Slashdot Mirror
In Australia, Bosses May Get Power To Snoop On Emails
Numerous readers noted the proposal by the Australian government for legislation to allow employers to snoop on employees' email and IM conversations. This is being proposed in the name of protecting the infrastructure from terrorism. The attorney-general cited the Estonian cyber-attacks as a reason why such employer monitoring is necessary in Australia — never mind that the attacks were perpetrated by a lone 20-year-old and not by a foreign government or terrorist. The law permitting intelligence agencies to snoop on citizens without permission expires this June, leading to the government's urgency to extend and expand it. The chairman of Electronic Frontiers Australia said, "These new powers will facilitate fishing expeditions into employees' emails and computer use rather than being used to protect critical infrastructure. I'm talking about corporate eavesdropping and witch-hunts... If an employer wanted to [sack] someone, they could use these powers."
Snoopy gets the power to email your boss!
I had no idea it was illegal now! Here in the US it's like if you don't own the computer cuz it's a work computer and you're on the work's connection, they can spy on you all you want. It seems completely logical to me and not even really an invasion of privacy cuz you should be ohhhh you know, DOING WORK lol.
Google's Super Secret Search Algorithm: SELECT @search_results FROM internet WHERE @search_results = 'good'
Oh where can I find a place where my emails *won't* get snooped on?(barring of course, encryption).
'Number-memorizing Chinese people.'-Anon
Who's going to be a terrorist? The little frontline technician who works on the phone all day? Or the guy who doesn't do any work and receives money from his relatives in a strange country who make money by making bombs? If your employer has any reason to snoop in on you, they shouldn't have hired you or they should ask you in person.
Please visit http://www.mederbil.com/ i7, GTX 275, 4 1TB Caviar Green in RAID 0+1 array, EVGA X58 3X SLI Board, Silver
If the company owns the machines and the network, then the company is able and allowed to watch everything you do - particularly if you signed an employment agreement consenting to it.
This is not news. Frankly sometimes I think privacy advocates overreact - and I think this is one of those times.
For linux tips: http://www.linuxtipsblog.com
2 words: use encryption.
Who said a business owner can't review the contents on their machines in the first place. They have computer forensics people looking for that all the time, all over the world. Now business people want to know what's up with IT. What's the problem. People abusing the machines they work on is common place. We as tech oriented individuals need to start working on teaching people what can and cannot be seen on a computer, so they don't make these mistakes at work.
Australia has essentially become the England of 1984. No one except that government and corporations have any rights whatsoever, the only thing keeping them from putting cameras inside everyones home at this point is cost. And for what, who the hell hates Australia?
It doesn't seem to prevent crime either http://www.brisinst.org.au/past-issue-details.php?article_id=68. These retards are just spending money for no particular reason.
I guess this is the last time I'll be posting from my (Australian) work computer.
|>
Here be Dragons
Same as the old Federal Government
...the minimum is a police check to get a job. After that you have security clearances from Protected through to Top Secret and then breifings start eg. Alpha, Bravo etc. the higher level clearances pass through ASIO and they do background checks. If they didn't turn up anything about you being a terrorist going through the past 10+ years of your life, which you give them permission to do I don't know what they hope to find in your email. They look at club memberships, financial records, people you talk too and more. A dedicated, intelligent hacker is not going to try email a trojan and then give up, and you don't need to pour through emails to find binary attachments... and all this under a *labour* goverment! So much for the rights and protection of workers.
Users... the only thing keeping 1st level support from being the bottom feeders.
Huh? What does what you have to go through to get a security clearance have to do with employers snooping through work emails?
For linux tips: http://www.linuxtipsblog.com
This is nothing to do with Australian Government security checks of staff - it is a beat up over nothing. Private enterprise will now be covered by law when they scan employee emails to reject attachments. They won't need a signed statement showing consent, they can just do it to protect their networks.
When I worked for a federal government department, my emails were blocked if they had any attachments or if it looked like it was unsuitable for work or if it was flagged as spam or chain mail. All employers should be permitted to do this to protect their networks.
I wish privacy advocates hadn't jump on this like they have, but I imagine it is more to do with the way the media framed the question.
Bosses reading employees' emails will not "protect the nation's critical infrastructure from a cyber attack" instead it will make it easier. If an employee receives an email which is able to exploits a vulnerability if opened it would likely only infected. However if bosses are allowed to read employees' emails and does the bosses computer will become infected.
The proposed powers claimed to address the "growing threat to national security" rather attempt to protect businesses from having employees spend time on things not related to work and malpractices that employees may do. The powers do not address "threats to national security" and it is likely that any gains to business would be outweighed by making it easier to take over computers used for more important tasks within a company such as on a bosses' computer.
Are we talking about a government or the corporations?
If it's the government then they need to FUCK OFF. There is no reason for government mandated spying of corporate infrastructures. Period. If that is what is happening, then I can understand the uproar.
It it's the corporations, then everybody needs to calm down and put things in perspective. Corporations have EVERY right to watch what you do at work. It is not even "spying". If I hire somebody to fix my toilet, then although it may annoy them, I can hover around the door and watch what they do. No different then if you are a full time employee of a large corporation. The "Boss" can hang around you all he/she wants. They can also read all correspondence you create, before and after, you send it. Using the company car? They can watch where you are going. Using the company email server? Well they ARE the postmaster too. So on every level they have the right to read your emails. Talking to your wife from work? The Boss can listen in to see if it's naughty.
I know some people may want to draw a line with just how much they can be monitored while at work, but they have to at least understand that they are at WORK.
is pretty much the same as the old guy? Eh, so much for that...
What?
I thought Australia voted John Howard out of office last year?
Your employer may require you to consent to monitoring, but not your correspondents outside the company. If they discover that their email is being monitored, lawsuits might ensue. The proposed law seems to cover the employer's ass here.
Technology will overtake this. When everyone has an iPhone or like in their pocket, who is going to send potentially compromising emails through their employer?
let facts get in the way of a politician's perfectly good diatribe. After all, they know more then you do, thanks to the taps they are already monitoring.
"To those who are overly cautious, everything is impossible. "
Since Parliament is subject to the will of the people, you too can now read your MPs email. Demand that and see what they say ...
.. paranoid crackpot leftover from the days of Amiga.
in soviet russia, emails snoop on technically insensitive bosses!
Time to make sure my PGP certificate is still working ....
If a corporation wants to sack someone they will find reasons besides snooping on email or IM -- that's just another tool in the arsenal but won't change anything. Should an employer have the right to read employee's conversations? I say yes, but only if the conversation has occurred using the business infrastructure like business email, IM from inside the business, etc. To draw lines, all that stuff should be available to the employer and the employee should be aware and use restraint. If an employee wants privacy during work time they can easily set up a remote connection to a home computer and do all their personal communication from their home machine.
The minister for bad hair styles, Julia Gillard, probably hasn't heard about encryption. My employer is welcome to snoop my GPG encrypted email.
This is the same government that intends to force ISPs to filter out porn, with customers needing to opt-out if they want to view the "offensive" material. Seems PM K.Rudd needs a lesson or two on digital privacy.
IANAL, but my understanding is that it is already legal for employers to monitor any and all use of employees emails, IM, etc. The company owns the computers so they can do what they want with them. There is no distinction between work-related and personal emails if they were sent or received using company resources.
The Attorney-General says otherwise which is a surprise to me, and also I'm sure to much of the business and legal community. The legal advice to several businesses I've worked at, is that they are well within rights to intercept employee emails.
Any Australian lawyers that can comment on this?
Many companies are now blocking web-based email providers.
They usually block not only by known hostname or IP, there are some smart systems that can identify things like SquirrelMail. And an old favourite is also to block based on educated guesses, like "webmail.mydomain.com".
So the best way to get web-based email through is to run your own install, on a host/domain name that does not include "mail" and such. And use HTTPS, that way the proxy can't see you are using SquirrelMail or similar.
Employer Access to Employee emails is normal in Australia and has been used to fire people for years.
What the proposed legislation will do is to allow uncontrolled access by government agencies to business email systems. No warrant's, reasonable cause, etc.
If you want to know how bad this is.
Check out how great our federal police are - look up the name "Haneef"
While we have a new government in Australia - we have the same old bureaucracy feeding the pollies with the same old BS.
The older I get the more I appreciate "Yes Minister "
I agree. While I don't really think an employee has to be busy doing work for every minute of the work day, they really shouldn't be using company time and resources to be doing a whole lot of personal business, especially any of the kind that would get them fired or arrested. The occasional e-mail or the nightly call home to the kids are fine as far as I'm concerned, but there's a point when it's too much.
Looks like there will be one positive thing to come of this: The number of "paranoid schizophrenia" diagnoses will sharply decrease, since it's not paranoia when you really are being watched.
Admit it. You post strawman arguments as AC so you get modded Insightful for refuting them, rather than Troll
It's quite common for employees to have no expectation of privacy regarding corporate communication. Perhaps things should change in the US as well...
LS
There is a fine line between being a cultivated citizen and being someone else's crop. - A. J. Patrick Liszkie
mail reads YOU!!
1) Grab a laptop, and a 3g modem and byo email/msn - work can't spy on what they can't see :)
2) It's ssl, use it.
3) Tunnel
I say Mr Rudd might have been digging in his nose for dinner a little too deep and is now suffering brain damage...
First I rang my local member, who referred me to Julia Gillard's office (she made the original idiotic statements). Her office referred me to the Attorney-General's office, as that's where it's coming from.
The nice functionary I spoke to there said it's a media beatup. Under Australian law it's illegal to intercept the communications of a third party without a warrant. There was some wondering about whether passing emails through a virus scan qualified as warrantless interception.
Rather than going through some court case about to settle the matter, it was felt that it would be easier just to amend the Telecommunications Interception Act instead.
So that's it. There's actually no story here at all. Though it did provoke me to write an angry rant before I started doing what the journalists should have done in the first place - check the facts.
Classical Liberalism: All your base are belong to you.
> -- never mind that the attacks were perpetrated by a lone 20-year-old and not by a foreign government or terrorist.
:-) see this link: http://www.epl.ee/artikkel/392271
This quote is far from reality. The lone 20-year-old was the only one who got convicted, because he was the only russian caught who
lived in Estonia. Meanwhile the bulk of the attackers got away, because they live in Russia. And russia don't extradite their citizens (remember the Litvinenko case?). If you can read estonian,
A crude translation: On june 28th 2007, the reply from russian authorities denied all help to estonian government regarding the cyber-attack investigations.
...It's called, "I own the equipment and I'm paying for your time, so you have no expectation of privacy. Deal with it!"
Goofy, Geeky Gifts and More!
Wow... with so many experts commenting on the matter I'm sure my 2c aint going to count for much. Anyway, as someone who works for a managed services provider providing services to a Federal Government department in Australia I find the spectrum of comments rather amusing. Obviously few of the commentators on the subject actually work in government or big enterprise.
When you enter into an environment such as the one I manage you sign away your rights to privacy the second you accept the IT security policies that govern the particular workplace. Don't want to accept the IT security policy? Find somewhere else to work.
Everything you do on the infrastructure provided to you by your employer is owned by the employer. Sure, the IT policy generally includes allowances for the fact that people have a life outside work and need to be able to conduct some personal activities from their workplace however there should be no assumption of privacy.
I illustrate. Another Federal government department recently contacted ours over a potentially problematic email containing sexual content. We, as a Federal government agency, are required by law to investigate. We are not required to disclose the fact that we are doing this investigation. Should I be investigating you then you'd better hope it was a misunderstanding and that nothing incriminating is found in your mailbox because regardless of whether we find the item in question from that point on we are looking for a demonstrated course of action. i.e., does the person regularly conduct email activities that could result in a sexual harrassment case being built against them and in turn harming the reputation of the agency. Is that an invasion of privacy? Possibly.. if I was snooping into emails sent on infrastructure you owned, such as your webmail (which incidentally is also prohibited by policy and blocked by technological controls). Given that I have conducted my investigation on your government owned mailbox then sorry Jack, you have no expectation of privacy.
As for whether Americans have different rules, legislations etc is not the point. The law being discussed is relevant only to Australia, Australian work places and Australian laws. Frankly any attempt to dilute the argument by referencing what other nations do is completely irrelevant and totally pointless.
Do I agree with the proposals? Actually, yes I do. Given that my workplace already has such policies and the reasonableness of an employer being able to protect their property and infrastructure I don't see why this is an issue. If you don't like it, then don't do anything to warrant your activities being examined.
Do I think that some employers could abuse the ability? Sure, but what makes you think that such employers don't already do so without your knowledge?
"Oh yeah I am terrified of bot nets, the poor routers oh god won't some body think of the routers. Those terrorist have really scared me this time...lets read employees emails thats going to stop them!"
Lets face it thousands of employers around the world go through employee email all of the time this is nothing new the only difference is you can get the sack for having fun now.
Good way to get someone locked up or thrown in gaol, all you need to do is spoof some emails and boom instant terrorist.
Where I work they log everything, including IM conversations. Its actually kind of handy when something important is said in an IM conversation and you need to look it up (or as a boss if you want to see what your subordinates are talking about). The tool itself is just an SQL server that logs what you say character for character and does no post-formatting. That means if you stick HTML in your IM message it shows up that way on the page. One of my female coworkers thought they found a way around it by sticking secret messages in less-than and greater-than symbols. She demonstrated by sending a message with "hi" followed by her calling me gay as a secret message. She then refreshed the page to show me that the secret message wouldn't show up.
She put a space between the less-than sign and her first character, so the browser displayed everything.
Dear Australian government,
Since you are so eager to protect your country from evil bearded terrorists, I would like to suggest some other sensible measures:
- employers can beat their employees with a stick whenever they do something suspicious ('suspicious' should be left vague)
- employers can impound the passports of foreign or poor employees and lock them up all day in overcrowded shacks with no airconditioning.
- employers can strip-search male AND female employees for dangerous substances that could be used for making bombs.
- employers can cut of the beards of their employees, especially when they have darker skin or look suspicious in any other way.
I am sure this will make your society more harmonious and safe.
1. Usually it's implied that if you're using someone else's network (ie that of an employer), they generally have the right to peer at what you're doing. At least, that's the general consensus among the /. crowd in the states.
2. The reason given sounds quite shoddy. Who launches terrorist attacks from a work computer?
Its a little different because im hourly, but the principal still applies. If im on the clock, thats their time, and vice versa, i'm a real bastard about it too.
I've been paged to the floor while on my lunch more than a few times, sometimes more than once durring my lunch break. I'm punched out for lunch (company policy) and required to take one (state law) i made my bosses fill out the apropriate paperwork for me to get paid for those interrupted lunch breaks every time. Although personally i'd rather not even take a lunch and not be stuck at work for an hour while not getting paid.
I dont even answer my phone on my days off if i see that its work. One time i was just getting in for the day and my boss said something like "Why didnt you answer your phone yesterday, we coulda really used you, so and so called in." I just laid into him, with the HR lady right there too, i was like
"My days off are MY time, if i dont show up for work on the days i AM scheduled then we have a problem, but i am not coming in other days unless you work something out with me ahead of time. I am NOT on call, and if you want me to be you're gonna have to pay me a salary, starting now."
They havnt called me on a day off since then.
"Sic Semper Tyrannosaurus Rex."
So what if you are at work and you log into your gmail or other 3rd party email? Should the bosses be able to read that too? People should use there work email for work and personal email for personal reasons.
I dunno. I believe that a happy employee is a better worker. And mutual respect is very important. But I guess this topic is about security and that is also very important. Where do you draw the line on security? Its just like the government. Is putting everyone in the world on total survailance the answer to fighting terrorism?
I guess these are the questions of todays age.
In that case, is it OK for your employer to open the letter and read it before it leaves the building?
"Empathise with stupidity, and you're halfway to thinking like an idiot." - Iain M. Banks
It's always been legal for companies in Australia to read their employees email. The techs do it as a matter of course as part of making sure their email servers are working correctly. And most? companies do backups and virus scans these days.
I know of several employees that a company wanted to sack - and sending sexist jokes became the convenient easy to prove excuse. It does help if there is an employee policy that states that the Company owns all the material created on their computers and may read any emails or all of them when ever they want. I know of a few companies/government that filter dirty words out - sometimes with strange consequences like when you're trying to buy a female dog or eradicate prickly pear.
-- it must be true, it's on the internet.
... heard of a "front" ?
Dear CEO,
Are you going to take that bribe I offered you, or what?
The Extortionist
I believe these things invalidate your comparison of Eyebrows & TinTin to Pepsi & Coke. On the scale of carbonated drinks, Mr Rudd rates at least a Fanta, or possible a Red Creaming Soda (with ice cream in it), in his difference to Mr Howard (Coca Cola).
Yours sincerely,
Summer Glau.
[1]"Rudd says sorry", Dylan Welch, Sydney Morning Herald February 13, 2008 http://www.smh.com.au/news/national/rudd-says-sorry/2008/02/13/1202760342960.html
[2]"Australian federal election, 2007." Wikipedia, The Free Encyclopedia. 9 Apr 2008, 01:16 UTC. Wikimedia Foundation, Inc. 14 Apr 2008 http://en.wikipedia.org/w/index.php?title=Australian_federal_election%2C_2007&oldid=204352606.
[3]"It's a beatup about a non-story." Slashdot Nerd, Slashdot, April 14th, 2008. http://yro.slashdot.org/comments.pl?sid=521210&cid=23060106
They ARE anyway, legal or not. So the sooner we simply all agree that employers have unrestricted rights to do whatever they like and it's patently clear, the better. We'll all know where we stand.
Note, I am an Estonian living in Tallinn.
I can't stand this idea on slashdot that it was a lone 20-year old. They only caught 1 guy. The whole thing did not originate from just 1 guy. If this had been the case he would have been thrown away in jail instead of being fined what I get paid each month which is just a slap on the wrist. Someone had to be held responsible and he was it. People, get your heads out of your ass and read about it. Really, you think that the people who blockaded the Estonian embassy in Moscow had no hand in the attacks? Nope, just 1 guy got pissed and launched the attack, that makes much more sense.
I worked in a big US corporation (900 employees at the location), 80,000 world-wide. I knew several people who ran part-time businesses while they were at work. They did taxes, sold avon, managed investments, or sold real estate. I went to other people when I needed something done. Funny thing is they never got fired. No one was ever fired for bitching about the company or other employees in emails. No one was ever fired for emailing racial slurs. The only people who got fired were those looking at porn. I believe that's why they want to monitor electronic communications. They want to stamp out porn.
If the email is being sent/received from a company computer, you bet they have the right! On our web based email, and IM client, when you log on, it states" "all information is being logged". This helps cut down on the BS
And, then the right for your employees to check up on YOU goes into effect as well. How do you like it, when the shoe's on the other foot? Or, does this interfere with your money laundering and "enron-like" scams?? Perhaps they ought to be able to read into your financials &/or accounting practices too eh, & know your bank account (offshore no doubt in Switzerland or the Kamen Islands) numbers also??? Yes, really.
An employee has a right of a certain privacy, but as employee you should also know that when the boss has a good reason, that privacy can and will be take away. It should not be done secretly either. Oh and to answer another poster: I don't care what an employee is doing on the toilet. But if they're going there every half hour or sitting there for twenty minutes at a time, I will be asking questions. Because that is not normal use of such a facility.
Some are recording everything you do, including decrypting your https secure sessions on the fly (yes, there is a means to do this). DVD backups will be used if they need to go after you. The good, is 'sound' individuals who police this, are usually reasonable, as they must also not disclose like management indescresions. Things like judges getting nailed for looking up porn, are quite rare.
However, one is confident that abuse of this is not too bad - issues like natural justice,
and choosing to pick on, or target one individual. In Europe, there is a data ombudsman who can confirm policy and process is correctish.
However trust employers? Ogre boss reading secretarys mail, or that cute new starter who is too quiet. Bosses should not be allowed to read mail , or email. There should be a go-between, who impartially does what needs to be done, to prevent potential or percieved conflict of interests.
At the very least, $100,000 fines should be introduced for employers who commit 'browsing' offences, and there should be a data ombudsman to catch sleezebag employers, who do the wrong thing.
Or at least admins have. If you send data over someone's network, from a trust calculus standpoint you should assume he or she reads it.
Wow, if only there were secure, free, and easy to install encryption suites that worked with many popular email clients!
All's true that is mistrusted
How is this different from wiretapping PABXs?"
Sure the telephone system also belongs "to the man", is primarily used for work, and "could" be used for "terrorism".
Oh, that's right - there's laws against illicit interception.
Same goes for email, where there is a presumption of privacy.
EOF
It amazes me that so many people conclude that because the company owns the computer and/or network, then they have the right to do anything with them. The atmosphere of Protestant work ethic is palpable! There are these little things called laws and ethics, not to mention human decency, that you seem to be forgetting. The company owns the toilets too, so do you conclude that they have the rights to install cameras there? Think about what you are saying.
If your packets are so damn "personal", why are you routing them unencrypted through your employer's network? Want to keep him from reading your gmail? There's a reason https was invented.
All's true that is mistrusted
Or is it only one way?
Fine. Do that work yourself. I'm off to make a different company money.
Your company only employs you because you make more in sales/efficiency than your salary. So they aren't doing YOU a favour. You're doing THEM a favour. After all, the manager produces no work so is only employed because there's someone to manage. The CEO doesn't do anything productive but gets much more pay because of all the people working for him. Without them, he'd be unemployed.
YOU do THEM a favour.
In USA, every thing on work PCs belongs to the company that owns the PC. Well, yes, in legalese. But in fact many employees are finding out about the web by exploring the browser and web link that is often available in their work area. In electronics, it's common for people to have a PC linked to the network in order that assemblers and technicians (test and repair of the product before shipping) can enter data using the serial number of the piece (often a bar-code).
In fact, I would say that this method is how the vast majority of adults get initial exposure to the internet in the USA. So during their coffee break, they explore the web. And like all adults learning new and important things, they will always overstep the boundaries set by lawyers (who are basically Puritans left over from the Salem Witch burning days on the 1680s.)
And if they are guys, then they will, yes, at least once, type some sexual reference into the Google search line to see what happens. Face it, you did too, while you were learning and you thought that no one was looking.
Well for this 'crime' the company lawyers insist that they have the right and obligation to destroy the life of the person that they manage to actually catch doing this. Or they warn the employees not to ever do things on the web under penalty of job loss. Which means that the older employees will never go on the web out of fear of being fired for something that they don't understand. This also means that you will never get these employees to use the PC voluntarily.
What the company is only worried about is being extorted by one of the several schemes used to defraud using the web. They don't really care about Inez in bench 7b of PCB stuffing has discovered that she can send an instant message to her sister is Guadalajara for free. But this is VERY big news to Inez. And the only way that she knows how to do it is through the PC at the end of the table in her workplace. And she is going to use it. She doesn't realize that everything most likely gets saved. It's a super telephone to her.
So even though the legal wording says that the work PC and all the things on it belongs to the company, in reality the situation is far more complicated. The company should realize that even though their lawyers tell them that they can do anything, it would be best to be very flexible about this.
There is a lot of sentiment to the contrary here, but the fact is in the US this is already legal and has been for some time. Two court cases settled the matter years ago. I'm not going to be able to cite the exact cases, but one was a woman who worked for Epson Computers in California who was fired for an inappropriate email. (I even forget the subject!) The other was in the Washington State civil service where the state snooped on emails and discovered union activities being coordinated on company time. The person was fired and the firing upheld. So the precedent is set in the US. It's over. The company has the right to monitor your emails; end of story.
I don't understand how employees can legitimately claim their 'rights are being violated' when they are caught using a company computer on company time for personal issues. You can't use a company car to go grocery shopping for your family. You can't use company time to go see a baseball game. You can't use the company printing press to print your own book to sell on the side. You can't use the company copier to print your 'church bulletin.' Why should you be able to do those things? You are stealing company resources, whether time, gasoline, or paper, for personal use. These activities do not enhance the bottom line and make productivity (namely, yours) suffer. Like it or not, a non-profitable company won't be keeping you around long. I do realize a non-profitable company is ALWAYS the result of mis-management. Employees are NEVER at fault, by definition. But still, every little bit helps.
Having said that, surfing on Slashdot on company time is perfectly legitimate. Once in awhile, believe it or not, you can actually learn somehing worthwhile that enhances your knowledge of IT and is of potential benefit to the company. Now back to work....
How about a moderation of -1 pedantic.
Its a good thing I protect the crap out of my workstation. I mean, I don't do anything illegal, the worst I do during the day is read slashdot, but I am in charge of IT and thus have rights and powers that nobody else in the office (except maybe the CEO) should have. My workstation is well defended from any employees (including the CEO) and for doing so they haven't fired m(#@%$G@#%JH@$^QM%G ahem, we're sorry, Mr. CompMD will be taking a lengthy vacation, can we help you?
The point is that anything related to national security should have an associated security clearance process. That if they don't turn up anything in that process where they have access to magnitudes of information what do they hope to find in some emails? That anyone intent on taking down infrastructure will not use corporate email and thus your best chance is via the established clearances process, not more legislation open to abuse. I'll make this even easier for you to understand Russell... ferret out threats via background checks pre employment, not through email post employment.
Users... the only thing keeping 1st level support from being the bottom feeders.
I agree, but this is an edge case.
For linux tips: http://www.linuxtipsblog.com
I work for a state government department, and while we are allowed to make limited use of the internet at work, that's like a maximum of $10 worth per month.
We're also repeatedly told that any and all use of the internet is monitored, by a general issue email sent to the entire staff.
This email alternates with the one that announces that viewing or accessing "inappropriate content" can be punishable by anything up to dismissal.
I've stopped being annoyed at either "warning", or complaining that some dope got caught looking at porn on his/her work computer AGAIN!.
Things like FaceBook or MySpace have been blocked, because youngsters were looking at their "personal" page all damn day, and would not listen
to Big Hints that they should restrain this particular impulse while at work.
I can only conclude that a lot of people have no internet connection at home, or no self control, so it's not a huge surprise that the bosses are looking.
Neither is it a huge surprise that there's something to look for. So, who gives a rodent's fundament if they're going to make a law about it?
Don't blame me, it's usually 2 in the morning when I post