OF THE PEOPLE

Don't let monitoring tactics attack employee privacy

Ira Hobbs

Keeping tabs on someone is easier than ever. Parents worried about the viewing habits of their children, law enforcement officials trying to nab suspected criminals and employers concerned about the online whereabouts of their employees have myriad tools available to track where others go and what they do. This is especially true in using computers.

By now, most people know that deleting e-mail does not mean the messages are permanently deleted. They should know that their visits to Web sites'including how long they stayed at specific sites'can be tracked.

Now, every single keystroke you type can be traced. With the appropriate software, it is easy to reconstruct practically everything someone has done on a computer. And the monitoring software can be installed remotely.

In a recent case, federal agents secretly installed software to capture every keystroke on a computer to learn the password of a suspected mobster. The suspect was sophisticated enough to encrypt all of his electronic files. But, using the new software, prosecutors were able to determine his password and obtain potentially damaging evidence.

Privacy advocates are crying foul because agents planted the device, known as a key logger, after obtaining a simple search warrant rather than a court-approved wiretap order, which is more difficult to obtain and more restrictive.

Closer to home, everyone knows of cases where employees were fired for using e-mail to send sexually explicit material or lurid jokes across company networks. These kinds of activities put agency managers at risk of harassment charges and lawsuits.

Sensitive information can easily be stolen or made available to competitors. Companies and, I might add, governments have the right to spy on employees to monitor their activity or to block their access to certain Web sites'in most cases for very legitimate reasons. The American Management Association reports that last year 82 percent of businesses monitored their employees in some way.

But a word of caution is in order. We should not tolerate hard-line tactics that run roughshod over employees' privacy. Nor should we use filtering devices or sniffing programs in place of common sense when determining whether employees have crossed the line in their use of information technology on company time.

From time to time, almost everyone will visit a Web site that's more related to some personal interest or need than it is to work. Internet filtering programs designed to block certain sites'say, those that feature text references to or images of breasts'could end up preventing someone from researching critical information about breast cancer, for instance.

As companies and government organizations take necessary steps to ensure that employees are not abusing or misusing their telephones, computers or other IT devices, they should be careful not to get carried away. Employees have rights that should be respected.

As a manager, you might be able to find out everything a person does with his or her computer. But you also need to understand why they are doing it.

Ira Hobbs is acting chief information officer at the Agriculture Department and a member of the CIO Council.

inside gcn

  • Congressman sees broader role for DHS in state and local cyber efforts

    Automating the ATO

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group