In Australia, Bosses May Get Power To Snoop On Emails

Numerous readers noted the proposal by the Australian government for legislation to allow employers to snoop on employees' email and IM conversations. This is being proposed in the name of protecting the infrastructure from terrorism. The attorney-general cited the Estonian cyber-attacks as a reason why such employer monitoring is necessary in Australia — never mind that the attacks were perpetrated by a lone 20-year-old and not by a foreign government or terrorist. The law permitting intelligence agencies to snoop on citizens without permission expires this June, leading to the government's urgency to extend and expand it. The chairman of Electronic Frontiers Australia said, "These new powers will facilitate fishing expeditions into employees' emails and computer use rather than being used to protect critical infrastructure. I'm talking about corporate eavesdropping and witch-hunts... If an employer wanted to [sack] someone, they could use these powers."

really?

[ILuvRamen (1026668)]

I had no idea it was illegal now! Here in the US it's like if you don't own the computer cuz it's a work computer and you're on the work's connection, they can spy on you all you want. It seems completely logical to me and not even really an invasion of privacy cuz you should be ohhhh you know, DOING WORK lol.

Re:

[JustShootMe (122551)]

To me, this is just another manifestation of peoples' sense of entitlement.

Re:really?

[QuantumG (50515)]

uz you should be ohhhh you know, DOING WORK lol.

Talking to your union rep is doing work.

Re:really?

[JustShootMe (122551)]

Then don't do it on company resources.

In that situation, you should consider anything the company owns as being enemy territory - and consider it the same as talking to your union rep while the boss is in the room. Find some other way. There are plenty. Maybe take your laptop to a starbucks and send an email there.

Re:

[Falladir (1026636)]

you should consider anything the company owns as being enemy territory

That sounds like a crappy life. ...wait...actually, I already operate like that. But the enemy doesn't have the resources to surveil me. Hmmm.

Re:really?

[QuantumG (50515)]

You have a right to talk to your union rep on company resources... in many companies the union rep is paid by the company.

Not everything in the world is the same as it is in the USA, kids.

Re:really?

[QuantumG (50515)]

Which is why employers shouldn't be permitted to read employee email.

Thanks for catching up with the rest of us.

Re:really?

[JustShootMe (122551)]

No, which is why you shouldn't send sensitive personal emails over a corporate network.

Thanks for being condescending.

Re:

[rtb61 (674572)]

The reason why employers are entitled to read employees email sent from the employers email server with the employers email address is because the employer is legally liable for the contents of the email. The employee as far as any receiver of the email is concerned sent that email of behalf of employer and the contents of that email reflect the intents of the employer.

To avoid hassles, I simply opened up the email log file to all employees, so that any employee could peruse any other employees email, no

Re:really?

[wvmarle (1070040)]

As an employer actually I consider it a right to know what my employees are doing. When using company resources (telephone, e-mail, Internet, whatever) then of course an employee has a right to use it for personal matters, but that should be limited to the necessary.
For example, if they have to call their bank, then it always always must be done during office hours. But calling their lover that can be done after office hours.
For e-mail: most people these days have an e-mail address already. Personal things they should send using that e-mail address. Work things are for the company provided address.
It would be scary for me to not be allowed to check on my employees, to see that they are doing what they are paid for. Scary to be never allowed to read their e-mails, when I deem necessary (hasn't happened yet but it's possible) - the most likely situation for me would occur when a customer says "I sent that to this employee", who happens to be on vacation then, upon which I'd start looking through their company mail box.
An employee should know that this is company resource, and the company also should have a right to check/limit the usage.

Re:

[coaxial (28297)]

It would also be scary if you couldn't listen into their phone calls. But alas, that's already illegal. Why? The telephone privacy laws were passed in a much simpler time, when employees were viewed as people and partners, rather than "human resources."

Re:

[Architect_sasyr (938685)]

Ok as an Australian SysAdmin and after discussing this with a few of my Sydney based counter-parts today we've come to the following couple of points:

1. A phone conversation may not be monitored or recorded without prior consent from both parties. This is exemplified in calling the local telco and being told that our calls may be recorded for training purposes (my ass) and if you don't like it tell them so
2. Web traffic log generation is covered by the usage policy on the network. Providing they've signed

Eh.

[JustShootMe (122551)]

If the company owns the machines and the network, then the company is able and allowed to watch everything you do - particularly if you signed an employment agreement consenting to it.

This is not news. Frankly sometimes I think privacy advocates overreact - and I think this is one of those times.

Farewell, 9-5 Slashdot...

[Thornae (53316)]

I guess this is the last time I'll be posting from my (Australian) work computer.

It's a beatup about a non-story.

[Jacques Chester (151652)]

First I rang my local member, who referred me to Julia Gillard's office (she made the original idiotic statements). Her office referred me to the Attorney-General's office, as that's where it's coming from.

The nice functionary I spoke to there said it's a media beatup. Under Australian law it's illegal to intercept the communications of a third party without a warrant. There was some wondering about whether passing emails through a virus scan qualified as warrantless interception.

Rather than going through some court case about to settle the matter, it was felt that it would be easier just to amend the Telecommunications Interception Act instead.

So that's it. There's actually no story here at all. Though it did provoke me to write an angry rant [clubtroppo.com.au] before I started doing what the journalists should have done in the first place - check the facts.

Already legal in the US...

[MadMorf (118601)]

...It's called, "I own the equipment and I'm paying for your time, so you have no expectation of privacy. Deal with it!"

Re:

[SHaFT7 (612918)]

can't you already do this in the states?

Re:

[speedingant (1121329)]

Also in NZ. It makes complete sense! They have every right to see what is going on inside their own company, and what activity is going on inside their network.

Re:

[JustShootMe (122551)]

Funny story - where I work there is a very liberal network use policy - you can use it how you like as long as your manager is happy with your work and you don't shut the network down.

Someone shut the network down, I think with a P2P site.

The network guys sit right next to me. They were having a great time tracking down the culprit. And even funnier is people were coming out of the woodwork saying "my bad!" when it wasn't even them!

But I was very much OK with that. That person was saturating the network

Technology will overtake this

[countach (534280)]

Technology will overtake this. When everyone has an iPhone or like in their pocket, who is going to send potentially compromising emails through their employer?

Re:Technology will overtake this

[ozmanjusri (601766)]

I will.

But then again, I'm a self-employed masochist.

Re:

[it0 (567968)]

Same goes for a private phone call.

Yet it seems to be normal. There are a lot of valid reasons to make a private call during work.

By your reasoning it's also ok for the employer to check the text message on your mobile phone.

In the end it's all about trust, if your employer doesn't trust you, either you did something wrong or your employer is paranoid.

Ok...so...

[interactive_civilian (205158)]

That's not a very good analogy... it doesn't take place at work. It doesn't take place during work hours. Finally, you aren't asking your employer to deliver the communication for you.

Take the same example as the GPP, but do it at work. You have finished your work, so you sit at your desk, take a sheet of paper from the notepad paid for by your work, write a letter to someone with the pen provided by your work, put it in the envelope provided by your work, maybe even go so far as to use one stamp that was also provided by your work, drop it in the company mail shute, and send it.

In that case, is it OK for your employer to open the letter and read it before it leaves the building?

Re:In Kiwi New Zealand

[Cassius Corodes (1084513)]

Its not so much the new rules that anger me, for employers have previously just asked you to sign an agreement giving them that right, its that way they are introduced as to "fight terrorism". If I was osama I would be laughing my head of every time a new law is introduced to fight terrorism. We are just handing them moral victory after victory and they are just sitting in a cave somewhere.

Re:In Kiwi New Zealand

[MrNaz (730548)]

It's not about fighting terrorism. It never was. It's about power pooling into the hands of the few.

Re:In Kiwi New Zealand

[Cassius Corodes (1084513)]

Its not so much that he cares about civil liberties, champ (can I call you champ?) its that he is a terrorist, and his main job is screw with your head. When people are willing to be inconvenienced, champ, for the sake of protection from terrorism - he has succeeded for he has made an negative impact on your life. Now whether or not osama really knows or cares about this is largely irrelevant.

P.S. I'm not sure what sort of intellectual masturbation led you to assume I empathise with osama but rest assured that its wrong.

Re:

[Moridineas (213502)]

Its not so much that he cares about civil liberties, champ (can I call you champ?)

You certaintly may, though I'm not sure why you would!! (out of curiosity--why would you?)

its that he is a terrorist, and his main job is screw with your head.

Ok, I completely disagree with this. His "main job" is not to "screw with" anybodies head--he has a series of discrete and explicit goals that he has repeatedly laid out. These include Western troops out of the Arabian peninsula. In fact this was one of his earliest causes and the one that made him target the US in particular.Troops out of Iraq is another one. Similar motivations took him to Afghanistan to fight the

Re:In Kiwi New Zealand

[MrNaz (730548)]

As a small business owner in Australia, I would like to make it clear that I would never read my employees' emails even if I thought they were stealing from me. I consider privacy invasion to be wrong, and as the phrase goes, two wrongs don't make a right. Invading privacy to stop them stealing is as wrong as breaking into their house to steal back whatever they took.

It is not possible for employees, in the modern day and age, to sterilise themselves personally when they walk into the workplace. They still have friends they talk to, they still have families they think about, they still have pressing non-work issues they need to deal with. Expecting this to all disappear at 9am and reappear at 5:30pm is unreasonable, and as a business owner, I don't expect it of my staff, even though (assuming it's even possible which it isn't) it may increase productivity.

If I have an issue with a staff member stealing or doing something else that breaks the boundaries or law or morality, I don't want to deal with that issue by breaking the boundaries of law or morality. I can and will intervene to protect my business, but only if I don't violate their rights in the process. I have yet (in 8 years) to come across a scenario where I was not able to protect myself and still follow this principle. I don't believe I ever will. This experience affirms my belief that one does NOT have to trade freedom and/or morality for security and/or order.

Sheesh. This feeling of "anything goes" in the pursuit of security and law and order has gone way too far.

Re:In Kiwi New Zealand

[Moridineas (213502)]

I am not a small business owner, but I work at a small business in the US, and I would just add that at my company, there's little to no privacy. There are only about 15 people, and if someone is out sick, on vacation, on a business trip, etc--someone else will read their email to see if there's anything that has to be replied to immediately.

This goes for the bosses computer+email too.

There have never been any problems that I've heard of--I mean the general standard is, if you're reading someones email and you see its personal, dont read it. Just look at the business email. Not always possible, but it hasn't been a problem in my experience.

I don't really think most people use their business addresses for personal email very often incidentally--everyone seems to use yahoo/gmail/whatever. (I know I do)

Re:

[stupidflanders (1230894)]

I'm from the US. I work in IT. At every company I have worked for, you must sign a technology use policy form. Here are some real life examples of people who have been fired for misusing company technology:

• * Using your company email address to apply for other jobs (lead to early termination).
• * Installing a cracked copy of a video game on your company laptop, and being found in possession of 2,000+ illegally downloaded MP3's (proved by network and IP logs). The cracked game also happened to contain a troj

Re:

[daranz (914716)]

At home, on a LAN separate from the Internet.

Re:

[jobst (955157)]

make yourself a linux box not connected to the internet with two accounts, send an email from one account to the other ... make sure you close the blinds so no person can read your screen and keyboard.

Re:

[JustShootMe (122551)]

Oh, but it you're using a CRT, make sure you're in a faraday cage too. And I'm not sure what they can do as far as listening on LCD displays, but I'm sure there's something.

Re:

[JustShootMe (122551)]

That's ridiculous. If your employer has any reason to snoop on you, they should just snoop on you. They may not have known about things when you were hired, and why should they be forced to ask you in person instead of finding the information on computers and network equipment that they own?

There is no entitlement when it comes to work equipment. If you don't like it, find a place that doesn't do it. And if every place does it, nothing stopping you from building your own corporation that doesn't. That

Re:

[techno-vampire (666512)]

I worked at one place where I was pretty sure that one of their standard practices was pointless. (Not bad, just useless.) I emailed a question about it to a friend with more specialized knowledge, but because I was doing it from work, I used my gmail account. Nothing on that subject when through the company's mail servers. Not that they were snooping, but they certainly could have if they'd wanted to, and it was the type of place where I'd expect it. (A corporate culture of micro-management and second

Re:Sound stupid to me....

[DustyShadow (691635)]

You should use https://www.gmail.com [gmail.com] for a secure connection

Re:

[CodeBuster (516420)]

Then you take out your trusty knoppix CD and boot the machine into a Linux session before connecting to your g-mail account. Unless they are monitoring the computer at the hardware level (unlikely) then you are secure in the knowledge that that particular communication will remain private.

Re:Sound stupid to me....

[holophrastic (221104)]

Um, hi. My name is Bryan. I run a business in Canada. It's my business and I'm accountable for everything that it does -- as an officer of the corporation. And yeah, you'd better believe that I read my employees' e-mails. How on Earth would you expect me to be accountable for something that I don't know is occurring? There are plenty of ways to get an e-mail address. The one that I give to my employee is for business, it's a convenient tool.

And it's no different than the paper "inbox" on their desk -- which is, of course, also owned by me, both the box and the desk itself. And the fact that it's clean.

Re:Sound stupid to me....

[JustShootMe (122551)]

Bah. You should not be sending personal emails through a business address for exactly this reason. It's not the fault of the business for snooping, but the fault of the employee for being stupid.

Re:

[Martin Blank (154261)]

I go to great lengths to keep my work and personal lives separate. If work wants to get in touch with me when I'm not on-site, they can call my company-issued Blackberry. Aside from HR, which is not allowed to pass around my contact information, and my manager, who I trust to not pass around the information I allow to him, no one has my home phone number, and no one at all has my personal cell number.

If my friends or family want to get in touch with me when I'm at work, they can call me on my personal cel

Re:

[JustShootMe (122551)]

I agree with this. The lines are a little more blurry - they have my cell and home numbers. But if someone calls it and it's not an emergency they get yelled at. My boss even told me, if I'm not on call, I don't have to take any work calls after hours - *especially* because my phone is not company issued.

I'm never on call, at least for now.

In principle, though, I'm with you. If the site isn't down in such a way that I'm the only one that can fix it - they can leave me alone, and they know it.

I'm of this mind too...

[Cyno01 (573917)]

Its a little different because im hourly, but the principal still applies. If im on the clock, thats their time, and vice versa, i'm a real bastard about it too.

I've been paged to the floor while on my lunch more than a few times, sometimes more than once durring my lunch break. I'm punched out for lunch (company policy) and required to take one (state law) i made my bosses fill out the apropriate paperwork for me to get paid for those interrupted lunch breaks every time. Although personally i'd rather not

Re:

[setagllib (753300)]

Hey, take it easy on the MCSE :)

Re:

[JustShootMe (122551)]

Unless your workplace bans encryption that they do not have the keys to, which they have every right to do.

I think looking for privacy in the workplace is stupid. It's kind of like having sex in the middle of someone else's yard and getting mad at the owners for watching.

Re:

[JustShootMe (122551)]

And you might not. In all cases, just because they can doesn't mean they do.

Re:

[JustShootMe (122551)]

Be that as it may, this has nothing to do with that.

Re:Having worked in security in federal government

[JustShootMe (122551)]

Huh? What does what you have to go through to get a security clearance have to do with employers snooping through work emails?

Re:

[_merlin (160982)]

Corporations have EVERY right to watch what you do at work.

No they don't. In fact, in most of the world, they aren't allowed to spy on you without your consent. The USA just has a pathetic lack of privacy laws. Judging from your post and others like it, they've also brainwashed the population into accepting it. I don't want my freedom eroded any more than it already has been.

Re:

[Asic Eng (193332)]

Spying on someone and watching someone are two distinct different concepts. When your boss watches you, you know that he's there doing that - when your boss is spying on you, you may not be aware of it. Using your concept of watching what the plumber is doing: in the first case you are standing around looking at his work - in the second you install a video camera to secretly observer him. People are very uncomfortable with the second scenario - they feel violated. That's why companies shouldn't be permitted

Re:

[Asic Eng (193332)]

It's really about the kind of country you want to live in - it's a choice. I don't want employers to have the rights to snoop on people who happen to work for them, because I want to live in a free society despite the fact that most of us will have to be employees of someone else. I also don't think that e.g. technically-oriented people are less valuable to society than entrepreneurial-oriented people, both are needed to build a successful economy. To me that means that one of these groups doesn't have the