‚ < ‚ Free Open Study ‚ > ‚ |
Search and seizure of employee computers is a sensitive subject. Although employees might be told that their computers are for work purposes only, most people will have some personal data, whether it's email, phone numbers , or personal documents. There are a number of misconceptions about search and seizure. Within the United States, people are protected by the Fourth Amendment, which prohibits "unreasonable search and seizure." However, that prohibition only applies to searches by agents of the government. As a general rule, employers can search the work areas (including computers) of their employees without any special requirements and even without cause. Some of the rules change if the employer is a government agency or contractor, but essentially private employers have few restrictions. Some local jurisdictions have adopted tougher limitations on employee searches and monitoring. As always, you should always consult with proper legal authority prior to conducting a search. Employee monitoring is especially sensitive. Employees can be monitored directly or by video surveillance, and most people, if they are informed, generally accept such monitoring as long as it is not intrusive (for example, cameras in the bathrooms). Monitoring of computer traffic, however, might be perceived differently. Even if employees are told that the company might monitor email, web traffic, or computer activity, many employees still expect those activities to be private. Policies addressing this monitoring will be discussed later in this chapter, but the human cost of intrusive monitoring might be great, even if there are no legal barriers. Monitoring of employee activities might also be technically difficult. For example, in most configurations, it is not possible to monitor web content if the employee connects to a secure (SSL) site. Most corporations content themselves with monitoring the connection only in that case. In a similar situation, an employee can send an encrypted email that the company will not be able to read.
A number of technologies are available to monitor an employee's use of his or her computer. These products are available both in hardware and software. Companies can buy specialized monitoring tools or can use freely available tools (including trojan programs such as Back Orifice). Again, the technology and legal implications are fairly clear-cut , but the human impact might be much more subtle. Encryption is generally treated by law enforcement as a locked container. If the agency has the legal authority to search an area (for example, a house) and finds a locked file box in the area, they can compel the owner to open the box. In the same way, if law enforcement has the right to search a computer and finds encrypted files, it can compel the owner to provide the keys. |
‚ < ‚ Free Open Study ‚ > ‚ |