Microsoft Lync Server Gathers Employee Data Just Like NSA

coondoggie writes "Microsoft's Lync communications platform gathers enough readily analyzable data to let corporations spy on their employees like the NSA can on U.S. citizens, and it's based on the same type of information — call details. At Microsoft's Lync 2014 conference, software developer Event Zero detailed just how easy it would be, for instance, to figure out who is dating whom within the company and pinpoint people looking for another job."

Can see how own network, messaging is being used!?

[raymorris]

I'm shocked and amazed. A company running their own messaging server on their own network can see how it's being used?!
Next you'll tell me that my company's email administrator can see email I send at work, through the server they administer.

Re:Can see how own network, messaging is being use

[TrollstonButterbeans]

This is why I prefer to do my job searches on a disliked co-workers computer.

Re:Assume all MS products are spying on you.

[dreamchaser]

People should assume that with any means of communication they use in the workplace. There is no guarantee and should be no expectation of privacy when using an employer's systems.

Re:lots of products already do this

[BitZtream]

ALL PBX type software does this.

Anyone who wants to be able to bill internally HAS to keep this metadata to do internal billing.

Its also something that has been collected for the entire 30 years I've dealt with phone systems, and its not like it was new when I first started in telephony.

You're pretty fucking stupid if this is news to you.

Re:And why should you expect anything different?

[Tom]

If you're instant messaging someone on the company's IM platform on the company's time why the fuck would you have any expectation of any sort of privacy?

Because you're a human being and don't leave your humanity at the door when you show up for work. Yeah, I know that is a strange concept for americans, but in many other parts of the world, it is very much still alive. Employees are also humans - wow, what a revelation.

Your expectation of privacy should certainly be different, but there's no sane reason it should automatically be zero.

Real-world example: In a company I worked for a few years ago I helped write the policy on this very topic. The final agreement was that the company could look into your e-mail and stuff, but only if they went to the workers council (elected representatives of the employees) and made their case. So if they suspected you of wrongdoing, or you were ill and had crazy important documents in your mail or personal folders, the company could look through it - in the presence of someone representing your interests.

The important difference is the same as in real-life criminal cases: With a system like this or the real world "must get a court order first" approach, you are innocent until proven guilty and it requires at least some reasonable suspicion before someone can breach your privacy. In a blanket surveilance environment, we're all guilty, period.