Is my employer allowed to access my office emails without my knowledge/permission?
I work at one of the county government departments. I was accused of wrong conduct at the workplace, which is obviously made up for retaliation by my branch manager and a district manager, because the same thing happened at other branches by these same two managers.
Those accusations were completely baseless. A memo came back as "No disciplinary action will be taken."
They searched my office computer and printed out some of my emails (work related). I was so shocked when they showed me the print out of my office emails.
Are they allowed to break into an employee's office emails under the name of investigatory meeting? The employer is the government office.
management united-states california
New contributor
|
show 7 more comments
I work at one of the county government departments. I was accused of wrong conduct at the workplace, which is obviously made up for retaliation by my branch manager and a district manager, because the same thing happened at other branches by these same two managers.
Those accusations were completely baseless. A memo came back as "No disciplinary action will be taken."
They searched my office computer and printed out some of my emails (work related). I was so shocked when they showed me the print out of my office emails.
Are they allowed to break into an employee's office emails under the name of investigatory meeting? The employer is the government office.
management united-states california
New contributor
106
"Are they allowed to break into employer's office emails under the name of investigatory meeting" - In most US situations, work emails belong to the employer, not you.
– Joe Strazzere
2 days ago
13
OK, let's shuffle the example - an employee conducted a crime using their office (government) computer. Are they now immune to any investigation?
– VLAZ
yesterday
4
@usr-local-ΕΨΗΕΛΩΝ <sigh /> There are indeed more restrictions placed on the accessing of employee's emails in the EU but * can be examined only under a criminal investigation by public officers* is simply untrue. The additional protections are only applied to emails of a clearly personal nature. Work e-mails can be accessed, monitored and read by the employer so long as they do so in a GDPR compliant manner.
– motosubatsu
14 hours ago
4
The title of this question should be changed to "IT department accessing an office computer", although that would probably get less views.
– Nuclear Wang
12 hours ago
3
They almost certainly just pulled the emails from the central server, do you have any evidence they actually accessed your machine?
– Kevin
8 hours ago
|
show 7 more comments
I work at one of the county government departments. I was accused of wrong conduct at the workplace, which is obviously made up for retaliation by my branch manager and a district manager, because the same thing happened at other branches by these same two managers.
Those accusations were completely baseless. A memo came back as "No disciplinary action will be taken."
They searched my office computer and printed out some of my emails (work related). I was so shocked when they showed me the print out of my office emails.
Are they allowed to break into an employee's office emails under the name of investigatory meeting? The employer is the government office.
management united-states california
New contributor
I work at one of the county government departments. I was accused of wrong conduct at the workplace, which is obviously made up for retaliation by my branch manager and a district manager, because the same thing happened at other branches by these same two managers.
Those accusations were completely baseless. A memo came back as "No disciplinary action will be taken."
They searched my office computer and printed out some of my emails (work related). I was so shocked when they showed me the print out of my office emails.
Are they allowed to break into an employee's office emails under the name of investigatory meeting? The employer is the government office.
management united-states california
management united-states california
New contributor
New contributor
edited 1 hour ago
Geoffrey Brent
2,461517
2,461517
New contributor
asked 2 days ago
MimiMimi
251123
251123
New contributor
New contributor
106
"Are they allowed to break into employer's office emails under the name of investigatory meeting" - In most US situations, work emails belong to the employer, not you.
– Joe Strazzere
2 days ago
13
OK, let's shuffle the example - an employee conducted a crime using their office (government) computer. Are they now immune to any investigation?
– VLAZ
yesterday
4
@usr-local-ΕΨΗΕΛΩΝ <sigh /> There are indeed more restrictions placed on the accessing of employee's emails in the EU but * can be examined only under a criminal investigation by public officers* is simply untrue. The additional protections are only applied to emails of a clearly personal nature. Work e-mails can be accessed, monitored and read by the employer so long as they do so in a GDPR compliant manner.
– motosubatsu
14 hours ago
4
The title of this question should be changed to "IT department accessing an office computer", although that would probably get less views.
– Nuclear Wang
12 hours ago
3
They almost certainly just pulled the emails from the central server, do you have any evidence they actually accessed your machine?
– Kevin
8 hours ago
|
show 7 more comments
106
"Are they allowed to break into employer's office emails under the name of investigatory meeting" - In most US situations, work emails belong to the employer, not you.
– Joe Strazzere
2 days ago
13
OK, let's shuffle the example - an employee conducted a crime using their office (government) computer. Are they now immune to any investigation?
– VLAZ
yesterday
4
@usr-local-ΕΨΗΕΛΩΝ <sigh /> There are indeed more restrictions placed on the accessing of employee's emails in the EU but * can be examined only under a criminal investigation by public officers* is simply untrue. The additional protections are only applied to emails of a clearly personal nature. Work e-mails can be accessed, monitored and read by the employer so long as they do so in a GDPR compliant manner.
– motosubatsu
14 hours ago
4
The title of this question should be changed to "IT department accessing an office computer", although that would probably get less views.
– Nuclear Wang
12 hours ago
3
They almost certainly just pulled the emails from the central server, do you have any evidence they actually accessed your machine?
– Kevin
8 hours ago
106
106
"Are they allowed to break into employer's office emails under the name of investigatory meeting" - In most US situations, work emails belong to the employer, not you.
– Joe Strazzere
2 days ago
"Are they allowed to break into employer's office emails under the name of investigatory meeting" - In most US situations, work emails belong to the employer, not you.
– Joe Strazzere
2 days ago
13
13
OK, let's shuffle the example - an employee conducted a crime using their office (government) computer. Are they now immune to any investigation?
– VLAZ
yesterday
OK, let's shuffle the example - an employee conducted a crime using their office (government) computer. Are they now immune to any investigation?
– VLAZ
yesterday
4
4
@usr-local-ΕΨΗΕΛΩΝ <sigh /> There are indeed more restrictions placed on the accessing of employee's emails in the EU but * can be examined only under a criminal investigation by public officers* is simply untrue. The additional protections are only applied to emails of a clearly personal nature. Work e-mails can be accessed, monitored and read by the employer so long as they do so in a GDPR compliant manner.
– motosubatsu
14 hours ago
@usr-local-ΕΨΗΕΛΩΝ <sigh /> There are indeed more restrictions placed on the accessing of employee's emails in the EU but * can be examined only under a criminal investigation by public officers* is simply untrue. The additional protections are only applied to emails of a clearly personal nature. Work e-mails can be accessed, monitored and read by the employer so long as they do so in a GDPR compliant manner.
– motosubatsu
14 hours ago
4
4
The title of this question should be changed to "IT department accessing an office computer", although that would probably get less views.
– Nuclear Wang
12 hours ago
The title of this question should be changed to "IT department accessing an office computer", although that would probably get less views.
– Nuclear Wang
12 hours ago
3
3
They almost certainly just pulled the emails from the central server, do you have any evidence they actually accessed your machine?
– Kevin
8 hours ago
They almost certainly just pulled the emails from the central server, do you have any evidence they actually accessed your machine?
– Kevin
8 hours ago
|
show 7 more comments
7 Answers
7
active
oldest
votes
They searched my office computer
No, they didn't. They searched the government's computer which you are allowed to use in course of your employment.
printed out some of my emails
No, they didn't. They printed out some of the government's emails which you wrote in the course of your employment.
Are they allowed to break into employe[e]'s office emails
You need to stop thinking of this as "breaking in". Stuff you do during your employment belongs to your employer. Assuming a competent IT department, they could just have pulled the e-mails off the server anyway.
I'm not saying that any of what happened is right, but this isn't even a vaguely sensible approach to fight it because it's based on a horribly false premise.
106
Yes, probably didn't need to physically touch your machine at all.
– Kilisi
2 days ago
7
Yup. I dunno about the standards on state/county/city machines, but many (most? all?) U.S. federal machines show you a warning that any activity may be monitored and inspected.
– jpmc26
2 days ago
15
@DavidZ The problem is that actual ownership is precisely what the asker meant, even if they don't realize it. The asker clearly demonstrates they believe they have some kind of ownership rights to the e-mails and the machine because it's been assigned to them. They do not have any rights to them precisely because the employer owns them. The employer has all the rights to them, and the employee only has those the employer decides to grant (or is required to grant by law). Clarifying that fact is exactly the answer, and that's what this answer does.
– jpmc26
yesterday
18
This answer is only valid for us contexts. In most of the EU / elsewhere, accessing employee files and computers isn't as straightforward and not legal in all cases.
– Magisch
18 hours ago
8
When I was doing admin stuff in Germany, the guidance was that in order to search company computers, the employees have to be prohibited from doing anything not work-related on the computers and this has to be actively enforced (so just putting it into the rules wasn't enough).
– etarion
16 hours ago
|
show 13 more comments
Your work-provided devices and services belong to your employer, not you.
This is an important tidbit to remember, as it means that they are the rightful, legal owner of:
- Your work computer and any data you create on it, they own it and can do what they like with it.
- Any data you send through their internet connection, they can eavesdrop on, modify, or decide if it should go through or not .
- Your work phone and any data you create on it, they own it and can do what they like with it.
- Your work email address, and any contents therein, they own it and can do what they like with it.
- Any IM Messages you send over the corporate IM service like Skype for Business (if applicable), they can log.
- Any network services deployed on the corporate network...you guessed it, they own it, and if you do any interaction with it, they can do with that what they like.
So yes, what they did was 100% legal.
"So yes, what they did was 100% legal." Out of curiosity: are you a lawyer or something similar?
– Trilarion
11 hours ago
@Trilarion I was once a digital forensic consultant. In other words, the kind of person that would perform investigations exactly like this one. We were required to know the ins and outs of the legalities behind our investigations before so much as sending off a Statement of Works
– 520
11 hours ago
add a comment |
Yes, employers are allowed to read files on their own computers and read e-mails on accounts they provide.
Generally, it is permissible for you as an employer to monitor your own computer systems including, but not limited to, employees’ work email communications and internet usage.
Source: https://mcdonaldhopkins.com/Insights/Blog/Employer-Advocate/2018/04/26/Employment-Law-QA-May-I-monitor-an-employees-emails-and-internet-usage
This is also touching issues about professionalism and loyalty. You should avoid using equipment belonging to your employer for your private gain without asking first. For example, no private communication using your work e-mail. And all communication you do in your role as an employee should be loyal to your employer.
In theory, if you are both loyal and only use the computer and accounts for your work, then you have nothing to fear from bring monitored. I know this is a stretch of the truth, we all have things to hide and unfortunately not all employers are using facts gained from monitoring in a fair or reasonable way. But this is the reasoning any employer in existence will use, and you will have a very hard time trying to defend yourself from this "privacy intrusion". Just assume that you are monitored at work.
> You should avoid using equipment belonging to your employer for your private gain without asking first. Government agencies, especially the federal government, have SERIOUS rules about this. Same goes for even the slightest political activities. It doesn't matter than the value of your two megabytes of data sent is practically zero, it is still considered misuse of government property.
– aidanh010
22 hours ago
"Generally, it is permissible for you as an employer to monitor..." - in some cases strict regulations mean it is essentially required that they do so, not simply permissible to do so if they desire. Never do anything on a work device that you wouldn't want the company, and any regulatory bodies that they are covered by, to have full knowledge of.
– David Spillett
16 hours ago
"if you are [...] loyal [...], then you have nothing to fear from being monitored" -- You do not happen to work for the Chinese government, do you?
– Hagen von Eitzen
8 hours ago
add a comment |
More than permitted, it is essential that other authorised people in the company can get to your emails.
At my previous company, our technical director left to work elsewhere. No big deal, it happens. But a few weeks after he left, we discovered that he'd arranged payment for server space on his company credit card and not logged details with accounts. When he left, the company cancelled that card, and of course server space renewals failed.
So our IT guys requested access to his emails and had to trawl through to find those details. This reinforces that emails on company business must be accessible by the company.
Separately later, I needed some other information from his emails. Management insisted I only got to see a subset of his emails, not because of his confidentiality, but because he signed off on people's pay and other people's confidentiality was the issue there.
add a comment |
As others have stated, the company / government owns the computer, not you. And, as such, they also have IT policies (often written in employee guidelines, or even as a big fat warning message when logging in) that all activity is monitored / logged and can be dug through if and when they please.
There is a sort of unwritten "acceptance" at most jobs that employees will use their computers for outside activities. EG: an employee paying some bills on the computer during their lunch break, or surfing the web for something for their kid or what-not. As folks go up the executive / management ladder, they're often stuck in their offices 12 hr days, and it's just a given they're going to use their work computer for personal activities.
In a perfect world, people would keep their personal activities only on a device they themselves own. But, it's not a perfect world.
In good IT settings I've been in, the IT folks (all IT / IS folks, really) act as guardians of secrets. The IT folks are monitoring everything that goes on on every computer in the company / workplace / college campus (for college computer labs) / etc .. but unless they have REASON to look into something, they just ignore and overlook any extracurricular activities. (EG: at my last job, I would IM with my gf all the time. The IM's would get a bit saucy, but nobody was dragging me off to HR dept to talk to me about them. I was a good employee that did my work. Could they have? Sure. But, at most companies it's a "we don't care unless we're asked to look into something". Managers were surfing the web in their offices. They were checking their bank accounts. None of that information was used against them, because our IS / IT dept had a policy of protecting it's employees and their personal information. And, an employees activity on a bank site has nothing to do with the company.. unless, say, the employee is embezzeling money from the company into their personal bank account.)
The only times I've seen IT investigating things is when some law was broken or a complain was filed. EG: someone's been embezzeling money.. obviously the IT dept is going to dig through that person's emails and computer with a fine-toothed comb to investigate. Or, an employee complains about someone watching porn on their computer (you'd be surprised how many execs sitting in their offices think they're completely isolated and private, but someone walking by sees something saucy going on on their computer.. and a complaint is filed with HR. Then the IT dept has to go to work and look at logs.. and eventually have a talk with the exec to tell them to stop visiting whatever site they're visiting.)
So, this makes me think they had reason to look into what you were doing. Maybe those two people are jerks and go out of their way to find things on their employees in order to hold them hostage or throw them under the bus. If that's the case, I'd find a new place to go work. (Hard enough just to do a job, worse still when you have a boss actively trying to work against you or get dirt on you to hold you hostage over something.)
There are petty managers that think "managing" is about digging up dirt on employees in order to get them under their thumb and abuse them. Had a gf that got her desk rifled through, and sat down and talked to over her "satanic music" found in her desk. The company has the right to dig through a person's desk (the desk is company property), but the "satanic music" was just a heavy metal cd she had in her desk. She turned the tables on them and asked if they were saying that they were discriminating against her on religious grounds (ie: manager thought he "had her" by trying to shame her for listing to "devil music", when really from an HR perspective that means he was discriminating against her via religion.) Petty work environments like that are to be avoided if at all possible.
In the case of government work (or any other kind of sensitive job), the computer should be handled with kid gloves. You just have to work at a place to feel the environment out to see if they have a lax monitoring policy or a strict one. If it's super-strict, they will often have notices when you log in reminding you that everything you do is being monitored.
But, bottomline is.. just becasue they don't say you're being monitored doesn't mean they're not monitoring you. And, it's their property. Think of it like being in school again. The teachers can go around checking your locker, becasue it's school property. You don't own the locker.
If you have something serious to discuss with someone, and you're worried about it biting you in the rear, it's best to have a face-to-face conversation, that way an email or phone call can't come back to haunt you. Once you fire off an email, it's basically stored on a server and can get dug up to get used against you when and if the company / job deems it necessary.. even if it seems to be based on petty office politics.
New contributor
add a comment |
Emails are typically sent through a minimum of two servers. The sender sends the email to a sending server, which sends the email to the receiver's server, which delivers the mail to an email client the recipient is logged in as; they can even access the email from multiple computers as long as they're on the appropriate network and/or have the appropriate login credentials.
The important distinction here is that your work computer is only a client. All those emails are stored at the server. In many cases, servers also store emails until they are deleted, and even then, those emails are typically logged in a server log somewhere for later retrieval for situations just like this.
Nobody needed to "break in" to the computer you use. All that data is stored at the server. Further, in most jurisdictions, they are not your emails, but rather are emails that belong to the service provider (in this case, the government). Any email you send through a server can be read anyone with permission to do so.
Finally, as a point of distinction, unless you're using your own personal laptop, IT can certainly come in, log in as a network administrator, and peruse all of your files. They don't need to "break in" in the sense that you think they did, nor do they even have to physically log in to this computer; they can request all the files they want over the network.
So, in conclusion: don't send emails through your company email unless they are work related, and assume that any email you send or receive can be read by anyone in the IT department, at minimum, and law enforcement/courts/etc if required during the course of an investigation.
add a comment |
Are they allowed to break into an employee's office emails under the name of investigatory meeting? The employer is the government office.
Are you sure they broke into YOUR workstation with a username/password and looked at your email? And not that they looked on the mail server and looked at your mailbox? My guess is the later case here.
As far as if it is legal the answer is yes. Typically on government workstations you consent by logging in to a search except for certain protected stuff like legal and medical, if I remember right.
add a comment |
Your Answer
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "423"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
noCode: true, onDemand: false,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Mimi is a new contributor. Be nice, and check out our Code of Conduct.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fworkplace.stackexchange.com%2fquestions%2f127996%2fis-my-employer-allowed-to-access-my-office-emails-without-my-knowledge-permissio%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
StackExchange.ready(function () {
$("#show-editor-button input, #show-editor-button button").click(function () {
var showEditor = function() {
$("#show-editor-button").hide();
$("#post-form").removeClass("dno");
StackExchange.editor.finallyInit();
};
var useFancy = $(this).data('confirm-use-fancy');
if(useFancy == 'True') {
var popupTitle = $(this).data('confirm-fancy-title');
var popupBody = $(this).data('confirm-fancy-body');
var popupAccept = $(this).data('confirm-fancy-accept-button');
$(this).loadPopup({
url: '/post/self-answer-popup',
loaded: function(popup) {
var pTitle = $(popup).find('h2');
var pBody = $(popup).find('.popup-body');
var pSubmit = $(popup).find('.popup-submit');
pTitle.text(popupTitle);
pBody.html(popupBody);
pSubmit.val(popupAccept).click(showEditor);
}
})
} else{
var confirmText = $(this).data('confirm-text');
if (confirmText ? confirm(confirmText) : true) {
showEditor();
}
}
});
});
7 Answers
7
active
oldest
votes
7 Answers
7
active
oldest
votes
active
oldest
votes
active
oldest
votes
They searched my office computer
No, they didn't. They searched the government's computer which you are allowed to use in course of your employment.
printed out some of my emails
No, they didn't. They printed out some of the government's emails which you wrote in the course of your employment.
Are they allowed to break into employe[e]'s office emails
You need to stop thinking of this as "breaking in". Stuff you do during your employment belongs to your employer. Assuming a competent IT department, they could just have pulled the e-mails off the server anyway.
I'm not saying that any of what happened is right, but this isn't even a vaguely sensible approach to fight it because it's based on a horribly false premise.
106
Yes, probably didn't need to physically touch your machine at all.
– Kilisi
2 days ago
7
Yup. I dunno about the standards on state/county/city machines, but many (most? all?) U.S. federal machines show you a warning that any activity may be monitored and inspected.
– jpmc26
2 days ago
15
@DavidZ The problem is that actual ownership is precisely what the asker meant, even if they don't realize it. The asker clearly demonstrates they believe they have some kind of ownership rights to the e-mails and the machine because it's been assigned to them. They do not have any rights to them precisely because the employer owns them. The employer has all the rights to them, and the employee only has those the employer decides to grant (or is required to grant by law). Clarifying that fact is exactly the answer, and that's what this answer does.
– jpmc26
yesterday
18
This answer is only valid for us contexts. In most of the EU / elsewhere, accessing employee files and computers isn't as straightforward and not legal in all cases.
– Magisch
18 hours ago
8
When I was doing admin stuff in Germany, the guidance was that in order to search company computers, the employees have to be prohibited from doing anything not work-related on the computers and this has to be actively enforced (so just putting it into the rules wasn't enough).
– etarion
16 hours ago
|
show 13 more comments
They searched my office computer
No, they didn't. They searched the government's computer which you are allowed to use in course of your employment.
printed out some of my emails
No, they didn't. They printed out some of the government's emails which you wrote in the course of your employment.
Are they allowed to break into employe[e]'s office emails
You need to stop thinking of this as "breaking in". Stuff you do during your employment belongs to your employer. Assuming a competent IT department, they could just have pulled the e-mails off the server anyway.
I'm not saying that any of what happened is right, but this isn't even a vaguely sensible approach to fight it because it's based on a horribly false premise.
106
Yes, probably didn't need to physically touch your machine at all.
– Kilisi
2 days ago
7
Yup. I dunno about the standards on state/county/city machines, but many (most? all?) U.S. federal machines show you a warning that any activity may be monitored and inspected.
– jpmc26
2 days ago
15
@DavidZ The problem is that actual ownership is precisely what the asker meant, even if they don't realize it. The asker clearly demonstrates they believe they have some kind of ownership rights to the e-mails and the machine because it's been assigned to them. They do not have any rights to them precisely because the employer owns them. The employer has all the rights to them, and the employee only has those the employer decides to grant (or is required to grant by law). Clarifying that fact is exactly the answer, and that's what this answer does.
– jpmc26
yesterday
18
This answer is only valid for us contexts. In most of the EU / elsewhere, accessing employee files and computers isn't as straightforward and not legal in all cases.
– Magisch
18 hours ago
8
When I was doing admin stuff in Germany, the guidance was that in order to search company computers, the employees have to be prohibited from doing anything not work-related on the computers and this has to be actively enforced (so just putting it into the rules wasn't enough).
– etarion
16 hours ago
|
show 13 more comments
They searched my office computer
No, they didn't. They searched the government's computer which you are allowed to use in course of your employment.
printed out some of my emails
No, they didn't. They printed out some of the government's emails which you wrote in the course of your employment.
Are they allowed to break into employe[e]'s office emails
You need to stop thinking of this as "breaking in". Stuff you do during your employment belongs to your employer. Assuming a competent IT department, they could just have pulled the e-mails off the server anyway.
I'm not saying that any of what happened is right, but this isn't even a vaguely sensible approach to fight it because it's based on a horribly false premise.
They searched my office computer
No, they didn't. They searched the government's computer which you are allowed to use in course of your employment.
printed out some of my emails
No, they didn't. They printed out some of the government's emails which you wrote in the course of your employment.
Are they allowed to break into employe[e]'s office emails
You need to stop thinking of this as "breaking in". Stuff you do during your employment belongs to your employer. Assuming a competent IT department, they could just have pulled the e-mails off the server anyway.
I'm not saying that any of what happened is right, but this isn't even a vaguely sensible approach to fight it because it's based on a horribly false premise.
edited 2 days ago
Kat
2,76221218
2,76221218
answered 2 days ago
Philip KendallPhilip Kendall
51k34122157
51k34122157
106
Yes, probably didn't need to physically touch your machine at all.
– Kilisi
2 days ago
7
Yup. I dunno about the standards on state/county/city machines, but many (most? all?) U.S. federal machines show you a warning that any activity may be monitored and inspected.
– jpmc26
2 days ago
15
@DavidZ The problem is that actual ownership is precisely what the asker meant, even if they don't realize it. The asker clearly demonstrates they believe they have some kind of ownership rights to the e-mails and the machine because it's been assigned to them. They do not have any rights to them precisely because the employer owns them. The employer has all the rights to them, and the employee only has those the employer decides to grant (or is required to grant by law). Clarifying that fact is exactly the answer, and that's what this answer does.
– jpmc26
yesterday
18
This answer is only valid for us contexts. In most of the EU / elsewhere, accessing employee files and computers isn't as straightforward and not legal in all cases.
– Magisch
18 hours ago
8
When I was doing admin stuff in Germany, the guidance was that in order to search company computers, the employees have to be prohibited from doing anything not work-related on the computers and this has to be actively enforced (so just putting it into the rules wasn't enough).
– etarion
16 hours ago
|
show 13 more comments
106
Yes, probably didn't need to physically touch your machine at all.
– Kilisi
2 days ago
7
Yup. I dunno about the standards on state/county/city machines, but many (most? all?) U.S. federal machines show you a warning that any activity may be monitored and inspected.
– jpmc26
2 days ago
15
@DavidZ The problem is that actual ownership is precisely what the asker meant, even if they don't realize it. The asker clearly demonstrates they believe they have some kind of ownership rights to the e-mails and the machine because it's been assigned to them. They do not have any rights to them precisely because the employer owns them. The employer has all the rights to them, and the employee only has those the employer decides to grant (or is required to grant by law). Clarifying that fact is exactly the answer, and that's what this answer does.
– jpmc26
yesterday
18
This answer is only valid for us contexts. In most of the EU / elsewhere, accessing employee files and computers isn't as straightforward and not legal in all cases.
– Magisch
18 hours ago
8
When I was doing admin stuff in Germany, the guidance was that in order to search company computers, the employees have to be prohibited from doing anything not work-related on the computers and this has to be actively enforced (so just putting it into the rules wasn't enough).
– etarion
16 hours ago
106
106
Yes, probably didn't need to physically touch your machine at all.
– Kilisi
2 days ago
Yes, probably didn't need to physically touch your machine at all.
– Kilisi
2 days ago
7
7
Yup. I dunno about the standards on state/county/city machines, but many (most? all?) U.S. federal machines show you a warning that any activity may be monitored and inspected.
– jpmc26
2 days ago
Yup. I dunno about the standards on state/county/city machines, but many (most? all?) U.S. federal machines show you a warning that any activity may be monitored and inspected.
– jpmc26
2 days ago
15
15
@DavidZ The problem is that actual ownership is precisely what the asker meant, even if they don't realize it. The asker clearly demonstrates they believe they have some kind of ownership rights to the e-mails and the machine because it's been assigned to them. They do not have any rights to them precisely because the employer owns them. The employer has all the rights to them, and the employee only has those the employer decides to grant (or is required to grant by law). Clarifying that fact is exactly the answer, and that's what this answer does.
– jpmc26
yesterday
@DavidZ The problem is that actual ownership is precisely what the asker meant, even if they don't realize it. The asker clearly demonstrates they believe they have some kind of ownership rights to the e-mails and the machine because it's been assigned to them. They do not have any rights to them precisely because the employer owns them. The employer has all the rights to them, and the employee only has those the employer decides to grant (or is required to grant by law). Clarifying that fact is exactly the answer, and that's what this answer does.
– jpmc26
yesterday
18
18
This answer is only valid for us contexts. In most of the EU / elsewhere, accessing employee files and computers isn't as straightforward and not legal in all cases.
– Magisch
18 hours ago
This answer is only valid for us contexts. In most of the EU / elsewhere, accessing employee files and computers isn't as straightforward and not legal in all cases.
– Magisch
18 hours ago
8
8
When I was doing admin stuff in Germany, the guidance was that in order to search company computers, the employees have to be prohibited from doing anything not work-related on the computers and this has to be actively enforced (so just putting it into the rules wasn't enough).
– etarion
16 hours ago
When I was doing admin stuff in Germany, the guidance was that in order to search company computers, the employees have to be prohibited from doing anything not work-related on the computers and this has to be actively enforced (so just putting it into the rules wasn't enough).
– etarion
16 hours ago
|
show 13 more comments
Your work-provided devices and services belong to your employer, not you.
This is an important tidbit to remember, as it means that they are the rightful, legal owner of:
- Your work computer and any data you create on it, they own it and can do what they like with it.
- Any data you send through their internet connection, they can eavesdrop on, modify, or decide if it should go through or not .
- Your work phone and any data you create on it, they own it and can do what they like with it.
- Your work email address, and any contents therein, they own it and can do what they like with it.
- Any IM Messages you send over the corporate IM service like Skype for Business (if applicable), they can log.
- Any network services deployed on the corporate network...you guessed it, they own it, and if you do any interaction with it, they can do with that what they like.
So yes, what they did was 100% legal.
"So yes, what they did was 100% legal." Out of curiosity: are you a lawyer or something similar?
– Trilarion
11 hours ago
@Trilarion I was once a digital forensic consultant. In other words, the kind of person that would perform investigations exactly like this one. We were required to know the ins and outs of the legalities behind our investigations before so much as sending off a Statement of Works
– 520
11 hours ago
add a comment |
Your work-provided devices and services belong to your employer, not you.
This is an important tidbit to remember, as it means that they are the rightful, legal owner of:
- Your work computer and any data you create on it, they own it and can do what they like with it.
- Any data you send through their internet connection, they can eavesdrop on, modify, or decide if it should go through or not .
- Your work phone and any data you create on it, they own it and can do what they like with it.
- Your work email address, and any contents therein, they own it and can do what they like with it.
- Any IM Messages you send over the corporate IM service like Skype for Business (if applicable), they can log.
- Any network services deployed on the corporate network...you guessed it, they own it, and if you do any interaction with it, they can do with that what they like.
So yes, what they did was 100% legal.
"So yes, what they did was 100% legal." Out of curiosity: are you a lawyer or something similar?
– Trilarion
11 hours ago
@Trilarion I was once a digital forensic consultant. In other words, the kind of person that would perform investigations exactly like this one. We were required to know the ins and outs of the legalities behind our investigations before so much as sending off a Statement of Works
– 520
11 hours ago
add a comment |
Your work-provided devices and services belong to your employer, not you.
This is an important tidbit to remember, as it means that they are the rightful, legal owner of:
- Your work computer and any data you create on it, they own it and can do what they like with it.
- Any data you send through their internet connection, they can eavesdrop on, modify, or decide if it should go through or not .
- Your work phone and any data you create on it, they own it and can do what they like with it.
- Your work email address, and any contents therein, they own it and can do what they like with it.
- Any IM Messages you send over the corporate IM service like Skype for Business (if applicable), they can log.
- Any network services deployed on the corporate network...you guessed it, they own it, and if you do any interaction with it, they can do with that what they like.
So yes, what they did was 100% legal.
Your work-provided devices and services belong to your employer, not you.
This is an important tidbit to remember, as it means that they are the rightful, legal owner of:
- Your work computer and any data you create on it, they own it and can do what they like with it.
- Any data you send through their internet connection, they can eavesdrop on, modify, or decide if it should go through or not .
- Your work phone and any data you create on it, they own it and can do what they like with it.
- Your work email address, and any contents therein, they own it and can do what they like with it.
- Any IM Messages you send over the corporate IM service like Skype for Business (if applicable), they can log.
- Any network services deployed on the corporate network...you guessed it, they own it, and if you do any interaction with it, they can do with that what they like.
So yes, what they did was 100% legal.
answered 2 days ago
520520
3,059620
3,059620
"So yes, what they did was 100% legal." Out of curiosity: are you a lawyer or something similar?
– Trilarion
11 hours ago
@Trilarion I was once a digital forensic consultant. In other words, the kind of person that would perform investigations exactly like this one. We were required to know the ins and outs of the legalities behind our investigations before so much as sending off a Statement of Works
– 520
11 hours ago
add a comment |
"So yes, what they did was 100% legal." Out of curiosity: are you a lawyer or something similar?
– Trilarion
11 hours ago
@Trilarion I was once a digital forensic consultant. In other words, the kind of person that would perform investigations exactly like this one. We were required to know the ins and outs of the legalities behind our investigations before so much as sending off a Statement of Works
– 520
11 hours ago
"So yes, what they did was 100% legal." Out of curiosity: are you a lawyer or something similar?
– Trilarion
11 hours ago
"So yes, what they did was 100% legal." Out of curiosity: are you a lawyer or something similar?
– Trilarion
11 hours ago
@Trilarion I was once a digital forensic consultant. In other words, the kind of person that would perform investigations exactly like this one. We were required to know the ins and outs of the legalities behind our investigations before so much as sending off a Statement of Works
– 520
11 hours ago
@Trilarion I was once a digital forensic consultant. In other words, the kind of person that would perform investigations exactly like this one. We were required to know the ins and outs of the legalities behind our investigations before so much as sending off a Statement of Works
– 520
11 hours ago
add a comment |
Yes, employers are allowed to read files on their own computers and read e-mails on accounts they provide.
Generally, it is permissible for you as an employer to monitor your own computer systems including, but not limited to, employees’ work email communications and internet usage.
Source: https://mcdonaldhopkins.com/Insights/Blog/Employer-Advocate/2018/04/26/Employment-Law-QA-May-I-monitor-an-employees-emails-and-internet-usage
This is also touching issues about professionalism and loyalty. You should avoid using equipment belonging to your employer for your private gain without asking first. For example, no private communication using your work e-mail. And all communication you do in your role as an employee should be loyal to your employer.
In theory, if you are both loyal and only use the computer and accounts for your work, then you have nothing to fear from bring monitored. I know this is a stretch of the truth, we all have things to hide and unfortunately not all employers are using facts gained from monitoring in a fair or reasonable way. But this is the reasoning any employer in existence will use, and you will have a very hard time trying to defend yourself from this "privacy intrusion". Just assume that you are monitored at work.
> You should avoid using equipment belonging to your employer for your private gain without asking first. Government agencies, especially the federal government, have SERIOUS rules about this. Same goes for even the slightest political activities. It doesn't matter than the value of your two megabytes of data sent is practically zero, it is still considered misuse of government property.
– aidanh010
22 hours ago
"Generally, it is permissible for you as an employer to monitor..." - in some cases strict regulations mean it is essentially required that they do so, not simply permissible to do so if they desire. Never do anything on a work device that you wouldn't want the company, and any regulatory bodies that they are covered by, to have full knowledge of.
– David Spillett
16 hours ago
"if you are [...] loyal [...], then you have nothing to fear from being monitored" -- You do not happen to work for the Chinese government, do you?
– Hagen von Eitzen
8 hours ago
add a comment |
Yes, employers are allowed to read files on their own computers and read e-mails on accounts they provide.
Generally, it is permissible for you as an employer to monitor your own computer systems including, but not limited to, employees’ work email communications and internet usage.
Source: https://mcdonaldhopkins.com/Insights/Blog/Employer-Advocate/2018/04/26/Employment-Law-QA-May-I-monitor-an-employees-emails-and-internet-usage
This is also touching issues about professionalism and loyalty. You should avoid using equipment belonging to your employer for your private gain without asking first. For example, no private communication using your work e-mail. And all communication you do in your role as an employee should be loyal to your employer.
In theory, if you are both loyal and only use the computer and accounts for your work, then you have nothing to fear from bring monitored. I know this is a stretch of the truth, we all have things to hide and unfortunately not all employers are using facts gained from monitoring in a fair or reasonable way. But this is the reasoning any employer in existence will use, and you will have a very hard time trying to defend yourself from this "privacy intrusion". Just assume that you are monitored at work.
> You should avoid using equipment belonging to your employer for your private gain without asking first. Government agencies, especially the federal government, have SERIOUS rules about this. Same goes for even the slightest political activities. It doesn't matter than the value of your two megabytes of data sent is practically zero, it is still considered misuse of government property.
– aidanh010
22 hours ago
"Generally, it is permissible for you as an employer to monitor..." - in some cases strict regulations mean it is essentially required that they do so, not simply permissible to do so if they desire. Never do anything on a work device that you wouldn't want the company, and any regulatory bodies that they are covered by, to have full knowledge of.
– David Spillett
16 hours ago
"if you are [...] loyal [...], then you have nothing to fear from being monitored" -- You do not happen to work for the Chinese government, do you?
– Hagen von Eitzen
8 hours ago
add a comment |
Yes, employers are allowed to read files on their own computers and read e-mails on accounts they provide.
Generally, it is permissible for you as an employer to monitor your own computer systems including, but not limited to, employees’ work email communications and internet usage.
Source: https://mcdonaldhopkins.com/Insights/Blog/Employer-Advocate/2018/04/26/Employment-Law-QA-May-I-monitor-an-employees-emails-and-internet-usage
This is also touching issues about professionalism and loyalty. You should avoid using equipment belonging to your employer for your private gain without asking first. For example, no private communication using your work e-mail. And all communication you do in your role as an employee should be loyal to your employer.
In theory, if you are both loyal and only use the computer and accounts for your work, then you have nothing to fear from bring monitored. I know this is a stretch of the truth, we all have things to hide and unfortunately not all employers are using facts gained from monitoring in a fair or reasonable way. But this is the reasoning any employer in existence will use, and you will have a very hard time trying to defend yourself from this "privacy intrusion". Just assume that you are monitored at work.
Yes, employers are allowed to read files on their own computers and read e-mails on accounts they provide.
Generally, it is permissible for you as an employer to monitor your own computer systems including, but not limited to, employees’ work email communications and internet usage.
Source: https://mcdonaldhopkins.com/Insights/Blog/Employer-Advocate/2018/04/26/Employment-Law-QA-May-I-monitor-an-employees-emails-and-internet-usage
This is also touching issues about professionalism and loyalty. You should avoid using equipment belonging to your employer for your private gain without asking first. For example, no private communication using your work e-mail. And all communication you do in your role as an employee should be loyal to your employer.
In theory, if you are both loyal and only use the computer and accounts for your work, then you have nothing to fear from bring monitored. I know this is a stretch of the truth, we all have things to hide and unfortunately not all employers are using facts gained from monitoring in a fair or reasonable way. But this is the reasoning any employer in existence will use, and you will have a very hard time trying to defend yourself from this "privacy intrusion". Just assume that you are monitored at work.
answered 2 days ago
Emil VikströmEmil Vikström
1,824515
1,824515
> You should avoid using equipment belonging to your employer for your private gain without asking first. Government agencies, especially the federal government, have SERIOUS rules about this. Same goes for even the slightest political activities. It doesn't matter than the value of your two megabytes of data sent is practically zero, it is still considered misuse of government property.
– aidanh010
22 hours ago
"Generally, it is permissible for you as an employer to monitor..." - in some cases strict regulations mean it is essentially required that they do so, not simply permissible to do so if they desire. Never do anything on a work device that you wouldn't want the company, and any regulatory bodies that they are covered by, to have full knowledge of.
– David Spillett
16 hours ago
"if you are [...] loyal [...], then you have nothing to fear from being monitored" -- You do not happen to work for the Chinese government, do you?
– Hagen von Eitzen
8 hours ago
add a comment |
> You should avoid using equipment belonging to your employer for your private gain without asking first. Government agencies, especially the federal government, have SERIOUS rules about this. Same goes for even the slightest political activities. It doesn't matter than the value of your two megabytes of data sent is practically zero, it is still considered misuse of government property.
– aidanh010
22 hours ago
"Generally, it is permissible for you as an employer to monitor..." - in some cases strict regulations mean it is essentially required that they do so, not simply permissible to do so if they desire. Never do anything on a work device that you wouldn't want the company, and any regulatory bodies that they are covered by, to have full knowledge of.
– David Spillett
16 hours ago
"if you are [...] loyal [...], then you have nothing to fear from being monitored" -- You do not happen to work for the Chinese government, do you?
– Hagen von Eitzen
8 hours ago
> You should avoid using equipment belonging to your employer for your private gain without asking first. Government agencies, especially the federal government, have SERIOUS rules about this. Same goes for even the slightest political activities. It doesn't matter than the value of your two megabytes of data sent is practically zero, it is still considered misuse of government property.
– aidanh010
22 hours ago
> You should avoid using equipment belonging to your employer for your private gain without asking first. Government agencies, especially the federal government, have SERIOUS rules about this. Same goes for even the slightest political activities. It doesn't matter than the value of your two megabytes of data sent is practically zero, it is still considered misuse of government property.
– aidanh010
22 hours ago
"Generally, it is permissible for you as an employer to monitor..." - in some cases strict regulations mean it is essentially required that they do so, not simply permissible to do so if they desire. Never do anything on a work device that you wouldn't want the company, and any regulatory bodies that they are covered by, to have full knowledge of.
– David Spillett
16 hours ago
"Generally, it is permissible for you as an employer to monitor..." - in some cases strict regulations mean it is essentially required that they do so, not simply permissible to do so if they desire. Never do anything on a work device that you wouldn't want the company, and any regulatory bodies that they are covered by, to have full knowledge of.
– David Spillett
16 hours ago
"if you are [...] loyal [...], then you have nothing to fear from being monitored" -- You do not happen to work for the Chinese government, do you?
– Hagen von Eitzen
8 hours ago
"if you are [...] loyal [...], then you have nothing to fear from being monitored" -- You do not happen to work for the Chinese government, do you?
– Hagen von Eitzen
8 hours ago
add a comment |
More than permitted, it is essential that other authorised people in the company can get to your emails.
At my previous company, our technical director left to work elsewhere. No big deal, it happens. But a few weeks after he left, we discovered that he'd arranged payment for server space on his company credit card and not logged details with accounts. When he left, the company cancelled that card, and of course server space renewals failed.
So our IT guys requested access to his emails and had to trawl through to find those details. This reinforces that emails on company business must be accessible by the company.
Separately later, I needed some other information from his emails. Management insisted I only got to see a subset of his emails, not because of his confidentiality, but because he signed off on people's pay and other people's confidentiality was the issue there.
add a comment |
More than permitted, it is essential that other authorised people in the company can get to your emails.
At my previous company, our technical director left to work elsewhere. No big deal, it happens. But a few weeks after he left, we discovered that he'd arranged payment for server space on his company credit card and not logged details with accounts. When he left, the company cancelled that card, and of course server space renewals failed.
So our IT guys requested access to his emails and had to trawl through to find those details. This reinforces that emails on company business must be accessible by the company.
Separately later, I needed some other information from his emails. Management insisted I only got to see a subset of his emails, not because of his confidentiality, but because he signed off on people's pay and other people's confidentiality was the issue there.
add a comment |
More than permitted, it is essential that other authorised people in the company can get to your emails.
At my previous company, our technical director left to work elsewhere. No big deal, it happens. But a few weeks after he left, we discovered that he'd arranged payment for server space on his company credit card and not logged details with accounts. When he left, the company cancelled that card, and of course server space renewals failed.
So our IT guys requested access to his emails and had to trawl through to find those details. This reinforces that emails on company business must be accessible by the company.
Separately later, I needed some other information from his emails. Management insisted I only got to see a subset of his emails, not because of his confidentiality, but because he signed off on people's pay and other people's confidentiality was the issue there.
More than permitted, it is essential that other authorised people in the company can get to your emails.
At my previous company, our technical director left to work elsewhere. No big deal, it happens. But a few weeks after he left, we discovered that he'd arranged payment for server space on his company credit card and not logged details with accounts. When he left, the company cancelled that card, and of course server space renewals failed.
So our IT guys requested access to his emails and had to trawl through to find those details. This reinforces that emails on company business must be accessible by the company.
Separately later, I needed some other information from his emails. Management insisted I only got to see a subset of his emails, not because of his confidentiality, but because he signed off on people's pay and other people's confidentiality was the issue there.
answered 2 days ago
GrahamGraham
3,8721719
3,8721719
add a comment |
add a comment |
As others have stated, the company / government owns the computer, not you. And, as such, they also have IT policies (often written in employee guidelines, or even as a big fat warning message when logging in) that all activity is monitored / logged and can be dug through if and when they please.
There is a sort of unwritten "acceptance" at most jobs that employees will use their computers for outside activities. EG: an employee paying some bills on the computer during their lunch break, or surfing the web for something for their kid or what-not. As folks go up the executive / management ladder, they're often stuck in their offices 12 hr days, and it's just a given they're going to use their work computer for personal activities.
In a perfect world, people would keep their personal activities only on a device they themselves own. But, it's not a perfect world.
In good IT settings I've been in, the IT folks (all IT / IS folks, really) act as guardians of secrets. The IT folks are monitoring everything that goes on on every computer in the company / workplace / college campus (for college computer labs) / etc .. but unless they have REASON to look into something, they just ignore and overlook any extracurricular activities. (EG: at my last job, I would IM with my gf all the time. The IM's would get a bit saucy, but nobody was dragging me off to HR dept to talk to me about them. I was a good employee that did my work. Could they have? Sure. But, at most companies it's a "we don't care unless we're asked to look into something". Managers were surfing the web in their offices. They were checking their bank accounts. None of that information was used against them, because our IS / IT dept had a policy of protecting it's employees and their personal information. And, an employees activity on a bank site has nothing to do with the company.. unless, say, the employee is embezzeling money from the company into their personal bank account.)
The only times I've seen IT investigating things is when some law was broken or a complain was filed. EG: someone's been embezzeling money.. obviously the IT dept is going to dig through that person's emails and computer with a fine-toothed comb to investigate. Or, an employee complains about someone watching porn on their computer (you'd be surprised how many execs sitting in their offices think they're completely isolated and private, but someone walking by sees something saucy going on on their computer.. and a complaint is filed with HR. Then the IT dept has to go to work and look at logs.. and eventually have a talk with the exec to tell them to stop visiting whatever site they're visiting.)
So, this makes me think they had reason to look into what you were doing. Maybe those two people are jerks and go out of their way to find things on their employees in order to hold them hostage or throw them under the bus. If that's the case, I'd find a new place to go work. (Hard enough just to do a job, worse still when you have a boss actively trying to work against you or get dirt on you to hold you hostage over something.)
There are petty managers that think "managing" is about digging up dirt on employees in order to get them under their thumb and abuse them. Had a gf that got her desk rifled through, and sat down and talked to over her "satanic music" found in her desk. The company has the right to dig through a person's desk (the desk is company property), but the "satanic music" was just a heavy metal cd she had in her desk. She turned the tables on them and asked if they were saying that they were discriminating against her on religious grounds (ie: manager thought he "had her" by trying to shame her for listing to "devil music", when really from an HR perspective that means he was discriminating against her via religion.) Petty work environments like that are to be avoided if at all possible.
In the case of government work (or any other kind of sensitive job), the computer should be handled with kid gloves. You just have to work at a place to feel the environment out to see if they have a lax monitoring policy or a strict one. If it's super-strict, they will often have notices when you log in reminding you that everything you do is being monitored.
But, bottomline is.. just becasue they don't say you're being monitored doesn't mean they're not monitoring you. And, it's their property. Think of it like being in school again. The teachers can go around checking your locker, becasue it's school property. You don't own the locker.
If you have something serious to discuss with someone, and you're worried about it biting you in the rear, it's best to have a face-to-face conversation, that way an email or phone call can't come back to haunt you. Once you fire off an email, it's basically stored on a server and can get dug up to get used against you when and if the company / job deems it necessary.. even if it seems to be based on petty office politics.
New contributor
add a comment |
As others have stated, the company / government owns the computer, not you. And, as such, they also have IT policies (often written in employee guidelines, or even as a big fat warning message when logging in) that all activity is monitored / logged and can be dug through if and when they please.
There is a sort of unwritten "acceptance" at most jobs that employees will use their computers for outside activities. EG: an employee paying some bills on the computer during their lunch break, or surfing the web for something for their kid or what-not. As folks go up the executive / management ladder, they're often stuck in their offices 12 hr days, and it's just a given they're going to use their work computer for personal activities.
In a perfect world, people would keep their personal activities only on a device they themselves own. But, it's not a perfect world.
In good IT settings I've been in, the IT folks (all IT / IS folks, really) act as guardians of secrets. The IT folks are monitoring everything that goes on on every computer in the company / workplace / college campus (for college computer labs) / etc .. but unless they have REASON to look into something, they just ignore and overlook any extracurricular activities. (EG: at my last job, I would IM with my gf all the time. The IM's would get a bit saucy, but nobody was dragging me off to HR dept to talk to me about them. I was a good employee that did my work. Could they have? Sure. But, at most companies it's a "we don't care unless we're asked to look into something". Managers were surfing the web in their offices. They were checking their bank accounts. None of that information was used against them, because our IS / IT dept had a policy of protecting it's employees and their personal information. And, an employees activity on a bank site has nothing to do with the company.. unless, say, the employee is embezzeling money from the company into their personal bank account.)
The only times I've seen IT investigating things is when some law was broken or a complain was filed. EG: someone's been embezzeling money.. obviously the IT dept is going to dig through that person's emails and computer with a fine-toothed comb to investigate. Or, an employee complains about someone watching porn on their computer (you'd be surprised how many execs sitting in their offices think they're completely isolated and private, but someone walking by sees something saucy going on on their computer.. and a complaint is filed with HR. Then the IT dept has to go to work and look at logs.. and eventually have a talk with the exec to tell them to stop visiting whatever site they're visiting.)
So, this makes me think they had reason to look into what you were doing. Maybe those two people are jerks and go out of their way to find things on their employees in order to hold them hostage or throw them under the bus. If that's the case, I'd find a new place to go work. (Hard enough just to do a job, worse still when you have a boss actively trying to work against you or get dirt on you to hold you hostage over something.)
There are petty managers that think "managing" is about digging up dirt on employees in order to get them under their thumb and abuse them. Had a gf that got her desk rifled through, and sat down and talked to over her "satanic music" found in her desk. The company has the right to dig through a person's desk (the desk is company property), but the "satanic music" was just a heavy metal cd she had in her desk. She turned the tables on them and asked if they were saying that they were discriminating against her on religious grounds (ie: manager thought he "had her" by trying to shame her for listing to "devil music", when really from an HR perspective that means he was discriminating against her via religion.) Petty work environments like that are to be avoided if at all possible.
In the case of government work (or any other kind of sensitive job), the computer should be handled with kid gloves. You just have to work at a place to feel the environment out to see if they have a lax monitoring policy or a strict one. If it's super-strict, they will often have notices when you log in reminding you that everything you do is being monitored.
But, bottomline is.. just becasue they don't say you're being monitored doesn't mean they're not monitoring you. And, it's their property. Think of it like being in school again. The teachers can go around checking your locker, becasue it's school property. You don't own the locker.
If you have something serious to discuss with someone, and you're worried about it biting you in the rear, it's best to have a face-to-face conversation, that way an email or phone call can't come back to haunt you. Once you fire off an email, it's basically stored on a server and can get dug up to get used against you when and if the company / job deems it necessary.. even if it seems to be based on petty office politics.
New contributor
add a comment |
As others have stated, the company / government owns the computer, not you. And, as such, they also have IT policies (often written in employee guidelines, or even as a big fat warning message when logging in) that all activity is monitored / logged and can be dug through if and when they please.
There is a sort of unwritten "acceptance" at most jobs that employees will use their computers for outside activities. EG: an employee paying some bills on the computer during their lunch break, or surfing the web for something for their kid or what-not. As folks go up the executive / management ladder, they're often stuck in their offices 12 hr days, and it's just a given they're going to use their work computer for personal activities.
In a perfect world, people would keep their personal activities only on a device they themselves own. But, it's not a perfect world.
In good IT settings I've been in, the IT folks (all IT / IS folks, really) act as guardians of secrets. The IT folks are monitoring everything that goes on on every computer in the company / workplace / college campus (for college computer labs) / etc .. but unless they have REASON to look into something, they just ignore and overlook any extracurricular activities. (EG: at my last job, I would IM with my gf all the time. The IM's would get a bit saucy, but nobody was dragging me off to HR dept to talk to me about them. I was a good employee that did my work. Could they have? Sure. But, at most companies it's a "we don't care unless we're asked to look into something". Managers were surfing the web in their offices. They were checking their bank accounts. None of that information was used against them, because our IS / IT dept had a policy of protecting it's employees and their personal information. And, an employees activity on a bank site has nothing to do with the company.. unless, say, the employee is embezzeling money from the company into their personal bank account.)
The only times I've seen IT investigating things is when some law was broken or a complain was filed. EG: someone's been embezzeling money.. obviously the IT dept is going to dig through that person's emails and computer with a fine-toothed comb to investigate. Or, an employee complains about someone watching porn on their computer (you'd be surprised how many execs sitting in their offices think they're completely isolated and private, but someone walking by sees something saucy going on on their computer.. and a complaint is filed with HR. Then the IT dept has to go to work and look at logs.. and eventually have a talk with the exec to tell them to stop visiting whatever site they're visiting.)
So, this makes me think they had reason to look into what you were doing. Maybe those two people are jerks and go out of their way to find things on their employees in order to hold them hostage or throw them under the bus. If that's the case, I'd find a new place to go work. (Hard enough just to do a job, worse still when you have a boss actively trying to work against you or get dirt on you to hold you hostage over something.)
There are petty managers that think "managing" is about digging up dirt on employees in order to get them under their thumb and abuse them. Had a gf that got her desk rifled through, and sat down and talked to over her "satanic music" found in her desk. The company has the right to dig through a person's desk (the desk is company property), but the "satanic music" was just a heavy metal cd she had in her desk. She turned the tables on them and asked if they were saying that they were discriminating against her on religious grounds (ie: manager thought he "had her" by trying to shame her for listing to "devil music", when really from an HR perspective that means he was discriminating against her via religion.) Petty work environments like that are to be avoided if at all possible.
In the case of government work (or any other kind of sensitive job), the computer should be handled with kid gloves. You just have to work at a place to feel the environment out to see if they have a lax monitoring policy or a strict one. If it's super-strict, they will often have notices when you log in reminding you that everything you do is being monitored.
But, bottomline is.. just becasue they don't say you're being monitored doesn't mean they're not monitoring you. And, it's their property. Think of it like being in school again. The teachers can go around checking your locker, becasue it's school property. You don't own the locker.
If you have something serious to discuss with someone, and you're worried about it biting you in the rear, it's best to have a face-to-face conversation, that way an email or phone call can't come back to haunt you. Once you fire off an email, it's basically stored on a server and can get dug up to get used against you when and if the company / job deems it necessary.. even if it seems to be based on petty office politics.
New contributor
As others have stated, the company / government owns the computer, not you. And, as such, they also have IT policies (often written in employee guidelines, or even as a big fat warning message when logging in) that all activity is monitored / logged and can be dug through if and when they please.
There is a sort of unwritten "acceptance" at most jobs that employees will use their computers for outside activities. EG: an employee paying some bills on the computer during their lunch break, or surfing the web for something for their kid or what-not. As folks go up the executive / management ladder, they're often stuck in their offices 12 hr days, and it's just a given they're going to use their work computer for personal activities.
In a perfect world, people would keep their personal activities only on a device they themselves own. But, it's not a perfect world.
In good IT settings I've been in, the IT folks (all IT / IS folks, really) act as guardians of secrets. The IT folks are monitoring everything that goes on on every computer in the company / workplace / college campus (for college computer labs) / etc .. but unless they have REASON to look into something, they just ignore and overlook any extracurricular activities. (EG: at my last job, I would IM with my gf all the time. The IM's would get a bit saucy, but nobody was dragging me off to HR dept to talk to me about them. I was a good employee that did my work. Could they have? Sure. But, at most companies it's a "we don't care unless we're asked to look into something". Managers were surfing the web in their offices. They were checking their bank accounts. None of that information was used against them, because our IS / IT dept had a policy of protecting it's employees and their personal information. And, an employees activity on a bank site has nothing to do with the company.. unless, say, the employee is embezzeling money from the company into their personal bank account.)
The only times I've seen IT investigating things is when some law was broken or a complain was filed. EG: someone's been embezzeling money.. obviously the IT dept is going to dig through that person's emails and computer with a fine-toothed comb to investigate. Or, an employee complains about someone watching porn on their computer (you'd be surprised how many execs sitting in their offices think they're completely isolated and private, but someone walking by sees something saucy going on on their computer.. and a complaint is filed with HR. Then the IT dept has to go to work and look at logs.. and eventually have a talk with the exec to tell them to stop visiting whatever site they're visiting.)
So, this makes me think they had reason to look into what you were doing. Maybe those two people are jerks and go out of their way to find things on their employees in order to hold them hostage or throw them under the bus. If that's the case, I'd find a new place to go work. (Hard enough just to do a job, worse still when you have a boss actively trying to work against you or get dirt on you to hold you hostage over something.)
There are petty managers that think "managing" is about digging up dirt on employees in order to get them under their thumb and abuse them. Had a gf that got her desk rifled through, and sat down and talked to over her "satanic music" found in her desk. The company has the right to dig through a person's desk (the desk is company property), but the "satanic music" was just a heavy metal cd she had in her desk. She turned the tables on them and asked if they were saying that they were discriminating against her on religious grounds (ie: manager thought he "had her" by trying to shame her for listing to "devil music", when really from an HR perspective that means he was discriminating against her via religion.) Petty work environments like that are to be avoided if at all possible.
In the case of government work (or any other kind of sensitive job), the computer should be handled with kid gloves. You just have to work at a place to feel the environment out to see if they have a lax monitoring policy or a strict one. If it's super-strict, they will often have notices when you log in reminding you that everything you do is being monitored.
But, bottomline is.. just becasue they don't say you're being monitored doesn't mean they're not monitoring you. And, it's their property. Think of it like being in school again. The teachers can go around checking your locker, becasue it's school property. You don't own the locker.
If you have something serious to discuss with someone, and you're worried about it biting you in the rear, it's best to have a face-to-face conversation, that way an email or phone call can't come back to haunt you. Once you fire off an email, it's basically stored on a server and can get dug up to get used against you when and if the company / job deems it necessary.. even if it seems to be based on petty office politics.
New contributor
New contributor
answered yesterday
blahblahblahblah
911
911
New contributor
New contributor
add a comment |
add a comment |
Emails are typically sent through a minimum of two servers. The sender sends the email to a sending server, which sends the email to the receiver's server, which delivers the mail to an email client the recipient is logged in as; they can even access the email from multiple computers as long as they're on the appropriate network and/or have the appropriate login credentials.
The important distinction here is that your work computer is only a client. All those emails are stored at the server. In many cases, servers also store emails until they are deleted, and even then, those emails are typically logged in a server log somewhere for later retrieval for situations just like this.
Nobody needed to "break in" to the computer you use. All that data is stored at the server. Further, in most jurisdictions, they are not your emails, but rather are emails that belong to the service provider (in this case, the government). Any email you send through a server can be read anyone with permission to do so.
Finally, as a point of distinction, unless you're using your own personal laptop, IT can certainly come in, log in as a network administrator, and peruse all of your files. They don't need to "break in" in the sense that you think they did, nor do they even have to physically log in to this computer; they can request all the files they want over the network.
So, in conclusion: don't send emails through your company email unless they are work related, and assume that any email you send or receive can be read by anyone in the IT department, at minimum, and law enforcement/courts/etc if required during the course of an investigation.
add a comment |
Emails are typically sent through a minimum of two servers. The sender sends the email to a sending server, which sends the email to the receiver's server, which delivers the mail to an email client the recipient is logged in as; they can even access the email from multiple computers as long as they're on the appropriate network and/or have the appropriate login credentials.
The important distinction here is that your work computer is only a client. All those emails are stored at the server. In many cases, servers also store emails until they are deleted, and even then, those emails are typically logged in a server log somewhere for later retrieval for situations just like this.
Nobody needed to "break in" to the computer you use. All that data is stored at the server. Further, in most jurisdictions, they are not your emails, but rather are emails that belong to the service provider (in this case, the government). Any email you send through a server can be read anyone with permission to do so.
Finally, as a point of distinction, unless you're using your own personal laptop, IT can certainly come in, log in as a network administrator, and peruse all of your files. They don't need to "break in" in the sense that you think they did, nor do they even have to physically log in to this computer; they can request all the files they want over the network.
So, in conclusion: don't send emails through your company email unless they are work related, and assume that any email you send or receive can be read by anyone in the IT department, at minimum, and law enforcement/courts/etc if required during the course of an investigation.
add a comment |
Emails are typically sent through a minimum of two servers. The sender sends the email to a sending server, which sends the email to the receiver's server, which delivers the mail to an email client the recipient is logged in as; they can even access the email from multiple computers as long as they're on the appropriate network and/or have the appropriate login credentials.
The important distinction here is that your work computer is only a client. All those emails are stored at the server. In many cases, servers also store emails until they are deleted, and even then, those emails are typically logged in a server log somewhere for later retrieval for situations just like this.
Nobody needed to "break in" to the computer you use. All that data is stored at the server. Further, in most jurisdictions, they are not your emails, but rather are emails that belong to the service provider (in this case, the government). Any email you send through a server can be read anyone with permission to do so.
Finally, as a point of distinction, unless you're using your own personal laptop, IT can certainly come in, log in as a network administrator, and peruse all of your files. They don't need to "break in" in the sense that you think they did, nor do they even have to physically log in to this computer; they can request all the files they want over the network.
So, in conclusion: don't send emails through your company email unless they are work related, and assume that any email you send or receive can be read by anyone in the IT department, at minimum, and law enforcement/courts/etc if required during the course of an investigation.
Emails are typically sent through a minimum of two servers. The sender sends the email to a sending server, which sends the email to the receiver's server, which delivers the mail to an email client the recipient is logged in as; they can even access the email from multiple computers as long as they're on the appropriate network and/or have the appropriate login credentials.
The important distinction here is that your work computer is only a client. All those emails are stored at the server. In many cases, servers also store emails until they are deleted, and even then, those emails are typically logged in a server log somewhere for later retrieval for situations just like this.
Nobody needed to "break in" to the computer you use. All that data is stored at the server. Further, in most jurisdictions, they are not your emails, but rather are emails that belong to the service provider (in this case, the government). Any email you send through a server can be read anyone with permission to do so.
Finally, as a point of distinction, unless you're using your own personal laptop, IT can certainly come in, log in as a network administrator, and peruse all of your files. They don't need to "break in" in the sense that you think they did, nor do they even have to physically log in to this computer; they can request all the files they want over the network.
So, in conclusion: don't send emails through your company email unless they are work related, and assume that any email you send or receive can be read by anyone in the IT department, at minimum, and law enforcement/courts/etc if required during the course of an investigation.
answered yesterday
phyrfoxphyrfox
43126
43126
add a comment |
add a comment |
Are they allowed to break into an employee's office emails under the name of investigatory meeting? The employer is the government office.
Are you sure they broke into YOUR workstation with a username/password and looked at your email? And not that they looked on the mail server and looked at your mailbox? My guess is the later case here.
As far as if it is legal the answer is yes. Typically on government workstations you consent by logging in to a search except for certain protected stuff like legal and medical, if I remember right.
add a comment |
Are they allowed to break into an employee's office emails under the name of investigatory meeting? The employer is the government office.
Are you sure they broke into YOUR workstation with a username/password and looked at your email? And not that they looked on the mail server and looked at your mailbox? My guess is the later case here.
As far as if it is legal the answer is yes. Typically on government workstations you consent by logging in to a search except for certain protected stuff like legal and medical, if I remember right.
add a comment |
Are they allowed to break into an employee's office emails under the name of investigatory meeting? The employer is the government office.
Are you sure they broke into YOUR workstation with a username/password and looked at your email? And not that they looked on the mail server and looked at your mailbox? My guess is the later case here.
As far as if it is legal the answer is yes. Typically on government workstations you consent by logging in to a search except for certain protected stuff like legal and medical, if I remember right.
Are they allowed to break into an employee's office emails under the name of investigatory meeting? The employer is the government office.
Are you sure they broke into YOUR workstation with a username/password and looked at your email? And not that they looked on the mail server and looked at your mailbox? My guess is the later case here.
As far as if it is legal the answer is yes. Typically on government workstations you consent by logging in to a search except for certain protected stuff like legal and medical, if I remember right.
answered 7 hours ago
DanDan
7,86621527
7,86621527
add a comment |
add a comment |
Mimi is a new contributor. Be nice, and check out our Code of Conduct.
Mimi is a new contributor. Be nice, and check out our Code of Conduct.
Mimi is a new contributor. Be nice, and check out our Code of Conduct.
Mimi is a new contributor. Be nice, and check out our Code of Conduct.
Thanks for contributing an answer to The Workplace Stack Exchange!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fworkplace.stackexchange.com%2fquestions%2f127996%2fis-my-employer-allowed-to-access-my-office-emails-without-my-knowledge-permissio%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
106
"Are they allowed to break into employer's office emails under the name of investigatory meeting" - In most US situations, work emails belong to the employer, not you.
– Joe Strazzere
2 days ago
13
OK, let's shuffle the example - an employee conducted a crime using their office (government) computer. Are they now immune to any investigation?
– VLAZ
yesterday
4
@usr-local-ΕΨΗΕΛΩΝ <sigh /> There are indeed more restrictions placed on the accessing of employee's emails in the EU but * can be examined only under a criminal investigation by public officers* is simply untrue. The additional protections are only applied to emails of a clearly personal nature. Work e-mails can be accessed, monitored and read by the employer so long as they do so in a GDPR compliant manner.
– motosubatsu
14 hours ago
4
The title of this question should be changed to "IT department accessing an office computer", although that would probably get less views.
– Nuclear Wang
12 hours ago
3
They almost certainly just pulled the emails from the central server, do you have any evidence they actually accessed your machine?
– Kevin
8 hours ago