I currently work at a state-funded college, where academic freedom is the overriding priority when it comes to privacy and online activities. We are a public institution, and we cannot limit or record the online activities of our staff, students, or the visiting public who are using our technology. This is the same attitude that public libraries take with their patrons: if you are using a library’s services, you are automatically assumed to be free from harassment and/or monitoring while you are using library resources.
This, of course, can present some problems. Several years ago, shortly after 9/11, the FBI visited our campus and asked to see the surfing records of a particular student-use computer. I was directly involved with this investigation as the computer in question resided in my open computer lab. Of course we had no records to give them; and we deferred everything to our campus police and leadership team. Shortly afterwards, we were instructed to maintain IP traffic records of each public-use computer on campus for three months, and to keep records of who sat at what computer during our open hours. This required us to take a form of ID from each person using our lab, noting when they came and when they left. I don’t even have to tell you about the grief we got from our users about such invasion of their privacy.
Fortunately, our legal counsel finally managed to remove these encumbrances, and we’ve been sailing merrily along with our eyes turned the other way when it comes to how our computers are used in public places. We don’t care where they go or what they do, and when it comes to staff and faculty, we don’t care either. Unless there is a specific threat and/or law enforcement involvement, there is no reason for us to be snooping like technology terriers into the affairs of our coworkers.
That is apparently not the case in the corporate world, where as many as 41% of corporations have paid staff whose only job is to monitor or otherwise analyze the email and web traffic of their employees. Presumably, this snooping is done to preserve corporate secrets and enforce company policies. I can understand that, honestly, but on the other hand, I’m ultimately glad I work in a place that doesn’t watch us too closely. I know I’m not the only one of my department who keeps a blog (or multiple blogs), has sent (or forwarded) emails from my campus account to personal contacts, or participated in forums or discussions in email that really have nothing to do with work. It is rather a fact of life, I think, for most people. And as a manager myself, I really have no problem with this type of activity, as long as it doesn’t interfere with the employee’s expected work output, and doesn’t put our department or our campus at risk.
Before I started working here, I was a software trainer. I spent the majority of my time for a solid year teaching people at a local electric utility how to use the new Microsoft Office products, including Outlook. Part of the corporate culture there was to lock down pc’s so that you couldn’t even change the wallpaper, and every night each machine was wiped and re-imaged. While teaching Outlook classes, there were a lot of questions from employees about whether or not their emails were being read. I know I told them at the time that it would be cost-prohibitive to hire people to spend their days reading incoming and outgoing emails, and that in general, unless there was a reason to be watching someone, there would be no one watching.
I’m not so sure that’s true any more. It doesn’t sound like it, from the statistics I’ve seen recently.