Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 19 Jul 2011 10:55:27 -0500 (CDT)
From:      Robert Bonomi <bonomi@mail.r-bonomi.com>
To:        freebsd-questions@freebsd.org
Subject:   Re: Tools to find "unlegal" files ( videos , music etc )
Message-ID:  <201107191555.p6JFtRBO034022@mail.r-bonomi.com>
In-Reply-To: <4E258ECB.4010508@my.gd>

Next in thread | Previous in thread | Raw E-Mail | Index | Archive | Help
> From owner-freebsd-questions@freebsd.org  Tue Jul 19 09:05:02 2011
> Date: Tue, 19 Jul 2011 16:03:55 +0200
> From: Damien Fleuriot <ml@my.gd>
> To: freebsd-questions@freebsd.org
> Subject: Re: Tools to find "unlegal" files ( videos , music etc )
>
> On 7/19/11 3:49 PM, Robert Bonomi wrote:
> > Do you mean to suggest that an employee _cannot_ give permission to 
> > *anyone* (whether it is the employer, or just a friend) to look at any 
> > file that is categorized as 'private' ??
> >
> > If they can give permission for 'someone' to look at a particular file, 
> > what prevents them from giving that someone permission to look at 
> > _every_ such file?
> >
>
> French law *states* that a private file on a company computer may only be 
> opened either:
>
> 1/ in the employee's presence
> or 2/ if the employee has been duly informed the file will be reviewed
>
> Note that the employee's consent is not required.
>
> However if the employer cannot prove the employee was informed, their 
> opening of the file is unlawful and subject to prosecution.

I see.  One question, for clarification.  Do they  have to 'give notice' 
for each individual file, with unique identification, or can they give
notice for "all files"?
>
>
> > If what is forbidden is 'inspecting by a human being', then running 
> > file(1) to build a list of 'suspect' files isn't 'opening' them either. 
> > Nor is a -mechanical- process that checks for 'suspicious' "magic 
> > numbers".
> >
>
> Nobody denies this point.

Strange, there _were_ such assertations in this thread.


> What was said however is that IT staff in Europe do not have the power to 
> identify a file as illicit or not.

You want to know the _really_ funny thing?   As far as I can tell, _nobody_ 
ever claimed that anybody *DID* have that ability.

_I_ most certainly did not make any such assertation.

>
> Privacy laws in the EU are kind of... strict...
>
> You just can't do anything even if the files reside on a work computer.
>
> Even when an email is received on a work mail box, if it is clearly 
> labeled as private you are prohibited to open them (unless, again, the 
> employee is present or has been informed of the act).

Unfortunately, that 'simplified' language is _so_vague_ that it is simply 
not possible to tell what is, or is not, prohibited.  Taking the language 
about 'opening' _absolutely_ _literally_, any copying is forbidden, even 
if part of routine system activities.  Similarly, _where_ does the employee
have to be present when the disk file is opened, copied out to the netork,
and read from the network (and copied to disk) on a machine hundreds of
kilometers distant?  These questions are (one would hope) obviously non-
sensical, but with gov't regulations, one cannot rely on 'common sense'.
<grin>

If 'opening' means "content being examined by a human being" then _most_
of the ambiguities are eliminated.  However, the 'details' of what constitues
being 'informed of the act' are critical to any real-world procedure.
Does one have to give express notice for each file being examined, or can
one give one notice for 'all files'?  Are there any restrictions with regard
to how close in time the 'been informed' and the 'opening' must be?

Could the employer deliver a written notice to 'inform' the employee that
"any file is subject to opening at any time', getting a signed receipt for
that notice as 'proof the employee was informed'?





Want to link to this message? Use this URL: <http://docs.FreeBSD.org/cgi/mid.cgi?201107191555.p6JFtRBO034022>