Forgot your password?
typodupeerror
Privacy Communications Microsoft

Microsoft Lync Server Gathers Employee Data Just Like NSA 207

Posted by timothy
from the except-they're-not-the-government-and-all dept.
coondoggie writes "Microsoft's Lync communications platform gathers enough readily analyzable data to let corporations spy on their employees like the NSA can on U.S. citizens, and it's based on the same type of information — call details. At Microsoft's Lync 2014 conference, software developer Event Zero detailed just how easy it would be, for instance, to figure out who is dating whom within the company and pinpoint people looking for another job."
This discussion has been archived. No new comments can be posted.

Microsoft Lync Server Gathers Employee Data Just Like NSA

Comments Filter:
  • by Anonymous Coward on Saturday February 22, 2014 @09:44PM (#46313761)
    I have to use Lync at work, and I'd just assumed it'd be cc'ing keywords etc to HR and management.
  • by raymorris (2726007) on Saturday February 22, 2014 @09:45PM (#46313767)

    I'm shocked and amazed. A company running their own messaging server on their own network can see how it's being used?!
    Next you'll tell me that my company's email administrator can see email I send at work, through the server they administer.

  • by Anonymous Coward on Saturday February 22, 2014 @09:50PM (#46313785)

    Yeah, and for the morons using company resources to look for a different job: don't. Use your personal cellphone, or something otherwise not funded by the company.

  • today. (Score:2, Insightful)

    by epyT-R (613989) on Saturday February 22, 2014 @09:53PM (#46313791)

    So, as corporate policy becomes more like that of highschool, and highschool policy becomes more like prison, we're all kept in adolescent, fear-driven hell just a little more, already well past the sell-by date. Meanwhile, lawyers and software vendors write laws and software to profit from this stunting of society. More at 11.

  • um, yeah ... (Score:5, Insightful)

    by cascadingstylesheet (140919) on Saturday February 22, 2014 @10:23PM (#46313907)
    ... because that's the way to retain good employees, spy on them.
  • by flyneye (84093) on Saturday February 22, 2014 @10:36PM (#46313963) Homepage

    A company that has to spy on it's employees deserves, a better business model, new leadership and a tax audit.

  • by BitZtream (692029) on Saturday February 22, 2014 @10:43PM (#46313987)

    ALL PBX type software does this.

    Anyone who wants to be able to bill internally HAS to keep this metadata to do internal billing.

    Its also something that has been collected for the entire 30 years I've dealt with phone systems, and its not like it was new when I first started in telephony.

    You're pretty fucking stupid if this is news to you.

  • Re:um, yeah ... (Score:5, Insightful)

    by VortexCortex (1117377) <VortexCortex AT ... trograde DOT com> on Saturday February 22, 2014 @10:49PM (#46314005)

    Be careful, you are dangerously close to implying that it is good employees and not obedient workers that are actually in demand.

  • Re:today. (Score:4, Insightful)

    by ScentCone (795499) on Saturday February 22, 2014 @11:33PM (#46314149)
    Start you own company, and make a point of having absolutely no way to deal with the communications your employers perform on your behalf. Don't worry, you'll never, ever be involved in any sort of lawsuit that would bring out the fact that you don't cover yourself. What could go wrong? You'll be fine.
  • by lgw (121541) on Sunday February 23, 2014 @02:04AM (#46314533) Journal

    Wow, people really believe this sort of shit?

    If it bother you that your employees are looking elsewhere for a job, perhaps try harder to retain them? I have standing offers to work for a couple of places, places that make the top paying employers lists. At this point in my career I don't really have to "look" for a new job, I just stop ignoring the offers. Yet I'm staying where I am - and not based on pay.

    Want people to stay when they have plenty of choices? Try not pointlessly hassling them over shit like "using company equipment". You'd have to get pretty extreme with that sort of thing before you'd cost more than the cost of hiring someone new and them coming up to speed, even if you were such a dick that you even pay attention.

  • by Anonymous Brave Guy (457657) on Monday February 24, 2014 @04:15AM (#46321535)

    Most workplaces (at least those ive been to) have a computer use policy.

    Yes, often the kind of warning you're talking about is included. And I have no problem with that, provided that it is made clear that the employer is also effectively hacking connections everyone is trained to think of as being secure, such as the on-line banking example a few of us have mentioned.

    However, I don't think a typical "we might monitor this stuff" footnote is adequate disclosure in that context, because the point isn't the legal weasel words, it's whether the employee understands what the situation is and can choose to act accordingly. For example, an employee who understands the situation might decline to check their bank balance from a work computer when management responds to their question about a missing salary payment and says it should have arrived now.

    And really, I dont see why you think you get to set the rules on someone else's equipment.

    Don't make this about me personally. It's about employee rights as part of a healthy employer-employee relationship and, in this particular case, about the mutual trust that is fundamental to that relationship. I don't even work as an employee any more, BTW, so I have no personal axe to grind here.

    The point is that employees are not slaves and do not forfeit all rights just because they're working for someone else for money. The entire legal field of employment rights and the entire union movement exist to balance the greater negotiating power of the employer, so the employer can't exploit their advantage to impose one-sided conditions. As a society, we've decided that we won't always let employers do what they want.

    If you want to affect policy, you should probably get a degree or work experience in IT so that you can make informed recommendations. Otherwise I recommend you leave that to those who have done so.

    Wow. It's a shame I'm posting pseudonymously here, because I'd enjoy seeing you discover the stunning irony of that suggestion.

    Let me leave you instead with an alternative possibility to consider. Maybe I've actually worked with this kind of technology for a long time. Maybe I do understand the IT implications of what we're talking about, and I do know why IT departments might have a legitimate business need to use these tools.

    But maybe I also see the legal/HR perspective. And maybe my position on this issue is motivated not by the arrogance of the naive young employee you seem to think I am but by observing the real consequences after deals were jeopardised because someone screwed this up. Maybe I've seen people find out the hard way that employees/unions/courts didn't support them as much as they assumed they would. It's actually not that unusual if you see, for example, a US business in an M&A deal with a European one, where the cultural attitudes and general legal stances on employees' rights are very different.

    Maybe I've concluded that this is a silly problem that is almost entirely created by institutional arrogance and personal egos in management/IT, and that the problem could be almost entirely eliminated by more enlightened management/IT being up-front with their staff about what is going on and why it's being done, and sometimes by providing alternative mechanisms that avoid the problem without compromising security or compliance.

16.5 feet in the Twilight Zone = 1 Rod Serling

Working...