Bill Bans Secret Workplace Snooping 18
jyuter writes "According to this ZDNET article, congress is considering a bill which requires companies to disclose their practices regarding reading employees' e-mails. What puzzles me is this quote from Charles Schumer D-NY, "We would never stand for it if an employer steamed open an employee's mail, read it and put it back. It is the same thing with an employee's e-mail." So it's ok then for employers to steam open employees's mail and give it back to them, provided they tell the employees of this policy beforehand." This would be a very modest proposal indeed - one tiny step for privacy, one giant leap for, well, nothing. Maybe I should be less cynical. Nah.
hehe (Score:1)
and on a more serious note, i find it horrendous that, rather than keeping companies out of an employees email, you now just have to tell them that you read it. Admittedly, this is better than it used to be, but still...
I suppose a few companies are going to be like "We're allowed to read email! Whaoo!" and then all hell is gonna break loose.
grr.. i'm considering moving offshore these days.
It's ok(?) to do this... (Score:2)
I think it's OK for employers to read incomming/outgoing email. gasp
First off, they are providing the service to aid their business -- not for your own personal pleasure. If you are conducting business as usual...then what do you have to hide? Internally, a company should not be so paranoid as to keep things from itself.
Second, if you are giving away trade-secrets or perhaps mailing your resume to competitors, I think they have every right to know about it.
So what's the different between reading email and scanning proxy logs? Or even drug testing or checking your bag/suitcase at the door?
Don't think flame...think company protection
--
Letter Vs postcard (Score:3)
As I explain it to anyone that will listen:
If you send a postcard in the regular mail, anyone that touches the card can easily read the message that you have written. You have no expectation of privacy.
If you send a letter sealed in an envelope, then those that handle the letter cannot easily read the message written on the paper within. You have a reasonable expectation of privacy that came from sealing the envelope.
Email is a postcard, not a letter. There is nothing on the standard mail message that is sealing it from the eyes of anyone that touches the mail message. The text and any attachments are in the clear for anyone that has access and cares to look to read your message.
The answer is encryption.
Once you encrypt a message, you are sealing the envelope. You then have an expectation of privacy, the better the encryption, the better the expectation of privacy.
You see, companies reading mail is not at all like steaming open letters, because unencrypted mail is not like a letter. Companies reading email is much more like reading the postcards that you get in interoffice mail.
What's that, you say, you don't send postcards in the interoffice mail? Sure you do, every time you click SEND in your email program.
Joe Goldmeer
Re:It's ok(?) to do this...you are on crack (Score:1)
I guess they can listen in when you call the doctor, or the Workman's compensation claim division, or any number of things.
Yeah...there's a good idea: make your workman's comp claim on company time using company resources.
You want to call the doctor or dentist or union -- then do it on your own time if you don't want your company to potentially be listening in on your phone call!
--
We are talking about *on-site* email, right?! (Score:2)
We are talking about employee's on-site, business provided email accounts, right? This isn't a backdoor that allows companies to demand access to an employee's personal accounts, right?!
The CNet article suggests that, but knowing how many truly braindead laws Congress has passed recently (electronic signatures, anyone?), the question needs to be asked.
For the record, I have publicly defended monitored e-mail on several occasions - and supported harsh actions against employees who insist on encrypting their personal email - because of those damn harassment suits. But that is a problem that applies to all of society.
Re:It's ok(?) to do this...you are on crack (Score:1)
The difference between phone and email is that the phone service does not require local administration that may require some messages' privacy to be breached. So people are morons if they think that their email is NOT going to be read by someone and say something stupid.
But saying that it is OK for them to read anything/everything is ridiculous.
Curious George
Snail mail at work is open to search (Score:1)
Re:It's ok(?) to do this... (Score:1)
What's the problem? (Score:2)
Missing the point ! (Score:2)
Re:It's ok(?) to do this...you are on crack (Score:2)
Actually, if a company has a policy of "no personal calls", they can monitor conversations based on suspicion of violations of policy. You'd be surprised!
Besides, it is not unreasonable for a company to say up front that an personal phone calls, e-mails, etc. should not be taken care of using company resources (including company time), and that as a condition of employment you accept that they will check up on you if they suspect this activity.
You want personal e-mail? Get your own account!
--
I disagree (Score:2)
You send an email and your company's admin snoops it via logs or whatever is roughly equivalent to the following scenario:
You put a postcard in the mail. It goes to the post office, where it gets photocopied and archived. Then it is forwarded on to it's proper destination. Sometime in the future, the post office can look at the photocopy, supply it to courts, your ex-wife, or your dog.
If that sort of thing were happening to postcards, people would have a fit. Just keep in mind, while email may be easily readable like a postcard, it is much more easily archived than a postcard. And it's archived very frequently. Furthermore, it is easy to compile data on who is sending what, and to whom.
Yes encryption is one solution. But I still believe that the laws should require equal treatment of email versus snail mail, at least for personal email. Businesses should at the very least require employees to waive their email privacy before snooping on them. I don't really have a problem with that, since sending email from work is associating yourself with the company. They should get to control what leaves their servers, or at the very least, email heading to external addresses.
Best regards,
SEAL
Re:Missing the point ! (Score:1)
Question: Was rummaging through everyone's email part of your job description? Had you been instructed to do it? Or did you simply take it upon yourself to be the company snitch?
As a network administrator, you have access to all sorts of sensitive personal information. And we're not just talking emails here, we're talking (potentially) salaries, SSN, etc. Just because you have access does that mean you are entitled to check it, just to satisfy your own curiosity?
I would hope the answer is "no." The janitor isn't allowed to go through your papers looking for incriminating evidence; similarly the sysadmin should not invade privacy without being told to do so.
The question of whether or not management has the right to go through your email is more complex. First of all, being spied on without your knowledge is offensive (if you find out, that is.) However, I feel that as long as a company makes CLEAR that they have the right to invade your privacy at their discretion, you are less likely to do something incriminating. For example, you wouldn't go to a BDSM or other potentially embarrassing site if you knew that you were being monitored; and the threat of monitoring can be more potent than the actual act (though threats must be backed up with action.)
But what gets people really mad is when they DON'T know they're being watched, and then their boss comes up to them demanding an explanation for all the porn they've been downloading. Not a situation I'd like to be faced with, how about you? Ignorance of the law is no excuse, true, but I think it is in everyone's best interests if people know beforehand they are being watched.
Final point. People have been goofing off ever since they invented work, and the internet is just the latest way, albeit a very efficient one. If someone listens to the radio or doodles on a sketchpad, goes to an internet site or writes an email, it's all the same thing. It's just that an email or choice of website (eg, porn) can reveal far more personal information about someone than their choice of radio station or what they draw, particularly if they think no one will know what they've written or what sites they've visited.
This won't make a big difference (Score:4)
But, keep in mind that this only means that they have to tell you what they can or may do. It doesn't mean that every time they read one of your emails, they have to tell you that they did so. My company was straightforward in saying that they can and do read emails, web logs, etc. But I think most people operate as if they probably won't read everything.
I think this is a step in the right direction, but I bet even after being notified of the company policy, an employee would still be shocked/upset if an HR rep dragged out an email and grilled him on it.
Re:Missing the point ! (Score:2)
What the fsck were you doing looking through people's emails? Being a network administrator is not a license to indulge one's voyeuristic tendencies. Just because you have the technical means to do something doesn't mean that it is moral or legal.
Re:Letter Vs postcard (Score:1)
Well, you don't have to work at that type of company, do you?
Also, if you have internet access to web based mail accounts, you can then bypass their mail server completely, can't you?
-Joe
where's the trust ? (Score:1)
I know of a (family) company that has become bigger but where the boss reads every email that goes in and out. Employees know it and therefor are very sensitive about what they mail. Email is hardly used, and external consultants they work with are also asked to be very careful in what they email, certainly if it's about things that don't go too well :-)
The result is that the employees aren't really 'shiny happy people' and modern technology isn't used as it could..
I'm very lucky as the company I work for does not monitor anything at all, doesn't restrict internet access, etc. We were talking about upgrading our bandwith recently and an isp's salesmen said the company could restrict the usage (eg downloading mp3's or other non-work related material) and our boss said he didn't want to do anything like this at all :-) Someone has been fired because he was downloading x-rated images for weeks though, but this happened because he neglected his job and other people had to do more work, project was going late, .. So as long as my job gets done I can read /. all day :-)
Re:It's ok(?) to do this (Score:1)
Generally, yes. And this has been litigated to death.
Employers can monitor phone calls, go through your notebooks, and rifle through your desk drawers. Whether they can check your personal briefcase or examine your locker depends on a variety of factors.
Mail coming into a workplace also has a reduced expectation of privacy. One facility at which I worked opened and screened every bit of incoming mail, and outgoing mail with company stamps had to be left unsealed. There was an attempt to litigate that issue, but the court found for the company, at least partly on the strength of pre-employment notice. Not agreement, notice.
Worker's Comp cases are an interesting problem, since the claim is a workplace injury, and the employer generally can get some access to the medical information anyway. Union conversations (many of which are not only permitted, but required, to occur on company time,) are a likely exception: If the monitoring manager realizes they are listening in on an activity governed by a Collective Bargaining Agreement (CBA), the CBA often requires that they terminate the monitoring and forget everything they heard. My father is a shop steward, and regularly gets calls about grievances. As a result his calls are almost never monitored, since it would be too annoying to sort out which were covered by the CBA.
tc>