Open Enrollment | Subscribe to Target Marketing HERE
Connect
Follow us on
Advertisement
 

Who May Be Spying on You ... and Why?

‘Gentlemen don’t read each other’s mail.’
—Secretary of State Henry L. Stimson, 1929

October 2006 By Denny Hatch
12

In the News

H-P’s Dunn Could Face Risks From Testimony
Former Chairman’s Words To Congress May Be Used Against Her in a Trial
When former Hewlett-Packard Co. Chairman Patricia Dunn testified on Capitol Hill last week on the H-P spying scandal, one congressman asked her about some handwritten notes taken by H-P’s former general counsel. The notes indicated Ms. Dunn had been briefed on a ruse by H-P’s investigators to obtain people’s personal phone records in June 2005. Ms. Dunn’s response: “I’ve seen this for the first time now.” Yesterday, Ms. Dunn was booked in the Santa Clara, Calif., sheriff’s office on four felony counts of fraud and conspiracy and released on her own recognizance.
—Peter Waldman, The Wall Street Journal, Oct. 6, 2006

On Dec. 30, 2005, The Washington Post told of a vast new surveillance program, GST, authorized by President Bush shortly after the Sept. 11 attacks to “give the CIA enhanced ability to mine international financial records and eavesdrop on suspects anywhere in the world.” In addition, the phone records of millions of Americans are being monitored, and suspicious mail to and from overseas destinations is being opened by Homeland Security.

Government Surveillance
Recently on National Public Radio an expert on the Middle East estimated that 25 percent of the world’s Muslims—or approximately 300 million people—would like to see serious harm come to the United States and a high percentage would be willing to become martyrs in the cause.

The 1983 bombing of the Marine barracks in Beirut, the car bomb exploding in the World Trade Center garage in 1993, the 1998 bombings of American embassies in Africa, the assault on the USS Cole in 2000 and calamitous Sept. 11 tragedy all prove that these people mean business.

This is war. In World War II we lived through suspension of certain civil liberties for the duration. Put another way, if various government agencies were NOT monitoring phone records and conversations, financial transactions and questionable e-mail and snail mail, I would be worried.

Whether the Bush administration can legally ignore the 1978 Foreign Intelligence Surveillance Act (FISA) that requires court approved warrants to search the phone records of Americans is a debate for constitutional scholars and lawyers.

As of this writing, the United States hasn’t been attacked again, although the United Kingdom, Indonesia and Spain have been.

The amassing of these data by government raise at least two serious collateral concerns:

1. How secure are the data? In the Dec. 13, 2005, edition of this e-zine, “Lost Data Threatens Security,” I described how the FBI lost more than 500 laptops and had no idea whether they contained any classified data. “One of the most flagrant computer-losers seems to be the U.S. government,” wrote Philadelphia Inquirer’s Akweli Parker this past Sunday. “In response to a congressional inquiry, the Commerce Department revealed last month that it had lost 1,137 computers since 2001, most of them belonging to the Census Bureau.” I have serious doubts that government data protection systems are as tight as those of, say, TRW/Experiàn, which were described in detail in my Dec. 13 story.

2. What are the ancillary uses of the data? For example, if the CIA discovers vast amounts of money are being moved around the world by American corporations, will the IRS be alerted so that it can go on a fishing expedition? I don’t trust Big Brother.

Individuals Spying on Individuals
To secretly intercept private communications without a court-ordered warrant is illegal under § 2511 of the U.S. Code titled “Interception and disclosure of wire, oral, or electronic communications prohibited.”

The saga of Patricia Dunn’s four-count indictment is especially sad. A former director of Hewlett-Packard, she was elevated to chairman of the board following the firing of Fiorina and was very likely way over her head in terms of vision, experience and management skills. Dunn and four colleagues are accused of (1) conspiracy to commit crime; (2) fraudulent use of wire, radio or television transmissions; (3) taking copying and using computer data; and (4) using personal identifying information without authorization. According to The Wall Street Journal each charge carries a maximum penalty of three years in prison and a fine of up to $10,000. What makes Dunn’s situation poignant is that during the week of her indictment and arrest, she was scheduled to begin treatment for recurring ovarian cancer.

Like Dunn and her cohorts, Pellicano, Pirro, Kerik all may face legal problems in the future.

The Uncomfortable Dilemma: Should You Spy on Your Employees?
Some years ago, when the telemarketing industry was beginning to deal with what was—and wasn’t—legal, some telephone sales representatives complained that supervisors who listened in on their conversations were violating their privacy. This is no longer an issue today; signed agreements take care of that. For one thing, if a supervisor was to be prohibited from critiquing an employee’s performance, the company might just as well close its doors.

“In a recent survey of 840 U.S. companies by the American Management Association, 60% said they now use some type of software to monitor their employees’ incoming and outgoing e-mail, up from 47% in 2001,” wrote staff reporters for The Wall Street Journal on March 9, 2005. “Other workplace privacy experts place the current percentage even higher.”

My neighbor, who just took a job with a major brokerage company, is forbidden to use the computer on his desk for personal e-mail. We serve on a civic committee here in Philadelphia, and we cannot communicate during business hours. He can call me on the phone, but not use e-mail on his company computer.

At one publishing company I know well—which does not spend time spying on employees’ phone calls, Internet activity or e-mails—the following occurred:

* On a Saturday, the IT guy came in to update the software on all the office computers. On one computer he found an illegal program used for hacking. On another was a large cache of pornography. Both individuals, who had signed a corporate Internet and computer policy, were fired.

* A young Turk e-mailed to a blogger a blistering criticism of the ethics of a company in the business. The was posted and spread instantly around the Internet. The company in question was a large advertiser with the publisher. The kid was fired for violating his employment agreement.

The Time Wasters
According to a 2005 survey by AOL and compensation specialist Salary.com, the average American worker spends 2.09 hours per day surfing the Internet, conducting personal business on the phone, job hunting or chit-chatting in the in copier room or smoking on fire escape. This doesn’t include lunch. Missouri takes the prize as the highest goof-off state with workers blowing an average of 3.2 hours per day. Estimated total annual cost to U.S. business: $759 billion.

At the same time, in this past Sunday’s Chicago Tribune, in a story titled, “This time, it’s personal: The tricky business of private cell phone calls at work,” Patrick Kampert wrote that:

Studies show that Americans are spending more time on the job than ever. If you add in the electronic monitoring equipment of cell phones and BlackBerrys, which let employers reach out and touch workers long after 5 p.m., it’s only natural that employees need to transact some personal business during the time they are tethered to their desks.

I thank my lucky stars that I don’t run a company—or have people working for me—so I don’t have to deal with this knotty and unpleasant problem.

I’m not a lawyer or a HR expert, but following is my thinking.

Takeaway Points to Consider:

* If I had people working for me, I would expect a certain amount of personal business to be handled in the workplace—doctors’ appointments, child issues, dinner dates, etc. For example, I would rather have an employee spend the lunch break in the office ordering merchandise on the Internet and answering personal e-mails than running around a shopping mall only to return frazzled and out of sorts.

* Presumably a hospitable office environment encourages people not to go out. This in turn should foster productivity.

* If a worker is talking on a cellphone, chances are company business isn’t being discussed. I realize people have lives, friends, families and schedules outside the workplace. I wouldn’t see an occasional cellphone call as a big deal.

* But what about the chronic goof-offs who spend hours surfing the Net, playing fantasy sports or Texas hold ‘em? If they meet or exceed their work quotas, does it matter what else they do, so long as they don’t give away company secrets or make fools of themselves? If they don’t have work quotas, I would set them and monitor the results.

* Having people on staff to spy on employees’ e-mails and phone conversations gives me the willies. What would be the return on investment in their salaries and benefits? What kind of creepy people would take such a job? What would happen to office morale and productivity if employees discovered corporate Big Brother was constantly looking over their shoulders?

* If I were running a company, I think I would make it very clear that no one’s spying on people but that the central computer system automatically saves everything—incoming and outgoing e-mails, instant messaging, phone records and Internet usage and that all of this information easily is retrievable. It seems to me this should put a damper on profligate time wasting.

* What’s your feeling about this, and what’s your corporate policy?

Web Sites Related to Today's Edition:

Foreign Intelligence Surveillance Act (FISA)
http://www.fas.org/irp/agency/doj/fisa/

§ 2511. “Interception and disclosure of wire, oral, or electronic communications prohibited”
http://tinyurl.com/aqmmb/

Secretly Track Everything on a Computer
http://www.securetactics.com/monitor

Locating People Using GPS Enabled Cellphones
http://www.travelbygps.com/articles/tracking.php/ http://www.wherify.com/
 
12

COMMENTS

Click here to leave a comment...
Comment *
Most Recent Comments:
John Friesen - Posted on October 11, 2006
The galling thing about your government's desire to snoop without warrants is that the act allows the warrants to be obtained after the fact. They just don't want the oversight, or the need to justify retroactively what they've done. So they've arrogantly arrogated carte blanche powers for who knows what real purpose.

In business, you've got to be a little careful, lest the actions of even a minor employee come back and bite you in the ass. Americans are egregiously litigious.

For my defense, I try to insert words such as kerosene fertilizer and ayatollah into cell phone conversations and emails. I also installed Track-Me-Not, a little program from NYU that constantly sends out random search queries, creating a fog for spies to peer through.
Carl Street - Posted on October 11, 2006
Eric Holmen has nailed it precisely. The REAL purpose of hiring people is to achieve a result; NOT, to nit pick their every move. Competent and intelligent managers focus on results; NOT idiotic parameters that smack of a high school hall monitor mentality. Such "managers" truly deserve the epithet of "micro-manager" as it is descriptive of their limiited intellectual ability to see the big picture. Such little old ladies of either sex should be removed from management and given an appropriate career counting pebbles on highway roadsides. My hat is off to Eric Holmen!
Carl Street
carl_street@cjstreet.com
Eric Holmen, SmartReply - Posted on October 10, 2006
We hire people to be part of a culture of success, achievement, and fun.
SO, if the goal is persofmance on these criteria, then why would we spy on staff?
If someone is not achieving these standards, you don't need to know why - porn, amazon.com, whatever distractions - can be identified and measured in performance output. You don't have to spy to know that someone isn't getting the job done or that they're creating a bad place to work.
DON'T SPY - it's counter to employee trust and exceptional job performance.
Anne Currie - Posted on October 10, 2006
There are two issues under discussion here. The first is whether you should spy on your staff to determine whether they are slacking off (the traditional use of SpyWare). The second is whether to spy on _yourself_. Why would you want to spy on yourself? Well, I do it to check I'm using my time effectively and, in particular, delegating enough. You can "spy on yourself" the old fashioned way, by keeping an activity log by hand, or if that's too dull, you can use a software product that tracks your time for you automatically, like TimeSnapper or Qlockwork. My experience using self-spying software (commonly called "MyWare") suggests that time in organizations is more likely to be wasted accidentally through poor use of business tools like email, rather than deliberately by dishonest employees. In my judgement, SpyWare doesn't help solve this problem. You get more benefit from training your employees to monitor themselves and use better email and time management techniques.
Max Bendel - Posted on October 10, 2006
Reading you articles is justifiable research. Responding to the articles may not be?
Denny Hatch - Posted on October 10, 2006
Reply to Damon:
Thanx for writing. I have no idea what the subject of each newsletter will be from week to week; it depends on what is in the news and what dots I can connect. Each issue is an attempt to relate that news story to some aspect of business?management, marketing, ethics, interpersonal relations, the law or whatever. In that sense, I would hope that folks in the office would have no trouble justifying spending five minutes two days a week on BusinessCommonSense.com. Cheers.
Craig Valine - Posted on October 10, 2006
Great article! I have been guilty of spending too much time on personal emails and surfing the Internet... when I worked for someone else! Once I became self-employed, I used Dan Kennedy's advice from 'No BS Time Management..." and strictly enforce my need to get things done. I am committed to being as efficient as possible when it comes to my work. As for security issues, I believe, and I'm not a pessimist, that there is no real way to keep things private. All you can do is trust that someone won't share an email with others, even if you do put "please delete after reading this" or "don't share this with another soul". People will do things for their own reasons, even if it means sometimes ruining a relationship, whether it be personal or professional. It's in line to "not thinking before acting". Consequences mean nothing at the time of this sharing. I suggest private issues be done by snail mail, be hand delivered, or be done in person. It's a fantasy to think it can all be done that way. But, again, there is no sure-thing when it comes to privacy. - cv
Damon Thompson - Posted on October 10, 2006
Got a question for you, Denny - how would you classify those of us who read your newsletter at work?
John Thompson - Posted on October 10, 2006
Denny,

In your takeaway points you note that cell phone calls are probably personal calls. Not so for many of us. Our cell phone is our primary phone. I would estimate that 95%+ of all my work calls go to my mobile phone. It is easier, better and more immediate than voicemail. I am at the point of where I could do away with voicemail. Actually, my outbound message on my voicemail encourages people to not leave a message and call my mobile to have a discussion on the spot.

Best,
John
Jillian - Posted on October 10, 2006
It is pattently unethical to spy on workers. If they have agreed to be your loyal employee, for whatever amount of time, and have afforded you the courtesy of their time, day in & day out; sick day and well day; sunny day & rainy day; childrens' birthdays, championship games, and plays, and everything in between because in American business you cannot afford to lose the productivity of more than 6 most absolute goverment-ordered holidays...If the employee can submit THAT MUCH to you, and then continue to submit in overtime because they don't want to be fired for laziness - I think it may be wise to FAIRLY monitor company equipment use. Some businesses guard against overuse of paper & copiers by giving a pass code with a maximum quantity of use to each employee. A discussion is had about this practice.

It is my assumption that a company who doesn't raise the discussion of monitoring the use of their computer and telecommunication equipment WANTS to spy on its employees. And WANTS to find wayword workers. And WANTS to fire them. Why? I don't know. If the idea is to increase productivity (because let's face it MONEY is the ultimate driving force here) I would assume it is easier to alert the current employees to constant activity monitoring, and have "the IT guy" run random checks across the system to ensure compliance, than it is to bring in a corporate "spy" and go through the expense of firing, hiring and training more wayward employees, whom you don't alert to the spying.

Ahhh, but in my radically fair scenario, the BOSS & upper management have to comply as well...
Carl Street - Posted on October 10, 2006
If you were on a cruise ship and the Captain suddenly announced, "We are in danger of sinking so everyone must now take off their life jackets" you would think that Captain was at least incompetent, if not deranged.

Civil liberties are the personal life jacket that protects the individual from the awesome power of the State. History shows that State power is at its most dangerous in times of emergency. Thus, the need for civil liberties not only does NOT decline at such times; it actually increases.

Anyone who has studied the Constitution and the writings (Federalist Papers) of the individuals who wrote it, KNOWS that they designed a document to guarantee civil liberties IN TIMES OF EMERGENCY and stressed repeatedly that there was actually little need for Constitutional guarantees of civil liberties in times of peace and prosperity; however, the need to apply an objective standard of reason and restraint during the emotionally charged times of emergency was their fundamental purpose.

Consequently, those who advocate the suspension of civil liberties during "war" can hardly claim to be Americans; regardless of their national origin. Being an American is an intellectual and ethical commitment to a system of restrained governance; NOT, an ethnicity based on the location of one's birth. I suggest such individuals READ and STUDY the writings of James Madison and Thomas Jefferson; then hang their heads and shame and apologize to all REAL Americans for their vocal ignorance.

Carl Street
carl_street@cjstreet.com
Ryan Smyth - Posted on October 10, 2006
Oh bother...

If I own the company, then you'd better not be surfing porn without a VERY good reason. (I actually need to do this from time to time in my job - believe it or not...) Texas Hold 'em? Huh? You're fired. Personal emails from a corporate email account? NOT! Reprimand. (Send your personal emails from YOUR email account.)

Contacting business leads through your personal account... Now we're getting juicy...

Spying is natural. But if I own the hardware and software, then I should get to do what I want with it. If you're not interested in revealing personal things, then use your own hardware.

Business time is business time. While everyone needs a break, and some leaway can be made, at some point there needs to be a line. This doesn't need to be a legal line, but each company should be able to draw that line in the sand and say what is or is not acceptable.

Bother... I don't have time for this. But at least I'm writing from hardware and software that I own. ;)
Click here to view archived comments...
Archived Comments:
John Friesen - Posted on October 11, 2006
The galling thing about your government's desire to snoop without warrants is that the act allows the warrants to be obtained after the fact. They just don't want the oversight, or the need to justify retroactively what they've done. So they've arrogantly arrogated carte blanche powers for who knows what real purpose.

In business, you've got to be a little careful, lest the actions of even a minor employee come back and bite you in the ass. Americans are egregiously litigious.

For my defense, I try to insert words such as kerosene fertilizer and ayatollah into cell phone conversations and emails. I also installed Track-Me-Not, a little program from NYU that constantly sends out random search queries, creating a fog for spies to peer through.
Carl Street - Posted on October 11, 2006
Eric Holmen has nailed it precisely. The REAL purpose of hiring people is to achieve a result; NOT, to nit pick their every move. Competent and intelligent managers focus on results; NOT idiotic parameters that smack of a high school hall monitor mentality. Such "managers" truly deserve the epithet of "micro-manager" as it is descriptive of their limiited intellectual ability to see the big picture. Such little old ladies of either sex should be removed from management and given an appropriate career counting pebbles on highway roadsides. My hat is off to Eric Holmen!
Carl Street
carl_street@cjstreet.com
Eric Holmen, SmartReply - Posted on October 10, 2006
We hire people to be part of a culture of success, achievement, and fun.
SO, if the goal is persofmance on these criteria, then why would we spy on staff?
If someone is not achieving these standards, you don't need to know why - porn, amazon.com, whatever distractions - can be identified and measured in performance output. You don't have to spy to know that someone isn't getting the job done or that they're creating a bad place to work.
DON'T SPY - it's counter to employee trust and exceptional job performance.
Anne Currie - Posted on October 10, 2006
There are two issues under discussion here. The first is whether you should spy on your staff to determine whether they are slacking off (the traditional use of SpyWare). The second is whether to spy on _yourself_. Why would you want to spy on yourself? Well, I do it to check I'm using my time effectively and, in particular, delegating enough. You can "spy on yourself" the old fashioned way, by keeping an activity log by hand, or if that's too dull, you can use a software product that tracks your time for you automatically, like TimeSnapper or Qlockwork. My experience using self-spying software (commonly called "MyWare") suggests that time in organizations is more likely to be wasted accidentally through poor use of business tools like email, rather than deliberately by dishonest employees. In my judgement, SpyWare doesn't help solve this problem. You get more benefit from training your employees to monitor themselves and use better email and time management techniques.
Max Bendel - Posted on October 10, 2006
Reading you articles is justifiable research. Responding to the articles may not be?
Denny Hatch - Posted on October 10, 2006
Reply to Damon:
Thanx for writing. I have no idea what the subject of each newsletter will be from week to week; it depends on what is in the news and what dots I can connect. Each issue is an attempt to relate that news story to some aspect of business?management, marketing, ethics, interpersonal relations, the law or whatever. In that sense, I would hope that folks in the office would have no trouble justifying spending five minutes two days a week on BusinessCommonSense.com. Cheers.
Craig Valine - Posted on October 10, 2006
Great article! I have been guilty of spending too much time on personal emails and surfing the Internet... when I worked for someone else! Once I became self-employed, I used Dan Kennedy's advice from 'No BS Time Management..." and strictly enforce my need to get things done. I am committed to being as efficient as possible when it comes to my work. As for security issues, I believe, and I'm not a pessimist, that there is no real way to keep things private. All you can do is trust that someone won't share an email with others, even if you do put "please delete after reading this" or "don't share this with another soul". People will do things for their own reasons, even if it means sometimes ruining a relationship, whether it be personal or professional. It's in line to "not thinking before acting". Consequences mean nothing at the time of this sharing. I suggest private issues be done by snail mail, be hand delivered, or be done in person. It's a fantasy to think it can all be done that way. But, again, there is no sure-thing when it comes to privacy. - cv
Damon Thompson - Posted on October 10, 2006
Got a question for you, Denny - how would you classify those of us who read your newsletter at work?
John Thompson - Posted on October 10, 2006
Denny,

In your takeaway points you note that cell phone calls are probably personal calls. Not so for many of us. Our cell phone is our primary phone. I would estimate that 95%+ of all my work calls go to my mobile phone. It is easier, better and more immediate than voicemail. I am at the point of where I could do away with voicemail. Actually, my outbound message on my voicemail encourages people to not leave a message and call my mobile to have a discussion on the spot.

Best,
John
Jillian - Posted on October 10, 2006
It is pattently unethical to spy on workers. If they have agreed to be your loyal employee, for whatever amount of time, and have afforded you the courtesy of their time, day in & day out; sick day and well day; sunny day & rainy day; childrens' birthdays, championship games, and plays, and everything in between because in American business you cannot afford to lose the productivity of more than 6 most absolute goverment-ordered holidays...If the employee can submit THAT MUCH to you, and then continue to submit in overtime because they don't want to be fired for laziness - I think it may be wise to FAIRLY monitor company equipment use. Some businesses guard against overuse of paper & copiers by giving a pass code with a maximum quantity of use to each employee. A discussion is had about this practice.

It is my assumption that a company who doesn't raise the discussion of monitoring the use of their computer and telecommunication equipment WANTS to spy on its employees. And WANTS to find wayword workers. And WANTS to fire them. Why? I don't know. If the idea is to increase productivity (because let's face it MONEY is the ultimate driving force here) I would assume it is easier to alert the current employees to constant activity monitoring, and have "the IT guy" run random checks across the system to ensure compliance, than it is to bring in a corporate "spy" and go through the expense of firing, hiring and training more wayward employees, whom you don't alert to the spying.

Ahhh, but in my radically fair scenario, the BOSS & upper management have to comply as well...
Carl Street - Posted on October 10, 2006
If you were on a cruise ship and the Captain suddenly announced, "We are in danger of sinking so everyone must now take off their life jackets" you would think that Captain was at least incompetent, if not deranged.

Civil liberties are the personal life jacket that protects the individual from the awesome power of the State. History shows that State power is at its most dangerous in times of emergency. Thus, the need for civil liberties not only does NOT decline at such times; it actually increases.

Anyone who has studied the Constitution and the writings (Federalist Papers) of the individuals who wrote it, KNOWS that they designed a document to guarantee civil liberties IN TIMES OF EMERGENCY and stressed repeatedly that there was actually little need for Constitutional guarantees of civil liberties in times of peace and prosperity; however, the need to apply an objective standard of reason and restraint during the emotionally charged times of emergency was their fundamental purpose.

Consequently, those who advocate the suspension of civil liberties during "war" can hardly claim to be Americans; regardless of their national origin. Being an American is an intellectual and ethical commitment to a system of restrained governance; NOT, an ethnicity based on the location of one's birth. I suggest such individuals READ and STUDY the writings of James Madison and Thomas Jefferson; then hang their heads and shame and apologize to all REAL Americans for their vocal ignorance.

Carl Street
carl_street@cjstreet.com
Ryan Smyth - Posted on October 10, 2006
Oh bother...

If I own the company, then you'd better not be surfing porn without a VERY good reason. (I actually need to do this from time to time in my job - believe it or not...) Texas Hold 'em? Huh? You're fired. Personal emails from a corporate email account? NOT! Reprimand. (Send your personal emails from YOUR email account.)

Contacting business leads through your personal account... Now we're getting juicy...

Spying is natural. But if I own the hardware and software, then I should get to do what I want with it. If you're not interested in revealing personal things, then use your own hardware.

Business time is business time. While everyone needs a break, and some leaway can be made, at some point there needs to be a line. This doesn't need to be a legal line, but each company should be able to draw that line in the sand and say what is or is not acceptable.

Bother... I don't have time for this. But at least I'm writing from hardware and software that I own. ;)