undefined | Better HN

0 pointsstingraycharles24d ago0 comments

I think the keyword is “can”.

It is allowed, contrary to eg the EU, where this is not allowed.

0 comments

15 comments · 4 top-level

caymanjim24d ago· 5 in thread

Yeah, I know they can. I just can't believe it's normalized and that people simply accept it. Good on the EU for pushing back.

jlarocco24d ago

I'm surprised you can't believe it.

Most companies large enough to have their own IT have monitoring and know what's going through their network. The larger the company, the more likely they're watching. I've personally never seen that information used against anybody unless they were looking at shady stuff (porn, hacking websites, etc.), but I'm sure they're monitoring.

Even outsourced IT for small companies will often put "security" software like Sentinel One or Sophos on machines they manage, and those can track and block web traffic, report everything being installed, and even MITM HTTPS traffic.

Personally I don't see the big deal. If I don't want my employer watching something, I don't do it on their network. I monitor what's going on in my tiny home network, and I expect anybody administrating larger networks does the same thing.

Avicebron24d ago

Why the scare quotes around security?

mhurron24d ago

You should expect it because it's the safest position to work from. Don't use your work device for non-work, they may be tracking something or everything and do you want that in that record.

Additionally, don't use personal devices for work, but that is because of other reasons.

3form24d ago

I guess from my perspective there are even more dire problems in the US that I'm surprised people accept. But it seems they don't know, or care, or know that they should care.

Perhaps it's the lack of proper authoritarian regime in the US' past that drives this. I believe the temporal proximity of such makes people aware of, and angry against, the many traps that such systems leave in their "law", so you can be imprisoned anytime for anything. EU has a bunch of countries with varying degree of such past.

mrhottakes24d ago

Most people need to work to support themselves so it's quite inconvenient to single-handedly solve all of the problems in the US. Suggesting people simply don't know or care is very naive.

2 more replies

KaiserPro24d ago· 3 in thread

> It is allowed, contrary to eg the EU, where this is not allowed.

Its allows in most of the EU apart from germany where there are strict limits.

however you can still record what your users are doing for purposes of detecting fraud. This is where it differs from the USA, where they can do anything because they have no data protection laws.

frm8823d ago

Please read the current legislation for Germany. Allowing you private use of company internet access classifies your employer as a telecom provider which then require additional safeguards etc. No employer wants this which is why personal internet use is generally not allowed and misuse is grounds for termination without notice. So is the use of private equipment. Restriced monitoring is allowed, very detailled or systematic monitoring is not.

https://www.fachanwalt.de/magazin/arbeitsrecht/internetnutzu...

LtWorf23d ago

Would it be too much to ask to not make stuff up?

KaiserPro23d ago

WOuld it be too much to ask for you to dig a little deeper in to what the law allows?

An employer am allowed to record all your actions for the purposes of detecting fraud and or illegal activity. The method or recording and the way the employer stores and allows access to that recording must be "reasonable"

For example if you are using slack, gchat or teams, all your conversations are logged in the compliance system. Every action you make in m365 is also logged. AWS actions are also logged if you have cloud trail enabled

All you emails are also recorded and stored for n years.

If you have zscaler or some other threat detection system every site that you visit will be recorded. The anti phishing plugin you have will also log what sites you are looking at. Theses are not automatically illegal, its how the data is stored and processed that determines the illegality.

Now, lets get to meta. As part of their leaking detection system, in about 2024 they started routinely taking screenshots of all users every n minutes. One could argue that it wasn't proportionate. However for holland, france and germany, the workers councils should have been informed.

The thing that was illegal was the covert nature, or at least not explicitly telling employees that they were taking screenshots. not the screenshots themselves.

For the AAI bullshit that meta are pushing, again depending on how its done its not necessarily against the various EU/UK data protection laws to record the data. Where it gets interesting is how and where the data is processed later on.

To blindly say that "EU says it can't happen" is far too simplistic and not accurate to say the least.

1 more reply

throw123456789124d ago· 2 in thread

It is allowed under certain circumstances.

prerok24d ago

I am pretty sure there would have to be a court order, i.e. a severe violation would have to have good ground to be suspected.

throw123456789124d ago

No court order. Just a suspicion against an individual, and a process to follow. Plus, you have to tell them. There is no mass surveillance without notice, correct.

d1sxeyes24d ago· 1 in thread

It’s not true that it’s not allowed in the EU. There’s the Barbalescu ruling which is case law that says employers must fulfill a bunch of criteria around informing employees, the necessity of the monitoring, and they are not allowed to impose blanket bans on private use, but it is still legal to monitor employees in the EU.

layer824d ago

It can be legal, but demonstrating the necessity is a significant bar.

j / k navigate · click thread line to collapse