×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

US Firms Read Employee E-mail On a Massive Scale

timothy posted more than 5 years ago | from the this-call-may-be-monitored dept.

Privacy 263

An anonymous reader writes "In its fifth annual study of outbound e-mail and data loss prevention issues, Proofpoint found that 41% of the largest companies surveyed (those with 20,000 or more employees) reported that they employ staff to read or otherwise analyze the contents of outbound e-mail. 22% of these companies said they employ staff primarily or exclusively for this purpose."

cancel ×
This is a preview of your comment

No Comment Title Entered

Anonymous Coward 1 minute ago

No Comment Entered

263 comments

Jews (-1, Offtopic)

Anonymous Coward | more than 5 years ago | (#23504016)

Jews get angry whenever they see someone who doesn't share their values of murder in the service of greed.

WellI don't share your values, you treacherous race of murderers and theives.

I'm tired of watching you steal land and water from Palestinians so you can have a lush lawn in the middle of the fucking desert.

Re:Jews (-1, Offtopic)

Anonymous Coward | more than 5 years ago | (#23504058)

Huh? You must have your turban wrapped too tight . . . .

Re:Jews (0)

Anonymous Coward | more than 5 years ago | (#23504566)

No, I think they just over-did your circumcision.

If this is an example of email... (0, Offtopic)

Chrisq (894406) | more than 5 years ago | (#23504216)

If this is an example of email... I am not surprised that you should be interested in this topic.

Maybe your boss will find out why you lost the Cohen account.

Re:Jews (0)

Anonymous Coward | more than 5 years ago | (#23504940)

Now see here, the Aryan White Idaho Benevolent Society does NOT read its employee email, and this is NOT an example.

Get back to work! (5, Funny)

Unique2 (325687) | more than 5 years ago | (#23504022)

I also monitor your web traffic, now get back to work!

Re:Get back to work! (1)

Kamokazi (1080091) | more than 5 years ago | (#23504120)

And I use Ideal Admin to silent-instll VNC and watch every move you make.

Re:Get back to work! (1)

L4t3r4lu5 (1216702) | more than 5 years ago | (#23504604)

GenControl doesn't need any remote installation, just to be in the admin group on the machine.

If you don't like it MOVE to CHINA !! (-1, Flamebait)

Anonymous Coward | more than 5 years ago | (#23504670)

I hear those chinese don't read e-mail or any other personal and private comms. Russia, ditto. Germany and Italy and Japan, ditto-2.

Re:Get back to work! (5, Interesting)

Lumpy (12016) | more than 5 years ago | (#23504760)

Yup. I stopped "special" surfing at the office when I put a linux box on a hub between the network internet router and the switches. I simply sniffed all traffic for image files and displayed it on a 42" LCD out in the sales area.

Images were displayed of what people were surfing. I also attached the ip address of the user to the image.

It stopped inappropriate internet surfing in that office in 3 days.

When everyone can wee what you are doing, you get back to real work.

Re:Get back to work! (5, Funny)

Profane MuthaFucka (574406) | more than 5 years ago | (#23504856)

You wouldn't catch me surfing and getting my images up on that screen. I'd be out there watching that screen all day long. Seldom is there a really cool idea posted on Slashdot, but that's definitely cool.

Re:Get back to work! (0)

Anonymous Coward | more than 5 years ago | (#23505272)

I'd find a site with an image that said "Bastard Operator From Hell"

Re:Get back to work! (0)

Anonymous Coward | more than 5 years ago | (#23505306)

That must have been a fantastic 3 days in the sales office.

Re:Get back to work! (0)

Anonymous Coward | more than 5 years ago | (#23505308)

the problem is that you get paid for hours in the office and not for the real work done.

No hidden agenda here (5, Insightful)

Lord Grey (463613) | more than 5 years ago | (#23504042)

From ProofPoint's products page [proofpoint.com] :

Proofpoint's unified email security and data loss prevention solutions provide complete protection against both inbound and outbound messaging threats. Learn more by exploring the Proofpoint Platforms and Modular Defenses links, below. Proofpoint solutions:
  • Defend against inbound threats such as spam, viruses and denial-of-service attacks
  • Prevent leaks of confidential or private information with robust, easy-to-use data loss prevention features
  • Encrypt sensitive information, based on customizable email security policies
  • Analyze messaging infrastructures and implement data loss prevention policies immediately
  • Are available in multiple deployment platforms including hardware appliances, anti-spam virtual appliances, software and on-demand service

It may be just me, but I get really suspicious when a company in any business sponsors a survey and then uses the results to justify their own existence.

It's a waste of money. (2, Interesting)

gnutoo (1154137) | more than 5 years ago | (#23504130)

All this does is prove that you can't trust people who work at big dumb companies. They can't tell you what they really think by email, so you have to assume they are lying to you. It's amazing that 41% of these companies admitted to the practice after the whole HP scandal.

Re:It's a waste of money. (5, Insightful)

maxume (22995) | more than 5 years ago | (#23504228)

The shadiest thing they could possibly do is to monitor your email and not disclose it.

If they are disclosing that they monitor your use of their resources, you can choose if you are willing to put up with it or not.

Re:It's a waste of money. (1)

icebrain (944107) | more than 5 years ago | (#23504536)

I would think most companies have an agreement you sign when you start work that says you understand that they monitor all data entering or leaving. The ones at my company remind you of that every time you sign on.

Re:It's a waste of money. (1)

dotancohen (1015143) | more than 5 years ago | (#23504236)

All this does is prove that you can't trust people who work at big dumb companies. They can't tell you what they really think by email, so you have to assume they are lying to you. It's amazing that 41% of these companies admitted to the practice after the whole HP scandal.

Fb whfg ebg13-rapbqr rirelguvat.

Secure your email (1, Informative)

Anonymous Coward | more than 5 years ago | (#23504044)

Mac OS X [joar.com] and Windows [marknoble.com]

Useless at large corporations (0)

Anonymous Coward | more than 5 years ago | (#23504248)

Nice try, but that software will never make it past Sarbanes-Oxley. Besides, every company worth its stock price uses Lotus Notes anyway.

Re:Secure your email (4, Insightful)

Penguinisto (415985) | more than 5 years ago | (#23504444)

Trust me - if the email admins noticed you, Joe Low-Level Employee, shuffling encrypted emails back and forth, you'd be frog-marched out of the corp faster than you can say "WTF?"

Small companies? One admin who does email in addition to everything else. Mid-sized companies? There's prolly one, maybe two dedicated admins, and they're more interested in using your emails as a means to track SMTP problems than in reading what's in 'em.

Large corps? Heh - you're just begging for attention if you start flinging around abnormal-looking SMTP traffic; esp. in really big companies that get a touch paranoid about such things as corporate espionage.

You'd be better off risking the attention of the proxy-minders with webmail than by dicking around with encryption on your email client. Using the proggies you linked to also tends to stick up like a sore thumb in any workstation app auditing... and you could conceivably get fired faster for loading unauthorized software onto your corp-issued equipment than a quickie email to your girlfriend describing in graphic detail at what you want to do to her when you get home.

Besides, most email admins have better things to do than grep emails (e.g. battle spam, figure out and fix bounces from remote mis-configured servers, curse at Verizon's RFP-non-compliant configs, keep enough inodes handy in /var, pound the load averages down to something sane, beg the powers-that-be for decent equipment, etc).

Unless your corp specifically has good reason to be ultra-anal about security (e.g. gov't contractors, Microsoft/Intel/IBM-sized corps, etc), then monitoring user emails with anything beyond simple log and traffic grepping tools is a waste of resources and time. Any company that spends more time watching their employees than their customers is a company that isn't long for the world these days.

/P

Re:Secure your email (5, Insightful)

drsmithy (35869) | more than 5 years ago | (#23504554)

Large corps? Heh - you're just begging for attention if you start flinging around abnormal-looking SMTP traffic; esp. in really big companies that get a touch paranoid about such things as corporate espionage.

There is an implied point here that deserves highlighting.

The people who are employed specifically to analyse outgoing mail, aren't looking for you emailing your girlfriend during working hours, forwarding chain letters, or calling your boss names. They're looking for the folks whose "inappropriate" mail will cost the company big $$$$ - corporate espionage, sexual harassment, etc.

Most people will never be in position to be monitored thus, because they'll just never be "important" enough.

Re:Secure your email (1)

Penguinisto (415985) | more than 5 years ago | (#23504714)

True.

I think the only time I ever get anything about the emails I send is an automated "Controlled Countries" notification if I hadn't sent or received coordination emails with colleagues in China for awhile, then start up again.

/P

Re:Secure your email (1)

Lumpy (12016) | more than 5 years ago | (#23504828)

Large corps? Heh - you're just begging for attention if you start flinging around abnormal-looking SMTP traffic; esp. in really big companies that get a touch paranoid about such things as corporate espionage.

pptp connection or ssh via port 80 to home. fire up USB key firefox and send the entire contact db to my comrade in China.

Simple, and 99.997% of the big corp admins will never catch it.

Re:Secure your email (3, Interesting)

Courageous (228506) | more than 5 years ago | (#23505092)

Trust me - if the email admins noticed you, Joe Low-Level Employee, shuffling encrypted emails back and forth, you'd be frog-marched out of the corp faster than you can say "WTF?"

Have you considered, perhaps you're being a tad hysterical here?

I work at one of those "ultra-anal" defense contractors... a biggun... and know our IT processes quite well, including the realities.

They don't "frog march" people out the door for those sorts of things. Actually, the IT security guys are lucky if they can get engineering to pay attention to them at all.

Except in SCIFs, then it's a different matter.

C//

Is this surprising? (5, Insightful)

Reality Master 201 (578873) | more than 5 years ago | (#23504052)

Particularly for the Slashdot crowd? Hell, a portion of the readership is probably responsible for helping to implement such measures.

Don't use your work email for personal stuff. It was never a good idea, and it's becoming ever less of a good idea. Don't say anything in an email that you wouldn't say in person or in writing. Be professional.

Also, don't forward chain letters, don't send around forwards of kitten pictures, pr0n, jokes, political screeds, etc. etc. Most people don't want to get it and you're wasting bandwidth.

Re:Is this surprising? (0)

Anonymous Coward | more than 5 years ago | (#23504280)

Particularly for the Slashdot crowd? Hell, a portion of the readership is probably responsible for helping to implement such measures.
Where I work I've had to archive all incoming and outgoing mail thanks to the sunshine laws (this is a school). None of that email actually gets read, but we have to archive it in case it has to be released.

Don't use your work email for personal stuff. It was never a good idea, and it's becoming ever less of a good idea. Don't say anything in an email that you wouldn't say in person or in writing. Be professional. ...

Also, don't forward chain letters, don't send around forwards of kitten pictures, pr0n, jokes, political screeds, etc. etc. Most people don't want to get it and you're wasting bandwidth.
Good advice.

Re:Is this surprising? (4, Insightful)

thermian (1267986) | more than 5 years ago | (#23504302)

having seen the amount of crap that gets sent around work email when it's not monitored, I can see the purpose of checking the email of employees.
Personal emails should only ever be sent from personal email accounts. That's just common sense.

After all, how dumb is it to put personal information into a system that is likely to see it archived for years in a system you are unlikely to have any control over.

Work email should be just for that, work. Just saying that won't work though, people, especially people who use computers, act with some kind of weird collective stupidity at times that can cause even the most sensible people to do and say things they would never do otherwise.

Better to monitor and make sure everyone follows the rules then have an email from your company showing up on the Internet saying something you would never condone.

Before any 'ooh, I've read 1984 so I am an expert on surveillance societies' morons chip in, I'm talking about the cold hard reality of business here. One wrong word can send stock prices through the floor.

Re:Is this surprising? (0)

Anonymous Coward | more than 5 years ago | (#23504408)

Hmm, considering that 'personal' e-mail adresses are likely to end with @yahoo.co, @gmail.com or @live.com, I doubt having control is much of an issue here.

Re:Is this surprising? (2, Informative)

murraj2 (987249) | more than 5 years ago | (#23505022)

This really depends on the company you work for. Many companies block all e-mailing, or in some industries such as Banking, it's mandated by law.

The key thing is to get your work done and don't send stupid shit like the Paris Hilton video via e-mail. Most companies accept e-mail as a communication tool, and don't have a problem with you sending an e-mail that says "I'm working til 6, let's meet at 6:30 at XYZ restaurant for dinner." What they're monitoring is inter-office relationships, confidential information or other things that will become a problem for a company and will result in your firing.

The main thing to ask yourself when you send an e-mail is "Is there anything in this e-mail I'd be embarassed about or nervous about if my boss read it?"

Re:Is this surprising? (5, Interesting)

stoolpigeon (454276) | more than 5 years ago | (#23504322)

I wrote the code that went through the emails from a small company where I was employed. While I was writing and testing the system, I ended up reading a lot of email.
 
I was shocked at what I saw. People shopping around their resume, looking for new jobs. People emailing people who they were involved with in an extra-marital affair. And lots of the other junk you mention. And this was primarily involving execs.

Re:Is this surprising? (1)

Phyrexicaid (1176935) | more than 5 years ago | (#23504754)

I wrote the code that went through the emails from a small company where I was employed. While I was writing and testing the system, I ended up reading a lot of email. I was shocked at what I saw. People shopping around their resume, looking for new jobs. People emailing people who they were involved with in an extra-marital affair. And lots of the other junk you mention. And this was primarily involving execs.
I hope you saved the evidence for when you want to pull a Fight Club/American Beauty stunt :P

Re:Is this surprising? (2, Interesting)

adrenalinekick (884201) | more than 5 years ago | (#23504472)

Particularly for the Slashdot crowd? Hell, a portion of the readership is probably responsible for helping to implement such measures.

Guilty as charged.

On the whole good advice. In my experience most large companies use data loss prevention (DLP) products chiefly to monitor for personally identifiable information (PII) such as SSNs, credit card numbers, drivers license number, bank account numbers, etc. If your email doesn't contain a recognizable piece of PII, it generally does not get logged. DLP products certainly can be used to monitor "Acceptable Use" violations, but most companies I've seen would rather stick their heads in the sand than have to deal with every employee that writes a dirty email to his wife.

Re:Is this surprising? (0)

Anonymous Coward | more than 5 years ago | (#23504484)

Actually, there is only a very minimal filter in our outbound e-mail policy. It's not actively monitored either.

However, we recently switched to a complete VOIP system, and I was a bit astonished when I heard that *any and all* telephone call made using that system is logged and archived as well. Astonished both because of the sheer volume of the calls, and the fact that it is not indexed via a text-to-speech system :)

Re:Is this surprising? (1)

PMuse (320639) | more than 5 years ago | (#23505010)

Also, don't forward chain letters, don't send around forwards of kitten pictures, pr0n, jokes, political screeds, etc. etc. Most people don't want to get it and you're wasting bandwidth.
The time has come for us to stop using the 'wasting bandwidth' argument against users forwarding crap. The bandwidth of our systems now comfortably handles so much data (spam, heavy attachments, etc.) that nothing individual users have time to do (without automation or looping, at least) can amount to even a drop in the bucket.

Even the simpering idiot who routinely forwards kitten videos to hundred-person lists has difficulty causing real bandwidth trouble. Label that user as 'mostly harmless' and don't panic.

There are several good arguments against users forwarding crap, but bandwidth is no longer one of them. Good reasons include: inappropriate, waste-of-sender's-time, waste-of-recipients'-time, scams/phishing, viruses/attacks, etc.

Your rights? (2, Insightful)

qoncept (599709) | more than 5 years ago | (#23504066)

I hope people realize this is evidence of how reasonable it is for a company do monitor your e-mail rather than acting like they are being violated. You can't chat online with babes all day.

Re:Your rights? (5, Insightful)

Hankapobe (1290722) | more than 5 years ago | (#23504304)

I hope people realize this is evidence of how reasonable it is for a company do monitor your e-mail rather than acting like they are being violated. You can't chat online with babes all day.

I agree with you. Also, it doesn't even have to be like that.

I see it like writing a letter and using company letterhead - only it's a domain for email. Your correspondence can imply that it's part of the business of the company you're sending it from. Now, I know someone is going to write, "So, if I send an email from my Yahoo! mail account it implies that I'm doing Yahoo! business?!"

No. That's not what I'm saying. If I'm at my place of employment and send an email to someone that may be inflammatory, offensive, threatening, or whatever, someone can come back and say, "Hey, what's this? Someone at XYZ Inc. is threatening folks?!?"

Re:Your rights? (3, Insightful)

Belial6 (794905) | more than 5 years ago | (#23505052)

That is the first good excuse I have heard for monitoring company email. Of course, if the company doesn't have a similar policy about use of company letterhead, then the reason doesn't fly. My problem with these things is that different rules are applied when its "on a computer".

The company can solve this problem by making sure that it doesn't block web mail sites. After all, the problem is the domain name right?

Not at my company (5, Funny)

InlawBiker (1124825) | more than 5 years ago | (#23504068)

Where I'm at I'm lucky if I can get anybody at all to read my email. Especially my boss.

The subject line is the message (0)

Anonymous Coward | more than 5 years ago | (#23504602)

Where I'm at I'm lucky if I can get anybody at all to read my email. Especially my boss.

Wow, ain't that the truth. A lot of people where I work have resorted to trying to cram important messages into the subject line in the hopes that the dolts up the greasy pole might at least scan their in-boxes looking for their latest opportunity to kiss some ass above them (you know - important stuff like golfing with a VP or something) and accidentally read something that matters.

Surprise? Nope. I had a boss, once... (5, Informative)

PC and Sony Fanboy (1248258) | more than 5 years ago | (#23504104)

I had a boss who told us when we started that everything we did at work would be monitored.

I didn't realize the extent of their monitoring! In the contract, it simply said 'all available facilities will be used to monitor employees while working'. I figured they'd check my email once in a while. They read emails, login/logout times, tracked employee positions (cameras in the office! A friend of mine was fired for taking breaks, when he went into his 'final' meeting, they showed him a time lapsed video of himself!) and recorded phone calls.

All this would come up only when they had a problem with your work - If you produced results, they didn't care what you did otherwise, but if you weren't getting sales, they found some other reason why you were doing poorly...

I spent 2 weeks skipping breaks and working through lunch trying to get a big (BIG!) contract and I was asked by my manager to do try to get this contract. I spent the rest of my time trying to make some money in the meantime... and I was brought into the office one day and they presented me with the emails I'd sent to my wife during those two weeks and told me that I was wasting company time. I told them they needed to look at the cameras to see I never left my desk, and to check the phone tapes for the last week to see that I was working hard. Turns out they only saved the conversations for a day or two...

I never got 'disciplined' for poor results after that.

Re:Surprise? Nope. I had a boss, once... (5, Insightful)

Reality Master 201 (578873) | more than 5 years ago | (#23504160)

And how long did you stay there? If it was more than 2 weeks past however long it took to find another job, you're a sucker. No offense, but that's some super-duper bullshit treatment.

Re:Surprise? Nope. I had a boss, once... (3, Insightful)

BVis (267028) | more than 5 years ago | (#23504526)

What makes you think the next place will be any better? So long as this sort of thing is legal/unregulated, you can assume every employer will do this in the name of productivity/competitiveness/because they can. If you're lucky you'll find a company that understands how treating your employees like human beings until it's proven that they're causing a problem is better than automatically assuming everyone is a lazy lying scumbag.

I also have to point out that the people who do actual work are the ones impacted by this sort of bullshit. Executives don't get disciplined/fired for sending a three-line email to their spouses unless one of the other executives wants them gone for some reason.

Regulation? Eewww.... (1)

mi (197448) | more than 5 years ago | (#23504698)

So long as this sort of thing is legal/unregulated, you can assume every employer will do this in the name of productivity/competitiveness/because they can.

Would you not do such monitoring if you had a babysitter or any other house help? Do you want it illegalized/regulated? Oh, maybe, not you personally, but would you consider it unreasonable? Surveillance camera-systems are hot items at the electronics stores with multiple systems available from different vendors (most hubs run Linux, BTW)...

Point is, we are all employers to some extent or another. Don't ask for bogus regulation — it will come back and bite you or someone else you did not mean to affect, even if your intent was to hurt only the most "corporationy" of the corporations...

Employers should be reasonable (3, Insightful)

sjbe (173966) | more than 5 years ago | (#23504748)

What makes you think the next place will be any better?
Might not be but neither I nor anyone I know works for a company *that* intrusive. Seriously, why would anyone put up with that unless your employer was the Marine Corps? I don't have a problem with companies wanting work resources to be used for work. Heck I've insisted on it in companies I owned. But there has to be a standard of reasonableness.

I always told my employees that as long as they got their work done with good quality and on time, we would get along just fine. If they abused that trust they might get a warning but only once. And you know what? It worked. I've had very little turnover and high morale and my employees really worked hard. Sending a few innocuous emails to a significant other doesn't qualify as a breach of trust. Looking at porn in the workplace would be a firing offense. It's really all about what is reasonable.

Re:Employers should be reasonable (1)

BVis (267028) | more than 5 years ago | (#23504964)

Seriously, why would anyone put up with that unless your employer was the Marine Corps?
Because the employer/employee relationship isn't equitable. It boils down to "We have money, you don't. We make the rules, if you don't like them, no money for you."

Re:Employers should be reasonable (3, Insightful)

Abcd1234 (188840) | more than 5 years ago | (#23505112)

That's only true in a non-competitive labour market. Any high-skill area where there is a reasonable level of competition, people will simply move to another company where they'll get treated better.

What does this mean for employees? Develop expertise. If your skills are in reasonably high demand, and you can't be easily replaced, the power weighs heavily on the side of the employee.

Re:Employers should be reasonable (3, Insightful)

sjbe (173966) | more than 5 years ago | (#23505214)

Because the employer/employee relationship isn't equitable. It boils down to "We have money, you don't. We make the rules, if you don't like them, no money for you."
You are familiar with the term "at will employment"? You do realize that the terms of many/most jobs are significantly negotiable? You do realize that there are a huge number of companies out there and you can choose which one to work for? It's not nearly so unbalanced as it might appear at first glance.

The employer/employee relationship is not equitable only if you let it be that way. They need something done and are offering you compensation to do it. That's a fair trade. If the company is not offering fair compensation in reasonable working conditions then don't take the job. Yes, sometimes you'll run into some assclown running the show. Move on as soon as circumstances allow. It's a big world and life is too short to spend it working for jerks.

Re:Surprise? Nope. I had a boss, once... (1)

Courageous (228506) | more than 5 years ago | (#23505182)

What makes you think the next place will be any better?

There are *gasp* actually companies that are employee-oriented.

Really.

You can find them in the list of "top companies to work for" regularly published by this publication and that.

C//

Overzealous much? (1, Insightful)

sjbe (173966) | more than 5 years ago | (#23504622)

I was brought into the office one day and they presented me with the emails I'd sent to my wife during those two weeks and told me that I was wasting company time.
Wow. I'm note sure whether to be impressed at your restraint or appalled. I would have walked out right that second and never looked back, consequences be damned. I'm a little touchy about not working for assholes however.

Any company that feels the need to monitor their employees that closely without a really compelling need is not going to last long. (I define compelling need as something on the order of national security, building weapons systems, guarding highly valuable financial assets, or similar activities) If they can't ask you for results and trust you to go get them, that isn't a working relationship that is going to be productive.

It's not work monitor emails that bugs me. (1, Insightful)

hyperz69 (1226464) | more than 5 years ago | (#23504122)

It's that really big Company, AMERI CO. the one I have a lifetime contract with. When they check my emails, thats where I draw the line.

Re:It's not work monitor emails that bugs me. (2, Funny)

maxume (22995) | more than 5 years ago | (#23504244)

The US will generally allow you to renounce your citizenship. I think you might need existing citizenship from another country to do it though.

Re:It's not work monitor emails that bugs me. (5, Interesting)

bsDaemon (87307) | more than 5 years ago | (#23504506)

That's why God intelligently designed the French Foreign Legion. Do your time under assumed name, and gain French citizenship under that name -- or go back to your home country with your real identity intact if things don't work out (well, work out well enough that you don't get splattered across Algeria).

One of their duties is guarding the ESA launch site in French Guiana, so some Slashdotters might be into that. Plus, working out and is a lot like "leveling up," as our friends at XKCD remind us. Just think of it as a real-life RPG.

"Otherwise analyze" (4, Insightful)

Otter (3800) | more than 5 years ago | (#23504126)

...staff to read or otherwise analyze...

I would imagine that that breaks down to 100% running scanners against email and maybe looking at flagged messages and 0% routine reading of email.

Given the tedium of slogging through just my own email, you couldn't pay me to spend all day doing that for other people.

Re:"Otherwise analyze" (0)

Anonymous Coward | more than 5 years ago | (#23504676)

Ha! My company is so laid back that I've had to remove a ton of words from the email filter just so the quarantine would stop getting filled with flagged emails. Mind you, these are inter-company emails, not personal ones.

don't use work email for anything personal (3, Insightful)

schnikies79 (788746) | more than 5 years ago | (#23504136)

problem solved.

wow, talk about a non-issue.

Solution (1, Funny)

Anonymous Coward | more than 5 years ago | (#23504300)

Hi Angy,
I'll be late home, but its OK I'll stop and get a take-away. Please reply and let me know if you want Chinese or Indian.

(Well I won't have to email)

Re:don't use work email for anything personal (2, Interesting)

adrenalinekick (884201) | more than 5 years ago | (#23504608)

I've got news for you - ALL of these products that are worth the price they charge also have the option to monitor your web browsing.

Think you're safe using webmail at work? Not necessarily. Many webmail services only encrypt the login information, not your actual email. And since it is web based, these products can pick up your personal email if you send them over your corporate connection. Heck, even if your choosen webmail service does use SSL for all of your traffic, some of the more advanced products can make use of man-in-the-middle proxies that can and will actually intercept your SSL certificates and replace them with their own. Granted if this DOES happen, you or your browser should at least be able to recognize what is going on.

Your best bet (unless you are friendly with the guy who reads your email) is to tunnel your traffic through a home based SSH server, and even that isn't perfect.

Re:don't use work email for anything personal (4, Interesting)

contrapunctus (907549) | more than 5 years ago | (#23505284)

This is the perfect argument to get a web based cellphone. It completely puts the company out of the loop and you can send/receive whatever info you want.

Cool Job!! (4, Funny)

benwiggy (1262536) | more than 5 years ago | (#23504138)

Dear Sir

I would like to apply for the job of Chief Sneak and Tattle-tale at your company. I believe I have the relevant nosiness, curiousity and contempt for my fellow employees, along with an over-riding ability to toady to management. I also love lauding it over other people that I know their business.

Re:Cool Job!! (3, Funny)

phagstrom (451510) | more than 5 years ago | (#23504174)

Also I want know how the system works, so I can beat it, when I want to send an email. ;-)

Re:Cool Job!! (1)

maxume (22995) | more than 5 years ago | (#23504274)

In case it was more than a typo, you probably mean lord(verb):

http://www.answers.com/laud [answers.com]
http://www.answers.com/lord [answers.com]

Re:Cool Job!! (0)

Anonymous Coward | more than 5 years ago | (#23504644)

Nah, he's just from Boston.

Re:Cool Job!! (1)

benwiggy (1262536) | more than 5 years ago | (#23504650)

Are you suggesting I'm homophonic?

Roll on phonetic spellings in English. Then what we lose in clarity, we will gain in accuracy.

Re:Cool Job!! (1)

maxume (22995) | more than 5 years ago | (#23504768)

Which phonetics? I'm okay with "newscaster generic American" because that's the way I speak (with a bit of a Northern Midwest nose in it), but there are entire countries worth of people that may not want to go along with that.

Re:Cool Job!! (1)

benwiggy (1262536) | more than 5 years ago | (#23504868)

Well exactly. Whilst phonetic spellings would have covered up my lapse, they are generally a bad thing.

Why is this news? (1, Informative)

Anonymous Coward | more than 5 years ago | (#23504184)

This happens everywhere. Part of my duties at a Fortune 500 company was to restore old mail files from a few years back for numerous employees on a periodic basis. The auditors supposedly claimed it was part of SOX, and to prevent insider trading secrets and what-not.

I don't miss those days calling back tapes all the time. Smaller, private companies are so much better to work for. More common sense practices and less red tape B.S.

Now if only I could get them to REPLY... (1, Funny)

Anonymous Coward | more than 5 years ago | (#23504204)

Until now I had no evidence my boss was actually reading my emails.

Warm Regards (1, Funny)

Anonymous Coward | more than 5 years ago | (#23504212)

Hello,

I'm William Colgate II, an Executive Member of the Audit and Compensation Committee of ExxonMobil in London (http://www.exxonmobil.co.uk).

I have a sensitive and private brief from the Senior Executives of this top oil company in need of your partnership to re-profile funds amounting to US$12.2M (Twelve Million Two Hundred Thousand United States Dollars). I will let you have the details but in summary, the fund shall be paid to you through our operating bank where it is presently deposited as soon as the legalization and documentation process is concluded in your name.

This is a legitimate transaction without government interference and you shall be compensated with 20% of the total sum, should you and your company agree to work with us. If you are interested, please reply to palon9@terra.es for further details.

Warm Regards,

William Colgate II
+44 704 579 1413

Should this surprise anyone? (4, Insightful)

Dreadneck (982170) | more than 5 years ago | (#23504226)

Of course companies are going to monitor information being sent out over their internet connections. They would be crazy not to. Want privacy? Email on your own time and your own dime.

How many have to? (5, Informative)

Anonymous Coward | more than 5 years ago | (#23504250)

What they didn't mention in this is how many of the companies with more thank 20,000 are legally *required* to monitor e-mail. In the financial services sector it is very common to have dedicated staff to perform this function. I would have loved to have seen that number but I can understand why they didn't include it in the interest of cramming a few more ads on that page.....

Re:How many have to? (5, Informative)

JPLemme (106723) | more than 5 years ago | (#23504440)

For licensed brokers, the SEC requires that a certain percentage (~33%) of all outgoing emails be monitored. I supported the system used at a large financial services firm for just this task, and the people who had to read these emails weren't doing it because they enjoyed invading other people's privacy. Their biggest wish was a spam-filterish tool that would remove all the personal emails so they would only have to read the emails that were pertinent to the business.

Of course the brokers knew that was the case when they were hired. You can't argue with the SEC.

I know that there is bad, privacy-invading snooping going on in some firms, but when I see statistics like "41%" I want to know how many were doing it because they had to vs how many were just being creeps.

Why is this in YRO? (1)

Khyber (864651) | more than 5 years ago | (#23504348)

Unless the government is one of the involved firms, you have no expectation of privacy in the job place. This can be easily testified to by looking around and seeing security cameras everywhere in your place of employment.

Pidgin + OTR for *TOP SECRET* stuff (2, Insightful)

stuporglue (1167677) | more than 5 years ago | (#23504364)

At work it's ok to chat with friends, in moderation, as long at the work gets done.

Even with that policy though, when I chat with my wife or friends when I'm at work, I use Off The Record to encrypt my conversations.

It helps that my wife and brother Adium which already had it installed, and that I use a Linux at work which has packages in the repository.

And when I do send emails from work it's from Gmail, and always with https.

I figure that the work email is for work stuff, and they can monitor their business stuff all they want. For my personal stuff, it's personal and I'm not going to give them the chance.

Not available in all countries... (5, Informative)

farrellj (563) | more than 5 years ago | (#23504416)

Some countries, like Canada, treat email like paper mail, and you need a court order to read an employee's email. If you can't trust someone, don't employ them!

ttyl
          Farrell

Re:Not available in all countries... (0)

Anonymous Coward | more than 5 years ago | (#23504912)

AFAIK similar legislation also exists throughout Europe, although I wouldn't bet about the UK, they're a bit weird about these things.

Believe it or not, you asked for it (5, Informative)

Anonymous Coward | more than 5 years ago | (#23504442)

Our company has had to set up some email filtering and archiving. Why?

A receptionist for our company was fired for sending out bulk pornographic email, including video. He has done it for months. He's suing us, because he claims he was fired because he is gay. We only have a few of those emails that he send on backup because our backup only goes so far, will it be enough to not have to pay him big bucks and rehire him?

An accountant was fired for gross incompetance. She fouled up our main systems, needed her password reset with the Feds at $100 a pop several times a month, etc. Finally, she comes in and demands to work 30 hours but still get 40 hours pay. She was fired after a public tantrum. She is suing us, because she is black and claims racial discrimination. We need a LOT of documentation to back up our claims that she wasn't a good employee, because she can just say we don't have enough black people, and that can be considered proof of discrimination by itself.

We are heavily regulated about customer information. If someone emails out another persons personal information outside the company, and it makes the news, we all suffer. We have to monitor for that too.

We have to take preventative measures to block bad language from coming in and going out. We can get sued because an employee called a customer a f*cker in an email, or because someone saw a dirty joke on someone else's screen (sexual harassment).

Laws were written up to protect the "little guy", so now we have to prove to government agencies that we have made accurate hiring and firing decisions. We have to support our claims, and take preventive action, because there are so many ways that we can get screwed by employees I can't even count them.

This week we had to let someone go because they came up short by $750. We had two people dedicated to figuring out what happened for two days. We spent a lot on money and time, and we are looking forward to the inevitable lawsuit. We have email to back it all up, and because of procedures we have in place, the emails are professional and straightforward, instead of causal and possibly derogatory. It took us a while to get here, but yes, this is what you asked for. By increasing our risk through lawsuits and regulatory compliance, we have to manage that risk by monitoring our employees.

Go swear to your friends at home.

How sad... (1)

Adeptus_Luminati (634274) | more than 5 years ago | (#23504514)

... to be an American. I think you guys gave up way too many rights in the past few years. (This is not meant to be a flaimbait).

Ok, so under certain circumstances & organizations I agree that having others read your email regularly could be justified, but that would be like 1 out of 1000 companies at most. Also, who's reading the email of the person who reads your emails? Unless you work for the NSA, FBI, etc, this kind of behaviour does not breed positive morale or a relaxed work environment, nevermind that you have next to zero privacy.

Unfortunately, technology is making it easier and faster for companies to adopt this kind of behaviour. I agree that employers need to make sure that employees aren't wasting a lot of company time and resources doing innapropriate things. But emailing your mother or wife that you are meeting them at 6pm after work at whatever coffee shop, or calling them for this same purpose is just a part of life, as is work. Don't you talk about what time you are going to work on your own personal non-work time with these same people? Well, then wtf is the difference? I think spending 10 minutes a day on personal calls or emails should be allowed. Why can't I call my daughter every other day to see how she is doing? I'm not going to be very productive at work if in the back of my mind I'm worried about the safety and well being of my daughter as she walks home from school at 3pm.

And if 10 minutes really is so detremental to my company, then hell, let me work an extra 10 minutes each day, but for #()$* sakes, give me the freedom to stay in touch with my loved ones!

Companies have to be careful (1)

sjbe (173966) | more than 5 years ago | (#23505014)

Ok, so under certain circumstances & organizations I agree that having others read your email regularly could be justified, but that would be like 1 out of 1000 companies at most.
I'm not sure have a clue how easy and common it is for companies to get sued. Look, I'm all for reasonableness in monitoring workplace behavior but any company of any size gets sued regularly for all sorts of frivolous reasons. Seriously, there are a LOT of people out there who will lawyer up at the slightest perceived slight. I've witnessed these lawsuits firsthand.

Want to fire someone? You damn well better have thorough documentation about how they were not a good employee and were breaking company policy since it's VERY common for dismissed employees to sue for wrongful dismissal - especially minorities. But I hear you saying "at will employment". Doesn't matter, they'll sue anyway and it will cost the company a lot of time and money. Sometimes these lawsuits are justified, often they aren't but the end result is that EVERY company can and should take measures to document the behavior of their employees to protect themselves.

Doesn't mean the company has to go overboard but retaining and occasionally reading emails or filtering to protect the company is reasonable. Keeping records of phone conversations is reasonable to a point (some industries like financial services often require it by law) especially for customer facing employees. A few minutes of checking in on the family should not be a big deal in most cases. Spending any amount of time surfing for porn is a big deal. Emailing confidential company info to an unauthorized individual is a VERY big deal. Etc. There is no one size fits all answer but management absolutely can and should keep an eye on things to protect the company, the jobs of the employees and the investment of the shareholders.

Re:How sad... (1)

jellie (949898) | more than 5 years ago | (#23505310)

It's not exactly that cut-and-dried. In the US, a (private) company can monitor it's email and phones, have cameras set up, and filter web traffic because it's their property.

I doubt companies actually care about your calls or emails to your wife or daughter. Honestly, imagine how ridiculous it would look if they had to explain to a judge that you always did all your work, but you were fired because your loved your family? Companies are much more worried about employees disclosing protected information or harrassing other people. And as others pointed out, the SEC requires financial services companies to monitor their email to prevent brokers, for example, to illegally disclose information. Sometimes those companies will go even further to protect themselves. In one of many examples, a receptionist was fired and his boss censured because the employee sent inappropriate jokes from his work email. Really, though, if you were a stock broker or analyst (or even credit-rating agencies like Moody's), your statements can have huge effects on the world market.

Ah, the beauty of being bi-lingual (1)

Toreo asesino (951231) | more than 5 years ago | (#23504532)

....que nadie entendeis cuando escribes asi;

Especialmente cuando deja a deletrear palabras correctamente asi que no traducen.

Re:Ah, the beauty of being bi-lingual (4, Funny)

kellyb9 (954229) | more than 5 years ago | (#23504700)

....que nadie entendeis cuando escribes asi; Especialmente cuando deja a deletrear palabras correctamente asi que no traducen.
You, sir, must be a terrorist.

Re:Ah, the beauty of being bi-lingual (1)

Ken_g6 (775014) | more than 5 years ago | (#23504934)

....que nadie entendeis cuando escribes asi;

Especialmente cuando deja a deletrear palabras correctamente asi que no traducen.
"...that nobody understands when you write like this;

Especially when [allowed to] spell words correctly like this that don't translate."

Nunca asumes! (Unless you're a Navajo code talker [wikipedia.org] or something.)

Re:Ah, the beauty of being bi-lingual (1)

Toreo asesino (951231) | more than 5 years ago | (#23505192)

it's more a problem when you start phonetically swapping letters around

For example, 'que' becomes 'k', 'para' becomes 'pa' ec, miss off accents (like in the example I provided); it's not uncommon to mash a sentence beyond what can be reasonably translated.

Re:Ah, the beauty of being bi-lingual (1)

timbalara (808701) | more than 5 years ago | (#23505002)

Brilliant suggestion, I use the same technique myself every now and again. ;)

In other shocking news.... (1)

kelleher (29528) | more than 5 years ago | (#23504552)

Employers are implementing policies against using copiers and other office equipment for personal use! Oh the horror!

How can employees be expected to tolerate this denial of their personal freedoms?!

Re:In other shocking news.... (1)

Lumpy (12016) | more than 5 years ago | (#23504932)

How can employees be expected to tolerate this denial of their personal freedoms?!

keying the bosses car, leaving a turd in front of his office, there are thousands of things you can do to make your bosses life miserable and not get caught doing it if you are good.

A buddy of mine for a year screwed with our boss so badly that he quit. The guy deserved it, Micromanagers need to be screwed with hard. Little harmless things add up to major meltdowns if done right.

Don't like this? I have a solution. (3, Interesting)

Adeptus_Luminati (634274) | more than 5 years ago | (#23504696)

Even though technology is making easier and faster for companies to adopt this kind of behaviour, for the time being you still have some options...

1) Work for companies with over worked and under-budged IT departments who fight fires daily and have no long term plans - These companies are highly likely not to have any time to be reading your emails. Hell, you'd be lucky if the mail server stays up all week.
2) Write emails in foreign languages. In North America this works well, where so many people only speak English. Alternatively, teach your loved ones to use encryption in emails.
3) Use a fax machine. I know, waste of paper, but most companies don't have technology implemented to sniff/wiretap fax transmissions.
4) RDP to your home PC and write an email from there to your loved ones.
5) Make calls from conference rooms instead of your desk. This won't work if you call people daily, but its good if you need to make personal calls once a week or so. At the very least, it won't show up on your phone's call log, or the PBX's log about your phone.
6)If none of these are an option, you are working for a company that doesn't respect your privacy. Stand up for yourself, and go find another job.

the movie Brazil - Ahead of its time? (2, Insightful)

bball99 (232214) | more than 5 years ago | (#23504956)

reading the posts here definitely reminds me of numerous scenes from the 1985 movie, Brazil...

Boy, are US companies taking big risks! (3, Interesting)

Mr.Fork (633378) | more than 5 years ago | (#23504970)

And opening themselves up for privacy lawsuits. Hmmm... get an email from a parent concerned about health issue X you are experiencing (unbeknownst to your employer). Employer finds out and terminates employee or boss uses it for leverage for extra work/projects. According to Mark Rasch from SecurityFocus.com, it's not as clear cut as one might think. Varying laws in the USA from State to State make the issue even more challenging. From Mark: "In many states, the same law that prohibits the interception or recording of telephone calls also prohibits the interception or recording of electronic communications without the consent of all parties."(Reference: http://www.securityfocus.com/columnists/412 [securityfocus.com] ).

Talk about a confusing issue. You require outright consent from employees AND the party your emailing. Period. No exceptions. Simply stating 'we monitor all emails' will not hold up in court - should it ever come to it - you need permission from that individual employee - or all employees and have a readily available record of their consent.

If what I'm reading is correct, its far easier to leave your emails alone, and then search if you have an issue with court permission, than it is to be actively reading emails.

Yeah... the Government even requires it (3, Informative)

Anonymous Coward | more than 5 years ago | (#23505104)

I work for a large (300,000+ mailboxes) company in the financial industry. I happen to work in the electronic communications group as a systems architect and my specific area of expertise is the design and implementation of systems that monitor email and IM conversations of employees. At a high level there are two major reasons we have systems in place that monitor these types of communications:

1) Because my company is a SEC & NASD registered company we are *required* by law to both actively monitor (in some instances we stop emails mid stream and hold them in a queue until a reviewer approves them) and archive all email/IMs of all employees who carry a license with those organizations. To not do so would be considered criminal activity and we would incur huge fines (hundreds of millions of dollars). We've been fined before; those fines were creatively structured to require that we invest XXX millions of dollars into systems that allow us to meet the requirements. A very basic example of the type of thing we monitor for are indications of insider trading. More than one broker has been let go after being caught trading unethically.

2) The second major reason we monitor electronic communications is to limit the liability of the company by halting the distribution (usually unintended) of non-public information... also known as NPI. A basic example of the types of things we monitor for are things that impact the financial well being of our customers (both people and business customers) such as account numbers, SSNs, passwords, insider company information, etc. Everyone who works at my company is subject to this second type of monitoring.

Naturally having these systems in place opens those who are being monitored to having their communications scrutinized for other types of violations... namely violations of corporate policy. i.e. use of profanity or other behavior deemed inappropriate and not considered behavior that is acceptable as representative of the corporation's image. We do actively scan for these types of issues, but generally just file the information away in case it triggers a customer complaint or is identified as repetitive and needs to be addressed by a person's manager.

I don't want to discuss the products we're using today because that is proprietary information, but I can tell you without a shadow of a doubt what direction the monitoring industry is going. There are already a handful of companies who can actively monitor data using a common set of rules/policies at ever layer of the infrastructure. There's a company called Orchestria, for example and who we have been talking to recently, who through a centralized policy engine can monitor literally everything you do on your computer through agents installed on the desktop, agents installed on IM gateways, agents installed on mail servers, agents installed on proxy servers and a border agent appliance that ideally sits in the DMZ that will perform packet level scanning and can block literally anything that it can read from those packets... going as far as to block encrypted data or brute force hack encrypted data on the fly and hold it in queue until it is scanned.

Scary right?

It depends on who you are I guess. As a technical person and admitted nerd I think that's cool as hell. It's the conspiracy theorist in me who is scared.
Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...