[plug] legality of internet traffic monitoring

Tim Bowden tim.bowden at westnet.com.au
Sat Jan 12 14:38:01 WST 2008 

On Sat, 2008-01-12 at 13:43 +0900, Peter Sutter wrote:
> Hi, Enlighted ones,
> 
> I am currently doing some work for a small company with about 10 office 
> employees, of which most feel that they were employed to surf the internet 
> and visit chat rooms etc. After we started to experience bandwidth problems, 
> I installed squid proxy server to mainly monitor of what is going on, but also 
> to control access to certain sites.
> 
> The employees are aware that we are monitoring when and what website they 
> visit and complain that this is a violation of the privacy laws. The also 
> strongly object me blocking certain sites. Are they right? 
> 
> I feel that the law should be on the side of the employer who provides the IT 
> infrastructure for work and work related visits to external web sites and 
> considers private net surfing as abusive, a point of view which I understand 
> and support; it is stated in their employment agreement for what purposes the 
> internet may or may not be used. 
> 
> The employer is understanding enough that private visits to the internet will 
> occur and has no objection to an occasional visit, when it however, as is now 
> the case, leads to excesses and seriously and negatively affects 
> productivity, his patience is, understandably, wearing thin.
> 
> What am I really up to? Do I violate privacy laws when monitoring IP traffic 
> on a privately owned network?
> 
> Looking forward to interesting replies
> 
> Peter

What you're asking for really is legal advice (which you won't get
here), but my understanding FWIW, is that so long as the employees
understand that traffic is being monitored, what the limits of
acceptable use are (they have signed an AUP doc haven't they?) and what
the consequences are for stepping outside the boundaries are, then you
should be on safe ground.  The IT facilities are provided for work use,
not for personal use (though like phones for example, you would expect a
*small* amount of personal use would be ok, ie, online banking, check
the train or bus timetable, perhaps read the news headlines over lunch
etc).  That's not to say you won't have problems.  If disciplinary
action is taken and staff feel you've been unreasonable (even if you
haven't) you may well loose a lot of staff goodwill.

Good luck,
Tim Bowden

More information about the plug mailing list