General discussion

Locked

Tech Snoops into Client's Private EMail

By Aaron A Baker ·
Opinions Please
E-Mai Snooping or Professional Misconduct?
I have a friend who owns a Medium Sized Business. It? a good Business and doing extremely well.
In this setup he has the usual, a few Computers, Printers and the usual IT Setups to do the chores.
The Problem is his IT Tech.
Although the Tech is quite knowledgeable, he has the habit of logging himself in on my friend?s system at night when all is closed down, and then proceeds to read all my friend?s E-Mail. All without my friend?s permission or consent. As a matter of fact, my friend doesn?t even know anything has taken place until the Tech asks how the date went last night etc, etc.
If an E-Mail contains a note from my friend?s girlfriend regarding going out for dinner or whatever, the Tech will usually call him the next day to ask ho the dinner went and so on.
Of course this frustrates my friend to no end as he feels that his mail is private and should certainly not be held out as entertainment.
This Tech does this without regard as to how this might affect the client.
He Just goes in and reads it all and then will send in little comments on things In the e-Mails such as ?I hope the Wine was good? , How was the Pizza? You get the idea.
When my friend asked me about this, I hit the roof. I informed him that this was Professional Misconduct. No Professional Tech would read other people?s mail for the purpose of snooping. It simply wasn?t done.
I told him that the Tech had absolutely no reason to log himself back on after hours for the sole purpose of snooping and that this was conduct unbecoming of a professional IT Tech.
Let alone call the next day to discuss the contents of said E-Mails. What Nerve.
I am writing to you, my fellow Techs to ask if your are of the same mind.
Do you think it?s appropriate for a Tech to help himself to a clients personal E-Mails and then make comments on the contents of the e-Mail to the client?.
I suggested firing him out the window, what do you think?
Would be grateful for your thoughts.
Thanking you in advance
Aaron
:)


It is now Nov 17,2005
I've read every single post that has been put up here so far. I've also started copying them and pasting them in order so as to show them to my friend. I have to do ten or so at a time and then my eyeballs fall out :).
But the one thing I felt the need to say to each and every one of you is a really huge,"Thank You".
Your input has been far more valuable that you can possibly imagine, not to mention it's given me some great fighting ideas. I was surprised at the amount of answers but at the same time felt a deep sense of well being knowing that the True Pros out there feels and act as I do. It's a comforting feeling, knowing that although your work is done almost always by yourself, you're never really alone.
And so I just had to take a minute and thank you all so very much for having helped me out with this.I will of course keep coming back,a-To copy & Paste and then b]- To read any new posts.
It's a genuine pleasure knowing that I am dealing with the very best, and all these posts, prove that beyond a doubt.
Please forgive my little rant, but I truly touched am very grateful to all of you. Far more than you can know.
And so I close in saying
"May we continue keeping our standards and morals at the highest"
"No matter where we are in the World, May we be of one Moral Core."
Thank you one and all
Warmest Regards and heartfelt gratitude
Aaron

This conversation is currently closed to new comments.

139 total posts (Page 2 of 14)   Prev   01 | 02 | 03 | 04 | 05   Next
| Thread display: Collapse - | Expand +

All Comments

Collapse -

I agree with all the comments here

by Neil Higgins In reply to definately

Get rid of him.Let him know that YOU know he's reading your friends email.Change email passwords on all acounts.As jaqui says,bring the new replacement up to date over what has happened.
Where I work,all incoming,and outgoing email messages are logged,but that's all.Besides,99% of them are work related,with only 1% family messages,sent in an emergency,and with permission.If I found out all and sundry was reading my mail,not only would it mean that the system was'nt secure,but my password was crap,and that the software manager,apart from having a fit,would probably end up getting fired as well.
What this IT person is doing is out of order.I'd also get your friend to place his findings on file,so that any future employer could be informed.

Collapse -

That's illegal here in the UK

by gadgetgirl In reply to Tech Snoops into Client's ...

so the tech would be automatically dismissed for gross misconduct. We have the RIPA Laws, Human Rights and the EU Privacy and Monitoring Directives, all of which would apply to this situation. Personally, if I found one of my team doing this, I'd take the legal route out.

I'm sure if you get onto a legal beagle or even a legal US based board, you'd be able to find a few applicable laws for this situation.

The other thing to remember is - who else is this person working for? Is he likely to be doing the same there? Where would your friend stand, legally, if he knew that this was going on and didn't inform the techs' other clients? Is this guy a lone trader? contractor? consultant? working for a firm? I would seriously have your friend consider blowing the whistle on this one - it may not only be personal data he's collecting, but industrial data, too.

Legally, this is another CYA situation. I'd advise your friend to take legal advice, while documenting everything that has happened to date. If the legal beagles decide they need proof, set up a covert op to catch the tech.

I'm all for both firing him, and having him prosecuted. People like him we just don't need in this profession. He is the epitome of what the true professionals can be accused of in the first place. We don't need people like him around to prove it.

I'm beginning to wish you were in the UK - I could quote statute, paragraph, sections and sub-sections that he's infracted on this one!

Best of luck!

GG

Collapse -

hey gg,

by Jaqui In reply to That's illegal here in th ...

90% of the Criminal Code of Canada is word for word the same as UK law.

not sure what the latest laws are called in reguards to privacy, but I do know that the person reading the other's email is breaking section 342.1 of the CCC.
the section dealing with unauthorised use of computers.

Collapse -

you see jaqui....

by gadgetgirl In reply to hey gg,

I just knew there had to be a Canadian equivalent of me somewhere!!!!

Sad, isn't it, that we can quote numbers and statutes like this.

Hmm.

Mental note to self: Must get a life.....

GG

Collapse -

but..but..but..

by Jaqui In reply to you see jaqui....

since the wording of the CCC is not very precise, it also makes javascript, flash, vbscript, and activex controls illegal on websites.
( my reason for reading it was to see what it said about unauthorised computer use)

http://www.efc.ca/pages/law/cc/cc.342.1.html

the actual text.

Collapse -

Yes your Majesty

by HAL 9000 Moderator In reply to That's illegal here in th ...

You are of course correct but then again you get to write the LAWS don't you? :)

But on a much more serious note this is the worst case of unprofessional conduct that I've ever heard of.

While I've been asked to monitor e-mail for a client and report my findings to the company owner I would never consider actually talking about the contents of e-mail personal or otherwise.

Its bad enough that this guy is taking the Micky but he is also showing that he is accessing confidential Company Data which is Plain and Simple Unacceptable.

I wouldn't even bother hiring a new guy and bringing him up to speed I would get rid of this guy before his feet hit the floor the next day and then worry about any legal ramifications. But by this time the damage has already been done and who knows what Company Data he has had access to that could destroy the company.

I would get in a consultant to change everything immediately so his access is cut off and explain to the consultant why you need this done if he/she is even a half way decent Tech they will most likely do it for free or at a reduced rate so they don't appear to be doing or condoning the same thing.

I wouldn't bother just changing the Passwords but I would start from the very basic a new ISP and all new E-Mail addresses and accounts as well as 20 digit Alpha Numeric Passwords. If he wants to try to break in again give him something to do and place it in the hands of the Local Law Authorities.

I've never heard of anything so gross and I'm sure that none of my staff would ever consider reading e-mail let alone making comments to the recipient they all have far too much pride in themselves for anything as base as that.

In every business where I've ever worked we know that our e-mail can be monitored but we certainly do not expect some lowly tech to throw it in our faces this should only be used when it is thought that an employee is passing off company data or making a profit off the company by doing things that adversely affect the business.

But being the nasty person that I am I would get my girlfriend/live in lover/wife to send me a personal e-mail telling me that she has caught HIV from me and then when he says anything about AIDS I would sue his arse off the planet, but he would cop a good kicking first right off company property.

As well as being completely locked out of access to any company data. But I would most likely keep a "Honey Pot" running full of false information so he can dig a bigger hole for himself.

Col

Collapse -

Very Good Points

by Aaron A Baker In reply to Yes your Majesty

Hello Col;
Good to hear from you. You bring up some very interesting points. The system is usually left on 24 / 7 so that the accountants may have access. I am wondering if there any kind of records keeping going on in the actual computer or does she just get her numbers from the unit. It also makes sense that there would have a full list of clients, insurance Cos, Banking etc all on the computer. I suggested shutting down at night when they are not there but the account need access during the night. Catch 22. As for the legal aspects, I am looking into Canadian law as we speak, but it is rather difficult as the internet E-Mail is not regarded in the same manner as private "or home delivered" E-Mail. I'm still looking into this. I Offered to lock him out completely, but they are convinced that he is the only one that understands the system and are most reticent to make waves, and so they stew in quiet anger.I'm fighting fear here and it's going to take a bit of doing, That's a huge part of the reason that I asked for the opinions of my colleagues, I already knew what the response would be, just like me, they would be outraged and then I could show my Friend this letter and hopefully remove some of that fear and in the process, establish once and for all, "at least in this area' That Techs are Scrupulously honest people who would not stoop to doing such things.
Thanks for the comeback Col]:), it's always good to hear from you.
Regards
Aaron :)

Collapse -

Alternate Access for Accountant

by jdgretz In reply to Very Good Points

Boy, have I seen this before - the accountant wants access to QuickBooks from their desktop at home so the company leaves their machines on without passowrds in place leaving all their data open to the cleaning crew or anyone just dropping by and sitting down at a workstation. Might I suggest the need for a small server that can have controlled remote access? If nothing else, UltraVnc is a better solution than keeping all the desktops up.

jdg

Collapse -

Accountant should only have access to one application.

by FoothillsCG.com In reply to Alternate Access for Acco ...

QuickBooks Online Edition lets you work on your books anytime, from anywhere via the internet.

That way you don't need to keep your computers on at night. I'm going to install it later this week.

Collapse -

What kind of email are you using

by tlath1972 In reply to Very Good Points

We do have a policy that the email can be monitored and is property of the company. If you are using email other then for company work then it is potential for being fired if inappropriate or not in accordance to policy. The management has the right to monitor the use of company resources to make sure it is being used in accordnce with the company policy. There is a fine line between getting in your business and doing routine checks of email. I would sugget getting a hotmail account and have your girlfriend send you email through that and do business dealings with your company email and make sure to change your passords regularly.

Back to Software Forum
139 total posts (Page 2 of 14)   Prev   01 | 02 | 03 | 04 | 05   Next

Related Discussions

Related Forums