Date: Tue, 19 Jul 2011 19:20:31 +0200 From: Damien Fleuriot <ml@my.gd> To: Polytropon <freebsd@edvax.de> Cc: "freebsd-questions@freebsd.org" <freebsd-questions@freebsd.org> Subject: Re: Tools to find "unlegal" files ( videos , music etc ) Message-ID: <629B5A90-7251-4EE0-A25B-B84C518B9FE4@my.gd> In-Reply-To: <20110719182529.3068ced4.freebsd@edvax.de> References: <201107191520.p6JFK9d3033870@mail.r-bonomi.com> <4E25A6AE.2020309@my.gd> <20110719182529.3068ced4.freebsd@edvax.de>
next in thread | previous in thread | raw e-mail | index | archive | help
On 19 Jul 2011, at 18:25, Polytropon <freebsd@edvax.de> wrote: > On Tue, 19 Jul 2011 17:45:50 +0200, Damien Fleuriot wrote: >> You claim that OP may lawfully open his users' private files. >> Under your jurisdiction he might, under ours he shan't. >=20 > A way around such a situation is to PROHIBIT the users > (e. g. the employees of a company) to store private files > on corporate servers, or even to do private web surfing > during work time. You also often find regulations in > office settings where the following policy is maintained: > Workers _may_ use the web in a private manner for a time > that definitely does _not_ keep them from working (i. e. > an acceptable percentage), but they _will_ be monitored, > e. g. by a proxy server that logs which sites are requested > to make sure to track illegal use of corporate equipment > (e. g. for illegal file sharing) can be tracked down to > an INDIVIDUAL. It may also be possible that the screen > of the user is monitored. >=20 It cannot be prohibited under french law, as long as the use is reasonable. Regarding proxies, the law offers companies the right to monitor web browsin= g so that one is okay. > Here in Germany, some companies, and also governmental > installations do follow similar policies. The employee > usually has to sign an agreement regarding this regulation. >=20 > However, this does _not_ cover giving up privacy on > matters that are under basic laws of freedom, both granted > by the EU and (partially) acknowledged by the German state. >=20 > With "partially" I mean things like this: ISPs and > phone operators are caching _any_ connection data for > a given time, as an agreement with the government. This > is mainly intended for criminal investigation, and in > such cases, the order of a judge is essentially required. > However, history has taught many times that this mechanism > is constantly abused, so nearly anybody with "substantial > interests" (means: power and/or money) can get access > to such data, even if the individuals getting into scope > are NOT subject to any investigation. >=20 >=20 >=20 >> OP may not open his users' private files without taking the following >> precautionary steps: >>=20 >> 1/ open the document in the employee's presence >> or >> 2/ formally inform the employee that his document will be opened >=20 > I think the 2nd requirement can be encapsulated in terms > of service? Just an assumption, not a claim! See my > example at the beginning. >=20 >=20 Robert asked the same thing and I replied in private to reduce noise on the l= ist. I think that would be too broad and vague to be acceptable at court. >=20 >> Under french jurisdiction, this can't be done. >>=20 >> An employee is forbidden to encrypt work documents if the goal is to >> prevent his employer from accessing them. >=20 > Basically, the work an employee does is "owned by the > employer", so _this_ is the level where rights may be > granted (e. g. for data protection - a possilbe requirement). >=20 >=20 Aye. Documents on a work computer are, by default, considered non personal. >=20 >> However, said employee may encrypt his own private documents and his >> company can cry a river, he can't be compelled to open said documents >> unless by a court order. >=20 > Correct - unless, of course, the employee is explicitely (!) > prohibited to use / bring / access such stuff AT WORK. Such > restrictions sometimes are part of the work contract. >=20 >=20 That might be a disproportionate restraint of the employee's rights, there i= s a provision of fair use of work equipment for personal stuff. As long as it doesn't disrupt the employee's work flow, that is, thus te ter= m "reasonable" being used in the law. >=20 >>>> The same way I just can't demand your driver's license unless I'm law=20= >>>> enforcement. >>>=20 >>> Under some circumstances, I _can_. >>>=20 >>> To wit: If you want to drive _my_ car, I most certainly can demand proof= =20 >>> that you have a license. >>>=20 >>=20 >> See above. >>=20 >> My example, as understood by any sane person is: >>=20 >> You can't come to me while I'm driving my own car in a public street and >> ask that I prove: >> 1/ ownership of the car >> 2/ ability to drive (ownership of a driver's license) >>=20 >> That is for law officials to ask, you're just a nobody in that respect. >=20 > Just as an analogy: >=20 > If you got trapped stealing in a shop, the owner of the > shop may put you under temporary arrest. He may _not_ > demand you to hand out an ID card or passport to him. > Instead, he has to call the police who will ask you for > your identity, and you'll have to prove it TO THEM. >=20 >=20 That is correct :) >=20 >> There are things he will be able to do and others he won't, regarding >> his users' files. >=20 > Creating restrictions PRIOR to system access would be > the preferred way, but it's quite hard to apply them > afterwards. >=20 > However, people should be clever enough... erm... well, > maybe that's a bad beginning. Let me try again. :-) >=20 > People should have learned that whenever they are using > a device connected to the Internet, be it their own laptop > or the desktop at work, NOTHING is private. And in worst > case, "by accident" everything will open up. There are > too many parts in the chain: Employer, admins, ISP, > company that runs the datacenter, phone operator... and > in the end, 1984 is TODAY. >=20 >=20 >=20 > --=20 > Polytropon > Magdeburg, Germany > Happy FreeBSD user since 4.0 > Andra moi ennepe, Mousa, ...
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?629B5A90-7251-4EE0-A25B-B84C518B9FE4>