How much privacy can you expect at work?
In the United States, the answer to that question is: not much.
According Melissa Ngo, the publisher of Privacy Lives, “Employees have few privacy rights in the workplace.”
American employers can track employee’s web activity. They can place surveillance cameras in cubicles. They can examine work phone records and track movements via GPS. They can even stand right behind you and observe what’s on your monitor. Imagine how annoying that could be.
How do you know if your employer is using any of these tactics?
Well, first turn around and take a quick look. Next, do a little research. “Workers should read their employee handbooks carefully, searching for anything connected with surveillance of the workplace,” Ngo says.
The European Union, on the other hand, offers more thorough protection when it comes to workers’ privacy. Article 8 of the European Convention on Human Rights protects “the right to respect for private and family life.”
Courts in the United Kingdom have refused to make a distinction between private and professional communication. Because of this generous view of workers’ rights and EU’s Data Protection Directive, European employers must not only be completely transparent about any surveillance, they also have to prove that their surveillance is both legitimate and limited.
Compare that to the US where some experts have assumed that employers reserved the right to read private email generated on work computers, even if it was not stored on company servers.
However, the times may be changing.
A recent ruling by the New Jersey Supreme Court in Stengart v. Loving Care might hint at a new precedent. According to Ngo, “The N.J. court ruled that employer Loving Care had violated employee Marina Stengart’s privacy by reviewing copies of e-mail sent to her attorney that were left on her work-issued computer because the e-mail had been sent from a personal, password-protected Webmail account.”
(Do employers really want to be monitoring private emails on work computers, especially when employees can easily pick up their smartphones to email away?)
The Loving Care decision may not hold much promise for privacy rights because the court may have been simply protecting attorney-client privilege. The Workplace Privacy Data Management and Security Report suggested that the ruling may have been the result of sloppy communication policies that allowed for some “personal” use.
Regardless, new technologies like social networks present a new challenge for workers and employers. What rights do employers have to personal accounts that are associated with the company? The answer to that isn’t clear.
What is clear is that social media acceptable use policies are crucial for the modern workplace. Employees must be aware of what is permissible and what is being observed.
Employees also must be extremely careful when it comes to posting company information on social sites.
“Though you can manage your privacy settings on social-networking accounts,” Ngo says, “people should recognize that they are making public statements.”
And if you give up your right to privacy by going public, you have no one to blame but yourself.
Should you expect privacy at work? What are the privacy laws in your country? We love to know.
After F-Secure principal security consultant Tom Van de Wiele stepped into the #CyberSauna for the second episode of…
January 19, 2018