roy@phri.UUCP (Roy Smith) (06/08/85)
Recently, the issue has come up where I work of privacy with respect to computer files. I am not talking about the technical aspects of protecting your files, but the ethical aspects of what rights you have to keep you files private. Consider the following situation: you have an account on your employer's computer system. Some of the files you keep on the system are business related, some are personal. How much right does your employer have to have access to your files? What about your co-workers? Your immediate supervisor? Under what conditions may they exercize those rights? How far do those rights extend? What right do you have to be informed of searches of your files by your employer? What right do you have to supervise those searches? To a certain extent, information stored in a computer system parallels physical items stored in a room. If I bring a handbag to work and store it in my desk, does my employer have a right to search my handbag? Probably not. On the other hand, if my employer suspects that I am storing drugs (or property stolen from fellow employees) in my desk, it seems reasonable that he should be able to search my desk after some sort of due process. Two major differences exist, as I see it. One is that information stored in a file can be stolen without removing it from its original place or storage. This means that 'stolen' files may go undetected for a long time. Also, the 'stolen' material my be encrypted to deter its being found. If the information is confidential, personal, or sensitive, harm may be done by simply having someone read the file without making a copy. The second difference is that the people (if any) who should have access to other people's files (some level of management, presumably) need to go through a intermediary to gain such access (i.e. the system operator who knows the super-user password). How does the intermediary decide if a valid request has been placed with which he should comply? How does the employer gain access to files through the intermediary without having the intermediary also see the files? Can anybody give me pointers to prototypical ethics documents (perhaps the ACM has done something like this?) which might guide us in preparing our own. Any thoughts on what should go into such a document? What we are trying to do is protect the rights of the users to privacy, which at the same time protect the rights of the employer to have control over what goes on in the workplace. -- allegra!phri!roy (Roy Smith) System Administrator, Public Health Research Institute
brooks@lll-crg.ARPA (Eugene D. Brooks III) (06/12/85)
An ounce of prevention is worth a ton of cure here. You can at least make it more difficult for your employer to look at the files. Encrypt them! It is very difficult to have absolute security but is better than an open door.
richl@daemon.UUCP (Rick Lindsley) (06/12/85)
In article <250@phri.UUCP> roy@phri.UUCP (Roy Smith) writes: > > Recently, the issue has come up where I work of privacy with >respect to computer files. I am not talking about the technical aspects of >protecting your files, but the ethical aspects of what rights you have to >keep you files private. > > Consider the following situation: you have an account on your >employer's computer system. Some of the files you keep on the system are >business related, some are personal. How much right does your employer >have to have access to your files? What about your co-workers? Your >immediate supervisor? Under what conditions may they exercize those >rights? How far do those rights extend? What right do you have to be >informed of searches of your files by your employer? What right do you >have to supervise those searches? This same issue arose a few months ago in our group. At the time, there was no policy, written or unwritten, regarding a situation like this. The incident which raised these questions was not handled in a way many thought appropriate. So we complained rather loud and hard and now have, I believe, at least an *unwritten* policy, which addresses most of the questions above. OFFICIAL DISCLAIMER Please note that I am not a lawyer, nor does this represent a general policy at Tektronix but rather one policy of one chain of management. It seems quite reasonable and it would be nice to see it generally in use, but it is *not* so please, fellow Tekkies, do not confront you manager saying "This is the way it is", but rather "Could you do things this way?" How much right does your employer have to have access to your files? What about your co-workers? Your immediate supervisor? Under what conditions may they exercise those rights? The sad truth is every legal right. They are stored on your employer's media and are covered under a normal employer/employee relationship. An analogy: if I were to use my employer's tape recorder and my employer's tape to record my grocery list and then left the company before I used my grocery list, I have little legal recourse to recover my grocery list. Now of course, the employer has little use for it, and will likely give it back to me in some form, because it is a harmless, good-faith gesture. And that is the compromise we arrived at: an employee recognizes that the employer has every right to look at files, but the employer also realizes that to do so indiscriminately makes the employee very unhappy. Unhappy people say bad things about a company. So for one person to look at another's files (unless those files are already publicly readable) requires approval of someone in the management chain of the person in question. It is expected that this sort of "need" will arise seldom. In addition, at the employee's request, the files may be censored (see below). Any person may make this request (after all it is "company" property and we all work for "the company") but it is expected that most of the cases will come either upon leaving the company or from some upper-level person, not from a colleague sitting in the room across the hall. How far do these rights extend? Until they become written policy, they extend as far as the interpretation of your manager. If you have a manager who will go to bat for you, perhaps you can defend yourself against even upper-level people wanting to casually poke around. But the time when most of this comes to a head is when a person leaves. ("But that's *MY* mail, take the source but I don't want you to see that I've been dating your sister!") And most of the time this involves your immediate manager wanting to do the poking. So... What right do you have to be informed of searches of your files by your employer? What right do you have to supervise those searches? This is the compromise arrived at here. (Again, this is not general policy -- yet!) The person "owning" the files and a member of the Human Relations (Personnel) staff would sit down with the "owner" and together they would start going through the files. The employee could point at a file or directory and say "that's personal". The staff member would then check it out and say yes it is or no it isn't. Keep in mind that these people hear secrets on a daily basis anyway ("I'd like to transfer because I can't stand the people I work with") and so are good candidates for a neutral third party. The employer's fear is that the employee, perhaps feeling vindictive, will delete all or part of his current project, and the employee is of course fearful for all his friends who sent him mail to support his theory that managers smell like pig manure. This seems to quiet both parties fears. Of course the employee may simply waive all this and say, go ahead, nothing there that bothers me. If I am storing drugs (or property stolen from fellow employees) in my desk, it seems reasonable that he should be able to search my desk after some sort of due process. Actually under the reasoning above the "due process" would likely be entirely up to the management rather than the courts. The desk or locker or file cabinet is actually theirs. But it would be interesting to see a case on this. A similar policy is being applied to those with superuser privilidges. You may be able to read another's files but to do so requires that you have that person's permission. It is admittedly difficult to tell when another's privacy has been breached but if a superuser is caught, the company will consider that serious misconduct and your job is on the line. The sole exception to this rule is the postmaster or uucp administrator who, in the course of their job, may find it necessary to inspect files being transferred. It is expected that regardless of the content of these files that they are held in strictest confidence and that this exception applies only to files "in transit" and not those which have been sitting in a user's directory for 3 weeks! Hope this helps (it will almost certainly provoke discussion). Rick Lindsley Small Systems Support Group and, incidentally, Postmaster@tektronix ...{decvax,ihnp4,allegra, and a host of others}!tektronix!daemon!richl
aouriri@ittvax.ATC.ITT.UUCP (Chedley Aouriri) (06/13/85)
> In article <250@phri.UUCP> roy@phri.UUCP (Roy Smith) writes: > > > > Recently, the issue has come up where I work of privacy with > >respect to computer files. I am not talking about the technical aspects of > >protecting your files, but the ethical aspects of what rights you have to > >keep you files private. > > > > Consider the following situation: you have an account on your > >employer's computer system. Some of the files you keep on the system are > >business related, some are personal. How much right does your employer > >have to have access to your files? What about your co-workers? Your > >immediate supervisor? Under what conditions may they exercize those > >rights? How far do those rights extend? What right do you have to be > >informed of searches of your files by your employer? What right do you > >have to supervise those searches? Several companies have an explicitly written policy stating that ALL files stored on the company's computers are company property. In those companies, many employees encrypt their personal files with a hard to break encryption algorithm. Thus, they can keep their personal files without worring about would be pokers, and without violating the company's policy. This seems to work pretty well for both parties.
inc@fluke.UUCP (06/13/85)
In article 226, Ross Greenberg writes: > A certain university requires anyone wishing a backup to > provide their own tape. > > You mistakenly take the source code for 4.2 with you while doing your tar. > The source code was previously available (read permissions) and > had been moved into a sub directory of your ownership. And you forget. > > The tape is in the posession of the university and has not left their > premises. Later a member of the super-user community for reasons > of thir own decides to examine your tape. They find the source code > and accuse you of trying to rip off the code, and you lose your account > because of that accusation. > > Questions: > > Does anyone have the right to go through a tape that, by university policy, > must be your personal property and is labeled accordingly? > > Even if they do, has any "crime" been attempted if the tape is still > within their custodianship? > > Is it moral or ethical for a super-user to (ab)use their super-user status > to go through anothers property? > > At this point the tape was confiscated. The user offered to 'rm' the > offending sorce code, but the super-user community refused and did it > themselves. > > Did they have the right to alter anothers property like this? > > What if they mistakenly erased other data that was valuable to > the user and was previously on the tape from a different machine? > > What are the ethics of such things? Well Ross, I for one do not think that these are tangled ethical/moral/legal questions: it is clear that the only thing in this whole matter that is your "property" is the medium (not the message |-) The university requires you to provide it just as they require you to provide notebooks, pencils, and other tools of the student trade. By insisting on custodianship, however, it seems to me that the university itself is legally/morally/ethically responsible for the contents. Since that is so, it is in their interests to insure that no laws are violated and that all student tapes in their posssession meet their requirements. This might be compared to a doctoral thesis that you give the university for keepsies even though the paper, typing, and duplication costs came out of your pocket. If the thesis is found to contain plagiarized material, I can envision them taking certain steps. It's true that in the case of the thesis, they would probably not take a scissors to the offending material, but on the other hand, you would probably never see any of it again. They did show an extreme lack of sensitivity though, and the fact that they proceeded as they did after having all the facts explained seems pretty high-handed. Be that as it may, I think they were within their rights, including looking at the contents of the tape. Retaining the rights to the information on the tape is probably their reason for wanting to keep physical possession of it in the first place. To sort this all out, you need only put yourself in their shoes: what if it *weren't* accidental that the 4.2 source showed up on your tape? If in fact you had puposely copied it with a mind to eventually selling it on the black market? The university has only your word that it got their by accident, and they may be more inclined to trust a super-user's opinion that it's unlikely that a person could "accidentally" get such a collection of bits on their tape than they would be to believe you that your intentions were strictly honorable. I do sympathize, so don't get me wrong. It is just this sort of behaviour that turns people off to institutions. While they are undoubtedly responsible for the contents of the tapes, they should also be careful to instruct everyone about the rules before they go off the deep end as they seem to have done. -- Gary Benson * John Fluke Mfg. Co. * PO Box C9090 * Everett WA * 98206 MS/232-E = = {allegra} {uw-beaver} !fluke!inc = = (206)356-5367 _-_-_-_-_-_-_-_-ascii is our god and unix is his profit-_-_-_-_-_-_-_-_-_-_-_
roy@phri.UUCP (Roy Smith) (06/14/85)
> You can at least make it more difficult for your employer to look at > the files. Encrypt them! What I was getting at in my original posting was not technical ways to prevent intrusion, but guidelines as to what is ethical and what is not. I am more interested in the rules saying when it is OK to open an unlocked door (or use your master key), rather than advise on what kind of lock to buy. BTW, I've gotten several responses in the mail already. When the flow stops, I'll summarize to the net. -- allegra!phri!roy (Roy Smith) System Administrator, Public Health Research Institute
dave@lsuc.UUCP (David Sherman) (06/16/85)
In article <whocares> aouriri@ittvax.ATC.ITT.UUCP (Chedley Aouriri) writes: ||Several companies have an explicitly written policy stating that ||ALL files stored on the company's computers are company property. ||In those companies, many employees encrypt their personal files ||with a hard to break encryption algorithm. Thus, they can keep ||their personal files without worring about would be pokers, and ||without violating the company's policy. ||This seems to work pretty well for both parties. What if the systems administrator, on behalf of the company, decides to "get" the employee's encryption key (e.g., by modifying crypt(1) so it quietly mails a copy of the key to the administrator)? Aside from this not being a particularly nice thing to do, I can't see this being illegal, given that it's clear the employer owns the system and everything on it. Comments? Dave Sherman The Law Society of Upper Canada Toronto -- { ihnp4!utzoo pesnta utcs hcr decvax!utcsri } !lsuc!dave