Employee monitoring in today’s workplace

May 10, 2010

There’s no question that as we dive deeper into the information age technology will continue to permeate the workplace. Tech gadgets such as iPhones and Blackberries are cheaper and more convenient than ever before.  But as the workplace becomes inundated with these tech tools, businesses increasingly have to ask themselves how they can manage the corresponding legal risks inevitably raised by empowering a legion of employees armed with Smartphones. If only there was “an app for that”!

The “fuel” for many gadgets currently in the workplace is data, which may or may not relate to the employer. And I’m not just thinking of Smartphones provided by the employer.  I’m also thinking of social media websites such as Facebook and Twitter, which are often accessed after work hours on employees’ home computers.

What happens when an employer uses data gleaned from a company-owed iPhone or Blackberry to monitor an employee in the workplace? What about monitoring an employee’s Facebook page? After all, it’s not uncommon for information about an employer or its clients to appear on an employee’s Facebook page. Further, some employees have no second thoughts whatsoever about posting personal messages during paid company time. Many employers are introducing social media policies to mitigate the resulting legal risks. But how far should employers go to protect their interests?

Today’s post is the first in a series that I’ll publish in the coming weeks to provide you with an overview of legal developments regarding monitoring in the workplace, with a focus on employer monitoring of employee social media and Smartphone activities. Upcoming posts will also examine workplace privacy issues related to email, video and GPS monitoring. Stay tuned… 

In the meantime, click here to listen to my recent CJOB|68 radio interview with Human Resources specialist Barbara Bowes in which we discuss privacy issues in the workplace. You may also want to attend a complimentary Social Media in the Workplace webinar that I’ll be providing with a few of my colleagues next week (May 19th). Click here for info and to register (space is limited so register soon).

2 Comments | Employee Monitoring, Facebook, Mobile devices, Privacy, Smartphones, Social Networking Websites | Tagged: , , , | Permalink
Posted by Brian Bowman

Cloud increasing pressure in U.S. for updated online privacy law

March 30, 2010

It appears that the growing adoption of cloud computing, combined with the outdated Electronic Communications Privacy Act, is adding pressure in the U.S. for an updated online privacy law to help better protect cloud computers.

CNET is reporting today that “a broad coalition of companies including Google, Microsoft, and AT&T, joined by liberal and conservative advocacy groups, will announce a major push [today] to update federal privacy laws to protect mobile and cloud computing users”.

Of course, in Canada cloud computers have the benefit of PIPEDA and – where they exist – substantially similar provincial privacy laws. To learn more about cloud computing, and related privacy law implications, you may want to check out this previous post.

Leave a Comment » | Cloud Computing, Internet, Mobile devices, Privacy, Smartphones | Tagged: , , , , | Permalink
Posted by Brian Bowman

Laptop Encryption: “I don’t know what we have to do to drive this message home” says Commissioner

September 10, 2009

Laptop 11A summer incident involving sensitive personal information on stolen laptops has brought the issue of data protection once again into the crosshairs of Frank Work, the Alberta Information and Privacy Commissioner

In a press release, the Commissioner expressed shock and disappointment with the fact that the stolen laptops, which contained the personal health information of more 300,000 individuals, were not encrypted. “This is shocking for me…I don’t know what we have to do to drive this message home” said the Commissioner. “The standard in Alberta for storing personal or health information on portable devices is encryption. I can’t accept anything less.” The Alberta incident is strikingly similar to an incident that occurred in Ontario back in 2007.  The Ontario incident also involved the theft of a non-encrypted laptop containing personal health information.  A review of the incident by Ann Cavoukian, Ontario’s Information and Privacy Commissioner, produced an order for information of this type to be encrypted. 

These incidents demonstrate how easily sensitive data can be compromised when stored on laptops.  Encryption is a relatively easy way to improve the security of such information.  But, where do you start? There are numerous encryption options available.  Choices range from free open source encryption software like TrueCrypt to full information security consultations from companies that offer comprehensive data protection services like Seccuris. Regardless of which course you choose, one fact remains the same, encrypting laptops significantly improves security and that’s just smart business.

Leave a Comment » | Access to Information, Data Encryption, Data Protection, Laptops, Mobile devices, Personal Information, PIPEDA, Privacy, Privacy Breach, Privacy Commissioner, PSDs, Safeguarding, Safekeeping, Security, Security Breach, Smartphones, Technology | Tagged: , , , , , , , , , , , , , , | Permalink
Posted by Brian Bowman

The conflict between mobile devices and privacy: can’t we all just get along?

August 24, 2009

HeadacheThe sound of ringing telephones has caused migraines for millions ever since Alexander Graham Bell placed the first call to Mr. Watson in 1876. But thanks to some newly released technology, that’s about to change. Got a headache? There is, to borrow a phrase from a successful ad campaign, an app for that. Bellaire, Texas med-web company BetterQOL is rolling out iHeadache, an iPhone application that purports to “classify” and assist with diagnosing a user’s headache. iHeadache is one of many cutting edge applications available for use with smartphones. Don’t expect this trend to stop any time soon: thanks to programs like Apple’s iPhone Developer (only $99 for the standard edition), it’s becoming even easier for technology-savvy businesses to create their own apps.

Still not convinced? Consider this list of impressive apps for today’s traveler: Pocket Express, an app that acts as a mobile concierge; Stanza, an app that allows a user to load magazines and books to their smartphone; and GoodFood, which helps a user pick and locate a restaurant based on an array of dining preferences. It’s a good time to be a smartphone user, but perhaps even a better time to be an entrepreneur. Smartphones are increasingly offering businesses a direct window into the hearts, minds and, yes, wallets of potential customers.

But it’s not all good news, privacy advocates remind us. Many smartphone apps guzzle fuel like your Dad’s ’70 GTO, except they’re eating personal user information instead of gasoline. For example, your app may record your location, gender and birth year before it spits out the location of that perfect sale you’ve been looking for. A sizeable amount of personal information is in play, but, fortunately, Ontario’s Office of the Information and Privacy Commissioner (“IPC”) has been ahead of the curve with its call for “Privacy by Design“. Initially unveiled over 10 years ago, the concept of Privacy by Design combines privacy and security measures at the design specification stage of a project. Instead of waiting until privacy problems pop up to deal with them, Privacy by Design contemplates a proactive approach toward potential privacy issues. This methodology uses Privacy Enhancing Technology such as encryption to provide both maximum security and privacy protection. It is, as the IPC bills it, a “win-win” situation. Other examples of Privacy by Design include anonymous billing systems and depersonalization software.

It’s an exciting time to be a technologically-inclined entrepreneur, but the privacy consequences of smartphone apps cannot (and should not) be ignored. Any business that is considering creating or otherwise implementing an app should consider the privacy implications of doing so, preferably at the early stages of project development.

1 Comment | Internet, Marketing, Mobile devices, PIPEDA, Privacy, Privacy Commissioner, Safeguarding, Security, Smartphones, Technology | Tagged: , , , , , , , , , | Permalink
Posted by Brian Bowman

Palm Pre phone secretly used GPS to report user’s location to company: Los Angeles Times

August 17, 2009

Palm preThe Los Angeles Times is reporting that the Palm Pre phone secretly uses GPS to report users’ locations to the company.

It is an interesting story because it illustrates the importance of having clear and understandable privacy policies that customers can understand. It is also an interesting story because it (once again) demonstrates the attention that the media place on privacy matters and the potentially explosive reaction that customers can have if they feel their privacy isn’t being respected.

Leave a Comment » | Access to Information, Privacy Breach, Safeguarding, Security, Smartphones, Technology | Tagged: , , , , , , | Permalink
Posted by Brian Bowman

Smartphones in the workplace: what’s your business doing to manage the risk?

July 6, 2009

Cell phonesRecently, an interesting article in the Globe and Mail dealt with the issue of smartphone etiquette. Business professionals fidgeting with their BlackBerrys and iPhones in meetings, walking through airports with eyes glued to their small glowing screens and operating their devices in restrooms may seem unrealistic at first blush, but is it really? The reality is that smartphones have permeated the business world. They are everywhere, they are powerful and have the potential to be extremely damaging.

Breaches of confidential corporate data and personal information are nothing new to the business world, but smartphones have brought a new dimension to the problem. Smartphones are starting to make appearances in Canadian court cases in a supporting role, but it won’t be long before they are squarely in the spotlight. The latest iPhone model has up to 32GB of memory while BlackBerrys can store vast amounts of data on memory cards. The equivalent of entire filing cabinets can now be carried around conveniently in your shirt pocket. This reality has increased the risk for massive privacy breaches in the blink of an eye.

The big question is how involved should employers be in regulating and monitoring their employees use of smartphones? All encompassing monitoring of employee smartphone use is a touchy area, but the permeation of smartphones in today’s corporate world and the corresponding risks to businesses necessitates (at the very least) that relevant guidelines concerning their use in the workplace should be implemented by employers. All it takes to damage a business is for one employee to misplace their smartphone without having first activated their security settings.

1 Comment | Employee Monitoring, Privacy, Privacy Breach, Security, Security Breach, Smartphones | Tagged: , , , , , , , , | Permalink
Posted by Brian Bowman

Follow

Get every new post delivered to your Inbox.

Join 104 other followers