Slashdot Mirror
In EU, Internet Use From Work May Be Protected
athloi wrote with a link to an Ars Technica article on a case involving the right to privacy on the internet. "A Welsh university employee has successfully sued the UK government in the EU court of human rights over monitoring of her personal internet use from work. According to the complaint, the woman's e-mail, phone, Internet, and fax usage were all monitored by the Deputy Principal (DP) of the college, who appears to have taken a sharp dislike to her. The woman claimed that her human rights were being abused, and pointed specifically to Article 8 of the European Convention on Human Rights, which governs private and family life." The courts agreed; despite a lack of a notion of 'privacy' in English law, the EU convention forced their hand. The ruling doesn't try to dissuade employers from monitoring employees, but does encourage them to inform employees about surveillance.
I have never worked at a place that didn't have an AUP that wen't roughly along the lines of:
Do anything that would get us sued and you will be fired. Don't do your job and you will be fired.
Since the former covers porn (respect at work acts) and the latter covers goofing off all day, unless you happen to be so good at your job that you can still manage to get everything done *and* goof off, then all eventualities are covered.
Beep beep.
In this case, the snooping would appear to be more than warrented by employee productivity or asset/network integrity. Very targetted, and unarguably an abuse of employer power. Something dreaded in the EU and prohibited by a whole host of laws.
I would hope that even in the US this sort of inter-personal grudge nursing would be similarly identified as malfeasance. The snoopers boss ought to fire her for abuse of company assets and damage to reputation. Snooping is never free.
Sure, getting people to read article/comments is important, but perhaps a little accuracy in headlines is appropriate?
It is still quite legal for an employer in the EU to declare that its computers, phones, etc are for business use only, and that correspondence will be monitored. This does not contravene Article 8, since only *private* correspondence is protected by Article 8; use of company machines for correspondence therefore makes such correspondence not private.
"Trolls they were, but filled with the evil will of their master: a fell race..." -- J.R.R. Tolkien on Olog-hai
Otherwise, we would not have time to post at Slashdot during the day.
excitingthingstodo.blogspot.com
The point is that, if a person in a priveleged position takes an interest (with whatever motive) in a subordinate employee, the very ability to monitor their computer usage at a near moment-by-moment screencap level is separated from aggravated stalking by nothing more than the definition of the law with respect to employer-employee relationships. Being able to spy on an employee, even if they know you are spying on them, gives the aggressor an enormous advantage should they have an interest in manipulating the target--for love, money, lu5t, political position, social control, or whatever other motive.
I have no problem with my employer monitoring internet usage to make certain that I'm not sabotaging the business. At the same time I think there is a reasonable expectation that no one employee is monitored any more closely or hounded any more severely than any other employee. With the way AUPs and employee agreements are currently written (completely one-sided) one can be working in an environment where 4 hours of casual use/day is allowed but woe to the one employee who is targetted should they check their e-mail even once.
Giving free reign to employers to selectively enforce a zero-tolerance policy justified by any arbitrary excuse is a recipe, an open invitation even, for abuse--to the level which would be considered aggravated stalking in any other environment.
the NPG electrode was replaced with carbon blac
What I don't understand is why this university doesn't have a policy to cover this sort of monitoring. Most places that I have worked have had a policy that specifically states that the employee's use of corporate communication assets can and will be monitored, and the employee has to sign stating he read this policy. Basically, it's the company's way of covering their arses. Granted, the actions supposedly took place in 1999 and I am too young to comment on the state of corporate communication policies in 1999, but I would think it would have been naieve for any business entity not to have covered themselves legally with some sort of "you might be watched" policy.
That said, if the university didn't have such a policy, then I don't see a problem with the woman suing. Especially in light of the fact that the person monitoring her actions went so far as to call back numbers she had previously called to see who she was calling.
Anyway, lawsuits like these are why companies today have aceptable use policies.
If Murphy's Law can go wrong, it will.
And in case you wonder why we have a special european human rights convention when we already have the UN Universal Declaration of Human Rights: This is similar, but goes a bit further in the areas where it was impossible to gain international concensus in the UN in 1948. For example, see article 8 in the european human rights
and compare this to the corresponding article in the UN human rights:Not only that but Slashdot is actually work related for many of us. I know I was ready for the recent ANI fix because of the article here at slashdot. The MS site didn't really have anything until after the patch was already released.
There are 4 boxes to use in the defense of liberty: soap, ballot, jury, ammo. Use in that order. Starting now.
I have never worked at a place that didn't have an AUP that wen't roughly along the lines of:
Do anything that would get us sued and you will be fired. Don't do your job and you will be fired.
You didn't say anything about them watching you. It's one thing for a company to make that statement, its another for them to monitor every single resource you use (without notifying you) to ensure you are complying with that statement.
If you are about to mod me down, keep in mind that this post was most likely sarcastic.
Not only that but Slashdot is actually work related for many of us. I know I was ready for the recent ANI fix because of the article here at slashdot.
Reading slashdot for the vunerability announcements is like buying playboy for the articles.
The whole issue being brought forth by this posting is private rights versus public rights specifically business and job related. When you are at work what you do, say, and how you act all impact you. Without businesses being able to monitor employees they couldn't protect their rights properly and since your supposed to be a fundamentally good employee anyways you should want your business to be able to protect itself. I have worked for a huge corporation and everything I did at my workstation was monitored and stored and I was aware of this. However, it never bothered me or made me give my work a second thought because I WAS ALWAYS DOING MY JOB. The people that worry about these things are the people surfing porn 8 hours a day and getting payed for it. I do agree that monitoring of peoples home and personal use of the internet is a bit much. Just look at some things that have happened; the teacher that had nude pics posted got fired from her job (pics were posted publicly for all to see though), the man who sent his video resume and it got e-mailed all around the big law firms for a joke and he sued (this still applies because it is an issue of privacy), and finally the man who had the facebook account and got fired for some inappropriate material displayed on his account. All these acts make you question how much of you is actually judged by work? The anwser is every part of you. These people want to know what you do in your spare time, sometimes those things speak to people's character. Bottom line sum up is when your at work you should act accordingly, when at home you should still maintain some restraint for your sakes, however if someone is attempting to blackmail or "force your hand" with this information that is illegal; and you can simply take the offensive, unless you were doing something you shouldn't have in the first place.
Yes, but telling your boss you read slashdot for the vulnerability announcements is in no way like telling your wife you read Playboy for the articles. Your boss will probably believe you.
- None can love freedom heartily, but good men; the rest love not freedom, but license. -- John Milton
I have read quite far down the discussion and very few people seem to consider the fact that the manager might be incompetant and stupid.
Normally in business incompetent people reach a point where they fuck up and get fired. Or they fuck up and get demoted, however this was a council.
That means that the manager was probably fairly useless anyway (or she would have got a proper job, not working for a council). On top of this the manager did not run what she was doing past the legal team or the organisations HR officer. If she had we would not be discussing this as it never would have ended in a stupid legal fight which has probably cost the british tax payer (me) more than the pair of them's wages for ten years combined.
The reality is that most councils seem to have a high turnover of high quality staff as the good people leave when they have done enough time for it to look good on their CV. The crap people can't get sacked as nobody ever gets sacked so they just end up in positions of management by default as nobody else wants to stay that long. The manager in question was probably victimising this member of her staff for two reasons:
1) She was too stupid to find something she could sack the employee for.
2) The employee was actually good at her job and was making the manager look bad in comparison.
I dont read
As an IT director, I am responsible for ensuring connectivity and bandwidth for my company. As part of this job function, from time to time, I turn on "monitoring" on my firewall. This doesn't tell me who is doing what... it just tells me what sites are being hit.
This is a great way to do statistical monitoring without intruding on one particular person's privacy. If I notice that more than a little of our traffic is going to MySpace or the porn flavor of the day, I re-send out a reminder of the AUP to all staff. (I also remind people that, with VNC, I can observe their screen directly (not that I would, except for tech support-related issues, but I want them to know that anyone in IT could)). After that, the non-work traffic dwindles to next to nil.
Isn't that a better way of doing it all around?
P.S. FWIW, my firewall is a ZyXel, and that behavior is the default functionality. I would have to install separate software to log what each individual is doing, and... why would I want to? The real issue (at least from an IT perspective) isn't who is abusing company resources... only that the abuse stop.
--
Government of, by, and for ALL the people.
Privacy is extraordinarily poorly defined for something we value so much.
There is information privacy; things about you that you just don't want known. There is decisional privacy; decisions that are yours to make (e.g. US court reasoning in Roe v. Wade and other "substantive due process" cases). I think many people experience spam and pop ups as a kind of privacy issue; you might call it "attentional" privacy -- the right to focus on what you want to focus upon. While you have no right to keep your movements in public places secret, it doesn't mean people can intrude on your going about your business.
I have read a number of philosophical papers on privacy, many of which raise interesting points. But of all the one who came closest to getting it right in my opinion was Justice Brandeis who famously defined privacy as the "right to be left alone".
All privacy concerns at their root entail the ability of the individual to maintain his autonomy and separateness from the group. It may even be the right of the small group to maintain its autonomy in the face of the larger group. Brandeis errs in one respect: we often don't want to be left alone, we want to be involved with other people. We just want to have a fair and equal role in setting out the terms of involvement.
The issues we label as "privacy" are closely related to the idea of "liberty". We cannot have liberty without enjoying at least some minimal level of privacy.
I have proposed the following definition of privacy: Privacy is the right to be free of unreasonable involvement in your affairs by others. "Reasonable" means that which is rationally necessary to your relationship with the outside party.
Legal thinking places too much emphasis on the nature of the information involved, whereas what actually matters is how the information is used, and its effects both intended and unintended. This is a particular problem in US law, which depends on an artificial and subjective distinction between private and non-private information. This often leaves us in the logically inconsistent position of having to admit that certain actions are objectionable and unjust towards an individual, but asserting that nonetheless none of his rights are violated.
For example, if the AUP of your work place says you may not use the web for private use, and, with advanced informed consent your web browsing history is examined for non-work uses, that is not an invasion of privacy. It is rationally necessary to do so to carry out a prior agreement. If a supervisor uses the same sources of information in order to stalk or coerce a subordinate, that is an invasion of privacy, even though we are talking about disclosure of the very same information to the very same person. However, in such a case the supervisor might well claim that the individual had neither a legal right to privacy nor an expectation of privacy.
While the "expectation of privacy" test is very useful in flagging actions that violate norms of behavior with regard to privacy rights, it doesn't really capture the interests of the individual that are at stake. Equally bad, it does not establish the rights of others in the face of an individual who wishes to assert a privacy interest. The "expectations" test has no real fundamental justification, in fact it is not entirely clear what the phrase means. Can the police put cameras in everybody's house and say, "There, nobody expects to have privacy any more?" Does "expectation mean the expectations we ought to have if everything was just, or the expectations we do have in light of what people happen to be doing? Or (as seems to be the case) a mixture of both?
Post may contain irony: discontinue use if experiencing mood swings, nausea or elevated blood pressure.
I just got fired for reading this article.
:P
I'm one of those ;-). Although corporate is starting to filter out message boards and sites of that nature. In most of those cases all I have do is hit "continue" to view the site anyway.
I work in IT as a Network Administrator and most of the time I am able to fix what goes wrong in five to 10 minutes while in charge of rougly 200 computers, five server rooms, application servers, support about 160 employees...a lot of the free time I have I spend reading articles online (mainly RSS feeds).
Simply a group of people who seem to be incapable of speaking with one voice. I do accept the premise that when on company time and using company property, you give up many rights you would have at home or on public property. So if the workers want better accommodations, unity is the way to bring it about. The workers, like the customers, have the power to set the rules. I am uncertain as to whether that has occurred to them yet. And it won't matter whose property they're on. The worker simply must state that if the company wishes to use their services, these are the conditions. Presently everything is done precisely backwards. We have given up our authority to the company. We are letting them set the rules. The servant has become the master. The real problem is that they(the workers, all of us actually) put their self interests ahead of the group interests and are so easily distracted by petty, useless things. So what you get is a lot of bickering with few results. It would appear that I'm complaining about nature itself, because I see nothing unnatural here.
What?
Unless we stop being human once we get to the workplace, it is. At least within reason. The exact level of privacy we can expect is a matter of opinion.
Lady at work used to send me really funny porn pics; a lady with an n-gauge train driving up her coochie; a lobster (no, really) half-inserted, claws out, a coochie made up to look like two lips, smoking a cigarette - probably 30-40 of these pics, arriving sort of randomly attached to various emails over quite a few months. Same person joined my martial arts class and one day she retired to the back of the room during a workout, citing a headache. At a later break in the class (I work them very hard, so they need recovery time), I walked back to check on her and asked her, "how's your head?", and she said "I've never had any complaints...", deadpan. We've been a couple for over a decade now, and she's a black belt as are two of her three sons. Hooray for porn at work, sexuality at work and in class, and boo to anyone who thinks repression is the way to go.
Not a problem here. We only use Macs and linux. So no reason for such a policy. Such malware is a Windows problem (and Windows is a corporate problem - best thing we ever did was to get rid of it entirely as a working environment. Windows only runs at the hands of our engineers, in non-networked sandboxes on Macs, as a testbed for bug reports on our legacy Windows products.)
You have more important things on your mind than sexuality? Are you really old? Or crippled? Or in jail? :-)
I've fallen off your lawn, and I can't get up.