Slashdot Mirror
In Australia, Bosses May Get Power To Snoop On Emails
Numerous readers noted the proposal by the Australian government for legislation to allow employers to snoop on employees' email and IM conversations. This is being proposed in the name of protecting the infrastructure from terrorism. The attorney-general cited the Estonian cyber-attacks as a reason why such employer monitoring is necessary in Australia — never mind that the attacks were perpetrated by a lone 20-year-old and not by a foreign government or terrorist. The law permitting intelligence agencies to snoop on citizens without permission expires this June, leading to the government's urgency to extend and expand it. The chairman of Electronic Frontiers Australia said, "These new powers will facilitate fishing expeditions into employees' emails and computer use rather than being used to protect critical infrastructure. I'm talking about corporate eavesdropping and witch-hunts... If an employer wanted to [sack] someone, they could use these powers."
I had no idea it was illegal now! Here in the US it's like if you don't own the computer cuz it's a work computer and you're on the work's connection, they can spy on you all you want. It seems completely logical to me and not even really an invasion of privacy cuz you should be ohhhh you know, DOING WORK lol.
Google's Super Secret Search Algorithm: SELECT @search_results FROM internet WHERE @search_results = 'good'
Oh where can I find a place where my emails *won't* get snooped on?(barring of course, encryption).
'Number-memorizing Chinese people.'-Anon
can't you already do this in the states?
Who's going to be a terrorist? The little frontline technician who works on the phone all day? Or the guy who doesn't do any work and receives money from his relatives in a strange country who make money by making bombs? If your employer has any reason to snoop in on you, they shouldn't have hired you or they should ask you in person.
Please visit http://www.mederbil.com/ i7, GTX 275, 4 1TB Caviar Green in RAID 0+1 array, EVGA X58 3X SLI Board, Silver
If the company owns the machines and the network, then the company is able and allowed to watch everything you do - particularly if you signed an employment agreement consenting to it.
This is not news. Frankly sometimes I think privacy advocates overreact - and I think this is one of those times.
For linux tips: http://www.linuxtipsblog.com
2 words: use encryption.
Also in NZ. It makes complete sense! They have every right to see what is going on inside their own company, and what activity is going on inside their network.
Funny story - where I work there is a very liberal network use policy - you can use it how you like as long as your manager is happy with your work and you don't shut the network down.
Someone shut the network down, I think with a P2P site.
The network guys sit right next to me. They were having a great time tracking down the culprit. And even funnier is people were coming out of the woodwork saying "my bad!" when it wasn't even them!
But I was very much OK with that. That person was saturating the network connection and stopping real work from getting done.
For linux tips: http://www.linuxtipsblog.com
I guess this is the last time I'll be posting from my (Australian) work computer.
|>
Here be Dragons
Be that as it may, this has nothing to do with that.
For linux tips: http://www.linuxtipsblog.com
...the minimum is a police check to get a job. After that you have security clearances from Protected through to Top Secret and then breifings start eg. Alpha, Bravo etc. the higher level clearances pass through ASIO and they do background checks. If they didn't turn up anything about you being a terrorist going through the past 10+ years of your life, which you give them permission to do I don't know what they hope to find in your email. They look at club memberships, financial records, people you talk too and more. A dedicated, intelligent hacker is not going to try email a trojan and then give up, and you don't need to pour through emails to find binary attachments... and all this under a *labour* goverment! So much for the rights and protection of workers.
Users... the only thing keeping 1st level support from being the bottom feeders.
Huh? What does what you have to go through to get a security clearance have to do with employers snooping through work emails?
For linux tips: http://www.linuxtipsblog.com
This is nothing to do with Australian Government security checks of staff - it is a beat up over nothing. Private enterprise will now be covered by law when they scan employee emails to reject attachments. They won't need a signed statement showing consent, they can just do it to protect their networks.
When I worked for a federal government department, my emails were blocked if they had any attachments or if it looked like it was unsuitable for work or if it was flagged as spam or chain mail. All employers should be permitted to do this to protect their networks.
I wish privacy advocates hadn't jump on this like they have, but I imagine it is more to do with the way the media framed the question.
If you're using your employer's resources, they have the right to monitor anything on their systems that they damn well please.
What the heck would you expect?
If you're worried about it, don't use company resources for personal access. Is this really so hard to understand?
Sheesh. This liberal feeling of entitlement has gone way too far.
In reality, many employers don't care what you do, as long as it isn't illegal or interfering with the quality of work. However, they do retain the right to intervene if they feel it's necessary.
Bosses reading employees' emails will not "protect the nation's critical infrastructure from a cyber attack" instead it will make it easier. If an employee receives an email which is able to exploits a vulnerability if opened it would likely only infected. However if bosses are allowed to read employees' emails and does the bosses computer will become infected.
The proposed powers claimed to address the "growing threat to national security" rather attempt to protect businesses from having employees spend time on things not related to work and malpractices that employees may do. The powers do not address "threats to national security" and it is likely that any gains to business would be outweighed by making it easier to take over computers used for more important tasks within a company such as on a bosses' computer.
Its not so much the new rules that anger me, for employers have previously just asked you to sign an agreement giving them that right, its that way they are introduced as to "fight terrorism". If I was osama I would be laughing my head of every time a new law is introduced to fight terrorism. We are just handing them moral victory after victory and they are just sitting in a cave somewhere.
Control is an illusion, order our comforting lie. From chaos, through chaos, into chaos we fly
Are we talking about a government or the corporations?
If it's the government then they need to FUCK OFF. There is no reason for government mandated spying of corporate infrastructures. Period. If that is what is happening, then I can understand the uproar.
It it's the corporations, then everybody needs to calm down and put things in perspective. Corporations have EVERY right to watch what you do at work. It is not even "spying". If I hire somebody to fix my toilet, then although it may annoy them, I can hover around the door and watch what they do. No different then if you are a full time employee of a large corporation. The "Boss" can hang around you all he/she wants. They can also read all correspondence you create, before and after, you send it. Using the company car? They can watch where you are going. Using the company email server? Well they ARE the postmaster too. So on every level they have the right to read your emails. Talking to your wife from work? The Boss can listen in to see if it's naughty.
I know some people may want to draw a line with just how much they can be monitored while at work, but they have to at least understand that they are at WORK.
I thought Australia voted John Howard out of office last year?
Your employer may require you to consent to monitoring, but not your correspondents outside the company. If they discover that their email is being monitored, lawsuits might ensue. The proposed law seems to cover the employer's ass here.
Technology will overtake this. When everyone has an iPhone or like in their pocket, who is going to send potentially compromising emails through their employer?
let facts get in the way of a politician's perfectly good diatribe. After all, they know more then you do, thanks to the taps they are already monitoring.
"To those who are overly cautious, everything is impossible. "
Yes, yes. We switched from coke to pepsi.
On that note, most people are under the mistaken belief that Australia is under a democracy. Wrong. We are an Autocratic government.
Science advances one funeral at a time- Max Planck
Since Parliament is subject to the will of the people, you too can now read your MPs email. Demand that and see what they say ...
.. paranoid crackpot leftover from the days of Amiga.
in soviet russia, emails snoop on technically insensitive bosses!
Time to make sure my PGP certificate is still working ....
If a corporation wants to sack someone they will find reasons besides snooping on email or IM -- that's just another tool in the arsenal but won't change anything. Should an employer have the right to read employee's conversations? I say yes, but only if the conversation has occurred using the business infrastructure like business email, IM from inside the business, etc. To draw lines, all that stuff should be available to the employer and the employee should be aware and use restraint. If an employee wants privacy during work time they can easily set up a remote connection to a home computer and do all their personal communication from their home machine.
IANAL, but my understanding is that it is already legal for employers to monitor any and all use of employees emails, IM, etc. The company owns the computers so they can do what they want with them. There is no distinction between work-related and personal emails if they were sent or received using company resources.
The Attorney-General says otherwise which is a surprise to me, and also I'm sure to much of the business and legal community. The legal advice to several businesses I've worked at, is that they are well within rights to intercept employee emails.
Any Australian lawyers that can comment on this?
As a small business owner in Australia, I would like to make it clear that I would never read my employees' emails even if I thought they were stealing from me. I consider privacy invasion to be wrong, and as the phrase goes, two wrongs don't make a right. Invading privacy to stop them stealing is as wrong as breaking into their house to steal back whatever they took.
It is not possible for employees, in the modern day and age, to sterilise themselves personally when they walk into the workplace. They still have friends they talk to, they still have families they think about, they still have pressing non-work issues they need to deal with. Expecting this to all disappear at 9am and reappear at 5:30pm is unreasonable, and as a business owner, I don't expect it of my staff, even though (assuming it's even possible which it isn't) it may increase productivity.
If I have an issue with a staff member stealing or doing something else that breaks the boundaries or law or morality, I don't want to deal with that issue by breaking the boundaries of law or morality. I can and will intervene to protect my business, but only if I don't violate their rights in the process. I have yet (in 8 years) to come across a scenario where I was not able to protect myself and still follow this principle. I don't believe I ever will. This experience affirms my belief that one does NOT have to trade freedom and/or morality for security and/or order.
Sheesh. This feeling of "anything goes" in the pursuit of security and law and order has gone way too far.
I hate printers.
It's not about fighting terrorism. It never was. It's about power pooling into the hands of the few.
I hate printers.
Many companies are now blocking web-based email providers.
They usually block not only by known hostname or IP, there are some smart systems that can identify things like SquirrelMail. And an old favourite is also to block based on educated guesses, like "webmail.mydomain.com".
So the best way to get web-based email through is to run your own install, on a host/domain name that does not include "mail" and such. And use HTTPS, that way the proxy can't see you are using SquirrelMail or similar.
I agree. While I don't really think an employee has to be busy doing work for every minute of the work day, they really shouldn't be using company time and resources to be doing a whole lot of personal business, especially any of the kind that would get them fired or arrested. The occasional e-mail or the nightly call home to the kids are fine as far as I'm concerned, but there's a point when it's too much.
I don't get it--do you REALLY think UBL is cackling because bosses can read employee's emails now? I think the fact that that's how you are able to empathize with him and the al-Qaeda mindset is laughable, but in the end, very typical of many westerners.
Looks like there will be one positive thing to come of this: The number of "paranoid schizophrenia" diagnoses will sharply decrease, since it's not paranoia when you really are being watched.
Admit it. You post strawman arguments as AC so you get modded Insightful for refuting them, rather than Troll
It's quite common for employees to have no expectation of privacy regarding corporate communication. Perhaps things should change in the US as well...
LS
There is a fine line between being a cultivated citizen and being someone else's crop. - A. J. Patrick Liszkie
mail reads YOU!!
I am not a small business owner, but I work at a small business in the US, and I would just add that at my company, there's little to no privacy. There are only about 15 people, and if someone is out sick, on vacation, on a business trip, etc--someone else will read their email to see if there's anything that has to be replied to immediately.
This goes for the bosses computer+email too.
There have never been any problems that I've heard of--I mean the general standard is, if you're reading someones email and you see its personal, dont read it. Just look at the business email. Not always possible, but it hasn't been a problem in my experience.
I don't really think most people use their business addresses for personal email very often incidentally--everyone seems to use yahoo/gmail/whatever. (I know I do)
1) Grab a laptop, and a 3g modem and byo email/msn - work can't spy on what they can't see :)
2) It's ssl, use it.
3) Tunnel
Its not so much that he cares about civil liberties, champ (can I call you champ?) its that he is a terrorist, and his main job is screw with your head. When people are willing to be inconvenienced, champ, for the sake of protection from terrorism - he has succeeded for he has made an negative impact on your life. Now whether or not osama really knows or cares about this is largely irrelevant.
P.S. I'm not sure what sort of intellectual masturbation led you to assume I empathise with osama but rest assured that its wrong.
Control is an illusion, order our comforting lie. From chaos, through chaos, into chaos we fly
I say Mr Rudd might have been digging in his nose for dinner a little too deep and is now suffering brain damage...
First I rang my local member, who referred me to Julia Gillard's office (she made the original idiotic statements). Her office referred me to the Attorney-General's office, as that's where it's coming from.
The nice functionary I spoke to there said it's a media beatup. Under Australian law it's illegal to intercept the communications of a third party without a warrant. There was some wondering about whether passing emails through a virus scan qualified as warrantless interception.
Rather than going through some court case about to settle the matter, it was felt that it would be easier just to amend the Telecommunications Interception Act instead.
So that's it. There's actually no story here at all. Though it did provoke me to write an angry rant before I started doing what the journalists should have done in the first place - check the facts.
Classical Liberalism: All your base are belong to you.
Additionally, if acts that protect from terrorism WORK (and I'm not going to assume that they do...but let's just say if) then guess what--he's been stopped from doing what he's been trying to do (that is, terrorist actions). Now whether or not osama really knows or cares about this is largely irrelevant. The first thing you've said I agree with--it IS totally irrelevant! P.S. I'm not sure what sort of intellectual masturbation led you to assume I empathise with osama but rest assured that its wrong. Apologies if you're not a native English speaker and have misunderstood what I meant--I didn't mean to imply anything like you seem to think I did. The OED definition of empathy is "The power of projecting one's personality into (and so fully comprehending) the object of contemplation" and to empathize is to do this. In simpler terms, it's putting yourself in someone else's shoes, or seeing the world from their eyes.
So, when I said "I think the fact that that's how you are able to empathize with him" what was meant was that when you try to understand UBL's actions from his point of view, you get something totally off base which doesn't fit with anything UBL/AQ/any other Islamist terrorist group has ever said. Or, in my opinion, you've failed to understand his actions at all.
I think the word you thought I said was "sympathize"
> -- never mind that the attacks were perpetrated by a lone 20-year-old and not by a foreign government or terrorist.
:-) see this link: http://www.epl.ee/artikkel/392271
This quote is far from reality. The lone 20-year-old was the only one who got convicted, because he was the only russian caught who
lived in Estonia. Meanwhile the bulk of the attackers got away, because they live in Russia. And russia don't extradite their citizens (remember the Litvinenko case?). If you can read estonian,
A crude translation: On june 28th 2007, the reply from russian authorities denied all help to estonian government regarding the cyber-attack investigations.
...It's called, "I own the equipment and I'm paying for your time, so you have no expectation of privacy. Deal with it!"
Goofy, Geeky Gifts and More!
Wow... with so many experts commenting on the matter I'm sure my 2c aint going to count for much. Anyway, as someone who works for a managed services provider providing services to a Federal Government department in Australia I find the spectrum of comments rather amusing. Obviously few of the commentators on the subject actually work in government or big enterprise.
When you enter into an environment such as the one I manage you sign away your rights to privacy the second you accept the IT security policies that govern the particular workplace. Don't want to accept the IT security policy? Find somewhere else to work.
Everything you do on the infrastructure provided to you by your employer is owned by the employer. Sure, the IT policy generally includes allowances for the fact that people have a life outside work and need to be able to conduct some personal activities from their workplace however there should be no assumption of privacy.
I illustrate. Another Federal government department recently contacted ours over a potentially problematic email containing sexual content. We, as a Federal government agency, are required by law to investigate. We are not required to disclose the fact that we are doing this investigation. Should I be investigating you then you'd better hope it was a misunderstanding and that nothing incriminating is found in your mailbox because regardless of whether we find the item in question from that point on we are looking for a demonstrated course of action. i.e., does the person regularly conduct email activities that could result in a sexual harrassment case being built against them and in turn harming the reputation of the agency. Is that an invasion of privacy? Possibly.. if I was snooping into emails sent on infrastructure you owned, such as your webmail (which incidentally is also prohibited by policy and blocked by technological controls). Given that I have conducted my investigation on your government owned mailbox then sorry Jack, you have no expectation of privacy.
As for whether Americans have different rules, legislations etc is not the point. The law being discussed is relevant only to Australia, Australian work places and Australian laws. Frankly any attempt to dilute the argument by referencing what other nations do is completely irrelevant and totally pointless.
Do I agree with the proposals? Actually, yes I do. Given that my workplace already has such policies and the reasonableness of an employer being able to protect their property and infrastructure I don't see why this is an issue. If you don't like it, then don't do anything to warrant your activities being examined.
Do I think that some employers could abuse the ability? Sure, but what makes you think that such employers don't already do so without your knowledge?
"Oh yeah I am terrified of bot nets, the poor routers oh god won't some body think of the routers. Those terrorist have really scared me this time...lets read employees emails thats going to stop them!"
Lets face it thousands of employers around the world go through employee email all of the time this is nothing new the only difference is you can get the sack for having fun now.
Good way to get someone locked up or thrown in gaol, all you need to do is spoof some emails and boom instant terrorist.
Where I work they log everything, including IM conversations. Its actually kind of handy when something important is said in an IM conversation and you need to look it up (or as a boss if you want to see what your subordinates are talking about). The tool itself is just an SQL server that logs what you say character for character and does no post-formatting. That means if you stick HTML in your IM message it shows up that way on the page. One of my female coworkers thought they found a way around it by sticking secret messages in less-than and greater-than symbols. She demonstrated by sending a message with "hi" followed by her calling me gay as a secret message. She then refreshed the page to show me that the secret message wouldn't show up.
She put a space between the less-than sign and her first character, so the browser displayed everything.
Yes, exactly. I was one of the numerous readers who submitted this story, and my write-up focused on that point. So has most of everything I've seen about this. I couldn't wait until the "terrorism" thing got so far stretched that it was obviously stupid to anyone who cared to look; I think with this piece of news we've finally got there. Now hopefully people will start thinking about the link between terrorism and a proposed infringement on our rights --- not constitutional rights, because we, as Australians, have none. Just the rights we've always assumed we have.
Look out!
Dear Australian government,
Since you are so eager to protect your country from evil bearded terrorists, I would like to suggest some other sensible measures:
- employers can beat their employees with a stick whenever they do something suspicious ('suspicious' should be left vague)
- employers can impound the passports of foreign or poor employees and lock them up all day in overcrowded shacks with no airconditioning.
- employers can strip-search male AND female employees for dangerous substances that could be used for making bombs.
- employers can cut of the beards of their employees, especially when they have darker skin or look suspicious in any other way.
I am sure this will make your society more harmonious and safe.
Sorry if I was rude earlier, you turned out to be more reasonable than I had assumed.
1. I just like calling people champ - champ.
2. Yes and no, naturally he does have specific goals (I doubt anyone thinks he is a terrorist for fun) his way of achieving those is thru terrorism, which is to "inspire terror" in a population so as to achieve their aim - (this is where I get the notion that its a way of messing with your head).
3. I would disagree
4. Indeed, champ.
5. While I am not a native speaker, your wording to me implied the sympathise notion which is what led me to respond as such. This not being the case I apologise for misunderstanding you.
Control is an illusion, order our comforting lie. From chaos, through chaos, into chaos we fly
"Liberal"? Fuck off, troll.
SIERRA TANGO FOXTROT UNIFORM
1. Usually it's implied that if you're using someone else's network (ie that of an employer), they generally have the right to peer at what you're doing. At least, that's the general consensus among the /. crowd in the states.
2. The reason given sounds quite shoddy. Who launches terrorist attacks from a work computer?
Its a little different because im hourly, but the principal still applies. If im on the clock, thats their time, and vice versa, i'm a real bastard about it too.
I've been paged to the floor while on my lunch more than a few times, sometimes more than once durring my lunch break. I'm punched out for lunch (company policy) and required to take one (state law) i made my bosses fill out the apropriate paperwork for me to get paid for those interrupted lunch breaks every time. Although personally i'd rather not even take a lunch and not be stuck at work for an hour while not getting paid.
I dont even answer my phone on my days off if i see that its work. One time i was just getting in for the day and my boss said something like "Why didnt you answer your phone yesterday, we coulda really used you, so and so called in." I just laid into him, with the HR lady right there too, i was like
"My days off are MY time, if i dont show up for work on the days i AM scheduled then we have a problem, but i am not coming in other days unless you work something out with me ahead of time. I am NOT on call, and if you want me to be you're gonna have to pay me a salary, starting now."
They havnt called me on a day off since then.
"Sic Semper Tyrannosaurus Rex."
So what if you are at work and you log into your gmail or other 3rd party email? Should the bosses be able to read that too? People should use there work email for work and personal email for personal reasons.
I dunno. I believe that a happy employee is a better worker. And mutual respect is very important. But I guess this topic is about security and that is also very important. Where do you draw the line on security? Its just like the government. Is putting everyone in the world on total survailance the answer to fighting terrorism?
I guess these are the questions of todays age.
No it does not.
I like the following example.
Let's say you take a piece of paper and a pen from work home.
Using this, you write a letter to whomever.
Do you feel that your employer is allowed to read that letter?
I find not, do you argue, that it was not done during company time? There are many times during work that I think of non-related work items, or make a private call if necessary. I also do some research at home for work or have idea's that are work related.
There are 2 keywords here:
1) privacy: private matters should remain private
2) moderate use: you work at work and private matters you do in your private time, some times they mix up, but as long it's moderate there shouldn't be a problem.
That's not a very good analogy... it doesn't take place at work. It doesn't take place during work hours. Finally, you aren't asking your employer to deliver the communication for you.
A cat can't teach a dog to bark.
Same goes for a private phone call.
Yet it seems to be normal. There are a lot of valid reasons to make a private call during work.
By your reasoning it's also ok for the employer to check the text message on your mobile phone.
In the end it's all about trust, if your employer doesn't trust you, either you did something wrong or your employer is paranoid.
In that case, is it OK for your employer to open the letter and read it before it leaves the building?
"Empathise with stupidity, and you're halfway to thinking like an idiot." - Iain M. Banks
thank you!
you are a shining light here on slashdot.
"It's such a fine line between stupid and clever" -- David St. Hubbins, Spinal Tap
Exactly - this is why we need a legislative charter of rights!
It's always been legal for companies in Australia to read their employees email. The techs do it as a matter of course as part of making sure their email servers are working correctly. And most? companies do backups and virus scans these days.
I know of several employees that a company wanted to sack - and sending sexist jokes became the convenient easy to prove excuse. It does help if there is an employee policy that states that the Company owns all the material created on their computers and may read any emails or all of them when ever they want. I know of a few companies/government that filter dirty words out - sometimes with strange consequences like when you're trying to buy a female dog or eradicate prickly pear.
-- it must be true, it's on the internet.
Um ...
... moderate use.
;)
There are 2 keywords here: privacy
I know there's a joke in here somewhere, but I haven't had coffee yet
Bark less. Wag more.
I work two jobs with two email addresses, and also have my own mailserver plus another email address from my ISP. I would never send personal information from either of my work email addresses. The same would go for a phone conversation, I don't use the work phones to make personal phonecalls of a private nature. I may call during my lunch break to arrange a plumber's appointment etc, but never anything "private".
Using resources of your employer, provided for the purpose of getting your job done, for private personal things is just a bad idea all around. Just because your phone or email at home is private does not mean anyone's phone or anyone's email is private for YOU.
It unfortunately comes as a surprise to me that there are many that believe to the contrary, from both sides of the fence. We're always reading about someone that got busted doing something patently stupid, like making a drug deal over the company phone, or conducting for corporate espionage over the company email.
But then recently I was surprised that when an employee left, the owner did not want us to forward her email to her replacement, because it may contain personal information. That totally took me by surprise, as I thought that any employer would see no expectation of privacy in the company email.
I dunno. To me these things seem like common sense, but you know how that goes. That reminds me of the story of the interviewee that took a personal call on his cell phone during a job interview, and asked the interviewer to leave the room to give him some privacy on his call. For things like that I have to ask, "What do you think you're there for? For your employer, or for yourself?"
I suppose now there will be someone complaining, "But I don't have my own email address." Just because you don't have any means of privacy arranged for yourself does not mean you can just declare privacy anywhere else you find convenient. That's like trying to change clothes in the middle of a public park, and expecting everyone to "look the other way" for you. It's not the world's obligation to provide you with privacy, take ownership of yourself.
I work for the Department of Redundancy Department.
Dear CEO,
Are you going to take that bribe I offered you, or what?
The Extortionist
I believe these things invalidate your comparison of Eyebrows & TinTin to Pepsi & Coke. On the scale of carbonated drinks, Mr Rudd rates at least a Fanta, or possible a Red Creaming Soda (with ice cream in it), in his difference to Mr Howard (Coca Cola).
Yours sincerely,
Summer Glau.
[1]"Rudd says sorry", Dylan Welch, Sydney Morning Herald February 13, 2008 http://www.smh.com.au/news/national/rudd-says-sorry/2008/02/13/1202760342960.html
[2]"Australian federal election, 2007." Wikipedia, The Free Encyclopedia. 9 Apr 2008, 01:16 UTC. Wikimedia Foundation, Inc. 14 Apr 2008 http://en.wikipedia.org/w/index.php?title=Australian_federal_election%2C_2007&oldid=204352606.
[3]"It's a beatup about a non-story." Slashdot Nerd, Slashdot, April 14th, 2008. http://yro.slashdot.org/comments.pl?sid=521210&cid=23060106
They ARE anyway, legal or not. So the sooner we simply all agree that employers have unrestricted rights to do whatever they like and it's patently clear, the better. We'll all know where we stand.
I personally never use company email or phones for personal business. Many companies claim that using their free company phones for personal use is OK, but they have a disclaimer on these phones that their conversations will be monitored. Why somebody would want to know that I'm calling my girlfriend to pick me up I do not know, nor do I really care; I just use the public pay phones instead because my privacy is more important then giving some HR person the satisfaction of listening in on my phone calls.
I suppose company's may be concerned that employee's may be "abusing" their privileges (waisting too much time on personal matters), but that is really a sorry excuse. If HR or any supervisor does not notice a lack of productivity coming from an employee, then these supervisors and bean-counters are not doing their job. Monitoring email to gage productivity is a round-about and inefficient way of doing one's supervising. It is also morally dubious. Yes company's may have the right to be morally dubious, but that doesn't mean they should. I question the efficiency and morality of these practices.
I do however like the more open approach of your company (where it seems that just about anybody can read anybody else's email), it sounds rather Stallman-like (as in RSM) in the sense that he was against password protecting accounts, etc.
If the email is being sent/received from a company computer, you bet they have the right! On our web based email, and IM client, when you log on, it states" "all information is being logged". This helps cut down on the BS
An employee has a right of a certain privacy, but as employee you should also know that when the boss has a good reason, that privacy can and will be take away. It should not be done secretly either. Oh and to answer another poster: I don't care what an employee is doing on the toilet. But if they're going there every half hour or sitting there for twenty minutes at a time, I will be asking questions. Because that is not normal use of such a facility.
My employer has explicitly reserved the right to monitor all emails and all web access. All computers have LanDesk suite (PDF), which inventories and reports on all software installed on a pc, and allows remote admins to monitor and control a pc. Of course they also install anti-virus software, and have extremely restrictive firewall settings, and a web-page net-nanny to let you know when you've clicked on an innocent-looking Google link to a prohibited site, like this one (insecure.org - home of NMAP).
They're trying to protect the company assets from unauthorized, illegal, or inappropriate use, and thereby keep the company out of court.
The Russians have won. They have made the world a cesspool of distrust, greed, fear and hate.
Or at least admins have. If you send data over someone's network, from a trust calculus standpoint you should assume he or she reads it.
Wow, if only there were secure, free, and easy to install encryption suites that worked with many popular email clients!
All's true that is mistrusted
How is this different from wiretapping PABXs?"
Sure the telephone system also belongs "to the man", is primarily used for work, and "could" be used for "terrorism".
Oh, that's right - there's laws against illicit interception.
Same goes for email, where there is a presumption of privacy.
EOF
It amazes me that so many people conclude that because the company owns the computer and/or network, then they have the right to do anything with them. The atmosphere of Protestant work ethic is palpable! There are these little things called laws and ethics, not to mention human decency, that you seem to be forgetting. The company owns the toilets too, so do you conclude that they have the rights to install cameras there? Think about what you are saying.
If your packets are so damn "personal", why are you routing them unencrypted through your employer's network? Want to keep him from reading your gmail? There's a reason https was invented.
All's true that is mistrusted
AFAIK it's perfectly legal in the US as long as there's a login banner that mentions consent to monitoring. This Yoyodyne computer is for authorized users only. By accessing this system, you are consenting to complete monitoring with no expectation of privacy. Unauthorized access or use may subject you to disciplinary action and criminal prosecution.
Why do you feel that OBL deserves any more credibility than any other politician/cult of personality?
I mean, this IS a guy who has repeatedly worked WITH and even FOR the interests of the USA, whose people were trained on our dime and by our people. Actually, his whole organization was funded by supposed anti-drug money brokered by the Bush family.
Look how quick they killed Saddam, he had some truly cogent views even if he was responsible for attempted genocide, and they killed him as quick as they could and made him look like crap in order to discredit his ideas - because he really did have a lot of honest, true things to say about what is wrong with the USA. The real reason Bush cares about OBL is that his family has been doing business with them for years and letting that information out isn't part of the plan.
"You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
As a person who consults with his small business customers almost daily, I can tell you that you are wrong.
I can cite examples from almost every organization i deal with where employess are using their CORPORATE email accounts for personal use.
From the secretary who gets weather alerts and school closing delays sent to her email so she can go get little johnny from school, to the president who gets his travel updates and stock tips hourly, it happens.
And it happens a LOT.
What if an employee could produce more output, but isn't? Presumably, if I'm hiring someone, I'm not hiring them for their "B" game.
I do however like the more open approach of your company (where it seems that just about anybody can read anybody else's email), it sounds rather Stallman-like (as in RSM) in the sense that he was against password protecting accounts, etc.Against password protecting accounts? What does he plan to use, skeleton keys?
"You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
In USA, every thing on work PCs belongs to the company that owns the PC. Well, yes, in legalese. But in fact many employees are finding out about the web by exploring the browser and web link that is often available in their work area. In electronics, it's common for people to have a PC linked to the network in order that assemblers and technicians (test and repair of the product before shipping) can enter data using the serial number of the piece (often a bar-code).
In fact, I would say that this method is how the vast majority of adults get initial exposure to the internet in the USA. So during their coffee break, they explore the web. And like all adults learning new and important things, they will always overstep the boundaries set by lawyers (who are basically Puritans left over from the Salem Witch burning days on the 1680s.)
And if they are guys, then they will, yes, at least once, type some sexual reference into the Google search line to see what happens. Face it, you did too, while you were learning and you thought that no one was looking.
Well for this 'crime' the company lawyers insist that they have the right and obligation to destroy the life of the person that they manage to actually catch doing this. Or they warn the employees not to ever do things on the web under penalty of job loss. Which means that the older employees will never go on the web out of fear of being fired for something that they don't understand. This also means that you will never get these employees to use the PC voluntarily.
What the company is only worried about is being extorted by one of the several schemes used to defraud using the web. They don't really care about Inez in bench 7b of PCB stuffing has discovered that she can send an instant message to her sister is Guadalajara for free. But this is VERY big news to Inez. And the only way that she knows how to do it is through the PC at the end of the table in her workplace. And she is going to use it. She doesn't realize that everything most likely gets saved. It's a super telephone to her.
So even though the legal wording says that the work PC and all the things on it belongs to the company, in reality the situation is far more complicated. The company should realize that even though their lawyers tell them that they can do anything, it would be best to be very flexible about this.
UBL fought the Russians in Afghanistan as a mujahideen. At that time, the interests of the mujahideen and America coincided. We sent them weapons. After Afghanistan, UBL was ambivalent about America, and it was the entrance of Western (specifically American) troops into the Arabian peninsula the sealed the deal making him target us as a prime enemy of Islam. Your claims that he worked "WITH" or "FOR" the US are not in the slightest accurate. Please detail how the Bush family single-handedly funded al-Qaeda. Look how quick they killed Saddam, he had some truly cogent views even if he was responsible for attempted genocide, and they killed him as quick as they could and made him look like crap in order to discredit his ideas - because he really did have a lot of honest, true things to say about what is wrong with the USA. The real reason Bush cares about OBL is that his family has been doing business with them for years and letting that information out isn't part of the plan. Ah yes, the ever conspiratorial they. In answer to your question of how quickly he was killed, Saddam was captured in December of 2003. He was executed--after a public trial--THREE YEARS later. Wow, that conspiratorial they really rushed him to his grave!
The GP mistakenly thought I was claiming he sympathized with UBL--I wasn't. You on the otherhand do seem sympathetic towards Saddam? They "made him look like crap." He was just a dissident with a lot of "honest, true things to say about what is wrong with the USA" even if he was SLIGHTLY responsible for "attempted genocide."
Seriously, what a joke. Saddam was a dictator--a GENOCIDAL dictator who killed millions of his own citizens and started two major wars in which millions more died.
He wasn't executed by the Iraqi Government because he had some hurtful things to say about the US, he was executed because he was a murderous tyrant.
At this point it's barely worth talking to you, but please, if you can actually muster it together, explain how the REAL reason (ignoring oh, the embassy attacks, 90s WTC attack, 9/11 WTC/pentagon attack, and the USS Cole) Bush cares about UBL is
Sigh.
(Note, not saying I agree at all or advocate this!)
The last job I quit my manager took me out to lunch (a rarity indeed!), and I explained to him that people are not inherently lazy (as he seemed to believe). People want to succeed; they just need the Leadership. Their is no Leadership in spying on your employees; their is just cynicism in this behaviour.
In regards to the RSM comment: Against password protecting accounts? What does he plan to use, skeleton keys? He found it very cynical that people would lockout others from their accounts, and so he showed that he could crack them. The idea being that people (in a close-knit university environment at least) should be open and should not have anything to hide; and so I apply this example to the business world.
I think you get my point, but it's not so much an issue as "Information wants to be free", as it is an issue with openness and trust, especially with people that you work most intimately with. Granted I am talking about an ideal which may not always be practical.
Best regards,
UTW
...the secretary who gets weather alerts and school closing delays sent to her email so she can go get little johnny from school Again, how many hours a day does she spend reading whether reports, and how significant is this? In this regard I think a lot of companies would probably encourage this type of behaviour because it shows a concern for one's children. Some companies do understand that people have lives outside of work, and they try to accommodate. The problem is that many people (still) seem to think that you should disregard your families and treat your job as an all-encompassing religion.There is a lot of sentiment to the contrary here, but the fact is in the US this is already legal and has been for some time. Two court cases settled the matter years ago. I'm not going to be able to cite the exact cases, but one was a woman who worked for Epson Computers in California who was fired for an inappropriate email. (I even forget the subject!) The other was in the Washington State civil service where the state snooped on emails and discovered union activities being coordinated on company time. The person was fired and the firing upheld. So the precedent is set in the US. It's over. The company has the right to monitor your emails; end of story.
I don't understand how employees can legitimately claim their 'rights are being violated' when they are caught using a company computer on company time for personal issues. You can't use a company car to go grocery shopping for your family. You can't use company time to go see a baseball game. You can't use the company printing press to print your own book to sell on the side. You can't use the company copier to print your 'church bulletin.' Why should you be able to do those things? You are stealing company resources, whether time, gasoline, or paper, for personal use. These activities do not enhance the bottom line and make productivity (namely, yours) suffer. Like it or not, a non-profitable company won't be keeping you around long. I do realize a non-profitable company is ALWAYS the result of mis-management. Employees are NEVER at fault, by definition. But still, every little bit helps.
Having said that, surfing on Slashdot on company time is perfectly legitimate. Once in awhile, believe it or not, you can actually learn somehing worthwhile that enhances your knowledge of IT and is of potential benefit to the company. Now back to work....
How about a moderation of -1 pedantic.
Sure, I agree with all of that. At the same time, a certain class of talented employee will fuck off given too much of a chance. And while I do speak from personal example :) it's not just me; this attitude is pretty common among us geeks who have a ton of projects we can be working on anyway. I mean, who here doesn't have a ton of projects already started and a ton of projects they'd like to start? And what better way to start them than to get paid for it? :)
The last job I quit my manager took me out to lunch (a rarity indeed!), and I explained to him that people are not inherently lazy (as he seemed to believe). People want to succeed; they just need the Leadership. Their is no Leadership in spying on your employees; their is just cynicism in this behaviour.I think it's a "last refuge" sort of situation, but I don't think it's wrong.
I agree that people are generally not inherently lazy and if you "manage" them properly (which is to say, give them what they need to work, including motivation) then they will generally work.
The idea being that people (in a close-knit university environment at least) should be open and should not have anything to hide; and so I apply this example to the business world.It's a nice idea, but in reality people will try to take advantage of other people and you need privacy in order to protect any of your other rights. Even here in the US the constitution is considered to imply the right to privacy because all of the other rights are impossible to exercise meaningfully without it.
For this reason it is critical to only spy people when it is absolutely necessary. It must be better than the alternative! But I maintain that the employer has the right to do so. One possible corollary is that top-down businesses are basically inequitable and that everyone's goal should be to work for a cooperative (or "solo" though no man and no company is an island unto itself) enterprise, democratic in nature, in which such things are unnecessary because they are based on valid personal and professional relationships, but it doesn't change my feelings about the rights of an employer with whom you have entered into an agreement with about terms of employment.
With that said, I firmly believe in the employee's right to dick around an employer who is trying to fuck them over. But I also think that is also counterproductive in the long term; it makes far more sense to simply seek more gainful employment, which is a far more beneficial use of time and energy. By the same token, I agree that the employer's effort would better be spent fostering a positive work environment that is naturally conducive to successfully meeting the goals of the business.
"You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
I think in general (with this opinion and others, we have very similar views.) As I've already told Moridineas; I think you get my point, but it's not so much an issue as "Information wants to be free", as it is an issue with openness and trust, especially with people that you work most intimately with. Granted I am talking about an ideal which may not always be practical. In this regard, ideals may not always be practical, but they are always something (for me at least) to strive towards.
Best regards,
UTW
Its a good thing I protect the crap out of my workstation. I mean, I don't do anything illegal, the worst I do during the day is read slashdot, but I am in charge of IT and thus have rights and powers that nobody else in the office (except maybe the CEO) should have. My workstation is well defended from any employees (including the CEO) and for doing so they haven't fired m(#@%$G@#%JH@$^QM%G ahem, we're sorry, Mr. CompMD will be taking a lengthy vacation, can we help you?
Which is why there are cameras in the toilets, of course.
Athy, athier, athiest.
You are still hung up on the notion of what osama really believes, which in a previous post we have both ruled out as irrelevant. Every time you are delayed at the airport because of security concerns, every civil liberty you lose (and I'm not saying that is is a case of that for reasons I mentioned earlier), every security upgrade that costs the taxpayer is a victory for the terrorists. And unlike the downed buildings these are victories that we are handing to them. We are exaggerating their capability needlessly. If I was osama these are the victories I would be celebrating.
Control is an illusion, order our comforting lie. From chaos, through chaos, into chaos we fly
I also, again, disagree wholeheartedly with everything you say in the rest of your post. You're not Osama, and you don't understand his motivations or wants in the slightest (nor have you been able to demonstrate one _single_ piece of evidence to back up your viewpoints), ergo, your statement that "these are the victories I would be celebrating" is just as irrelevant!
Maybe I should attempt to coin a new Godwin's law--the first time someone claims that "this is what the terrorists want!" breaks the rule
Anyway, at this point we're just talking past each other, but, cheers!
Osama is just an invention of the CIA. Oops, have to run, the giant balloon is after me again.
Yes, its likely we are.
When you quoted what you agreed with you forgot to add the "and cares" which was part of the original statement you agreed with.
Now nowhere am I saying that this is what osama actually believes or is trying to achive (that is the "and cares" part), that is why I always say if I was osama. Hence your request for evidence confuses me? What am I trying to prove? That security is expensive?
Control is an illusion, order our comforting lie. From chaos, through chaos, into chaos we fly
The point is that anything related to national security should have an associated security clearance process. That if they don't turn up anything in that process where they have access to magnitudes of information what do they hope to find in some emails? That anyone intent on taking down infrastructure will not use corporate email and thus your best chance is via the established clearances process, not more legislation open to abuse. I'll make this even easier for you to understand Russell... ferret out threats via background checks pre employment, not through email post employment.
Users... the only thing keeping 1st level support from being the bottom feeders.
I agree, but this is an edge case.
For linux tips: http://www.linuxtipsblog.com
An employer has the right to monitor the infrastructure under their control, no one can argue this point but and employer also has obligations to the people they employ (eg. safe working conditions, wages paid on time and so on), one of these obligations should be the right to privacy under normal conditions (abnormal contritions are you are unreachable, have left the company or there is proof of wrong doing committed).
As an admin is a small Australian IT business I will not comply with the instuction to look at another persons email without that the other person being present unless sufficent evidence of their wrong doing was already established at which point I would still insist this person was notified of my actions (they can fire me for not complying if they don't like it, I can always go back to bricklaying at $1 a brick). I'm thinking more along the lines of an employee who has committed fraud or corporate espionage which are far more likely than the extremely small risk of terrorism.
I have twice been asked to look at another users mail box, the first time was an employee who recently left (amicably, for a better job) and I was asked to look for a job related email from a client. the second time was when a user was overseas and couldn't be reached (once again looking for a client email only sent to this person). I did notify this person by SMS and accessed their mail by changing their password and logging in normally as opposed to actually snooping.
Calling someone a "hater" only means you can not rationally rebut their argument.
I don't need your fascist support of my rights, I'm quite capable of looking out for myself.
I don't, and never will, spy on my employees, no matter how much you try to convince me that it's in my interests.
I trust my staff to look after my interests, because they know that I look after theirs. I help them when they need advances or loans, and pay them well in general. If they don't reciprocate, I show them the door. I don't need to spy or engage in odious practices to take care of my rights, the usual rules of civilised people work just fine.
If my staff are looking for other work, then I have a staff relations problem that reading their email will not solve. If they are wasting time, then their KPIs will show it, and I'll deal with it as a performance issue.
If they are selling what they need to sell, performing the duties they need to perform and reporting to me the things they need to report, then frankly, they can spend their spare time shagging Facebook freaks in the stock room for all I care.
I hate printers.
I think you don't understand the "two wrongs" phrase.
Entering someone's house without their permission and taking something, even if that thing is yours and you don't damage anything else, is wrong. It is an unauthorised exercise of force (property acquisition against the will of the possessor despite them not being the owner) that may work in the single case scenario, but the reason civil institutions exist is to arbiter these disputes. The net effect of everyone taking the law into their hands this way would be an escalation of force exerted. You'd take my widget, I'd come back with a friend and take it back, you'd come back with three to take it back back, I'd come back with a gun and take it back back back and so on as society descends into anarchy.
In a civilised society, whoever possessed property can only be forced to give it up by the authority, if somebody else is the owner, the authority must be the one to collect it by force if necessary. Not Joe Schome with his baseball bat.
I think your parking ticket analogy is bizarre. Please explain it, as I just don't get it.
I am not requiring the victim to leave their property with the thief, I'm saying the victim should call the appropriate authority for assistance in recovering whatever item was stolen.
I hate printers.
So I take it as when you say something like "I bet UBL is cackling about western civil liberties allegedly being eroded!" I'm saying that doesn't make any sense. YOU might be cackling if YOU were the head of a terrorist organization, but UBL almost certainly is not!
I work for a state government department, and while we are allowed to make limited use of the internet at work, that's like a maximum of $10 worth per month.
We're also repeatedly told that any and all use of the internet is monitored, by a general issue email sent to the entire staff.
This email alternates with the one that announces that viewing or accessing "inappropriate content" can be punishable by anything up to dismissal.
I've stopped being annoyed at either "warning", or complaining that some dope got caught looking at porn on his/her work computer AGAIN!.
Things like FaceBook or MySpace have been blocked, because youngsters were looking at their "personal" page all damn day, and would not listen
to Big Hints that they should restrain this particular impulse while at work.
I can only conclude that a lot of people have no internet connection at home, or no self control, so it's not a huge surprise that the bosses are looking.
Neither is it a huge surprise that there's something to look for. So, who gives a rodent's fundament if they're going to make a law about it?
Don't blame me, it's usually 2 in the morning when I post
Ok but now with your last point you are putting words in my mouth. I _am_ saying that if I was osama I would be laughing, I _am_ not saying that osama is actually laughing. I never said I bet osama is laughing.
I don't agree with you that its irrelevant. Just because osama doesn't care that we are shooting ourselves in the foot, doesn't make it any less painful.
And thank you as well for a civil conversation.
Control is an illusion, order our comforting lie. From chaos, through chaos, into chaos we fly
Ha ha. I love how you associate the country with the highest prison population in the western world, that is rapidly turning into the first western police state, with Freedom.
The cheese stands alone...