Hi,
If I store in a personnal file infos that concern me, and I encrypt them, then
the company can blame me for using its PC for personnal needs, but she can't
require getting he file content. In other words, there are different items
in the
story: one is using what someone else owns, and the other is whether the owner
can claim ownership of the thing.
Also, you can monitor, but unless you state it explicitly, you won't be
able to use
the result as a proof in a court. that's the european law (at leats, the
french version).
now, the legal viewpoint is not the only side of the question. We all have
the right to divorce.
we all have the right to refuse giving money to the homeless, ...
but fortunately, we don't use these rights. They are here to protect our
freedom, not
to dictate our actions.
An employer can claim ownership, can decide the way things should be done, ...
but he can also check what is the best way to do things, what he can do to
motivate his employees. Employers often talk about empowerement, but they
don't always understand the meaning of this word. People like to be called
David
and act as Goliath. Unfortunately, there's nothing to do about people,
except trying
to get a good life for his own and lt the time pass....
cheers,
mouss
At 10:50 28/09/00 +0200, Mike Glassman - Admin wrote:
>I read this over twice to ensure what I was reading was correct as I
>understood it to be.
>
>Am I to understand that in Canada, a user may dld information from the
>Internet (which is a pipe provided by the employer for company buisiness),
>to his computer (which legaly belongs to the company for which he works),
>and the company can do nothing about it ?
>
>Where exactly does the issue of personal privacy come into being when an
>end-user uses 2 means not his own, to get information ? Can the said user
>then upload what he wants ? Place backdoor programs on his puter and thus
>put the whole corporation at risk without fear of retribution ?
>
>Am I then not allowed to install an AV package less it infringes or touches
>one of the programs said user dld'd ?
>
>I am glad I am not in Canada, and that here the line is more directly drawn
>out. even tho we do not have a policy on this, every single user is clearly
>notified that any and all data dld'd to his puter can be deleted without his
>knowledge or permission. Each user is notified that any Internet
>transactions can and will be logged, and if deemed necessary, action may be
>taken against them.
>
>I can just imagine the problems you as a Security Admin have to face, when
>your basic job definition intended to protect the corporation for which you
>work, has efectivly been taken from you.
>
>The issue of personal verses corporate in some of the so called advanced
>countries (in which I include Canada), in which the laws go all out to
>protect the end user even at the cost of a corporation, are rediculous.
>
>I agree the end user has rights, but when it comes to protecting 1000 users
>or 1, the 1 will lose with no questions asked. At least here.
>
>Mike
>Systems & Security Admin
>Israel Airport Authority
>
> > -----Original Message-----
> > From: Ron DuFresne [SMTP:[EMAIL PROTECTED]]
> > Sent: � ������ 28 2000 9:22
> > To: Bill Royds
> > Cc: [EMAIL PROTECTED]; [EMAIL PROTECTED]
> > Subject: RE: Truth or Fiction
> >
> >
> > Perhaps I read the canadia legalese improperly, but, it suggested to me
> > that it was dealing with an employees private info being made public, like
> > a persons hospital records and such. Not whether a company has the right
> > to say grab up an employee's desktop/laptop and reformat the sucker or say
> > dismiss the person for harboring things there the company has flatly
> > stated is not allowed. As it has been pointed out on this list many
> > times, and perhaps with special instructions to folks to be aware of their
> > legalesse, perhaps not <maybe us folks in the US are put to a stiffer test
> > in the matter?> private toys do not belong on the companies machines and
> > corporate assests, that's what home accounts are for, yes?
> >
> > Thanks,
> >
> > Ron DuFresne
> >
> > On Wed, 27 Sep 2000, Bill Royds wrote:
> >
> > > The question is what is personal property and what is corporate assets.
> > As I said, I Canada personal items, even if stored on a corporate
> > computer, belong to the person not the corporation. That is why there
> > might be a problem with files downloaded from the Internet on a corporate
> > computer. If they were downloaded out of company time (overnight say) and
> > were not required by corporate contract, then they don't belong to the
> > corporation. The U.S. may have different law, since corporate rights seem
> > to overshadow personal rights in all kinds of ways, despite rhetoric about
> > freedom of the individual.
> > > I just finished reading a section of Bruce Schneier's "Secrets &
> > Lies" book that concerns this. On page 60 he talks about the problems
> > between the European Union (EU) and the United States with respect to the
> > 1998 EU Data Protection Act. Under European (and now Canadian) law, it is
> > illegal to share or sell data about an individual collected by another. I,
> > as a Canadian firewall administrator, now have to treat firewall logs,
> > sendmail logs etc. that might identify an individual as "protected" data,
> > kept under lock at all times. Management needs a signing officer's (VP
> > etc.) consent to review usage. One needs to have consent to have a help
> > desk make a copy of disk contents.
> > > It does cause problems but it also clarifies the right to privacy.
> > > It doesn't mean a corporation loses their assets but that there is a
> > clearer line between corporate information assets and personal information
> > assets and that line is not who owns the computer.
> > >
> > > -----Original Message-----
> > > From: Ron DuFresne [mailto:[EMAIL PROTECTED]]
> > > Sent: Wednesday, September 27, 2000 10:28
> > > To: Bill Royds
> > > Cc: [EMAIL PROTECTED]; [EMAIL PROTECTED]
> > > Subject: RE: Truth or Fiction
> > >
> > >
> > >
> > > is not personal privacy another issue altogether? This topic has not
> > been
> > > about personal privacy, but about corporate assessts, yes?
> > >
> > > Thanks,
> > >
> > > Ron DuFresne
> > >
> > >
> >
> > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> > "Cutting the space budget really restores my faith in humanity. It
> > eliminates dreams, goals, and ideals and lets us get straight to the
> > business of hate, debauchery, and self-annihilation." -- Johnny Hart
> > ***testing, only testing, and damn good at it too!***
> >
> > OK, so you're a Ph.D. Just don't touch anything.
> >
> > -
> > [To unsubscribe, send mail to [EMAIL PROTECTED] with
> > "unsubscribe firewalls" in the body of the message.]
>-
>[To unsubscribe, send mail to [EMAIL PROTECTED] with
>"unsubscribe firewalls" in the body of the message.]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
