On Mon, Oct 29, 2001 at 02:59:46PM -0600, Rebecca Kastl wrote: > If you walk into a business (your employer, for instance), whether or not you > feel it is reasonable, that business has a right to conduct video surveillance > on you, monitor your access to the building, and monitor your access to > various building areas (e.g. use of proximity/swipe cards, security logs, > etc.). > > In businesses where such systems are implemented, you cannot have any > expectation of privacy (except in the restrooms -- maybe). The same goes for > a system implemented in the course of business (or some other capacity). You > are granted use with the implicit understanding that you may be monitored. > Don't think so? Walk into a record store at the mall -- you're being > surveilled. While I agree with most of what you are saying, things are a little more complicated than you make them out to be. The record store analogy, for example, is flawed, because a record store is a public place; various case law has construed a workplace as being public, semi-private, private, etc., depending on the circumstances involved. One of the tests that is often used in "real-world" (as opposed to electronic) cases is the "overhearing" test--the less likely it is that random passersby could, say, overhear a phone conversation, the more likely the courts seem to be to deem that such a conversation was made with a reasonable expectation of privacy, so that employees in cube farms implicitly have less RTP than those with their own offices. One could thus argue by analogy that, given that the average user on a multi-user system cannot easily "overhear" the communications of other users, there would be a reasonable expectation of privacy on such a system. Actual case law (in particular the Ortega and Showengerdt cases) has mostly gutted electronic RTP for employees, however. The Privacy for Consumers and Workers Act, on the other hand, has at least required that employees be notified when they are being monitored or recorded. All of which gets back to my original point that this is a lot more complicated than might be thought; what is "reasonable" to one person might not be to another, and what is "reasonable" to a sysadmin might not be to a judge. The best thing to do is find a lawyer of your own and get their opinion about your particular situation. -- Sweth. -- Sweth Chandramouli ; <svcat_private> President, Idiopathic Systems Consulting --------------------------------------------------------------------- To unsubscribe, e-mail: loganalysis-unsubscribeat_private For additional commands, e-mail: loganalysis-helpat_private
This archive was generated by hypermail 2b30 : Mon Oct 29 2001 - 15:17:14 PST