Admit it -- you've used your computer at work to view
sites. Heck, if you are reading this article at work, you
might already be guilty as charged. More than 70 percent of
the adult online population has accessed the Internet at work
for personal use at least once, according to a September 2000
eMarketer study. Employees are sending personal e-mails,
playing games, viewing pornography, shopping, checking stock prices
and gambling online during working hours.
Cameras in the workplace keep an eye on
Don't think these cyberslacking activities are going
unnoticed. More than one-third of the 40 million American
workers with Internet access have their e-mail and Internet
usage under constant surveillance, according to a study from
Foundation. With a simple software application, your boss
can be tapping into your computer and see what you're doing in
real-time. Whether you are guilty of wasting company time or
not, your computer might
be under surveillance. You can be monitored without your
knowledge -- employers are not required to notify you that
you're being observed.
At the center of the debate surrounding workplace
surveillance is the question of employee privacy rights. In
this edition of HowStuffWorks,
you'll learn about the various kinds of software that enable
employers to monitor your computer activities. We will also
discuss the legalities of this practice.
A Growing Trend The growing number of
employers who are monitoring their employees' activities is a
result of the low cost of the monitoring technology, a growing
percentage of employees using their computers for personal use
and an increase in employees leaking sensitive company
information. Employers are also watching their workers to
avoid sexual harassment and discrimination lawsuits that stem
from inappropriate and offensive e-mails circulating within a
Instead of monitoring those employees who exhibit
suspicious behavior, many employers are instituting
"continuous, systematic surveillance" in the workplace,
according to a Privacy Foundation study written by Andrew
Schulman. Reports of companies firing workers for misusing
workplace computers are becoming more common as an increasing
number of employers implement electronic monitoring software.
Computers leave behind a trail of bread crumbs that can
provide employers with all the information they could possibly
need about an employee's computer-related activities. For
employers, computers are the ultimate spy. There's little that
can stop an employer from using these surveillance techniques.
There are basically five methods that employers can use to
track employee activities:
Desktop monitoring programs
Computer-monitoring programs carry such names as
Shadow, SpyAgent, Web Sleuth and
Silent Watch. The prices of these programs range from
as little as $30 to thousands of dollars. The number of
employers who believe that they need these programs and the
relatively low cost has resulted in an emerging multi-million
dollar industry called Employee
Let's examine some of the Internet surveillance technology
and how it's used.
Packet Sniffers Computer-network
administrators have used packet sniffers for years to
monitor their networks and perform diagnostic tests or
troubleshoot problems. Essentially, a packet sniffer is a
program that can see all of the information passing over the
it is connected to. As data streams back and forth on the
network, the program looks at, or "sniffs," each packet. A packet
is a part of a message that has been broken up.
Normally, a computer only looks at packets addressed to it
and ignores the rest of the traffic on the network. But when a
packet sniffer is set up on a computer, the sniffer's network
interface is set to promiscuous mode. This means that
it is looking at everything that comes through. The amount of
traffic largely depends on the location of the computer in the
network. A client
system out on an isolated branch of the network sees only
a small segment of the network traffic, while the main domain server
sees almost all of it.
A packet sniffer can usually be set up in one of two ways:
Unfiltered - captures all of the packets
Filtered - captures only those packets containing
specific data elements
Packets that contain targeted data are copied onto the hard
disk as they pass through. These copies can then be
analyzed carefully for specific information or patterns.
When you connect to the Internet, you are joining a network
maintained by your Internet service provider (ISP). The
ISP's network communicates with networks maintained by other
ISPs to form the foundation
of the Internet. A packet sniffer located at one of the
servers of your ISP would potentially be able to monitor all
of your online activities, such as:
From this information, employers can determine how much
time a worker is spending online and if that worker is viewing
It Could Mean Your
More than one-quarter
of American companies have fired employees for
misuse of office e-mail or Internet connections, and 65
percent report taking disciplinary actions for similar
offenses, according to the American
Management Association (AMA). Here are some of the
high-profile cases where employees were fired or
reprimanded for computer misuse:
October 1999 - Xerox dismisses 40 workers
for inappropriate use of the Internet related to the
viewing of pornographic Web sites.
December 1999 - The New York Times fires 23
employees for distributing pornographic images via
July 2000 - Dow Chemical fires 50 workers
and disciplines 200 others for distributing sexually
explicit and violent material.
September 2000 - Dow fires another 24 and
reprimands 235 more for e-mailing sexually explicit or
September 2000 - Orange, a British
mobile-phone company, fires 40 employees for
November 2000 - The Central Intelligence
Agency fires four employees and reprimands 18 for
participating in a secret chat room created in a
classified computer system for exchanging jokes.
June 2001 - A junior-high principal in
Seattle is fired for allegedly viewing inappropriate
material on school-district-owned computers.
July 2001 - Northwestern University fires
an employee for allegedly storing thousands of MP3
files on her work computer.
January 2002 - Enron fires several
employees for posting information about financial
abuses in online message boards.
Desktop monitoring programs work differently than packet
sniffers. They can actually monitor every single action you
take with your computer.
Desktop Monitoring Every time you provide
some form of input for your computer, whether it's typing on
the keyboard or opening a new application, a signal is
transmitted. These signals can be intercepted by a
desktop monitoring program, which can be installed on a
computer at the operating
system level or the assembly level. The person receiving
the intercepted signals can see each character being typed and
can replicate what the user is seeing on his or her screen.
Desktop monitoring programs can be installed in two ways:
Physically - Someone sits at the computer and
installs the software.
Remotely - A computer user opens an e-mail
attachment. The attachment, which contains a program the
user wants to install, may also contain desktop monitoring
software. This is described as a Trojan horse -- a
desired program that contains an undesired program.
Desktop monitoring programs have the ability to record
every keystroke. When you are typing, a signal is sent from
to the application you are working in. This signal can be
intercepted and either streamed back to the person who
installed the monitoring program or recorded and sent
back in a text file. The person it's sent back to is usually a
system administrator. However, keystroke intercept programs
are also popular among "hackers."
Hackers often use desktop monitoring programs to
obtain user passwords. Intercept programs, because they record
keystrokes, also make users susceptible to having their credit
card numbers and other sensitive personal data stolen.
Employers can use the desktop monitoring program to read
e-mail and see any program that is open on your screen.
Desktop replicating software captures the image on the computer
screen by intercepting signals that are being transmitted
to the computer's video
card. These images are then streamed across the network to
the system administrator. Some prepackaged programs include an
alert system -- when a user visits an objectionable Web
site or transmits inappropriate text, the system administrator
is alerted to these actions.
But employers don't need to install software to track your
computer use. There are actually systems built into every
computer that make finding out what you've been doing pretty
Log Files Your computer is full of log
files that provide evidence of what you've been doing.
Through these log files, a system administrator can determine
what Web sites you've accessed, whom you are sending e-mails
to and receiving e-mails from and what applications are being
used. So, if you are downloading MP3 files,
there's more than likely a log file that holds data about that
In many cases, this information can be located even after
you've deleted what you thought was all the evidence -- but
deleting an e-mail, or a file, doesn't erase the trail. Here
are a few places where log files can be found:
If the hard drives of an employee's computer and a system
administrator's computer are connected, a system administrator
can view the log files remotely. The administrator has
to have access to the drive to check files remotely.
Otherwise, a system administrator can check the computer
before an employee comes in or after the employee leaves for
You might be surprised at how many companies are monitoring
employee activities. In the next section, you'll find out just
how widespread this practice is.
Traditional Eavesdropping Computer
surveillance is by far the primary method of monitoring
employee activity. However, employers are still using
traditional methods such as eavesdropping on phone
calls, storing and reviewing voice mail and video-recording
employees on the job, according to the American
Management Association (AMA).
"The lines between one's personal and professional life can
blur with expectations of a 24-seven work week, but employees
ought to engage in some discretion about personal activities
carried out during the official hours of work," Ellen
Bayer, AMA's human resources practice leader, said.
Currently, 78 percent of all companies use some type
of surveillance system. Here is a breakdown of the methods
Storing and reviewing computer files: 36 percent
Video-recording employees: 15 percent
Recording and reviewing phone calls: 12 percent
Storing and reviewing voice mail: 8 percent
ACLU estimates that
employers eavesdrop on about 400 million telephone calls
annually. Federal wiretap
laws forbid eavesdropping on conversations unless one of the
parties to the conversation consents, but the Electronic
Communication Privacy Act of 1986 allows employers to
listen to "job-related" conversations. The ECPA gives
employers almost total freedom to listen to any phone
conversation, since it can be argued that it takes a few
minutes to decide if a call is personal or job-related.
Cameras can monitor actions that computer
In addition to monitoring phone conversations, employers
often place video cameras in the work area to monitor employee
activity. Small cameras are sometimes implanted and directed
to view the computer, so that the employee's computer activity
can be monitored that way.
"Privacy in today's workplace is largely illusory," Bayer
said. "In this era of open-space cubicles, shared desk space,
networked computers and teleworkers, it is hard to
realistically hold onto a belief of private space. Work is
carried out on equipment belonging to employers who have a
legal right to the work product of the employees using it."
In the next section, we will further explore the legalities
of workplace monitoring and answer the question of just how
much privacy you can expect at work.
Privacy Laws Simply stated, courts in the
United States tend to favor the employer in
workplace-surveillance cases. For that reason, employees
should always use good judgment when logging onto the Internet
and sending e-mails. Choose your words carefully; you never
know who might read your correspondence.
Under the Electronic Communications Privacy Act
(ECPA), electronic communications are divided into two groups:
Communication in transit
Under the law,
electronic communication in transit has almost the same
level of protection as voice communication, meaning that
intercepting it is prohibited. Accessing stored electronic
communication, such as e-mail sitting on a server
waiting to be sent, is not illegal. The courts have ruled that
since the e-mail is not physically traveling anywhere -- is
not "in transit" -- it does not have the same level of
This directly contradicts many laws regarding traditional
mailing systems. If the U.S. Postal Service worked this way,
no one would be allowed to open your mail as long as it were
being carried to your mailbox; but the second it is placed in
the mailbox and stops moving, your neighbors would be free to
come over, open and read your mail. This, of course, is not
how laws regarding the postal system work. It is illegal to
tamper with someone else's mail.
The U.S. Constitution contains no express right to
privacy, but the U.S. Supreme Court has historically
upheld an implied right to privacy. However, this right does
not apply to employees. Courts seem to be upholding the idea
that since the company owns the equipment and the office
space, it has a right to monitor its employees to prevent
misuse of that equipment and space.
With more companies installing monitoring devices and
technology, you should be careful the next time you send that
e-mail to mom or check out the latest sale at your favorite
online store while at work. Your employer could be watching,
listening and recording.
For more information on workplace surveillance and related
topics, check out the links on the next page.