Feeds

Employer snooping code: don't eavesdrop on staff

Delays anger unions

  • alert
  • submit to reddit

3 Big data security analytics techniques

Delays in the arrival of the code to set out employees rights regarding company snooping has been angering Unions.

The FT has quoted a senior TUC policy officer who believes the delays mean employee rights are inevitably going to be fought for via test cases in court.

Sarah Veale, senior policy officer at the Trades Union Congress, told the FT: "A lot of us were relying on the code to clarify when the right to privacy protects the employee . . . we need it to help employers, as much as employees. If we're not going to have a code (this year), then if someone gets unfairly treated it means we may have to go to court. That's got to be the inevitable consequence."

The full code of practice, being drawn up by the Information Commissioner's Office (ICO), is expected by the end of the year, but it will be released in instalments. Employer monitoring and surveillance of staff is considered the most difficult bit, and is being left until last. Rules about keeping staff records are due in May/June - a bit later than the end of March the Reg was quoted at the start of March.

The ICO is claiming it has never really set deadlines for drawing up the code - 'The Use of Personal Data in Employer/Employee relationships' as it's snappily and provisionally known - because it is such a complicated subject and it is concerned that it gets it right. Iain Bourne, strategic policy manager at the Information Commission, said: "Employers and employees want advice on this and it is important we get it absolutely right."

The code of practice is vital for clarifying what employees and employers are entitled to do in the workplace following several pieces of new legislation. The controversial RIP Act opens up the possibility of widespread email and phone surveillance. But this has also to tie in with the Human Rights Act, which enshrines the right to reasonable privacy, and the Data Protection Act, which insists that data is recovered "in a fair and proportionate manner".

One of the reasons things are taking so long is because the ICO received around 110 full responses regarding the implications and conflicts of the new legislation from a public consultation. Bourne described some of these as very substantial, critical, and technical.

Amongst the feedback the ICO has had is conflicting information about whether technical checks to see if staff are downloading porn actually work. Whatever the case, the ICO favours using technical tests rather than getting into an employees surfing history or hard disk to have a look at what they've been up, to.

Bourne used a phone analogy to give the ICO's view. "If you think an employee has been abusing the phone and making personal calls, don't listen in on them." He recommends checking the phone logs to see where they've been calling." ®

Related Link

FT story

Related Stories

Email snooping code of practice delayed
SurfControl sales rocket by 200%

Combat fraud and increase customer satisfaction

More from The Register

next story
Dropbox defends fantastically badly timed Condoleezza Rice appointment
'Nothing is going to change with Dr. Rice's appointment,' file sharer promises
Audio fans, prepare yourself for the Second Coming ... of Blu-ray
High Fidelity Pure Audio – is this what your ears have been waiting for?
Record labels sue Pandora over vintage song royalties
Companies want payout on recordings made before 1972
MtGox chief Karpelès refuses to come to US for g-men's grilling
Bitcoin baron says he needs another lawyer for FinCEN chat
Ex–Apple CEO John Sculley: Ousting Steve Jobs 'was a mistake'
Twenty-nine years later, post-Pepsi exec has flat-forehead moment
Number crunching suggests Yahoo! US is worth less than nothing
China and Japan holdings worth more than entire company
Zucker punched: Google gobbles Facebook-wooed Titan Aerospace
Up, up and away in my beautiful balloon flying broadband-bot
prev story

Whitepapers

Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.