were my workplace privacy rights violated?

[ch33zw1z]

Originally posted by: sixone
You left it open, on a company-owned workstation. You lose.

so true. next time remember the ctrl+alt+L trick...

 

[her209]

Originally posted by: BoomerD
wonder if the IT guy sent a nice "NO Thank you" to the folks offering the job? OR, plans on trying to get it himself?

I think that what they did sux, and is underhanded, and possibly borders on illegal, (accessing your external e-mail account and forwarding an e-mail in it, BUT, as others have noted, you have no real expectation to privacy when on a company network. THEY own it, and everything on it...NO, that doesn't give them the right to USE information, like PIN#'s, account numbers NOT related to work, etc, but they do have the right to access any information on their network.

I completely agree. The company owns everything in their network. They own any and all recorded data that traverses to and from their network. They are liable for it. And if the OP had used the company email account for correspondence communication, the company has every right to look through the employee's company mailbox and duplicate any e-mails. And if that were the case, then I'd side with the company.

 

[her209]

Originally posted by: ch33zw1z

Originally posted by: sixone
You left it open, on a company-owned workstation. You lose.

so true. next time remember the ctrl+alt+L trick...

I think you mean Windows Key + L

 

[MrDudeMan]

Originally posted by: Nutdotnet

Dude, chill out. It's not nice to call someone multiple astericks.

hahaha that was awesome

 

[MrDudeMan]

Originally posted by: her209

Originally posted by: ch33zw1z

Originally posted by: sixone
You left it open, on a company-owned workstation. You lose.

so true. next time remember the ctrl+alt+L trick...

I think you mean Windows Key + L

yeah its windows + L on my computer also. can you change that?

 

[z0mb13]

repeat after me: there is no such thing as workplace privacy rights

 

[sygyzy]

By workstation, are you referring to your POS terminal at McDonald's?

 

[her209]

Originally posted by: z0mb13
repeat after me: there is no such thing as workplace privacy rights

The company, without permission, accessed and used an employee's personal email account to gain information they had no right to.

 

[compuwiz1]

Leaving his email account open on the company's computer, implies rights, on their part. Some of you just don't get this. It's an ethics issue, not a legal one. If this battle were fought in court, the plaintiff, (assuming the OP brought suit), would handily lose.

 

[spidey07]

Originally posted by: her209

Originally posted by: z0mb13
repeat after me: there is no such thing as workplace privacy rights

The company, without permission, accessed and used an employee's personal email account to gain information they had no right to.

The company doesn't need permission. That's the whole point.

I deal with legal on this kind of stuff all the time. The answer is alway "we own the information and systems, we're in the clear no matter what we do. Federal law has already settled this".

 

[her209]

Originally posted by: compuwiz1
Leaving his email account open on the company's computer, implies rights, on their part. Some of you just don't get this. It's an ethics issue, not a legal one. If this battle were fought in court, the plaintiff, (assuming the OP brought suit), would handily lose.

Implied rights? If I forgot my cell phone at work does that imply rights for the company to use it since the phone is on company premises?

 

[her209]

Originally posted by: spidey07

Originally posted by: her209

Originally posted by: z0mb13
repeat after me: there is no such thing as workplace privacy rights

The company, without permission, accessed and used an employee's personal email account to gain information they had no right to.

The company doesn't need permission. That's the whole point.

I deal with legal on this kind of stuff all the time. The answer is alway "we own the information and systems, we're in the clear no matter what we do. Federal law has already settled this".

How do you own data that is stored on someone else's network?

 

[spidey07]

Originally posted by: her209
How do you own data that is stored on someone else's network?

It traversed the company network, therefore they own it. It is stored on a company machine, therefore they own it.

The feds are very clear about this stuff.

 

[her209]

Originally posted by: spidey07

Originally posted by: her209
How do you own data that is stored on someone else's network?

It traversed the company network, therefore they own it. It is stored on a company machine, therefore they own it.

The feds are very clear about this stuff.

If the OP opened the job offer email in his personal mailbox from his company workstation then I agree. The company would own the recorded IP packets and anything that was downloaded to the workstation's cache. Where I disagree is the company having the "right" or "implied right" to access the employee's personal mailbox when he was away from his computer. As I stated before, the OP may have never opened the job offer email on the company's workstation. If the company believes the OP has opened the e-mail, they can reference the recorded packets, but I don't believe they can claim access to the email after the fact.

 

[Lifted]

First off, sniffing the packets is going to do nothing for your company as the information is transferred over SSL and your company can't see any of it.

Just write a letter to human resources, your manager, and your manager's manager, stating that you witnessed a desktop technician (give the name of the technician along with time and date you saw him do this) access your personal email account and forward email from your personal account to (list names email was sent to).

I probably wouldn't sue over this, but this letter will certainly give the company a reason to be baby you on the way out, as they will know they have broken the law and can be sued over this. They will probably be more worried about losing their own jobs, which means more to them than somebody sueing the company, so just write the letter and be happy knowing that with the useless information they unlawfully attained from your personal email account, you now have them all by the balls.

 

[skywhr]

Originally posted by: waggy
you are an idiot for doing stuff on a work computer. you have NO privacy at all regarding the work computer.

 

[talyn00]

Originally posted by: Lifted
First off, sniffing the packets is going to do nothing for your company as the information is transferred over SSL and your company can't see any of it.

Just write a letter to human resources, your manager, and your manager's manager, stating that you witnessed a desktop technician (give the name of the technician along with time and date you saw him do this) access your personal email account and forward email from your personal account to (list names email was sent to).

I probably wouldn't sue over this, but this letter will certainly give the company a reason to be baby you on the way out, as they will know they have broken the law and can be sued over this. They will probably be more worried about losing their own jobs, which means more to them than somebody sueing the company, so just write the letter and be happy knowing that with the useless information they unlawfully attained from your personal email account, you now have them all by the balls.

Sniff is still pretty effective. Most webmail providers I've used only use SSL when authenticating the user. (when you enter your username/password). Nearly everything else after authentication is transmitted in the clear, so a sniffer would be able to monitor the information from your emails, if you opened them.

 

[hans007]

Originally posted by: her209

Originally posted by: BoomerD
wonder if the IT guy sent a nice "NO Thank you" to the folks offering the job? OR, plans on trying to get it himself?

I think that what they did sux, and is underhanded, and possibly borders on illegal, (accessing your external e-mail account and forwarding an e-mail in it, BUT, as others have noted, you have no real expectation to privacy when on a company network. THEY own it, and everything on it...NO, that doesn't give them the right to USE information, like PIN#'s, account numbers NOT related to work, etc, but they do have the right to access any information on their network.

I completely agree. The company owns everything in their network. They own any and all recorded data that traverses to and from their network. They are liable for it. And if the OP had used the company email account for correspondence communication, the company has every right to look through the employee's company mailbox and duplicate any e-mails. And if that were the case, then I'd side with the company.

The difference is that I used a company computer to login to a remote computer owned by yahoo. The only thing stored on the company's computer was my internet cookies.

Having what would amount to a stored password on a company computer, does not permit them to access my personal account.

As the example was said before, it they monitored my use of the internet obtained usernames/passwords to non work sites through my using of their computer it does not permit them to use those passwords/logins to access those sites because they would be impersonating me.

 

[Lifted]

Originally posted by: hans007

Originally posted by: her209

Originally posted by: BoomerD
wonder if the IT guy sent a nice "NO Thank you" to the folks offering the job? OR, plans on trying to get it himself?

I think that what they did sux, and is underhanded, and possibly borders on illegal, (accessing your external e-mail account and forwarding an e-mail in it, BUT, as others have noted, you have no real expectation to privacy when on a company network. THEY own it, and everything on it...NO, that doesn't give them the right to USE information, like PIN#'s, account numbers NOT related to work, etc, but they do have the right to access any information on their network.

I completely agree. The company owns everything in their network. They own any and all recorded data that traverses to and from their network. They are liable for it. And if the OP had used the company email account for correspondence communication, the company has every right to look through the employee's company mailbox and duplicate any e-mails. And if that were the case, then I'd side with the company.

The difference is that I used a company computer to login to a remote computer owned by yahoo. The only thing stored on the company's computer was my internet cookies.

Having what would amount to a stored password on a company computer, does not permit them to access my personal account.

As the example was said before, it they monitored my use of the internet obtained usernames/passwords to non work sites through my using of their computer it does not permit them to use those passwords/logins to access those sites because they would be impersonating me.

Hmmm, maybe if mention pretexting in the letter you should write them, they might get the picture. :laugh:

If they are complete morons, send them a few links to the HP scandal.

 

[spidey07]

Originally posted by: hans007
The difference is that I used a company computer to login to a remote computer owned by yahoo. The only thing stored on the company's computer was my internet cookies.

Having what would amount to a stored password on a company computer, does not permit them to access my personal account.

As the example was said before, it they monitored my use of the internet obtained usernames/passwords to non work sites through my using of their computer it does not permit them to use those passwords/logins to access those sites because they would be impersonating me.

I'm confused here....what part of "they own the infromation" don't you undestand? You have no privacy whatsoever, nor are you entitled to it.

 

[Deleted member 4644]

Originally posted by: spidey07

Originally posted by: hans007
The difference is that I used a company computer to login to a remote computer owned by yahoo. The only thing stored on the company's computer was my internet cookies.

Having what would amount to a stored password on a company computer, does not permit them to access my personal account.

As the example was said before, it they monitored my use of the internet obtained usernames/passwords to non work sites through my using of their computer it does not permit them to use those passwords/logins to access those sites because they would be impersonating me.

I'm confused here....what part of "they own the infromation" don't you undestand? You have no privacy whatsoever, nor are you entitled to it.

Spidey, I think you are very wrong on this, and will ask my professors next week about just how wrong you are.

Unless he EXPLICITLY signed away his rights to ALL information that he sends or receives on his work computer, I find it hard to believe that a sane judge or jury would imply the right to TRANSMIT messages using his PERSONAL email account just because they have a right to broadly monitor his work station.

 

[bctbct]

Originally posted by: spidey07

Originally posted by: hans007
The difference is that I used a company computer to login to a remote computer owned by yahoo. The only thing stored on the company's computer was my internet cookies.

Having what would amount to a stored password on a company computer, does not permit them to access my personal account.

As the example was said before, it they monitored my use of the internet obtained usernames/passwords to non work sites through my using of their computer it does not permit them to use those passwords/logins to access those sites because they would be impersonating me.

I'm confused here....what part of "they own the infromation" don't you undestand? You have no privacy whatsoever, nor are you entitled to it.

dude you are no legal expert on this and should not make absolute statements, this is a gray area.

 

[reitz]

Originally posted by: compuwiz1
Leaving his email account open on the company's computer, implies rights, on their part. Some of you just don't get this. It's an ethics issue, not a legal one. If this battle were fought in court, the plaintiff, (assuming the OP brought suit), would handily lose.

No. Leaving his account open gave them the ability to see what was on the screen, which is well within their rights. There is no expectation of privacy. The company would be inbounds by installing a keylogger on his machine to capture the keystrokes of every personal email he sent using his yahoo account, to sniff all network traffic to decipher everything coming into or out of that account, or even to take a screenshot of the email and forward that on to everyone else in the company.

The line was crossed when his personal email account was used without permission. It's certainly an ethical issue, and most likely a legal issue, though I doubt that there have been too many cases of this type tested by the courts.

hans007,

No high-level manager or HR professional worth his salt would do something like that. I'd bet my next paycheck that the security jerkoff made the decision on his own. It's not very likely that anyone knew what was on your screen, so he wasn't sent specifically to forward that email. Most likely, he happened to see it when he checked out your workstation (to see what files you've been working with, determine if you've been forwarding proprietary information, etc.) and made his own decision to forward it on.

Legal or not, if you really wanted to, you could cause them a fair bit of grief over this*, and they know it. I would quietly bring it up with your HR contact. Explain what happened, admit that reading that email on company time was your mistake, and explain that the actions of the security guy have you a bit concerned and were a little over the line, and you wanted to make sure someone in HR knew about it. Tell them you don't want to make a big deal over it, thank them for their time, and walk away. Leave it at that, and leave the company on good terms.

* Trust me, you don't want to...it's not worth your time, and the bridges you'd burn could very well be bridges that you need sometime in the future. The world is a small place, and there's a very good chance you'll run into one of the managers again at another point in your career.

 

[spidey07]

Originally posted by: bctbct
dude you are no legal expert on this and should not make absolute statements, this is a gray area.

No. But I do work in the field and clear most of my stuff through legal first. Couple that with scores of conferences, training, whatever on what is and is not acceptible I believe I have more then an educated opinion.

It's not fuzzy.

 

[Lifted]

Originally posted by: reitz

Dissent is not unpatriotic.

A bit OT, but that really depends on the form of government in place.

Perhaps "Dissent is democracy" is more what you are looking for?