Question

Locked

SHOULD an administrator 'spy' on employees by logging in as the user

By Aussie Gal ·
I have tried to search around here (and Google) for the answer but failed. And I really need this answer if possible, please.

I know that as an Administrator of a small network myself, I can log into another user's account and find out exactly what they have been doing on the company computer. What I don't quite know is this - how ETHICAL/LEGAL is it?

Personally I would not do it as there was no reason to, no hint of wrong doing etc. But I was told another Administrator was asked to do this to the other Administrator, and of course didn't like having to do it.

Should they have done it, or should the manager have asked them to do it? I am in Australia so I am not sure if the law would be different here.

The manager is not an IT person, and may not know the ethical issues involved. And as I am still studying, I am unsure either. So I thought I would come to this great place and ask what you think.

I would appreciate an answer very much. Thank you!

This conversation is currently closed to new comments.

53 total posts (Page 4 of 6)   Prev   02 | 03 | 04 | 05 | 06   Next
Thread display: Collapse - | Expand +

All Answers

Collapse -

It was the IT Admin that was the victim lol

by Aussie Gal In reply to pretty much

This is just a very complicated thing... I would not do it at all either, but I am a volunteer so I can't be forced to do it.

*was in Melbourne last month for an IT conference hehe*

Is there any where on the Net where I can get definite efforts about the Ethics of this? I do not want to show the Manager this... as I don't want to get in trouble for what I said. The IT Manager/Administrator said things that the Manager didn't like, and this is what happened...

Thanks for your answer, appreciate it.

Collapse -

no website

by .Martin. In reply to It was the IT Admin that ...

that I can think of, ethnics is a hard thing to pin down to one set of rules.

ethnics depend on country, time, ect.

Collapse -

My home computer? No. My work computer? Yes

by Tig2 In reply to SHOULD an administrator ' ...

While I think that the jury is somewhat out on the ethics of this situation, there is nothing illegal happening. The business workstation is the legal property of the business and everything on it belongs to the business.

If you have a Use Policy, it should spell out to end users that they do not own the computer and should not have anything on the computer not work related. It should also define what, if anything, is tolerated. For instance, your company may allow employees to surf on their lunch hour.

If you don't have a formal Use Policy, suggest to your manager that you create one. Without it, I would question why he is having Administrators logging in to User profiles. Short of looking for porn on the hard drive, nothing he finds would be useful to him from an HR perspective. He wouldn't be able to take disciplinary action, for instance. If he did, the employee could conceivably go after the company for unfair dismissal.

In order for inappropriate use to be a reason for dismissal, the employee would have had to be provided with a written policy and, in many offices, signed a statement acknowledging that they were provided with a written copy, and that they read and understood it.

In the same position, I would respectfully request that the manager ask someone else as doing so is, in my opinion, a moral issue. But if I was the only one available, I would do it. The workstation is not owned by the user.

Collapse -

Not illegal, but unethical, immoral???

by Aussie Gal In reply to My home computer? No. M ...

It is complicated because there is no policy right now. Also, as I hope the Manager will never come here, I will be blunt. The organization is run by a Management Committee of which I am a part. The Manager is employed by us just as everyone else is. And the computers belong to US, the Management Committee....

I have to report to the Management Committee if I have proof that the Manager did this, because I do believe it was done to try and get rid of the IT Manager.

The Manager is new, and the other employees were allowed to chat and use email... and there is no written policy against it.

The problem is, we deal with people with mental health issues, and there is a lot of confidential information. If the Manager will do this to spy on the IT Manager/Administrator, would they also look at other confidential member information they should not see... see THAT is an even bigger issue that has to be considered.

So yea, it might not be illegal, but I believe it is immoral and unethical.

Collapse -

No under Federal Law here in AU

by OH Smeg In reply to Not illegal, but unethica ...

Looking at client Data without reason is Illegal. Using that Data for any reason not connected with their direct job is Blatantly Illegal and there are stringent Penalties in place to dissuade those who would breach their Trust.

Centerlink has been terminating employees who access client Records for 5 years now and for the last 3 there has been n active Investigation and Criminal Actions taken against those caught in Exceeding their Authority or doing what they shouldn't be doing.

Under the QLD Health Act there are also severs penalties for accessing Patient Data without a Valid need to do so for the benefit of that Patient/Client. This action alone could place this Organization in severe trouble if it was to occur so it is Vitally Important to get Legal Advice on what is and is not acceptable.

Col

Collapse -

I am so glad I came here

by Aussie Gal In reply to No under Federal Law here ...

Thanks so much for this. I agree, that is why I have told the users to change passwords and not to tell anyone, even the Manager. I have to ask the Committee for permission to remove the Manager as an Administrator, because they know NOTHING about IT and if they did think "I have to shut down" and hit shut down while logged in to the server management.. they would shut down the server.. big mistake.

So yeah, thanks heaps for this.

Collapse -

Just one thought here however

by OH Smeg In reply to I am so glad I came here

If Client Records where accessed and a complaint by a Client was made you would have the Feds paying you a visit for this Breach as it is Federal Law not State Law.
Having been through this previously I can assure you it is not something that you want to experience.

We imported some Measuring Devices for some Cosworth Racing Engines and had the Feds pay us a Visit. They came in with Full Body Armor and weapons drawn because we Imported some Precision Measuring Equipment that didn't have a Metric Scale on it. Personally I do not want to see what they do when there is something several Times worse happen.

They are not people to upset and I do try to avoid them at all costs. Generally speaking they are not Nice People to have to deal with as they seem to think the worst of you and you have to prove yourself & company Not Guilty to a much higher standard than a Court would require. When you where like us and actually in breach of a new law that we had no knowledge of it's much worse.

Apparently by importing Measuring Equipment that lacks a Metric Scale on it the Feds see this s akin to an Act of Treason and behave accordingly. Mot something you really want to undergo I can assure you. :)

Col

Collapse -

And QLD Law is Jacky?

by OH Smeg In reply to NSW is on the ball

As this is in Toowoomba sort of east of Brisbane on the Darling Downs or at least just the top/other side of the range where they are located NSW Law isn't any use here.

While they have a reasonable free hand with QLD Law what is being asked here may be in Violation of Commonwealth Law.

Anyway after reading what is actually happening here if nothing else anything found is useless in any form as the person doing the looking seems to have a vested interest in finding issues and they would be accused of inserting them there if push came to shove because of the way that they are doing things here.

At the very least if things go sour it's going to cost the company and the person involved quite a lot of money as there is no way that they could Defend if any form of Litigation was started. Sounds very much like very poor management control is being placed in Place here and the person demanding this level of access is running riot out of control.

Col

Collapse -

I couldn't find a QLD Law

by Jacky Howe In reply to And QLD Law is Jacky?

as they haven't been invented up here yet.

Those laws were passed in 2005 so it will probably be another 17 years before we see anything like that. ]:)

I know that when I was administering a network I knew everything that was going on with the users. I never logged on as the user though. Administative accounts should be kept to a bare minimum, we actually shared an account and it is a practice that I have kept up. It is all based on trust and if you can't trust the other bloke you will end up in strife. I think that the manager should have had the balls to confront the other bloke. Nothing like getting it out in the open.

Back to Networks Forum
53 total posts (Page 4 of 6)   Prev   02 | 03 | 04 | 05 | 06   Next

Related Discussions

Related Forums