this post was submitted on 22 Aug 2023
533 points (96.8% liked)
Privacy
32173 readers
398 users here now
A place to discuss privacy and freedom in the digital world.
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
Some Rules
- Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
- Don't promote proprietary software
- Try to keep things on topic
- If you have a question, please try searching for previous discussions, maybe it has already been answered
- Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
- Be nice :)
Related communities
much thanks to @gary_host_laptop for the logo design :)
founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
I’m an infrastructure analyst and at my workplace I implement such rules for specific reasons: 1) we need to be able to have evidence should an employee act maliciously with a company device. We do also monitor all queries but it’s passive. We can drill into your browsing history in great detail but won’t unless we have to (speaking personally here as I follow the code). 2) people will do dumb shit. And will lie to get support. Now, having been on the other end of a support ticket, I get it. Unless you lie a little, you may not get support promptly. Therefore, it’s part of my job to check what’s the lie and what’s the actual issue, which includes being able to see the download history. I would not be surprised if malware is accidentally downloaded and then it autonomously removes itself from the download history as It has happened before. Strictly speaking, this is done for both your safety as well as that of the company. And generally speaking, you should NEVER use your work laptop/phone/iPad for personal use because of all of the above.
I use my personal laptop at work, no issues. Employer can't see what I'm doing which is the way it should be.
If they don't trust me, don't hire me then.
I would never work anywhere where people like you can watch what I'm doing. Luckily I'm in IT so I choose where I work.
I despise companies who don't give employees privacy. The reasons you gave means nothing. You can always argue for anything to protect the company. Who protects the employees?
Safest for the company would be if you have employees in small cells being watched by guards around the clock. That would be really good for the company.
If you've connected your personal laptop to your work wifi, they 100% can see all your browsing history (specifically whats passed through their network).
Hell, I only run a simple homelab and I can see the exact traffic/browsing history of every device on my home network. I'm only tracking via dns traffic, but your https traffic can even be intercepted and decrypted pretty easily. So don't even trust that.
This doesn't require installing anything on your device to fully monitor you.
You’re not wrong. It really comes down to how ethical the IT/company is. And we are, purposely so. Also we have dns-over-https and No other identifier is parsed through. So we can see and block someone browsing porn on the guest Wi-Fi, but we’d never know who it was. Look, I’m not saying things are perfect, but there are people like me who look out for both the user and the company. The goal is ensure that users privacy is respected and that the company is protected agains misuse, malicious intent or just plain bad-luck. This is the “code” I was referring to. As IT people we have to behave ethically for business we operate in. It’s not perfect but nobody is trying to be. This is all best effort from all parties.
Your ethics goes out the window when being told to do something by your employer.
Maybe you try to look out for the user, but it's completely wrong that employees should have to trust you to do that.
"Company being protected from misuse" is a blanket term for survellience, same as "fighting terrorism".
I still stand by my opinion. Companies need to trust employees and not run survellience programs against them. It's just wrong.
Sure but I work from home. Don't use their wifi except when I'm in the office. I could connect to a VPN and they would also see a connection to a VPN, but I don't care enough to do that.
But when I'm at home, working on my computer, they don't see anything.
I hear you, and fully get where you’re coming from. I work in the finance industry and we have auditors to answer to as well as a ridiculous number of compliance regulations we have to abide by. Not every business is the same. I’m personally on the no-trust policy when you have more than 50 users to manage but it also depend on company policy. No one is saying you can’t use your personal device at work. We don’t monitor the guest Wi-Fi in any way specifically because that would be an invasion of privacy. I was referring specifically to using a work device, managed by the business, for personal use. The employee is protected by being briefed during first day induction of he does and don’t with regards to the equipment that is provided to them to do their job. Their personal privacy is not infringed upon as there is a clear agreement about what is expected from them. By the way, I’m in the uk (not sure if relevant).
No. The way it should be is using a work-issue laptop at work, but provisioned by you.
Your time during work hours belongs to the company. If you spend it on private stuff, you're breaking your contract.
Eh, not really, at least in the US. You are paid to do your job. The company doesn't own you during work hours. You can refuse to do work that was not in your job description, or ask for additional compensation. The company may fire you for this, but you would have a very compelling wrongful termination lawsuit.