Afternoon Folks (i guess that depends where you are!),

Can someone point me in the right direction on the legality of keylogging employees computers at work. A good friend of mine called me last night asking some strange questions about his privacy at work, as an IT administrator he thought I might have the answer, but i dont.

What can a company do/not do to monitor you at work? Can they install a key logger on your machine to see what your up to or how much time your spending say on the internet - or which internet sites you visit?

just want the legal side of this!

Thanks a lot,

gn0m3

At least in the US, this is perfectly legal. It's their equipment, and the employer also pays for the employee's time. Thus, how that time is spent on that equipment is something the employer has every right to know. Using company resources and time for personal use, without express permission, amounts to theft.

(As I explained during the Napster days to an employee who had caused a serious crash to a network application by filling a network volume with MP3s. Her brilliant argument that PC stood for Personal Computer and that I had no right to delete her music notwithstanding.)

As far as I recall it is covered in pretty much the same way as recording telephone conversations, which means it is OK as long as the person being recorded is made aware of this prior to the recording. Hence the 'this call may be recorded for employee training purposes' messages or, more to the point, acceptable use policies that point out usage of corporate IT may be monitored to ensure compliance.

Of course IANAL (I Am Not A Lawyer) applies, and I suspect there will have been or is likely to be a test case involving European Human Rights legislation and/or rights to privacy in the workplace. The whole privacy thing being a big can of juicy worms just waiting to be knocked over.

thanks for the reply's guys, will be doing a bit more research on this over the next few days, but thanks for the heads up!

gn0m3

In the UK, employers make it clear that if they have reasonable grounds for suspicion they can log anything you do. They make this clear in the Terms of Employment and, more usually, in the AUP for their IT systems.

I know from experience... ;)

And on the other side, I have set up keylogging for businesses, at least one of which caught and warned an employee for running a business, and another for accessing porn at work.

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.