Slashdot Mirror
Ask Slashdot: Privacy in the Workplace
redactor asks: "I work as a sysadmin for a rather large corporation. The Human Resources department has gone on a witch-hunt, and wants me to start scanning user's email for porn. I know there have been some legal battles with this in the past. The company policy is that all data on company computers is property of the company, NOT the user, but I personally value privacy, and am refusing to do this unless it means loosing my job. How have other sysadmins been handling this?" Actually, since it's the office network, I really don't believe it's a voilation of privacy (unless said privacy was explicitly given...most workplaces don't make this guarantee).
I think that there is a Law in France that forbids the employer to scan through personal mail be it snail- or e-mail.
If they do, they cannot use it as a proof for misconduct, they will be illegal and liable of Privacy Invasion and can be sued.
So come to France All!!!
If you're valued enough, and good enough at your job this is not a problem. SAGE (SysAdmin Guild), IIRC, has some articles on this and what it boils down to is: nobody is forcing you to do anything. Refusal to do this is defensible. This is a management issue, not a technical one. You are a technician, not a manager.
Don't preach, don't condescend, and don't moralize. Simply and quietly refuse to do it. By not making a big stink about it you cost no-one any face. The first, second or third sysadmin that refuses to do this will make them reconsider, and not even bring the topic up in the future. Sing the company song and in every other way be a team player, just quietly refuse to do this one thing.
PS: Make very sure your own house is clean before you attempt this. If they do find anything remotely questionable in your mailbox, you'll be out in a heartbeat--with good reason.
Get off my lawn.
Pornography is not a big time waister, a couple of peeks to make a employees day better is likely to help both him and the company in the long run. Plus people work faster and better if they can releave some sexual tension every now and then.
If your company has anybody remotely techie you should start checking for slashdot instead. It takes lots of time, but gives very little sexual pleasure (sorry people
The world needs to grow up...
-
The above act is Public Law 99-508. You can find more information at http://thomas.loc.gov/. The relevant portion of the abstract reads:
"Amends the Federal criminal code to extend the prohibition against the unauthorized interception of communications to specified types of electronic communications. Prohibits unauthorized access to an electronic communications system in order to obtain or alter information contained in such system."
If anything, you could take the position that intercepting e-mail would violate the above act. It might at least buy you some time while your employer grumbles about lawyers.
This message has been scanned for memes and dangerous content by MindScanner, and is believed to be unclean.
I was in a dispute with one of the bosses, and we're an extremely small company and I had been writing my parents requesting help on an issue. After the day of this 'dispute' I have lost all trust for my employer and employers as a whole. My primary boss wrote me an e-mail that included a portion of an e-mail that I had sent to my dad. After I saw this, I felt rather violated.. not only did he get into my mail but he showed me that he did. Since then, other than losing the trust I had for him, I never use my work e-mail account anymore except for work purposes.
Regarding your issue, I think you should just do as you're told as far as "looking for porn" but if you find any, notify/warn the employees involved in a subtle manner while telling your employer that you didn't find anything... unless someone has excessive porn that you find bothersome and necessary to notify your employer....
I would have expected to see a question like this directed to one of the sysadmin guilds you're probably a member of (what, you're not?). If you were a member of SAGE, you would be aware of the SAGE Code of Ethics. SAGE-AU has an equivalent code.
In the SAGE code it mentions:
So, the bottom line: What do your organisation's policies allow?The usual path for this sort of stuff is to get the managers in question to publish a policy (even if it's something as crappy as voicemail to all employees warning them of the policy and the consequences of breaching it). It often helps to provide a draft policy to get them started down a reasonable path.
Then your tasks are clearly defined. Without a published policy you and your managers are walking in a minefield.
Keep in mind that the published codes are there to protect you as much as anyone else. If a manager tries to force you to act against your principles you have a recourse. As a member of a guild you can point to the published code of ethics and say "sorry, I cannot do that". "And neither will any other ethical sysadmin".
Whatever you do, get your instructions from management in writing.
Posted by polar_bear:
Unfortunately, legally the company has the right to do that - and I can't say that I think that anyone really has the RIGHT to be downloading porn on company time, either. If they ask to scan for something like content of email or something, that's fairly repulsive - but if they're asking to do a general scan for jpegs and whatnot, then simply ask that you're allowed to do a warning first, then scan a week later. If it's the first time that the company has tried to enforce a policy it wouldn't hurt to simply re-announce the policy and tell people to expect it to be enforced soon.
It's one thing for a company to check if you're downloading porn or something like that vs. a company saying anyone who's ever used company email for private use is going to be fired, or scanning content of email for comments about the boss or something.
Zonker
Yes, companies can legally snoop all they want on their employees. They can also demand that everyone piss in a bottle once per day while the company doctor watches, sing the company song, etc. But only people with no talent or valuable skills should go along with such policies. In case you haven't noticed, we are currently in a sellers' market for technical talent.
If you are a sysadmin at a company that demands that you snoop through peoples' mail, and you feel that this violates your ethics, don't go along, and, if necessary, leave. Explain to your employer that, while you agree that it is legal, you feel that it is unethical and you will not participate.
The only reasons companies can force you to put up with this crap is because too many employees don't have any backbone. The reason for respecting employees' privacy is because it is the right thing to do. Exceptions should be made for people who aren't getting the job done.
Just scan HR's mailboxes, and carefully. Heck, put them on some porn spam lists and allow them to see the folly of their ways.
demi
The problem with this theory is that corporations have more rights than people.
If you want privacy go get a hotmail account
And that's not private either (egregious security holes aside), since it's the corporation's data pipe, so watch what you say, Ashley.
This kind of slave attitude is responsible for a long slow slide back into feudalism. "Hey, Lord Bumsenfock is all that stands between you and the Tartars, and this is his land, so actually he does have the right to steal your food, kill your son, and deflower your daughter." There is no logic and no honor in this.
Between bootlicking nonsense and creationism, I'm terrified of how Americans are rushing back to the dark ages.
Expanding a vast wasteland since 1996.
Here's the deal: Phone calls cannot be monitored because the phone line is considered a "common carrier" and thus not the property of the company. E-mail and files on your PC, on the other hand, are company property, so they are legally allowed to be searched. Having said that, the crux of the matter is - because a company CAN do it, doesn't mean it SHOULD. Many companies can legally set up cameras in rest rooms. Some do so(there was even a law suit, I think), but for obvious reasons, this is a despicable practice. Similarly, your manager can legally open all your drawers after you leave work, and shuffle through your papers to see if you have a copy of Playboy in there. But how many of you would want to work in a place like that? The bigger issue is this - what exactly does a company achieve by resorting to petty monitoring, other than ruining its own culture and terrifying its employees? Just imagine the massive amount of HR resources spent on this. If someone uses their company time to browse porn, it falls under the category of "Obvious No -No Activity". A company does not install cameras in the restroom to see if its employees are jacking off there. Nor does it hire Cubicle Inspectors to walk around peering over shoulders every 5 minutes to see if someone is working (though clueless managers perform this function adequately) . We rely on common sense and mutual trust in the work place to deal with these things. I am not sure why porn is any different. Obviously we don't try to monitor people who keep playboy (the paper variety) in their drawer. History-repeats-itself Dept: An old article in InfoWorld has a programmer relating a story of the old days when printers started becoming commonplace. Combined with FORTRAN, programmers actually started writing programs to print naked women on a *dot matrix* printer. (One can only imagine how desperate they must - if you've seen a dot matrix printout.) Managers promptly had meetings to resolve the "printer/FORTRAN misuse" issue. Well, it may seem laughable now, but remember - whenever a new technology comes along, this happens. Those who "get it" embrace the potential and use it in powerful and innovative ways. Those who don't get it crack down on those who do. For obvious reasons, HR people belong to the latter category. I'm surprised a Microsoft employee is in there too. ;) BTW, "vidi vici veni" is an ancient quip, kinda like the "what is mind, doesn't matter...." joke. Oh, one more note about the phone vs. email privacy. In some states, phone lines with *extensions* can be monitored legally by the employer, since they claim the extension and PBX equipment, etc., is the property of the company. This is a grey area and there have been lawsuits about this. I believe voice mail is totally the property of the company, legally speaking. Ultimately, privacy in the work place is a cultural issue. Any company which deals with sensitivity towards the employees is doing the right thing. Any company which pisses off 10000 people to find the 1 person who looks at porn, probably is out of touch with the way the world is moving. BTW, what is the policy at companies like Microsoft, IBM, Sun, Yahoo, etc? L.
Sorry, I totally disagree, not with the fact that the company owns it (to dispute that is idiocy) but that they *should* or its *right* to spy on their employees.
I read an article yesterday from the WSJ about the practices of Herb Kelleher the wacko CEO from Southwest Airlines. When asked why his company did so well (26 straight years of profitability) he said basically because all of their employees bust their ass at work. Why? Because they love their job. Why? 'Cause they don't have to be stuck up or put up with too much stupid bullshit and are allowed to act like people not drones. Have you ever had someone sing you the safety procedures like Elvis? I did, on Southwest, flying into Memphis.
With the way businesses have to move these days (Service, service, service, it's too easy to change providers) having happy, well-adjusted, comfortable employees is beyond measure. Having scared, paranoid (because they receive a diry joke on e-mail, god forbid), and boring employees leads to that type of company.
Basically my point is that employees are there to get their work done, beyond that stay off their case.
All of this is a big reason why I chose to start my career outside of the corporate environment. I like being told and telling off-color jokes, 'cause they are just that much funnier.
(BTW the notebook example was much more accurate than your handkerchief one)
+&x