As user support professionals, we all have access to users' data, oftentimes personal in nature, especially if you support home users. We're trusted to respect a person's privacy, and users have a right to be outraged when that trust is violated. Here's one user's story about one such violation.
I was recently browsing through the Techrepublic off-topic discussions (hanging around the TR water cooler), and I saw a discussion started by a TR member who sent his computer into the manufacturer to have the motherboard replaced. When his computer was returned, he was horrified to learn that not only was his privacy violated but his personal data was actually copied from his computer.
Now as a disclaimer, I've not discussed this incident with the TR member who started that discussion, and of course, I can't verify the claims made, but it sure sounds like it's on the up-and-up to me. Nonetheless, it does illustrate something that all users probably think about in the back of their minds — how safe is their data and how respected is their privacy?
This particular user had keylogger installed on his computer, so he was actually able to retrace the steps taken by the support technicians, and he even had screen shots of the devious deeds that were done. He discovered that the support tech working on his computer changed settings, snooped around the hard drive, and actually copied pictures, music, and videos onto an external storage device. And based on the accounts as described by the user, it's obvious that the file transfer was not for the purpose of backing up data. What a total and gross violation of trust this was, not to mention a possible crime. If this had happened to me, to say that I would be outraged is an understatement.
I support corporate users, not home users, and as such my circumstances are vastly different than those who do support home users. Regardless, I still make it a personal policy to respect the privacy of my users. Heck, we all have personal pictures, music, and such on our computers, and I would also suppose that most of us might send a personal e-mail on occasion. I would never dream of snooping into someone's personal space, even if it is of the cyber variety and even if it is on corporate computers. (Note: My company might be different than others that might have stricter policies against these things.)
I would hope that no user support professional would violate a user's trust in such a way, although it's probably inevitable that it does happen. Just like I've had loose change lifted from the console of my car by an unscrupulous valet, I suppose there's also such people working as user support techs who would lift personal data from a computer.
I'm not sure what I would have done if I were in this person's shoes. In the very least, I think I would have demanded that the dirty deed be acknowledged and that the tech be severely reprimanded. If I were brushed off, I would have probably threatened more formal action, either through their corporate channels or even law enforcement. But I would have wanted proof that something was done, and perhaps even a personal apology from the tech in question.
Maybe I'm too forgiving, and I think that our zero-tolerance world takes some things too far. (Like the kid expelled from school for bringing a water pistol to class.) Not everything is always so black and white. This might have been a young person who needed no more than a good scare and embarrassment to set him/her onto a straighter path. Heck, some young kids think it's perfectly okay to copy data, share music, and so on, and maybe this is a case of gross ignorance gone too far. But I suppose I can't say for sure what I would ultimately have done, except that I would have vigorously pursued something, and how I was treated would probably have determined my future actions, if any.
Take the poll. What would you have done?
And please leave your thoughts and comments in the following discussion.