In EU, Internet Use From Work May Be Protected 146
athloi wrote with a link to an Ars Technica article on a case involving the right to privacy on the internet. "A Welsh university employee has successfully sued the UK government in the EU court of human rights over monitoring of her personal internet use from work. According to the complaint, the woman's e-mail, phone, Internet, and fax usage were all monitored by the Deputy Principal (DP) of the college, who appears to have taken a sharp dislike to her. The woman claimed that her human rights were being abused, and pointed specifically to Article 8 of the European Convention on Human Rights, which governs private and family life." The courts agreed; despite a lack of a notion of 'privacy' in English law, the EU convention forced their hand. The ruling doesn't try to dissuade employers from monitoring employees, but does encourage them to inform employees about surveillance.
What companies don't tell you they are watching? (Score:5, Insightful)
Do anything that would get us sued and you will be fired. Don't do your job and you will be fired.
Since the former covers porn (respect at work acts) and the latter covers goofing off all day, unless you happen to be so good at your job that you can still manage to get everything done *and* goof off, then all eventualities are covered.
Different society, same problem (Score:5, Insightful)
In this case, the snooping would appear to be more than warrented by employee productivity or asset/network integrity. Very targetted, and unarguably an abuse of employer power. Something dreaded in the EU and prohibited by a whole host of laws.
I would hope that even in the US this sort of inter-personal grudge nursing would be similarly identified as malfeasance. The snoopers boss ought to fire her for abuse of company assets and damage to reputation. Snooping is never free.
Trolling headline (Score:5, Insightful)
Sure, getting people to read article/comments is important, but perhaps a little accuracy in headlines is appropriate?
It is still quite legal for an employer in the EU to declare that its computers, phones, etc are for business use only, and that correspondence will be monitored. This does not contravene Article 8, since only *private* correspondence is protected by Article 8; use of company machines for correspondence therefore makes such correspondence not private.
Re:What companies don't tell you they are watching (Score:3, Insightful)
Otherwise, we would not have time to post at Slashdot during the day.
Re:Hmmm (Score:5, Insightful)
I have no problem with my employer monitoring internet usage to make certain that I'm not sabotaging the business. At the same time I think there is a reasonable expectation that no one employee is monitored any more closely or hounded any more severely than any other employee. With the way AUPs and employee agreements are currently written (completely one-sided) one can be working in an environment where 4 hours of casual use/day is allowed but woe to the one employee who is targetted should they check their e-mail even once.
Giving free reign to employers to selectively enforce a zero-tolerance policy justified by any arbitrary excuse is a recipe, an open invitation even, for abuse--to the level which would be considered aggravated stalking in any other environment.
Privacy in the workplace? (Score:1, Insightful)
How can you have any expectation of privacy when using company resources to have your private communications? Just step out of the work place, use your private cell phone, and conduct your private business.
Re:What companies don't tell you they are watching (Score:4, Insightful)
Re:What companies don't tell you they are watching (Score:3, Insightful)
Do anything that would get us sued and you will be fired. Don't do your job and you will be fired.
You didn't say anything about them watching you. It's one thing for a company to make that statement, its another for them to monitor every single resource you use (without notifying you) to ensure you are complying with that statement.
Re:Hmmm (Score:2, Insightful)
Re:Why is there no policy covering this? (Score:3, Insightful)
So a "you might be watched" policy would not help here, even if signed by the employee. The European Court of Human Rights would simply throw out suct a contract as illegal.
But it might be possible to have a policy saying that the employee must not have private communications or do anything private on the employer's computers and network. This way the employer can monitor under the assumption that nothing private will be found. I would however be very surprised if such a policy could be implemented at an university.
Re:Trolling headline (Score:5, Insightful)
Re:Trolling headline (Score:3, Insightful)
That's a very bold statement. Care to back it up with sources?
We should also note that there is a difference between monitoring and intercepting communications. In essence, the former is looking at things like where an e-mail going from and to or the addresses of web sites visited, while the latter involves observing the content. This ruling seems to refer only to monitoring communications.
For those who are interested in the UK, the Information Commissioner's Office publish a rather detailed Employment Practices Code [ico.gov.uk] (caution: large PDF) that gives a lot of guidance to employers on the relevant laws and guidelines. The topic of intercepting electronic communications such as phones and e-mail is covered in a fair bit of detail.
Collective monitoring makes more sense anyway (Score:4, Insightful)
As an IT director, I am responsible for ensuring connectivity and bandwidth for my company. As part of this job function, from time to time, I turn on "monitoring" on my firewall. This doesn't tell me who is doing what... it just tells me what sites are being hit.
This is a great way to do statistical monitoring without intruding on one particular person's privacy. If I notice that more than a little of our traffic is going to MySpace or the porn flavor of the day, I re-send out a reminder of the AUP to all staff. (I also remind people that, with VNC, I can observe their screen directly (not that I would, except for tech support-related issues, but I want them to know that anyone in IT could)). After that, the non-work traffic dwindles to next to nil.
Isn't that a better way of doing it all around?
P.S. FWIW, my firewall is a ZyXel, and that behavior is the default functionality. I would have to install separate software to log what each individual is doing, and... why would I want to? The real issue (at least from an IT perspective) isn't who is abusing company resources... only that the abuse stop.
--
Government of, by, and for ALL the people. [metagovernment.org]
Re:This is not an EU convention (Score:3, Insightful)
The current UK government loves to wave articles of the convention at random so you cannot rely on this convention as being useable. Oh we do not like this one, that one and that one. We shall not be bound by them regardless of the fact that we have ratified it. Human rights Antonio Bliar style at your service.
Not that the Tories are any better as there was a point where they had leaving the convention as a part of their pre-election propaganda (not that this helped them with getting anywhere).
So unfortunately this convention is used in the UK where it does not really matter that much. Where it matters and where it sets the actual moral standard of what is right and what is wrong the current UK govt has roughly the level of respect to it that the talebans had to historical monuments and human rights.
Re:What companies don't tell you they are watching (Score:3, Insightful)