Monitoring at work: an employer's guide
Richard Clayton
richard at highwayman.com
Tue, 19 Nov 2002 10:21:40 +0000
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
You may recall some excitement in the summer about a draft of the Information
Commissioner's Guidance to Employers about Monitoring in the Workplace
>> According to page 29 of the Code: "An interception takes place if the
>> contents of a communication are made available, during the course of its
>> transmission, to someone other than the sender or intended recipient.
>> Examples of interception include a supervisor listening in to calls in a
>> call centre, a business opening e-mails stored on a server before they have
>> been read by the intended recipient, and an automated system that opens
>> e-mails and/or their attachments to check them for viruses."
the final version of this document is now available (on one of the DPR's
spectacularly stupid URLs):
<URL:http://www.dataprotection.gov.uk/dpr/dpdoc.nsf/ed1e7ff5aa6def308025663600
45bf4d/024aaa3a87d81c1f80256bf000526286/$FILE/3+monitoring.pdf>
this text has survived (regrettably without any comment about the significant
subtleties surrounding "made available"). However it is probably worth noting
that on page 40 it says:
7. Is the interception for an authorised business purpose?
Interception without consent is allowed if it is part of monitoring
(or recording) business communications for one of the following
purposes:-
<snip>
* to ensure the security of the system and its effective operation
(e.g., to check for viruses or other threats to the system or to
enable automated processes such as caching or load distribution).
which should avoid too much confusion out there.
- --
richard Richard Clayton
They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety. Benjamin Franklin
-----BEGIN PGP SIGNATURE-----
Version: PGPsdk version 1.7.1
iQA/AwUBPdoQtBfnRQV/feRLEQLyGwCg5voTDo8Tua2PYTf+momuDXLihVkAoJAq
Q4XhtfA1SfqqrCO9F76MdWfc
=JsSg
-----END PGP SIGNATURE-----