Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror
×
Privacy Your Rights Online

Canadian Privacy Head Says Work E-mail Private 14

loraksus points out this article from last week with pro-privacy news for Canadians: "Employees in Canda have a "fundamental, inherent right" to privacy in the workplace, and this includes the right to private e-mail, says federal Privacy Commissioner George Radwanski."
----ndra---------------------7711151414664 Content-Disposition: form-data; name="query"
This discussion has been archived. No new comments can be posted.

Canadian Privacy Head Says Work E-mail Private

Comments Filter:
  • by Anonymous Coward
    I don't think the privacy commissioner can do anything but make recommendations.

    However, in a related privacy intrusion, Canada's court's have consistently ruled against workplace drug-testing.
  • by Anonymous Coward on Wednesday April 25, 2001 @05:21PM (#266378)
    > I hope that nothing like this occurs in the USA,
    > where at least people (for all their faults)
    > still believe in the principle of taking
    > responsibility for one's own actions.

    Like the way parents are taking responsibility for their inability to teach their kids the difference between reality and fantasy by suing video game makers over Columbine?

    Or the way people have taken responsibility for their own health by suing a dairy for 'getting them addicted to milk' and thusly raising their cholesterol?

    Or perhaps the way the softwood lumber industry takes responsibility for its efficiency problems by alleging that other countries unfairly subsidize their industries, despite the fact that international tribunals have found these claims to be groundless on several occasions already?

    Or maybe you meant the way the government is taking responsibility for the future by balking at the Kyoto and landmine agreements?

    These behaviours are not definitively American-only, but all of them have happened there. Every country has problems, and every country has beauties.

    Anyway, this increases workers' accountability, if anything. Adults shouldn't need to be babysat, and it's demeaning to do so. If the worker is not getting the job done, that's a problem which should be dealt with. But if the worker is getting the job done, that's all the employer should be interested in.
  • After reading the article I realized I had a few rights that I never knew about, namely privacy in the workplace.

    Ferinstance, I didn't know it wasn't legal for the company to go rifling through my desk drawers. I always figured it was their desk and anything I left in it was open to be seen by my employers.

    This opens up a whole new can of worms as far as "what can my employers actually do?" goes. The article makes a damn good point though: Companies worry about time wastage with email and web use but there are far less privacy-restricting ways of watching for abuse without resorting to monitoring everyone. I follow this policy at the ISP I do some volunteer work at. I have log-sifter scripts which flag emails with more than x number of recipients as possible spammers. I don't read everyone's email but if I get a message from my log sifter script that someone's sent 100 emails with 50 recipients each, I can then investigate further. Sounds like a damn good system to set up at work...


  • I don't know about you geeks up north, but I take matters into my own hand. I have my own mail service that I access though SSH or zebedee depending on what firewall my employeer is using. I surf via a ssh or zebedee connection to my squid proxy server on a cablemodem.

    I applaud Canada for having some sense of what is right and what is wrong, but I'm not waiting to find out what my employer things of my e-mail or web habait, they will never see any of it. I'de hate to see what the netops think off all of the wierd traffic comming out of my box looks like.

    If all of that failed, I'de just switch back to SSH webmail client that I have installed.
  • This isn't just about geeks and tech workers. It's also about those who don't have home net access, and thus have to use their work email addresses as their personal addresses. Not everyone has access to public access centers, and not everyone can afford a computer and ISP account. These people can only access email through their place of work. Should they have less rights just because they can't afford a computer of their own, or because they lack technical knowledge?

    I'm proud that my country is actually looking out for citizen's rights to privacy and knowledge. Between this ruling and the CRTC's famous ruling to not try to control information on the Internet, I would argue that the Canadian government has a better track record than the US government does in these matters.
  • Should they have less rights just because they can't afford a computer of their own, or because they lack technical knowledge?

    Unless this internet access is part of their compensation/benefits for labor (which I admit, may indeed be the case), offering a crippled email service (crippled in the sense that it isn't private) isn't taking anyone's rights away.

    Need does not create obligation for someone else, and don't look a gift horse in the mouth.

    Still, yes, it's happy news. An interesting consequence of this would be that since the email is ruled not the employer's business, then the employer shouldn't be held liable for employee abuses of the service (e.g. spamming, sending sexually harrassing stuff, etc). Moving legal responsibility for acts to those who make decisions to perform act, is a Good Thing. Even if it is only happening in Canada, in a manner that USA will never know until after the revolution.


    ---
  • by scotpurl ( 28825 ) on Wednesday April 25, 2001 @10:44AM (#266383)
    ...and if trips to the loo are private, and if postal mail is private, and if DNA is private, and if credit records are private, and if naughty-illegal things you did as a teenager are private, then why, praytell, are emails not also private?

    The medium of the message matters not.
  • Just reading this article made me chuckle, realizing how different it is in the US. JWZ [jwz.org] had some pontification about Netscape's internal email being public during legal wars with M$.

    At my current job, we've got a couple levels of communication.. the internal discussion boards, and the real secret never talked about in public ancient communications method. While the whining we do isn't about a billion dollar megacorporation that can send a barrel full of lawyers to yank it out, I wonder what exactly determines who has the rights to what discussion in the US. I know it isn't as free as Canada, but where exactly is the line drawn?
  • by Nos. ( 179609 ) <`ac.srrekeht' `ta' `werdna'> on Thursday April 26, 2001 @09:54AM (#266385) Homepage
    Now, after you've posted, go back and read the article. Take for instance this:

    If there's a real problem, if there is a reason to suspect abuse, that's different. You can address that in a less privacy-invasive way than monitoring everyone

    Say for example I receive obscene email or spam from you, I complain, you get investigated. What Mr. Radwanski is saying is that just because you manager is bored, he can't snoop through your email to see if your actually spending paid time and company resources on work related things.
    For example:

    Bell keeps a log of all computer activity, she said, but does not delve into the content unless there has been a complaint about a possible breach of company policy. Allegations of fraud, theft, sexual or racial harassment will be investigated, Ms. Morin said.


    This is exactly what he had in mind. If you are given a reason to investigate (complaints/allegations) then investigate.
  • by gwyrdd benyw ( 233417 ) on Wednesday April 25, 2001 @08:50PM (#266386) Journal
    I am printing the full article here for the benefit of the archives, as The Globe and Mail is famous for only maintaining their archives for a week or two.

    ----

    POSTED AT 12:37 PM EDT Monday, April 16

    Federal privacy commissioner says work e-mail confidential

    By VIRGINIA GALT
    From Monday's Globe and Mail

    Toronto Employees have a "fundamental, inherent right" to privacy in the workplace, and this includes the right to private e-mail, says federal Privacy Commissioner George Radwanski.

    "Most of us would agree that an employer would have no business randomly or routinely pawing through the desk drawers of employees, and examining whatever happens to be there. What makes the contents of a computer any different?"

    This runs counter to the belief of many employers, who say that because they own the equipment, they have an unlimited right to peruse the contents, Mr. Radwanski notes. "This is wrong."

    The immense capacity of technology to capture and log any transaction conducted on a computer raises enormous privacy concerns that legislators are just now moving to address. It has implications for both employers -- who say they have a duty to guard against Internet abuse -- and employees, who don't want to feel like Big Brother is always watching over them.

    Technological advances notwithstanding, the privacy commissioner says employees do not lose their right to privacy just because an employer tells them "not to expect any privacy."

    The establishment of legal and acceptable limits is all the more important given that many major employers now have the means to electronically monitor their work force, he said in an interview from his Ottawa office, where he oversees compliance with the new Personal Information Protection and Electronic Documents Act.

    "A lot of employers ... want to monitor employees' e-mail and Web use because they're concerned about employees' time-wasting. I don't think the potential justifies this," he said at a conference in Toronto, organized by the University of Toronto's Centre for Industrial Relations and legal publisher Lancaster House Publishing.

    "If there's a real problem, if there is a reason to suspect abuse, that's different. You can address that in a less privacy-invasive way than monitoring everyone," he said in a forceful speech aimed at clarifying the intent of the law.

    The new federal privacy law pertaining to electronic documents, which took effect Jan. 1, stipulates that an organization may collect, use or disclose personal information "only for purposes that a reasonable person would consider appropriate." Mr. Radwanski, who has the authority to investigate and refer breaches of the act to the Federal Court of Canada, says "random snooping" through employees' e-mail boxes is clearly a breach.

    The law applies to federally regulated industries such as banking, telecommunications, broadcasting and interprovincial transportation.

    Mr. Radwanski predicted that the law will soon provide the framework for similar provincial privacy provisions.

    Mr. Radwanski's speech set the stage for a rousing debate at the conference, which drew industrial relations specialists from both the labour and management sides.

    Management representatives argued that they should be able to use the tools at their disposal to protect against employee theft, fraud or unauthorized distribution of "commercially sensitive material." Electronic monitoring can also uncover e-mail and Internet abuse, such as the transmission of harassing e-mail messages or the downloading of pornography.

    Bell Canada lawyer Suzanne Morin said company-provided Internet access "is a privilege, not a right."

    The telephone utility, a unit of Montreal-based BCE Inc., permits and encourages employees to "surf the Net" for personal use, as long as it does not interfere with job performance and employees do not violate company policy, Ms. Morin said.

    Bell keeps a log of all computer activity, she said, but does not delve into the content unless there has been a complaint about a possible breach of company policy. Allegations of fraud, theft, sexual or racial harassment will be investigated, Ms. Morin said.

    Mr. Radwanski declined to comment on specific company policies but said that he has "no problem" with employers conducting targeted investigations into suspected policy violations or illegal activity.

    Labour lawyer Lorne Richmond, of the Toronto firm Sack Goldblatt Mitchell, said he is concerned employers will "hide behind" the legal requirement that they maintain harassment-free workplaces to conduct widespread electronic surveillance. Arbitrators have restricted the rights of employers to place employees under video surveillance, he noted.

    The privacy commissioner dismissed the notion that harassment can only be tracked and stopped through electronic monitoring. Employers can only be held liable if they have not exercised "due diligence" to prevent it, he said.

    "Get yourself a good harassment policy," he advised employers, and make sure employees are aware of the acceptable limits of e-mail and Internet use on company time.

    "You're not going to get dinged for liability because you refused to treat all your employees like suspects and install computer monitoring software."

    Appointed in November to a seven-year term, Mr. Radwanski, a former journalist, author and public policy researcher, said the technological revolution has made privacy "the defining issue of this new decade." Snooping can't be stopped, so "we have to impose our own limits."

  • by RareHeintz ( 244414 ) on Wednesday April 25, 2001 @07:50AM (#266387) Homepage Journal
    If an employee is circulating spam, obscene jokes, pornography, pirated software, or other such things, do you think their boss does not have the right to know about it?

    And what about posting trolls to Slashdot from work?

    I personally believe the dotcom crash was the direct result of productivity lost to key technical talent posting to Slashdot all day instead of propping up the economy for everyone else, like good little worker bees. Forget about management's pr0n habit - it's all Slashdot's fault.

    I hope that nothing like this occurs in the USA, where at least people (for all their faults) still believe in the principle of taking responsibility for one's own actions.

    Hmm. You must mean that other USA, not the one full of couch potatoes and junk food zombies who communicate primarily through brand name recognition.

    OK,
    - B
    --

  • by RareHeintz ( 244414 ) on Wednesday April 25, 2001 @07:58AM (#266388) Homepage Journal
    Well, there's something that's possible in Canada but not in the U.S. - the corporations apparently haven't taken over our northern neighbor to the extent that they have here.

    The whole debate kind of reminds me of drug testing (in non-safety-critical jobs, anyway). Basically, if an employer needs a worker to piss in a cup to tell if there's a problem with his work, then the issue is with management, not with the worker. If the worker's work is good, then the employer shouldn't care at all what shows up in a drug test, unless the employer has also appointed himself the employee's moral watchdog as well.

    Is that really a role you want your boss to have?

    It seems the same argument could apply to Internet use in the workplace as well: it ought to be obvious if there's a problem with an individual worker, even without a draconian monitoring policy. Inability to detect a problem is a failure of management, not a reason to tighten the shackles on all workers.

    OK,
    - B
    --

  • Your HTTP headers are showing.
    ----ndra---------------------7711151414664 Content-Disposition: form-data; name="query"
    If you teamed up with this story's author [slashdot.org] you could probably trash the entire Slashdot website in no time flat.

    ...I am the Raxis.

  • Hmm, based on this e-mail Sir it appears that this employee is a member of a religious cult. Hmm, we will have to take care of her won't we.

    Here is one example of why employers should not be able to read your e-mail. I based the above scenario on the note you put at the end of your post, "An ye harm none, do what ye will" - The Wiccan Rede," that clearly identifies you as a member of a religion that many people still think of as evil and might fire you over.

    There is no way that one can avoid being at least a little bit personal in writing e-mail. Chances are someone will not like something you have written and hold it against you.

    I happen to have written Human Resources from time to time about problems I have had in the work place. If my boss had read it I would have not had a job. There are some types e-mail that are meant for only certain staff to see. Even completely work related content.

    BTW: In that first example if you were later be mysteriously fired, in the USA, they would have no legal reason to tell you they looked at your e-mail so you would not even know why.

    Finally you mentioned the Wiccan Rede. I assume from the message that your are saying that if people obeyed its tenets then they would not fear having their e-mail read. Why in this scenario would someone need the right to read your e-mail? Would it not be in fact only for reasons that would be in violation of the Rede? So given your implied scenario of how it would be in a perfect world, someone reading others work e-mail would still be wrong since there could be no justifiable reason for doing so. So, in fact, your original argument is invalid, as the assumptions you made to justify it would actually nullify the premise of the argument that if everyone acted in a responsible fashion they would not mind having someone read their e-mail. Since, if everyone did act responsibly, they would not need to have their e-mail read. Thus having the right to do so could only be for immoral purposes.

    Robert

A person with one watch knows what time it is; a person with two watches is never sure. Proverb

Working...