawing on libraries on the network drive slow as death. While I would love to see the CBE get sued or similar over some keystroke logging issue, I doubt the privacy commission is going to listen to a bunch of whiney 17ish geeks. Eventually I just used a SSH tunnel to a Terminal Server at home for all the stuff I did at school, no screwing around with disks or network drives.
Medevo
(Speaking as a NetAdmin in Alberta) Seems like it may have been simply because the library in question didn't have a computer use policy.
From CBC.ca:
"The library has changed its policy, informing employees that they have no expectation of privacy when using work computers."
You save the company some money on office gear and you maintain your personal privacy.
Trust and accountability have no place in today's workplace apparently.
But then again, technical solutions for social problems don't really work. You can track WPM/typing, but everyone has to take a break, and taht would drop the WPM substantially. Even if they type 100WPM when typing, they might average 10WPM with the logistical legwork added (paper shuffling, lunch, breaks, bathroom runs, etc).
Why not just monitor internet usage normally and find some better way (like how many things you've done that day in the system?) rather than raw keylogging.
I'd be pretty pissed if I found I was being keylogged at work. They didn't tell me, and have thus stolen my passwords and possibly my bank account information, since its in a file of theirs someplace. Isn't that opening up to be sued for privacy violations?
Job? I don't have time to get a job! Who will sit around and bitch about being broke and unemployed then?
FTA:"Ms. Silver confirmed the employee no longer works at the library but said his departure had nothing to do with the privacy complaint."
Sure it didn't *wink* *wink*.. I hope he drags their asses to the labour board as well.
I don't think there is anything wrong with key logging as long as the employer explains that they will be used before you accept the job.
That makes it *less* evil to be sure.
ou should be allowed to beat as many people as you want on your property so long as you tell them beforehand that that's what you're going to do when they trespass. Your property, your law.
No, some things should just be illegal, period. Slavery is illegal, even for trespassers. Child prostitution is illegal, even for trespassers. Property rights are important, but they don't trump everything.
Socialism: a lie told by totalitarians and believed by fools.
My parents forced me to work at 12 or risk being beaten! Of course it was yard work, house work, and other chores, but from the kid's point of view, what's the difference?
Socialism: a lie told by totalitarians and believed by fools.
but I thought that was already on /. in a prior article - if not, it was one of the bills signed into law this session.
-- Tigger warning: This post may contain tiggers! --
Tell that to the miserab--I mean sweet--children that were reportedly last seen climbing my fence to retrieve frisbees from my yard...
I think, therefore I doh.
What the hell would you gain from logging keystrokes?
I'm also a sys admin, and I can't see anything useful I'd gain from that. If we wanted to know what an employee was spending time on, the most useful thing would probably be to track web access, as generally that's how people goof off (that's how I'm goofing off right now). Other than that, things can simply be removed from the computer (like solitare). If all they have access to is work apps, it's difficult for them ot waste time on the computer. Then they'll probably just waste time staring at the wall.
I can think of nothing I'd gain from seeing their keystrokes. In fact, teh amount of time it would take me to look through a log and figure out what is what would negate any infromation we'd get. However it does seem like it'd be extremely useful if I had ill intentions and wanted to go and capture bank passwords or something like that.
I'm anti-monitoring in genreal but in this case it's jsut stupid. It seems like it has no legit use, and many bad ones.
> Show up to work, do your fucking job.
I take it you're keylogged at work?
"Old man yells at systemd"
This is indicative of a philosophical difference between Canada and the US. In the US, business is king. In Canada, business is a means to prosperity for the owners and employees. However, it is recognized that people have to work to eat etc and that business holds the advantage over their employees.
As a result there is more legislation regarding workers rights than in the US. For example, in the US, your boss can come up to you and order you to pee in a bottle to see if you smoked a joint recently. In Canada, unless you are a pilot, railroad engineer etc where your performance could hurt others, this is forbidden. Also, I was surprised to find that in the US, paid vacation time is not a requirement. In Canada, you are entitled to two weeks per year minimum by law.
There are other examples, but you get the idea.
Wow, it sure is lucky your buttcheek somehow managed to hit the Enter button! Otherwise you'd never have hit Submit and we would never have found out about your valiant aciton!
Ron dies in chapter 9 of book 7.
I think the only counter-example that someone might be able to come up with would be that employers probably shouldn't be able to install surveillance cameras in bathrooms, but that's something of a special case; everyone has to go to the bathroom from time to time, but it's seldom necessary for someone to use their work computer for personal purposes. Also, it's universally accepted that you have a right to privacy while in the bathroom
Maybe it isn't unreasonable to attach a universal right to not have your every moment watched and logged. Maybe the fundamental right to privacy should, assuming you aren't breaking a law, be the right that trumps the ownership issue.
Let me put it to you another way: They can't log phones at their whim, even though it is a corporate owned system. Why should email or even web browsing be any different?
Taken from a further standpoint, I do a lot of things for my company on my own time and outside of normal hours. In exchange, as long as the work gets done, they pretty much let me do things at my own pace or schedule, assuming their is no pressing need for me to be around for a meeting or something. And they don't monitor what I do, unless and until something suspicious were to come up. That, to me, is about the most sane approach.
And most importantly, though few have mentioned this, if you think keylogging = productivity, you've got a big problem. This remind's me of Dilbert's Wally character, when they put a $10 bounty on each bug they found and fixed, and he was writing the code and said "I'm gonna code me an RV!". Heck, if this was the case, I'd install my own keyboard buffer stuffing app! (Or just quit and go somewhere that treated me with some human dignity...)
The truth is, productivity can't be easily measured by such crass metrics. Is the customer service rep who deals with 8 customers an hour instead of 10 less productive? Well, if the faster rep leaves customers wanting to sue or not willing to do repeat business, then probably the 8 customer-per-hour rep is more productive *in the larger picture*. This is why many such metrics such - many aspects of doing business, and I do mean almost any sort of business, cannot be easily broken down to some hard numbers easily calculated. SLOC production measurement for coders isn't necessarily a great metric, for another instance. An elegant, bug free design may take some time. Or, you could bang out 5000 lines of code that sort of works and has all sorts of defects-in-waiting.
For all of you that want the company to have all the rights and the employees to have none, I'm guessing most of you have never been on the recieving end of being screwed by someone using corporate power in an unscrupulous way. I'm also guessing some of you have a bit of a naive faith in the profit motive as some sort of wonderful control on corporations. A little bit of observation shows us that corporations, left unchecked, will pretty much do whatever they want (a lot like governments). This is ther reason why corporations have checks (by the legal and executive branches of governments). Governments have checks in the legal system and in the electoral systems. Neither are lily-white paladins out for the good of every employee or taxpayer. Neither are inherently the source of all evil. Both are simply potentially beneficial or potentially harmful components of the modern economic engines that power our countries. We aren't doing away with them, so we'd better learn to live with them and the Courts serve a big part in keeping the powers of either relatively limited and in enforcing basic rights and freedom for the little guy (the employee or citizen). Or at least, that's the way it is supposed to work.
-- Mal: "Well they tell you: never hit a man with a closed fist. But it is, on occasion, hilarious."
When we spam your channel with gigantic colourised ASCII penises and Harry Potter slashfic, that's not us typing it all in by hand, you know.
Ron dies in chapter 9 of book 7.
All this stuff about keystroke logging, taking screen captures etc is stupid.
The only things that should matter as far as empolyees go are:
1.Is the employee doing things that are illegal or bad (e.g. accessing porn on company time, downloading illegal songs over the company network, running copies of Quake on the company PC etc etc)
2.Is the employee doing things that are bad for the company (e.g. stealing company scerets, using company equipment to moonlight or to work for someone else)
3.Is the employee doing their job (e.g. for programmers, are they writing the code they need to write in the time they have been told they have to write it in)
and 4.Is the work satisfactory (e.g. for code, is the code good enough)
As long as they do what they need to in the time they have been given to do it and as long as the work is good enough then the only things employers should be concerned about is things that are illegal or innappropriate and things that violate employee contracts (like stealing company scerets)
Monitoring of internet access and email and group policies to lock machines down so they cant be messed with and good physical security measures (e.g. locked down USB ports, restrictions on taking devices into the office, security cards to keep unwanted visitors out etc) should be able to stop or detect illegal or inappropriate things.
And detecting if they have done their jobs by monitoring things like how much code they contributed and how good it is is far better than trying to monitor via keystroke logs and screen capturing.
Can anyone think of any situation where keystroke logging, screen captures etc would catch something that other methods (i.e. email/internet monitoring, physical security) wouldnt?
they didn't declare that keystroke logging was illegal, they declared that hidden keystroke logging (where the user isn't aware of it) is a privacy violation.
Yes, it's the company's computer, but as with the phone, they can't just record your phone calls without telling you; you do have a certain right to privacy.
If you want to run a high security environment where you tell employees that no personal work is permitted from the computer, and that every keystroke is logged, that's probably just fine, just as you can run a call center and tell your employees that every phone call is recorded.
...is going have to upskill her cracking skills for any future movies I guess.
So now I can't secretly spy on my employer anymore? Crap! I had some pretty sexy chat captures from our CEO! I can't believe Alberta made Slashdot! Go local legal skirmishes!
"Immature artists borrow. Mature artists steal."
Wes Borg
"Maybe it isn't unreasonable to attach a universal right to not have your every moment watched and logged. Maybe the fundamental right to privacy should, assuming you aren't breaking a law, be the right that trumps the ownership issue."
An employer monitoring what an employee does with a company-owned computer does not equal "having your every moment watched and logged". You still have plenty of privacy when using YOUR computer.
Because that's what contoso.com goes to. Hmmm...
Work for yourself, you can spy on your employees and your employers without violating anyone's privacy. Be your own CEO! Or maybe that's stupid.
"Immature artists borrow. Mature artists steal."
Wes Borg
The judgement of an employee's effectiveness should be: is the work done (well)? Micromonitoring, much like Dubya's NCLB school testing, does little more than replace the real goal with a stupid measurement that causes the organization to focus on manipulating the metric outcomes instead of getting the job done. Yes, Mr. Deming, a well-designed metric measures actual success. In real life, however, metrics are made up by incompetent management monkeys, who fail to measure the metric's effectiveness in judging success. Continual process improvement means continual metric improvement, too. The problem is that you have to be able to judge success outside of the metric to improve it, and an inability to do this is what causes many people to fall back on metrics.
In conclusion, the inch is bigger than the centimeter, so as Americans we must avoid the metric system at all costs.
If it seems like he has too much free time, give him more resposibility. If he struggles with it, can him or lighten his workload.
It is this manegerial attitude (the 'can him' part) that gave birth to the deadly phenomenon of 'going postal' in the first place!
When people become 'tools with pulses' and 'a persistent drag on the corporate bottom line' what else can you expect?
If 'bosses' and 'workers' TRULY treated each other with respect and understanding, there would be no need for things like:
Minimum wage laws, occupational safety laws, laws against all forms of harassment and discrimination, unions, etc.
Thanks to 'the love of money', the worldwide workplace is a convoluted imbroglio of rules, regulations, and the resulting lawsuits that occur when they aren't followed.
What a mess....
And I just ordered a KeySpyer from keyspyer.com
Any word on if it is legal for private use, outside of a company?
If you're on my property you have two options: follow my rules or leave. The choice is entirely up to you. The fact that there isn't a third option more to your liking is just too fucking bad - for you.
Max
My god carries a hammer. Your god died nailed to a tree. Any questions?
Privacy slide into militarystate. They pay you to do "this" - as long as you do "this" they should shut up and stay out.
If Google really cared they would fix Android Chrome to reflow text, instead of discriminating
Actually, the fact that there isn't a third option more to my liking isn't a fact at all, its a false dichotomy, and a complete logistical flaw to your point.
Please try again.
"Old man yells at systemd"
As a youngster, I took a job where work was assigned via a computerized Work Planning and Control system. The WP&C graded each task according to difficulty and then determined how long it would take a successful employee to get it done. Similar work was bundled together and printed tags went on each batch. Each batch took an hour. This was paperwork processing, so a batch of difficult work might be a tenth of an inch thick. A batch of simple work might be two feet tall.
You came in each morning, accepted 8 batches (hours) of work from the assignment clerk, took them to your desk, and went to work. There were always a few people, maybe 10%, who couldn't get finished during the day. About half of the workers could finish in 6 or 7 hours; they tended to take long lunches and breaks and actually finish up right at quitting time.
A few of us, though, had a different situation. I'd grab my 8 hours worth of work, get it done in about 90 minutes, and spend the rest of the day hanging out, wandering the building, and shooting the shit with anyone who wanted to listen. Often, I'd get bored enough to go grab another 8 hours work and blow through that in the last couple of hours of the day. Whenever there was a crunch, management could count on me to check out 20 or 30 hours of work and get it done in a day, putting us back on schedule. Because the WP&C showed I generally did the work of two people, minimum, management thought I was the best employee they had. I, on the other hand, was bored silly.
Here's my point - No matter how management chooses to measure productivity, that measure will not apply to some people. Some people will show up as extra-capable when they really aren't. Some people will show up as poor quality workers when they really aren't. Outside assembly-line (and conceptually similar) work, the only accurate measure of my worth as an employee I've ever been subjected to was a situation where I was evaluated by my coworkers. Generally, they guy who sits next to you knows better than anyone whether you're actually working or not.
Effectively measuring worker productivity in any complex job is a very tough nut to crack. A crutch like a keystroke logger (or the WP&C system I outlined above) is strong evidence that the management was too lazy, stupid, or both to put in the thought and effort required to do a good job of measuring their employees.
We had this customer who was irate that his new computer was acting up and it was new I built it myself. No reason for it to be acting so strange. He brought it in we checked it out seemed fine.
He comes back complaining again. We replace the entire PC. He leaves happy for 2 days. Then he comes back demanding a refund.
We tell him if there is something wrong with the PC we will make it right. Leave it with us and we'll throw everything we got at it. He does. His wife comes in an hr later. "Can I see my husbands computer for a minute, I just need to check one thing.?" Sure come on back. She presses Shift Ctrl ScrollLock or something similar & up pops this EVIL unnoticable Screengrabber. She quickly scans through the last 3 days worth of pics. Instant message from her teen daughter, Web surfing of her hubby 3 pics a second. Gobbling up space & cycles. If she doesn't check it daily & dump it fills the harddrive with 1280x1024x32 Pics. I explain to her it is unnecessary to grab so many, 1 every couple of minutes is more than sufficient. She asks me to promise I won't tell her husband. I promise she tips me 50 bucks and promises to bring me a bottle of wine (her Idea).
Later that same day.
The owner (who has dealt with the husband only on more than one occassion since the sale.) checks in with me to see if I found the problem. I calmly explain the situation, and the promise. He asked me "Did she make you promise not to tell me?"
Obviously I can not and did not make that promise.
"Well then, I never promised her shit. But I did promise her husband I would find out what was up & fix it." Cue Dialing.
Later that same day, Hubby comes in pays us for all our service (3 hrs on site. 3 trips to the shop) and tips me 50 bucks.
Still Later
She comes in like a rocket right passed the counter into the bench area Slams down a shiny bottle of wine & says thanks a fuckin lot.
My boss says thank you come again.
The husband still shops there service & purchase.
Moral of the story: If you are gonna spy on your kids do it with your loved one. Opened the wine on my wedding day. Wife loved it.
OSGGFG - Open Source Gamers Guide to Free Games
That's not really the point I was going after.
If you truly have a lazy employee (and yeah, they exist) who spends all of his time goofing off and doesn't get the job done, I'm pretty sure getting rid of him is a smart move.
Or, if you are paying good money for an employee who, despite their best efforts can't handle the work load which other employees have no problem with, then she really isn't right for the job either.
But that doesn't mean you don't treat your employees with respect. A company that's a success is typically one that understands that the well being of their qualified, productive employees are more important to them then their customers.
The Internet is generally stupid
A friend of mine, who was at the time the sysadmin of a moderately large company, once told me that management wanted him to start tracking personal internet use.
The reason? The load on their internet connection was so heavy that it was affecting job-related activities. Mind you, that was in the early '90s and bandwidth per capita was quite meager.
I suggested that he announce a new corporate policy - all internet traffic is to be logged, analyzed, broken down, summarized and anything suspicios or compromising will be sent to corresponding sent to department heads.
I argued that the mere announcement would be enough to fix the problem so no actual measures will have to be implemented.
He tried it. It worked like a charm.
Traffic immediately dropped to manageble levels, management got off the admin's back and people stopped sending sensitive emails over unsecure protocols (a good thing!)
The exception from the privacy laws is for a government agency so that they may perform government functions. The privacy commisioner determined that the use was not neccessary as a government function which prohibited the use the same way that a corporation is prohibited.
Fight Spammers!
There is a lot more to this story than meets the eye. If anyone cares to delve into this in a little more detail feel free to check out my blog (click the URL above). The bonehead lawyers representing Parkland Regional Library have issued me with a "cease and desist" order so it's hard to say how long the information will be available. In any case I'm happy with the decision I received from the Privacy Commissioner and I did it on my own without legal counsel. Just goes to show you what kind of lawyers they had assisting them. Most of the documents relating to this case are available at the following URL: http://www.terremoto.ca/privacy/privacy.html Dan W. Armeneau
This still more or less presumes that if you work for someone, by virtue of them paying you a fee, they own you for a time period. This is not necessarily the only possible model of employee-employer relationships. Even saying 'well, they own the computer' is fine, but not really germaine. The question really should be 'what do I do for my employer' and in return 'what do they do for me' - the answer in my case is I write worthwhile code and solve the problems of their customers in such a manner as to hopefully generate repeat business. The answer from their side is 'pay me a decent salary, not be particular about the hours I keep or whether I surf the net once and while on the company computer, etc'. This relationship exists and works because both sides treat the other side with respect - I respect the deadlines they have to meet and their requirements for quality work and good customer interface perceptions, and they in return let me work at my own schedule most of the time and don't worry too much about a few minutes spent checking my gmail account or whatever.
Essentially, we treat each other with some sense of respect and understanding. When keylogging and other such technologies appear, it is a sign that this respect has gone the way of the mythical Dodo and that's a very bad step in the employee-employer relationship. I'd call it bad enough to think about working somewhere else. I mean, I've seen people fight to keep a job when their employer wants them out - that strikes me as silly too because the relationship is already poisoned.
An employer that would keylog or think this is a useful way to analyze employees is both shortsighted and one who is destructive to the significant aspects (trust and respect) of any relationship, including the employee-employer one. Once the perception of trust and good faith is gone, even if there wasn't bad faith and attempts to cheat the system beforehand, you'll pretty much gaurantee you get them afterwards. So it is just a bad management approach.
-- Mal: "Well they tell you: never hit a man with a closed fist. But it is, on occasion, hilarious."
> ATM's do log your passwords (otherwise they wouldn't work), but you have a reasonable expectation that your password won't be compromised because either 1.) your bank owns it or 2.) a 3rd party with a reputation on the line owns it. It is in both parties' interests to maintain trust with you so they can continue to profit from you.
Who cares about the bank? I took them up on the offer for an ATM, but I own the land, so I keylogged passwords, and then they moved on when they discovered I did so.
Still, you're okay that I'm not in the legal wrong for logging your ATM password?
"Old man yells at systemd"
interstellar_donkey: Or, if you are paying good money for an employee who, despite their best efforts can't handle the work load which other employees have no problem with, then she really isn't right for the job either.
:) )?
In this case, you can:
1) Put/dump the extra work the employee in question can't handle on the other employees. If they are paid by the hour, you may be in for (unwanted) overtime expenses.
2) You can fire her and get someone else. Won't that be rather expensive (if she is not let go on solely job performance reasons)? Will her replacement be as trustworthy and more productive as she was? How many replacements will you have to hire and fire before you can find the one person who can take up the workload the employee in question couldn't handle? Could it be that it is ultimately cheaper to do option 1 or get rid of her and personally replace her (you do trust yourself, do you
No wonder the credo of entrepreneurship is 'Fire Your Boss!' The people who are truly self-employed and depend on no one but their customers for their next paycheck have nothing but awe and admiration from me--how about you?
Duh! It's because of our Alberta's FOIP law. Freedom of Information and Protection of Privacy Act. You can't collect any personally identifiable information without a) letting the person know, b) for legimit legal/lifesaving reasons, and c) plain and simple: it's against the law. Plain and simple.
Check out the law here..
From the FAQ on the law...
Your employer can collect personal information that relates directly to and is necessary for an operating program or activity, as well as any information they are authorized by other legislation to collect (section 33).
Under the FOIP Act, your employer must tell you what authority they have to collect this information, and how it will be used (section 34(2)).
Normally, your employer must collect personal information directly from you. However, section 34 of the Act allows for information to be collected indirectly in some cases, for example, to determine whether you are eligible for a program, benefit, honour or award, or for the purpose of collecting a debt owed to the public body.
Guess this is really a moot point. Keylogging, if done discretely, and is without merit other than to spy on activities or productivity, is illegal. Plain and simple.
Management is doing things right; leadership is doing the right things. - Peter F. Drucker