From owner-freebsd-questions@FreeBSD.ORG Tue Jul 19 15:55:45 2011 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 5BAF4106566B for ; Tue, 19 Jul 2011 15:55:45 +0000 (UTC) (envelope-from bonomi@mail.r-bonomi.com) Received: from mail.r-bonomi.com (mx-out.r-bonomi.com [204.87.227.120]) by mx1.freebsd.org (Postfix) with ESMTP id 1EB0F8FC1A for ; Tue, 19 Jul 2011 15:55:44 +0000 (UTC) Received: (from bonomi@localhost) by mail.r-bonomi.com (8.14.4/rdb1) id p6JFtRBO034022 for freebsd-questions@freebsd.org; Tue, 19 Jul 2011 10:55:27 -0500 (CDT) Date: Tue, 19 Jul 2011 10:55:27 -0500 (CDT) From: Robert Bonomi Message-Id: <201107191555.p6JFtRBO034022@mail.r-bonomi.com> To: freebsd-questions@freebsd.org In-Reply-To: <4E258ECB.4010508@my.gd> Subject: Re: Tools to find "unlegal" files ( videos , music etc ) X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 19 Jul 2011 15:55:45 -0000 > From owner-freebsd-questions@freebsd.org Tue Jul 19 09:05:02 2011 > Date: Tue, 19 Jul 2011 16:03:55 +0200 > From: Damien Fleuriot > To: freebsd-questions@freebsd.org > Subject: Re: Tools to find "unlegal" files ( videos , music etc ) > > On 7/19/11 3:49 PM, Robert Bonomi wrote: > > Do you mean to suggest that an employee _cannot_ give permission to > > *anyone* (whether it is the employer, or just a friend) to look at any > > file that is categorized as 'private' ?? > > > > If they can give permission for 'someone' to look at a particular file, > > what prevents them from giving that someone permission to look at > > _every_ such file? > > > > French law *states* that a private file on a company computer may only be > opened either: > > 1/ in the employee's presence > or 2/ if the employee has been duly informed the file will be reviewed > > Note that the employee's consent is not required. > > However if the employer cannot prove the employee was informed, their > opening of the file is unlawful and subject to prosecution. I see. One question, for clarification. Do they have to 'give notice' for each individual file, with unique identification, or can they give notice for "all files"? > > > > If what is forbidden is 'inspecting by a human being', then running > > file(1) to build a list of 'suspect' files isn't 'opening' them either. > > Nor is a -mechanical- process that checks for 'suspicious' "magic > > numbers". > > > > Nobody denies this point. Strange, there _were_ such assertations in this thread. > What was said however is that IT staff in Europe do not have the power to > identify a file as illicit or not. You want to know the _really_ funny thing? As far as I can tell, _nobody_ ever claimed that anybody *DID* have that ability. _I_ most certainly did not make any such assertation. > > Privacy laws in the EU are kind of... strict... > > You just can't do anything even if the files reside on a work computer. > > Even when an email is received on a work mail box, if it is clearly > labeled as private you are prohibited to open them (unless, again, the > employee is present or has been informed of the act). Unfortunately, that 'simplified' language is _so_vague_ that it is simply not possible to tell what is, or is not, prohibited. Taking the language about 'opening' _absolutely_ _literally_, any copying is forbidden, even if part of routine system activities. Similarly, _where_ does the employee have to be present when the disk file is opened, copied out to the netork, and read from the network (and copied to disk) on a machine hundreds of kilometers distant? These questions are (one would hope) obviously non- sensical, but with gov't regulations, one cannot rely on 'common sense'. If 'opening' means "content being examined by a human being" then _most_ of the ambiguities are eliminated. However, the 'details' of what constitues being 'informed of the act' are critical to any real-world procedure. Does one have to give express notice for each file being examined, or can one give one notice for 'all files'? Are there any restrictions with regard to how close in time the 'been informed' and the 'opening' must be? Could the employer deliver a written notice to 'inform' the employee that "any file is subject to opening at any time', getting a signed receipt for that notice as 'proof the employee was informed'?