were my workplace privacy rights violated?

[Lifted]

Originally posted by: spidey07

Originally posted by: bctbct
dude you are no legal expert on this and should not make absolute statements, this is a gray area.

No. But I do work in the field and clear most of my stuff through legal first. Couple that with scores of conferences, training, whatever on what is and is not acceptible I believe I have more then an educated opinion.

It's not fuzzy.

So you think that anything a company sees or hears about you, it can use to access your personal information?

If you order meds from a pharmacy online during your lunch hour or allowed internet usage period, you're saying the company can then log in to that pharmacy since they discovered your username and password, view your entire order history, and forward that info to anyone they feel like because they now OWN that info?

Like you I also think the law is not fuzzy on things like this. But the fact of the matter is that this is HIGHLY illegal and you seriously need to attend some more conferences and training sessions on the matter.

 

[bctbct]

Originally posted by: spidey07

Originally posted by: bctbct
dude you are no legal expert on this and should not make absolute statements, this is a gray area.

No. But I do work in the field and clear most of my stuff through legal first. Couple that with scores of conferences, training, whatever on what is and is not acceptible I believe I have more then an educated opinion.

It's not fuzzy.

So you have been trained that if you access an employees personal off site email account and you have the authority to forward the emails?

 

[bctbct]

Originally posted by: Lifted

Originally posted by: spidey07

Originally posted by: bctbct
dude you are no legal expert on this and should not make absolute statements, this is a gray area.

No. But I do work in the field and clear most of my stuff through legal first. Couple that with scores of conferences, training, whatever on what is and is not acceptible I believe I have more then an educated opinion.

It's not fuzzy.

So you think that anything a company sees or hears about you, it can use to access your personal information?

If you order meds from a pharmacy online during your lunch hour or allowed internet usage period, you're saying the company can then log in to that pharmacy since they discovered your username and password, view your entire order history, and forward that info to anyone they feel like because they now OWN that info?

Like you I also think the law is not fuzzy on things like this. But the fact of the matter is that this is HIGHLY illegal and you seriously need to attend some more conferences and training sessions on the matter.

I was thinking along the same lines with privacy issues.

Say the receptionist listens in on a conversation between you and you're doctor, would it be legal for her to discuss those issues with other people?

 

[reitz]

Originally posted by: Lifted

Originally posted by: reitz

Dissent is not unpatriotic.

A bit OT, but that really depends on the form of government in place.

Perhaps "Dissent is democracy" is more what you are looking for?

No, it means exactly what it means. Dissent is not unpatriotic. I put that in my sig as a subtle reminder back in early 2002 when the right wing fanboys were running the show, but I'm thinking it's a bit dated now.

 

[Deleted member 4644]

Originally posted by: bctbct

Originally posted by: Lifted

Originally posted by: spidey07

Originally posted by: bctbct
dude you are no legal expert on this and should not make absolute statements, this is a gray area.

No. But I do work in the field and clear most of my stuff through legal first. Couple that with scores of conferences, training, whatever on what is and is not acceptible I believe I have more then an educated opinion.

It's not fuzzy.

So you think that anything a company sees or hears about you, it can use to access your personal information?

If you order meds from a pharmacy online during your lunch hour or allowed internet usage period, you're saying the company can then log in to that pharmacy since they discovered your username and password, view your entire order history, and forward that info to anyone they feel like because they now OWN that info?

Like you I also think the law is not fuzzy on things like this. But the fact of the matter is that this is HIGHLY illegal and you seriously need to attend some more conferences and training sessions on the matter.

I was thinking along the same lines with privacy issues.

Say the receptionist listens in on a conversation between you and you're doctor, would it be legal for her to discuss those issues with other people?

I'm about 99% sure the answer is no. Unless MAYBE if you knew she was listening.

 

[Lifted]

Originally posted by: reitz

Originally posted by: Lifted

Originally posted by: reitz

Dissent is not unpatriotic.

A bit OT, but that really depends on the form of government in place.

Perhaps "Dissent is democracy" is more what you are looking for?

No, it means exactly what it means. Dissent is not unpatriotic. I put that in my sig as a subtle reminder back in early 2002 when the right wing fanboys were running the show, but I'm thinking it's a bit dated now.

I know what you meant, but like I said, it depends on the form of government. If your form of government is an autocracy/dictatorship, then dissent is absolutely unpatriotic.

 

[Phoenix86]

This isn't a privacy issue at all. The work is well withing their rights to access all data on THEIR network. That includes personal e-mails opened from their workstations. No one is arguing that.

This is an OWNERSHIP issue. The company does not OWN the account they used.

FFS, would someone who thinks the company is in the right explain how the bank account scenario doesn't apply? So I login to my bank from work, they now own the account (or at least have the right to access it)? I'm gonna go with no way in hell, but please do explain how you think it's kosher.

 

[j00fek]

Originally posted by: Platypus

Originally posted by: sixone
You left it open, on a company-owned workstation. You lose.

You have no expectation of privacy, lock your sh!t next time.

:thumbsup:

 

[JEDIYoda]

Originally posted by: her209

Originally posted by: z0mb13
repeat after me: there is no such thing as workplace privacy rights

The company, without permission, accessed and used an employee's personal email account to gain information they had no right to.

If that e-mail account is say joeblow@company.com then that company can legal;ly access your e-mail account.

Thats why you use a entirely different e-mail account that has nothing to do with the company and you only do company buisness with that company e-mail account.
Even then it a company computer and a company harddrive.....he has no legal recourse.

 

[JEDIYoda]

Originally posted by: hans007

Originally posted by: her209

Originally posted by: BoomerD
wonder if the IT guy sent a nice "NO Thank you" to the folks offering the job? OR, plans on trying to get it himself?

I think that what they did sux, and is underhanded, and possibly borders on illegal, (accessing your external e-mail account and forwarding an e-mail in it, BUT, as others have noted, you have no real expectation to privacy when on a company network. THEY own it, and everything on it...NO, that doesn't give them the right to USE information, like PIN#'s, account numbers NOT related to work, etc, but they do have the right to access any information on their network.

I completely agree. The company owns everything in their network. They own any and all recorded data that traverses to and from their network. They are liable for it. And if the OP had used the company email account for correspondence communication, the company has every right to look through the employee's company mailbox and duplicate any e-mails. And if that were the case, then I'd side with the company.

The difference is that I used a company computer to login to a remote computer owned by yahoo. The only thing stored on the company's computer was my internet cookies.

Having what would amount to a stored password on a company computer, does not permit them to access my personal account.

As the example was said before, it they monitored my use of the internet obtained usernames/passwords to non work sites through my using of their computer it does not permit them to use those passwords/logins to access those sites because they would be impersonating me.

the key words are..... I used a company computer to.....

 

[JeffreyLebowski]

Originally posted by: spidey07
their computer, they can do anything they want with it.

They can do anything they want with it is true, BUT the yahoo account is not governed by them. It is a contract between the account "owner" and yahoo. For them to use that email address is against the law. It's the same as someone using your PC, if you left it open on your bank webpage, and transfering all of your money out of your account into theirs.

It's legally and morally wrong.
You need to go to HR and report it immidiately. Where I work, privacy and security is a top priority and as desktop techs were are not allowed to work on another persons PC account without them being there.

 

[Pacemaker]

I find this all rather silly, by some of your logic if I log into my work machine from home and I have a policy on my home machine that anything I access there becomes my property then I can take all the information I want from the work machine and sell it to whoever I want. This is not the case, they do not own the account and it is illegal to use it. I'm sure many identity theft laws would apply here.

Just because I left the keys in my car doesn't mean it isn't illegal to steal it (although it would make me an idiot).

 

[purbeast0]

unethical, yes.

illegal, hell no.

 

[CptObvious]

Originally posted by: Zenmervolt
They are allowed to monitor your usage habits, and if they had reason to, the would be allowed to go through your company E-mail address as well as anything that you sent over the network with something like Yahoo.

However, they are definitely not allowed to send E-mails using your account. If they actually sent the E-mail, that may be a legitimate complaint. The IT guy was stupid, he should have simply written down the information and passed it along that way.

ZV

I agree with this assessment.

The second question is if your rights were violated, what are you willing to do about it? It might not be in your best interest to start a legal battle right now or even stir the pot.

 

[Linflas]

Originally posted by: her209

Originally posted by: k1pp3r
Where you face a hard time is that with a company asset. Anything you look at, create, revise, email, publish, etc. the company OWNES, now you. Therefore if it is something that you do not want your company to have any pull over, do it at home. Otherwise, they own it.

So if I log into my bank account on my work computer, does that mean they now can transfer money out of my account to theirs because "they own it"?

You gave them that permission on the form you signed for direct deposit.

 

[BoomerD]

Here's the Kahleeforneeya workplace laws regarding computer users:

http://www.privacyrights.org/ar/employees-rights.htm

 

[JeffreyLebowski]

Originally posted by: spidey07

Originally posted by: Phoenix86
Packet sniff=ok
Printing=ok
Screen prints=ok
Using a service you don't have auth to use=not OK.

By using the company owned computer you grant them access to said service by proxy.

Their computer, they can do whatever they want. They own it and all information transmitted across their network and contained on that machine and all others.

You have been brainwashed. It is their computer but even by Microsofts TOS agreement, The company does not "own" the operating system on the PC. They own a license that lets them use the operating system. How can one legally do whatever they want with with something they don't own?

 

[Linflas]

I'm no lawyer and don't even play one on TV but from what I read it comes down to whether or not you had a "reasonable expectation of privacy". Generally AUP's are written so you don't have any expectation of privacy on a workplace computer or network. The forwarding of the email is the only thing I see that is at all suspect but I doubt there is much you could really expect to be done about it unless you could show some harm to you from the action.

 

[Stiganator]

I don't think its illegal, but it definitely makes them some D-bags. Probably why you're quitting.

 

[Phoenix86]

Monitor != use.

They did more than monitor his activity.

 

[yowolabi]

Originally posted by: spidey07

Originally posted by: her209
How do you own data that is stored on someone else's network?

It traversed the company network, therefore they own it. It is stored on a company machine, therefore they own it.

The feds are very clear about this stuff.

You still seem to be ducking the issue that it never transversed their network. All he did was login to yahoo. He did not open that yahoo email, therefore it remained on yahoo's servers. At no point did that email come onto his computer or go through their network.

Also, no one is disputing that they could capture the information if it did pass through their network, which it didn't. We're just saying they can't impersonate him by sending email messages from his account. Simply logging into something from work does not transfer ownership from him to the company. Do you believe the IT guy could legally change the password of his yahoo account and then start sending email messages in his name? What if he remoted into his home machine.... could they start deleting and installing programs on it?

 

[SirStev0]

Originally posted by: JulesMaximus
Did he actually forward the email to someone else? Just curious.

i was wondering as well.

 

[NuroMancer]

Originally posted by: sixone
You left it open, on a company-owned workstation. You lose.

I'm betting on this from what I understand.

 

[her209]

Originally posted by: JEDIYoda

Originally posted by: hans007

Originally posted by: her209

Originally posted by: BoomerD
wonder if the IT guy sent a nice "NO Thank you" to the folks offering the job? OR, plans on trying to get it himself?

I think that what they did sux, and is underhanded, and possibly borders on illegal, (accessing your external e-mail account and forwarding an e-mail in it, BUT, as others have noted, you have no real expectation to privacy when on a company network. THEY own it, and everything on it...NO, that doesn't give them the right to USE information, like PIN#'s, account numbers NOT related to work, etc, but they do have the right to access any information on their network.

I completely agree. The company owns everything in their network. They own any and all recorded data that traverses to and from their network. They are liable for it. And if the OP had used the company email account for correspondence communication, the company has every right to look through the employee's company mailbox and duplicate any e-mails. And if that were the case, then I'd side with the company.

The difference is that I used a company computer to login to a remote computer owned by yahoo. The only thing stored on the company's computer was my internet cookies.

Having what would amount to a stored password on a company computer, does not permit them to access my personal account.

As the example was said before, it they monitored my use of the internet obtained usernames/passwords to non work sites through my using of their computer it does not permit them to use those passwords/logins to access those sites because they would be impersonating me.

the key words are..... I used a company computer to.....

I used a company computer to pay my credit card bill and therefore it gives them the right to look at all my past statements and payments. Is that right?

 

[TreyRandom]

Those of you who are crying that it's not right need to realize something - regardless of whether it is right or legal or ethical for the company to log on to your accounts, you are using their computers on their network (not to mention the fact that they're paying you). If you don't want them to access it at all, don't log on using their stuff on their network using their bandwidth... and don't leave your account unsecured so any moron can sit at your computer and forward e-mails (or transfer money between bank accounts). Doesn't make what they did right or ethical. But at some point, you've got to take responsibility for your own actions... which in this case, was leaving your e-mail account unsecure.

Let's say you leave your house unlocked... worse yet, the door open. Someone comes in there and takes your TV. Doesn't make it right that they took it. But if you don't want your stuff taken, keep your darn door locked, and don't give anyone else the key to it. You want people to stay out of your e-mail, don't leave it open.