Guys,<br><br>At present, all bets are off. There have been recent case decisions both here and in the U.S. supporting the position that employers can not violate a "valid expectation" of privacy, even when the AUP says you have no rights.
<br><br>This seems to be because the U.S. position on privacy is mutating more towards the European position - that Organisations must respect an individual's privacy unlike here where the U.S. Free Trade agreement has our right moving the other way.
<br><br>Enter the Federal A.G. - where the Privacy Act is being debated as we speak:<br><br><a href="http://www.alrc.gov.au/inquiries/current/privacy/index.htm">http://www.alrc.gov.au/inquiries/current/privacy/index.htm</a>
<br><br>But back to the AUP statement - it really depends on what you want to do - if you have a genuine Business reason to want Users to know that active monitoring for a particular behaviour will be undertaken, be specific and clear in your language.
<br><br>If you are doing this to "minimise liability" and maximise Business freedom, then be prepared to have overstepped your limits ( and pay the damages.... ) if you make too free.<br><br>For instance, your Govenance stance might be criticised if you don't monitor for people doing online trading, but if you observe someone's Bank details, you may have violated that person's reasonable expectation of privacy for personal information.
<br><br>For the definitive answer, you REALLY need a Lawyer - such as Jeremy Malcolm? ;-)<br><br>If you want someone to give you a hand, there are lots of firms around who can help you out with Governance/Risk Management, such as my employer - CSC.
<br><br>Nuff said,<br><br>tom.<br><br><br><div><span class="gmail_quote">On 10/16/06, <b class="gmail_sendername">Jonathan Young</b> <<a href="mailto:jonathan@pcphix.com">jonathan@pcphix.com</a>> wrote:</span><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
<div bgcolor="#ffffff" text="#000000">
Bernd Felsche wrote:
<blockquote cite="http://midku1704xorb.ln2@innovative.iinet.net.au" type="cite"><span class="q">
<pre>Of course employees should assume that they have no privacy when<br>using their employer's resources.<br> </pre></span>
</blockquote>
That is the crux of the entire theory. If you are at work or using
work equipment/resources, then assume you are being watched.<br>
<br>
It's one of those things where you can't have it both ways. You'd
expect to be covered by worker's compensation eating lunch in the staff
room right?<br>
<br>
<div>-- <br>
<font face="Verdana" size="2">
Jonathan Young<br>
Director of PC-PHIX<br>
<a href="mailto:jonathan@pcphix.com" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">jonathan@pcphix.com</a><br>
<br>
Phone: 0410 455 674<br>
Web: <a href="http://www.pcphix.com/" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">http://www.pcphix.com/</a><br>
<br>
</font> </div>
</div>
<br>_______________________________________________<br>PLUG discussion list: <a onclick="return top.js.OpenExtLink(window,event,this)" href="mailto:plug@plug.org.au">plug@plug.org.au</a><br><a onclick="return top.js.OpenExtLink(window,event,this)" href="http://www.plug.org.au/mailman/listinfo/plug" target="_blank">
http://www.plug.org.au/mailman/listinfo/plug</a><br>Committee e-mail: <a onclick="return top.js.OpenExtLink(window,event,this)" href="mailto:committee@plug.linux.org.au">committee@plug.linux.org.au</a><br><br><br></blockquote>
</div><br>