A Company Computer and Questions About E-Mail Privacy -- NYT

June 27, 2008
A Company Computer and Questions About E-Mail Privacy

By JONATHAN D. GLATER
When he was fired, Scott Sidell was angry enough. Then he found out that his former employer was reading his personal Yahoo e-mail messages, after he had left the company.

In a lawsuit that he filed in May against Structured Settlement Investments, the finance company he used to run, Mr. Sidell claims that executives at the company went so far as to read e-mail messages that he had sent to his lawyers discussing his strategy for winning an arbitration claim over his lost job.

“It’s kind of like the other side gets your playbook or they’re spying on your locker room,” said Russell Green, a lawyer representing Mr. Sidell. He said that his client was now using a new e-mail address.

The lawsuit filed by Mr. Sidell in federal court in Connecticut involves an unsettled area of the law, where changes in technology create tension between expectations of personal privacy and companies’ rights to monitor the equipment they provide to employees. The case’s unusual combination of facts, which are in dispute, paves the way for a decision that could help set a precedent for dealing with personal e-mail at work.

more...

http://www.nytimes.com/2008/06/27/technology/27mail.html?_r=1&ref=business&oref=slogin

and a good reminder of how important it is to at least sign out of any sites you use before you get up and leave a computer.

Rich Palma, the chief operating officer for Structured Settlement, outlined the company’s position in a statement filed with the court. Mr. Palma said that Mr. Sidell had returned to the office after he was fired and had begun using another employee’s computer.

He said that Mr. Sidell had used that computer without authorization and had sent trade secrets and confidential company information to his Yahoo e-mail account. Mr. Palma said the information included lists of customers, their home addresses and phone numbers, terms of deals and brokers who had sent business to the company and personal information about the company’s employees.

Mmm-kay, let me get this straight: Scott Sidell is upset that the company read the e-mail communications between Sidell and Sidell's lawyers, which he transacted on an e-mail account he had logged onto his own computer (isn't using an account you know to be compromised a bit like continuing to put money in a bank account whose account access information you've provided to a 419 scammer?), but he thinks it fine to steal his former employer's confidential information? Call me confused.

If he accessed his personal Yahoo account from a computer belonging to the company, then he gave the company access to that account.

Corporations have more rights under the law than individuals.

you lose your constitutionally protected rights...as if we had any left to lose...

saddlesore

What if your company has Wi-fi throughout the building, and you bring in your own laptop or Blackberry or whatever but obviously use their Wi-fi? Does that mean that whatever goes through their servers is theirs, too? So, you can't send anything private through your company's servers because that makes it theirs? I'm just wondering where we draw the line.

Unless there's a specific agreement stating otherwise, whatever information is on a device attached to a company server is open to the company.

Ours reads, in part:

"This is a secured machine; only authorized users may connect.
Activity is subject to real-time monitoring.
By connecting to and using this server, you waive your expectation of privacy."

That is: touch this machine, and you will be monitored. We're a real BOFH Club.

I'm not sure everyone does. I'd want to know if my stuff was being read or not.

They don't have a right to continue to log into his account after he was fired and read his emails.

it is theirs to find

Can I have a look at his bank account etc?

Can I take his wallet if I want to? How about use his truck, since he's on my dime and he needs the truck to complete the work I'm paying for? See technically I paid for the gas in that tank with my money, as it's part of the cost of materials, and he does claim that truck to be primarily for business use.

If I can do that, can I then pop in any time to borrow his truck? I mean technically since his truck was company property while he was doing the work can't I now do anything I want with it?

Or how about this scenario:

I give him a ride in my truck to pick up some supplies. From that moment on I am permitted to search his person any time I want at any point in the future.

Or try this one on:

I spend a few days in jail and am allowed to call and email my lawyer. Is the government then allowed to tap all of those calls and access all the emails from that account in perpetuity?

ect....

he isnt not your employee.

the whole lawyer thing and you being in jail is another stupid example

these things you put out are not even similar let alone the same as the op

Should I be able to wiretap him on his lunch hour?

Why is it a stupid example? Simply because you don't have a good response?

i gotta at least have a person that isnt arguing stupid

Rather than answering each point you resort to insults. Is it possible that you are not capable of formulating a response? Do you FEEL stupid? Does it make you feel better to call me stupid instead of actually having a discussion?

I'm all for companies monitoring their own networks for disciplinary actions or security, but actively accessing a former employee's email account is not acceptable. Any email he read while at work was fair game, but accessing the account after the employee is no longer there is a massive problem. That's like a bank teller noticing that a customer has dropped his safe deposit key, and instead of returning the key to the customer, the teller helps himself to the contents of the box.

If the guy did indeed send company trade secrets to his Yahoo email, they should already have logs of that without needing to access his Yahoo account.