Slashdot Mirror
Slack Now Letting Employers Tap Workers' Private Chats
itwbennett writes: Chat app maker Slack is hoping to make inroads in the enterprise with a new paid plan that will include an optional feature called Compliance Exports that will let administrators access their team's communications, encompassing public and private messages. The tool is far-reaching, potentially including the edit history for workers' messages as well as messages workers have marked for deletion, if the supervisor so desires.
Avenge Michael Brown with Workers Revolution! For Black Liberation Throught Socialist Revolution!!!! Down with the parasitical reign of the bourgeoisie!
UNITE with the Campaign for a Free Internet because today, our future begins with tomorrow!
Wouldn't "Work Hard" be a better name for your app?
it's a good idea to assume it's not private.
to still assume it's not private.
The only secure computer is one that is disconnected from the net, turned off, and cased in concrete and even then I wouldn't be sure.
I think if I were in Legal I'd nix this instantly as a discovery nightmare in the making. Employees start to say a lot of things, reconsider and rephrase or outright rewrite before sending the message. Often the message they didn't send is exactly the kind of thing the opponent in a lawsuit is looking for and exactly what you don't want to have to give them. If your compliance monitoring application will let you store and view those unsent, often inappropriate or ill-conceived, messages then you're going to have to cough them up during discovery or during any investigation by regulators. Worse, if any of them get out through other channels you've weakened your defense against a claim that you knew or ought to have known about them since they're in your compliance system. Better to only record the stuff that was actually sent and not have to explain your employees' private opinions.
As far as monitoring of sent messages goes, the first rule is "If you're on someone else's network, they can see everything you do.". Or, to quote Pitr, "God, root, what is difference?". If you're on the company network, don't say anything you don't want the company becoming aware of. If you need to express a private opinion without putting it on the record, do it face-to-face and verbally (especially if it involves an unflattering opinion of someone with the authority to get you fired).
From the article:
Slack is offering the feature to accommodate businesses that are required by law to have access to and store all employee communications, the company said in a blog post describing the feature.
Financial services and securities trading firms regulated under the Financial Industry Regulatory Authority are two examples. So too are companies that, due to litigation concerns, must store all employee communications, Slack says ...
The data collection does not happen automatically. There is a several-step process for team owners to request access, which includes sending a signed letter on company letterhead to Slack stating that the company's policies allow that kind of access. Each request is reviewed by Slack for approval, the company says.
Once granted, workers on the team are notified of the data access, which includes all messages from that point forward. The feature is not retroactive.
What, we don't think that Lync and everything else that offers a chat server in your own rack can't be configured to do this?
Hell, at my last office, they were feeding all our VoIP calls through this SIGINT app ; the only reason I found out was because I was copied in on ICT change reports for operational reasons and one of the changes was they moved the storage for the VoIP calls to another server.
Presume that you're being watched. You likely are, by someone.
Sounds like an interesting way to make employees pay for their own to be used during work hours and toss the company phone in a drawer. A very cunning way to save company mobile phone call costs and make the employees pay for them ;D.
Chaos - everything, everywhere, everywhen
Internet chat is a terrible hellscape and it's saddened me for almost two decades.
Unlike email and the web, the dominant systems for instant messaging have been proprietary forever. Sure, XMPP exists, but nobody uses it. There was a chance when Google Talk was using it, but ever since Google stopped federating, that's basically fucked.
Now we're seeing the slow death of IRC too at the hands of better but more proprietary user experiences being offered by Skype and Slack.
And it's easy to see why too. The proprietary chat tools out there like Slack are absolutely incredible user experiences.
If IRC and XMPP are ever going to be competitive with the new proprietary guys in town, it needs to get competitive on the usability front.
If we ever want to reclaim our freedom, we have to find a way to make XMPP is as usable as WhatsApp and IRC is as usable as Slack.
I don't really know how to do that. I wish I did. But I think the internet would benefit massively from it. Imagine if there were 5 different competing proprietary protocols for email or webpages? That's the world we live in now for internet chat. It doesn't have to be this way.
You're right, I wouldn't steal a car. But if it were possible, I sure as hell would download one!
The company hopes to attract more businesses with the optional feature
they seemed to have forgotten the part where the employee has choose to use it. i wouldnt be surprised if they lose all their users in a month's time to a similar application that isn't spyware.
Anons need not reply. Questions end with a question mark.
"They're going to 'allow' us? hahahaha!" said your network security guy while reading this story live from your browser via remote desktop while simultaneously capturing all of your http requests via packet capture at the firewall.
... not exploiting existing ones, at least not intentionally. This is a requirement for places like financial firms that have to show there was no insider trading going on, so phone calls and messaging systems have to have full logs. Every other system is simply banned for compliance. So if Slack wants to be used in those companies, they have to have this capability.
Seems like a story of company expansion more than privacy being exploited, but of course, like others say, if it's not on your computer, don't assume that it's private.
Your communications are being monitored at work. Never type anything into IM unless you have to, never log on to personal E-Mail from a work computer and for the love of God never log into your bank from there. And never log into work IM or Email from a personal computer.
I'm trying to teach myself to set people on fire with my mind... Is it hot in here?
Thsi will push people to have more face to face chats, and only post online politically correct chats.
Maybe this is not so bad.
my 2 cents
This is a
n/t
HBI's Law: Frequency of calling others Nazis is directly correlated with the likelihood of the accuser being Communist.
Don't forget that the want to charge employers for the 'service.' My bet is it a monthly 'subscription,' as opposed to a one time purchase.
There has been a lot of press about traders misbehaving. Normally all communications from the trading room is recorded: Voice and IM. The idea is that if some traders decide to cooperate to set a price that should be set by competition, it will become obvious later and the traders can be prosecuted. This has happened but it needs full logs. As for privacy, the usual rule is that you can make personal calls or messages but not at the trading desk.
See my journal, I write things there
They can already read your email. Besides you shouldn't be discussing anything non-professional on work networks anyways. And if you are on a office computer they could read your notepad.txt if they wanted.