ITGS Syllabus

Wednesday, January 11, 2006

Topic 11

Organizational policies and standards, for example, e-mail, surveillance and monitoring policies by Matthew Wilder

How did this technology emerge?

Network surveillance and monitoring policies have been used primarily by corporations and governments to spy on employees and civilians. By using such policies to monitor computers and networks, corporations check whether employees are doing things that are work related, and governments gain information from individuals that interest them (i.e. terrorist suspects).

Such electronic spying methods have emerged ever since everything started to become computerized. Groups that spied realized that it was a lot easier to hack into computers or check internet acces history rather than send people, actual spies, on investigations. Thus, computerization brought along a whole string of network surveillance methods, from different kinds of hacking to various spy programs.

What areas of impact does it affect?

Evaluate the impact locally and globally.
The biggest area of impact concerning organizational network policies is privacy. With people you don’t even know searching through your computer, the idea of privacy in the modern sense is negated. Furthermore, the more recent surveillance technologies allow for a person using the technology to be completely undercover, and so the person being spied would never even know that he or she was being searched. In this sense, privacy is affected.

On a local level, network policies will affect people at the workplace, or for students, at school. In the case of a student, network policies may prevent the student from accessing certain contents on the computer (i.e. porn, games). In the workplace, like for the student, network policies may prevent people from accessing certain contents like corporate secrets, but policies also track what you have been doing on your computer.

For example, in many companies, the company will filter your internet history to see whether you have been accessing websites that are unrelated to work. When the company does find something unrelated, the company then uses that piece of information against you. The sole purpose of this is to increase productivity, the idea being that monitoring policies will create an incentive to only do work related activities. On a more global and larger perspective, surveillance policies are used by government agencies for spying.

An example is the Chinese government, which has a department solely created for the purpose of browsing through the internet to look for websites that state things that go against communist morals.

Who are the stakeholders?

What are the advantages and disadvantages for those stake holders?
The biggest stakeholders in the usage of organizational network policies are usually, in the case of corporate network policies, the lower ranked employees. In a company, it is usually the people at the top, the management, that apply monitoring policies, and the people below that are monitored. Thus it is almost always the people at the lower end of the social ladder that are affected. These people are the ones who are fired when their managers find out that they have been spending hours on Youtube. A major disadvantage, as previously discussed, is that these people lose a lot of privacy when such policies are put in tact.

The advantage of taking away such policies on the other hand, are extremely clear; stronger privacy and freedom. Of course in some ways the people on the other side are stakeholders too. Without such policies, managers would not be able to assure shareholders of the company that their employees are being as productive as possible. With governments, network surveillance is extremely valuable as that is how a lot of information is gained on people. The disadvantages of not using network policies, for these groups, are all too apparent.

Who is responsible?
Who is accountable?

The people responsible and accountable are the corporations and governments that decided to use organizational network policies. These groups were the ones that started developing such policies and they were the ones that had the incentive to do such things.

What are the ethical issues?
What are the issues associated with this subject?

The right question to ask when the implementation of network policies are being debated is, is it ethical to search through a person’s computer without the person’s consent? The answer to this is, like the implementation of such policies, is debatable. On one hand, you could say it is wrong because doing such a thing is in a way, a violation of one of the more modern human rights; privacy.

Spying on one’s computer will destroy the person’s privacy. Of course, if the person was playing computer games at work all day, then you could say in that case spying is justified, but what if the spy accidentally opened up a private email that showed the person was having problems with his wife? The person most probably would not want let anyone know about that, yet the network manager now knows.

A question you could ask yourself then is, does the network manager have any right to know about the person’s marital problems? On the other hand though, you could say that the infringement of privacy is justified. CEOs of a corporation might justify his use of monitoring policies by saying that the computers his employees work at all belong to the company, and so thusly, the company can do whatever the company wishes to do on the computers.

CEOs may also say that they have to assure stockholders that their workers are being as efficient as possible and that productivity is at the highest level, and to ensure that, the company has to make sure people are only doing work related tasks on their computers. So as you can see, privacy is a big issue associated with this subject.

What laws apply?
What solutions can overcome the problem?

Governments around the world usually have laws that allow for the government to pursue a policy of network surveillance. For example, in the Unites States, under the Patriot Act, law enforcement agencies are allowed to search through people’s computers without a search warrant. In China, the Communist Party constantly passes new laws that allow for the government to spy via the internet.

So what solutions can overcome the debate over the usage of organizational network policies such as surveillance? One possible solution to the problem at hand is to allow for network policies, but not make the policies unknown to people. People could be given reports each month or so on the history of their computer usage for that month. This will especially work in the workplace because employees will know that they are being checked for, and they will know exactly what the employers know about them. This solution will still provide an incentive for workers to stay on task while at the same time lowering the level of privacy intrusion in the sense that the workers know which aspects of their activities are being inspected.

Are there alternative decisions?
What are the consequences of these decisions?

Other than the solution stated above, there are few if any, alternative decisions to organizational network policies other than to not use such policies. But again, there are consequences to this alternative, much of which hit the people who implement the policies. Without computer surveillance, managers will not be able to ensure productivity in the company and governments will have to use more inefficient and difficult methods to gain intelligence.

Comment Deleted

This post has been removed by the blog administrator.

November 19, 2006 7:30 PM

Comment Deleted

This post has been removed by the blog administrator.

November 21, 2006 7:17 PM

Comment Deleted

This post has been removed by the blog administrator.

November 21, 2006 7:19 PM

Biffy "Raymen" Drecker said...

I agree with the writer. Very enlightening. Surveillance is important, but too much is bad.

November 21, 2006 7:19 PM

Joseph Toyoshima said...

Overall, you answered the questions very well. I have to say that I agree that society has a big trade off between surveillance and monitoring policies, and individual privacy. Very well written indeed. Please read my essay

November 27, 2006 7:20 PM

juju said...

This is a very interesting subject. Yes there should be some serveilliance, but too much is just invading privacy. Thank you for your Post

November 27, 2006 7:22 PM

Tommy Chuang said...

I think it would be good if you mentioned some ways that employees have come up with to circumvent this monitoring, such as programs that help to hide windows and processes.

November 27, 2006 7:36 PM

matwilder said...


November 27, 2006 7:43 PM

chirag said...

I agree with your ideas here... But, a lots of them like the one in which the company checks ur internet history leaves us with no privacy...

November 28, 2006 5:08 AM

chirag said...

in this case we have to use proxies and stuff... Just the way as we do it in our computer lab :P...

November 28, 2006 5:09 AM

Vaibhav said...

Well thought and well written. I also agree with the fact that these policies are to obviously to restrict or prevent from people gaining access to some place. But again in these cases as chirag said you can always use proxy servers or tor.

November 29, 2006 1:57 AM

kaerujin said...

Good opening to the paper about corporations as it is a growing issue between employers and their companies so good reference to it. But are there exceptions where workers can use the net to look through unrelated sites to their jobs? There are some cases where certain workers are monitored beyond the space of their office. But otherwise it is a good paper.

December 05, 2006 7:32 PM

ronniewonnie said...

Excellently well thought out essay.
I like how you answered each social and ethical questions clearly.
However, i think that there are some parts where you need to elaborate on.
Ronald Chu

December 11, 2006 7:16 AM

HeeJun Son said...

I think surveilling and monitoring policies should be carried on as long as they do not fully invade people's privacy. For instance, monitoring e-mail by CIA is acceptable since some e-mail may contain issues related to terrorism. If we do not monitor, we cannot figure out the place where any terror attacks will take a place.

December 11, 2006 10:02 PM

Chun said...

This essay is well organized and well written. Your essay reminds me of the book "Digital Fortress" by Dan Brown where the government had this machine that can crack any codes by lightning fast speed of trials and errors, but hidden from civilians, so that they can spy on the civilian by checking e-mail and stuff.

December 14, 2006 4:40 AM

aditya kumar said...

A well written and insightful essay. I think elaborating on some of the methods needed to survey would have helped. What kinds of spy programs - some which visually monitor within a small network? some which remotely access through an IP?


Blogger Juju said...

So basically you never know when you are being watched. Unless you have some sort of alarm that tells you that you are being watched. Could governments be the ones creating all the worms and information seeking viruses?

January 07, 2007 10:28 PM  

Post a Comment

<< Home