What Causes Excessive Solitaire Addiction

Computer and Internet Monitoring in the Workplace: Rough Notes

Fellow, Privacy Foundation, US
Last updated: July 27, 2001

Table of Contents:


It's likely that about one in four large companies systematically monitors the computer, internet, or email usage of its employees. There are over fifty different products that are available today to help employers see what your employees are doing at work on their "personal" computers, your email, and on the internet.

But what do these numbers really mean? What makes employers in control of employee email, internet, and computer usage actually look like? What kinds of things can an employer see employees at their computers, and what kinds of computer activities are currently invisible to monitor in the workplace? These admittedly sketchy notes try to show, as concretely as possible, given a minimum of the technical terminology what "employee monitoring" of internet and computer usage looks like: its scope, the main companies involved, the forces behind Its assumption, some important distinctions between different types of surveillance products, and some possible future trends.


A shorter version of this paper was presented at a conference in Hong Kong on "E-Privacy in the New Economy" hosted by the Office of the Personal Data Protection Commissioner, Hong Kong SAR. Data protection officer Mr. Stephan Lau's permission to re-use the paper is gratefully recognized.

Previous versions of this paper have appeared, or will appear, in: Corporate Governance International (Hong Kong), e-Law in Asia (Hong Kong), and Privacy Law and Policy Reporter (Australia).

How much computer and internet surveillance is there, really?

The following section is largely replaced by a report by the Privacy Foundation (USA), "The Extent of Systematic Monitoring of Employee E-mail and Internet Usage" (July 9, 2001). The study found that 14 million workers in the US, or about 1/3 of the workforce (that is, those employees who have normal internet access at work), have their web surfing or email monitored with one Product like Websense or MIMEsweeper. Globally, the figure is about 27 million, or roughly 1/4 of the world's online workforce. The report received extensive press coverage; for example:
Jump to the next section

A much-cited recent American Management Association (AMA) survey found that over three-quarters of large US firms record and review employee communications and activity in the labor market ("More Businesses Watch Employees, American Management Association Annual Survey Reports "[April 18, 2001]; see also" 2001 AMA Survey: Operational Monitoring & Monitoring: Summary of Key Results ").

It is important to note that the AMA study included tracking phone usage (43% of business respondents), voice mail messages (7%), and video surveillance for security purposes (37%). In this paper, I will focus almost entirely on observing computer, internet, and email usage. Again, although the AMA numbers are staggering:
  • Storage & rating of computer files: 36% in 2001, compared to 13% in 1997
  • E-mail storage and review: 47% in 2001, compared to 15% in 1997
  • Internet connection monitoring: 63% in 2001 from 54% in 2000 (the first year this question was answered in the AMA survey)
  • Blocking connections to unauthorized or inappropriate web sites: 40%, up from 29% in 2001
  • Computer use (time logged in, keystroke counts, etc.): 19% in 2001, compared to 16% in 1997

In order not to be overtaken, the Society for Human Resource Management in the US says that a whopping 74% of HR experts surveyed think their organizations monitor employees' internet usage ("Is it you being watched?" [ January 2001]).
However, a closer look at the AMA report shows that "Most of the companies surveyed carry on monitoring practices on an occasional basis in the manner of on-site inspections, rather than constantly or on a regular routine." Systematic, ongoing or periodic monitoring is usually what the word "monitoring" recalls, yet some quotes from the AMA study emphasizes the point that most AMA's figures provide on-site inspections rather than full-scale monitoring.

The notion that such widespread observation of computer, email and internet usage really is, rather than appears to be, goes against the state of the employee monitoring (EM) industry. Companies that monitor employees in the sense of systematic monitoring, rather than random on-site inspections, or ad hoc responses to a particular situation - presumably from commercial EM software. However, the EM business, while it grows, does not respond to the numbers to the revenue or the market penetration one might expect from the AMA survey, or at least from the way that the AMA survey is typically cited.

One of the best ways to understand the scope of workplace logging is to look at the EM products market. Perhaps the largest EM company (though not the largest company that's in the EM business), Websense (Nasdaq: WBSN), which recently reported its subscription-based sales for Q1 2001 were $ 6.7 million (all numbers are in US dollars), which "seats" more than 8.25 million customers around the world pre-paid on a subscription basis ("Websense Inc. Announces First Quarter 2001 Results, Reports Strong Visibility, Progress Towards Profitability ", April 24, 2001).

Aside from stating that Websense apparently makes as little as $ 3.25 per employee monitor per year (although, as stated below, the company itself estimates the average cost to employers of $ 15 per employee), the coverage of 8.25 million workers worldwide, that of perhaps the largest EM vendors is hardly compatible with the idea that most employees with computers at "big" companies in the US are constantly being monitored. At the same time, 8.25 million - and that includes Websense's latest largest-ever sale, with 200,000 subscriptions to the US Army, for $ 1.8 million - is of course very important and provides a useful starting point for understanding the true extent of surveillance of employees.

The 8.25 million figure is an overestimate for the number of employees observed by Websense, because in the standard configuration, this product can only block certain web pages, and not every record of attempts to visit those pages will result in much less successful visits from unblocked sites. It is the recording, rather than the blocking, of the surveillance. Websense has a separate module, Websense Reporter, which records all web access (not only attempted access blocked by Websense, but also any non-prohibited web surfing) - and, clearly, 70% of Websense customers choose to install this reporter module, according to a company spokesman. So instead of 8.25 million workers monitored by Websense, we got maybe 5.75 million.

(On the other hand, the same Websense spokesperson noted on another time, "Since many of the Websense customers are medium to large businesses, they usually don't drill down to the employee level. They aren't concerned with individual Internet - Usage, as far as you are with the Internet Usage department. Our research shows that our customers run from reports to find internal internet usage trends. ")

Curiously, another major EM company SurfControl says in its annual report for 2000 that the Corporate Internet Access Control (CIAC) market has less than 1% penetration. Revenues for the SurfControl product in 2000 were over $ 8.75 million, about 3/4 from the US; Their average order is $ 4,500 ("SurfControl sales rocket up 200%," The Register, April 5, 2001). Sure, not all of this was for SurfControl business products, the SuperScout Web Filters and SuperScout Email Filters; SurfControl also has CyberPatrol for home and educational markets.

Perhaps SurfControl's 1% figure is meant to emphasize the potential for growth. In fact, another frequently-cited study by International Data Corp, claims that the EM market is expected to grow at an annual rate of 55% (International Data Corp., "Employee Internet Management" [sponsored by Websense]) - a figure that obviously incompatible with the near-saturated market by the implied notion that three quarters of employers who are already involved log into this type of user activity.

Or, maybe employers don't really need products like SurfControl or Websense to monitor their employees. Some could use the standard Unix or Linux tools such as syslog (see chapter "Log files and other forms of monitoring" in Kurt Seifried, "Linux Administrator's Security Guide", 1999). It is worth noting that in many cases the employees fired or suspended for "inappropriate" internet or email (see "Job Loss Monitor" administered by the Privacy Foundation's Workplace Monitoring Project) did not participate in systematic logging .

For example, an article about the layoff or suspension of twenty state employees in South Dakota notes that the state government "does not have a systematic filtering or surveillance system in place to keep tabs on its 13,000 employees. The current investigation has continued." so far on a web log report from the 100 users with the most hits over a three-week period "(Jeffrey Benner," South Dakota: Fire, Not Filter, "Wired News, June 7, 2001). Likewise an in-depth account of 20 New York Times workers laid off, sexually objectionable emails states that "the investigation began with something far more mundane: old-fashioned snail mail" (Ann Carns, "Slippery email backfires on NYT Staff, "Wall Street Journal, Feb. 4, 2000).

As a counterexample, if an article about 40 Xerox laid off workers for surfing banned websites that states that they are "snapped, not by supervisors or colleagues, but by software that is monitoring their online indiscretions. The software records every website, who they had visited (many of which, it turned out, were related to shopping or pornography) - and every minute they had spent on those sites .... They weren't the only ones under that watchful eye of spy software. In fact, the web usage of each of Xerox's 92,000 employees - in countries around the world - is regularly monitored by the company "(Lisa Guernsey", On the Job, The Boss Can Anybody Move Online And You Have Low Defenses ", New York Times, Dec 16, 1999). In fact, Mike Gerdes, manager information security at Xerox, has been used in each of the press several times on the subject of employee surveillance (e.g., "CyberSlacking", Newsweek, November 29, 1999), but rejects the product setting.

However, it is important to make a clear distinction between systematic observation on the one hand, and ad hoc investigations or on-the-spot checks on the other.

Websense's take is perhaps 5.75 million monitored places because they calculated a similar figure for SurfControl (see below), and added the other publicly traded companies with EM products - Telemate.Net (TMNT), Elron (ELRN ), Tumbleweed (TMWD), N2H2 (NTWO), and Baltimore Technologies (BALT) - plus the several dozen smaller companies with EM products we're talking about, probably 20 to 25 million employees worldwide, whose internet, computer, and Email usage is tracked in the constant manner that the word "monitoring" usually conveys. (Jupiter Research has reported that 43 million workers in the US currently have online access, and that the US represents about a third of the global internet population.)

All in all, it seems most reasonable to say that maybe as many as a quarter of employers monitor their employees' computer and internet usage.

In fact, a recent survey by the Office of the Privacy Commissioner for Personal Data (Hong Kong) found that 27% of the organizations surveyed monitor employees' computer usage, 23% monitor web browsing, and 21% employees monitor email (Private thoughts: Newsletter of the PCPD, August 2000). On the other hand, the Hong Kong survey did not specify whether "monitor" included on-site inspections in addition to systematic observation; It did, however, refer to "devices for surveillance," perhaps as distinct from a spot-check inspection of an employee's computer in response to a specific suspicion.

Some additional data:
  • A survey by corporate chief information officers (CIOs) in the US, conducted by CIO Magazine, found that only 17% of CIOs conduct sporadic employee email checks, 16% never monitor employees email, 11% look only look at the "problem employees," and 38% only look after there's a complaint or productivity problem ("CIOs Say Personal E-Mail / Internet Usage Increases Productivity," April 25, 2001).
  • In the UK, KPMG conducted a small survey in late 2000, and found that around 50% of companies surveyed monitor internet usage "infrequently", around 20% monitor on a monthly basis, and only 11% monitor on a daily basis (" The Troubled World of E - KLegal Internet Survey ", 19 Jan. 2001). A Vault.com "Internet Usage Survey" in Fall 2000 asked, "Do you restrict / monitor your employees' internet / e-mail usage?"; 41.5% of the 670 employers surveyed said yes ("Results Vault.com Survey of Internet Use in the Workplace"). His Sept 1999 survey had only 31% of 1,438 employers surveyed say yes. Interestingly, of the 451 employees surveyed in the fall of 2000, 53.5 percent believed that their employers were monitored, and 1,244 employees surveyed in Sept 1999, 45.5 percent believed that their employers were monitored.
  • A study by market analysts at Frost & Sullivan, reports PC Magazine ("US Company Puts Money Into Content Filtering," May 10, 2001), which states that "content filtering" made $ 119 million in revenue in 2000, 77% of corporate customers: in other words, a corporate content filtering market of over $ 92 million.
  • If we want "content filtering" to be roughly synonymous with employee monitoring (as mentioned, Websense says that about 70% of your customers install the Websense Reporter module, which records all web traffic), like has monitored many employees does this represent $ 92 million? Websense has a "ROI [return on investment] calculator" on its web site, whose JavaScript source uses a figure of $ 15 per employee; Likewise SurfControl has an ROI calculator on its website whose JavaScript source uses a sliding scale ranging from $ 1195 for 50 or fewer employees to $ 45,000 for 10,000 employees, but with an average of $ 10 per employee. If we take the lower figure of $ 10 per employee, which was $ 92 million in corporate sales in 2000, then it represents over 9 million employees - either newly monitored or renewed with annual subscriptions. The number would be bigger if you thought you were in a reseller discount of about 30% (see below).

It seems likely that something like three quarters of employers checked on and on at least one employee's computer, email, or internet usage at one time or another. But again, this has to be distinguished from surveillance. In a way, to put aside site controls (which is probably just one form of monitoring), and focus entirely on systematic monitoring, use of an EM product, simply, emphasizes the scope of true employee monitoring: as suggested above, we speak of 20 to 25 million workers whose computer, internet and e-mail is constantly monitored.
It is also clear that the EM is growing. For example, while Websense is currently "sitting" in claims of 8.25 million euros, as last in July 2000, it was allegedly only 5.4 million, and for July 1999, only 3.3 million (see "Websense Inc. Announces Second Quarter 2000 Financial Results, "July 25, 2000).

Almost every month a new supplier appears to be entering this market.The number of workers being done could also jump dramatically if Microsoft, for example, decided to "integrate" (ie, bundle) EM functions in future versions of Windows operating systems (Microsoft already promotes a long list of "reporting" and "access" control "Partner for its Internet Security & Acceleration Server; see" Partner: Reporting "[May 3, 2001] and" - Partner: Access Control "[May 3, 2001]).

Important differences

Having already pointed out the distinction between on-site inspection on the one hand and systematic observation on the other, some more important differences should be made when discussing employee monitoring:
  • Logging of email, vs. watching web surfing, versus fixing other internet activities like "chat" and instant messaging vs. watching computer activities like accessing files, executing programs, and keystrokes.
  • Monitor / log / record vs. filter / block - Some products can actually block access to a web site or prevent you from sending or receiving an email, as opposed to simply recording access. From a data protection perspective, filtering / blocking is preferable when registering / recording. From an anti-censorship perspective, of course, it could be the other way around. Many products do: they block access to certain websites or email, and make a note of the access attempted.
  • Report Everything vs. Log Exceptions - Some products by default keep a record of everything you see while you click or even raise an alert for violations such as accessing an "inappropriate" web site. Other products only record the violations, or at least have this as your standard behavior.
  • Content / Body vs. Traffic / Headers - Some products will review the entire content of an email message or web site to determine its adequacy; Others just inspect the email header (sender, recipient, subject, size, etc.) or the web site address (url). Likewise, note the difference between counting the number of keystrokes and recording the actual keystrokes themselves.
  • Client vs. Server / Network - See "Client-Based vs. Server-Based Monitoring" below
  • Continuous vs. random vs. spot-check / answer - See "How Much Computer and Internet Surveillance is There, Really?" in front.
  • Aggregated vs. Individual / Specific - If records of employee activities, keep logs, tape specific activities on certain employees (e.g., "Joe from 5 visits to playboy.com"), or does the employer only keep aggregated statistics (e.g., "We had 10 visits to playboy.com last month")? The records also contain details such as full URLs ("Joe visits these specific pages playboy.com"), or provide one aggregate per person ("Joe spent a total of 30 minutes at playboy.com" or, in less detail, "Joe spent 30 minutes on a website, on our banned list "). One approach could be to carry out aggregate monitoring first to see if there is also a problem that warrants closer inspection.
  • Inspection memory versus monitoring "on-the-fly" - Some logging are nothing more than the inspection of files on the PC by an employee, or the inspection of copies that are kept by the employer's backup server or mail server, or inspecting log files kept by a web proxy server. Even then, an EM product is not required for this; It seems likely that most reported employee layoffs and suspensions over the internet, computer, or email use have this type of after-the-fact check. Some EM products simply create additional records, which can then be checked in the same way. Many products, though, actually catch employee activity in "real time", for example by blocking web pages, or checking and filtering emails after you've left an employee's computer but before you have sent over the internet.
  • Vendor defaults versus individual triggers - Most likely all of these products are customizable by employers. But how much adaptation does it actually work? Are employers usually just using the manufacturer's standard settings? (This is especially important when authorities outside of the US are installing EM products whose database has been compiled via "inappropriate" websites in the US; see, for example, Electronic Frontiers Australia, the "Government Adopted Net-Filter Attempt to Quiet Critics "[June 29, 2000].)

The problems

There are many reasons, good and bad, for employers to monitor the personal computer (PC) and internet activities (including email and web surfing) of employees. Two of the driving forces behind this application are simply the reduced cost and increased usability of workplace surveillance software. Funny, some of these products were originally intended for parents and schools to monitor children's online activities ("nannyware"), or for spouses to monitor each other ("adulteryware"; see "Snoop software: Unhealthy at home?" MSNBC, May 9, 2001]). Could this be what companies mean when they describe their employees as "part of the family"?

Employers can monitor the PC and internet activities of employees either by intercepting data in "real time" (which are also prohibited activities, blocked or filtered) or by viewing the stored data after the fact.

Employers can install interception devices on the PC used by the employees and / or on the network. Where the employer plants this "bug" or "wiretapping" (as it was) determines the type of information the employer can collect.

Software installed on an employee's PC, such as WinWhatWhere Investigator or Webroot WinGuardian, captures the keystrokes (even deleted ones) of an employee's types; it can also "see" what the user is not in programs such as Microsoft Word that are on the computer. In contrast, products installed on the network, such as eSniff or SurfControl, are best for recording employee email and web surfing and are certainly better suited when the employer wants to monitor the activities of a company large group of users at the same time. Some programs (like Trisys Insight) take a hybrid approach, installing a small "agent" program on the PC that communicates with the main program, installed on the network.

An employer is especially interesting, employee productivity monitoring, for example, might prefer an entirely different type of recording device, from your employer, whose main concern is, say, to prevent (or at least detect) sexual harassment in the workplace. Recognizing trade-secret-relocating require different technology to prevent visits to websites that specialize in pornography or gambling.

Another way to monitor employees is to examine stored data. This can be done by looking at the log files maintained by the employer's proxy server, or it could be as simple as the human resources (HR) department using a web search engine to see if they can find out everything about the personal web entries of employees or potential employees.

Employee monitoring software can employ various "triggers" in determining whether an alert is raised. Some products do scan all emails for certain keywords, such as Echelon and the USA FBI Carnivore were reported to be doing. Others check all attempted web traffic against a list of disallowed sites. Some vendors claim that their products use "artificial intelligence" or "neural networks" to identify problems (ie, "because this piece of email I don't like to figure out all the other emails that I don't like." and you block "). Some products simply log all of the employee's activities in excruciating detail, and leave it to a human (or maybe some other program) to find out which items, if any, are of concern.

Many (and perhaps most) of these products, in addition to recording (i.e. recording entries in a log file), proactively block or filter, for example refusing to connect to a pornographic website, or refusing to send it an email with a virus attachment. Censorship and free speech (or rather, freedom to receive speech) have been educated regarding these products, for example when installed in public libraries and public schools in the United States.

The privacy concern, however, concerns the logging rather than the blocking / filtering aspect of these products, which over time will build a comprehensive profile of an employee's web surfing, emailing, applications, and so on, all related to the employee's identity (like a workstation ID assigned by the employer).

Some problematic implications:
  • What is Public Employee Logging? For example, in the US, do you make log files produced by EM software installed in federal, state and local agencies for "public records" that are required under Freedom of Information Act (FOIA)?
  • As email and email attachments become the "lifeblood" of companies, is it really the employer's intention to commemorate who keep every email conversation detailed EM logs? How long will these logs be kept? There is a risk that the previously ephemeral (the equivalent of informal conversations at the water cooler), will now be fixed, a permanent record. The technology available is able to accommodate pretty much everything that happens at work (Shoshana Zuboff's fascinating early look at employee monitoring in the age of the Smart Machine: The Future of Work and Power [Basic Books, 1988] referred to this possibility as "textualization work"). Of course, this isn't just a problem with employee monitoring; see, for example, the Deja.com archive of Usenet postings recently acquired by Google (see "Privacy Concerns for Google Archives," New York Times, May 7, 2001).
  • Is it the intellectual property issues here?
  • Assuming that almost all employees, committing a violation of computer and internet usage guidelines at one time or another, the inventories of the EM logs will be used to look later as "wishing well" by supervisors and employers, for example, to disguise dismissals as disciplinary measures?
  • Are the log files created by EM software a "honeypot" for lawsuits? (See below)
  • Logging is essentially an editorial function that in fact turns the employer into a "publisher" rather than a pure distribution company, any material that appears on your system, and thus potentially more liable than it would be without monitoring for that Content you happen to be system? Take note, for example, of the "perverse deterrent" created in which US was informed by the 1995 Stratton Oakmont v. Prodigy, which led in part to a "Good Samaritan" provision, in the subsuequently-repealed Communications Decency Act (see Michael R. Overly, e-policy, pp. 50-51: "The greater control a company has over its content communication, the sooner one becomes a publisher "). As another example, some experts advise companies that encourage employees to use personal web-based email such as Hotmail or Yahoo: "A company could have an easier time proving that it does not contribute to an unhealthy work environment, when an employee sends sexist jokes or racist comments using his or her personal email address instead of the corporate email address ("Web-based email services provide employees with little privacy," CNET, Oct. 3, 2000 ).

While employers are likely to install workplace surveillance to reduce risk, liability, and costs, this logging brings new risks, liabilities, and costs. The installation of an e-mail recording system that tries to filter out objectionable e-mails that could, for example, leave employers much more responsible for any objectionable e-mails that the system does not prevent or can serve as a new storage mechanism - a "honeypot" - for "smoking gun" documents to be discovered later in the preservation of evidence. And, of course, it can open the employer up to employee complaints of intrusion.

Why do the employees monitor?

There are numerous reasons why employers may monitor the computer and internet activities of employees, but for all of these reasons the following two questions should be asked:

What risks are we trying to prevent or detect or manage here?
What policy is this logging to be enforced?

1993 survey of employers gave the following reasons for user activity logging (Charles Piller, "Bosses with X-Ray Eyes," MacWorld, June 1993):
  • Monitor work-flow: 29.2%
  • Investigate theft: 29.2%
  • Investigate espionage: 21.5%
  • Rating performance: 9.2%
  • Sexual Harassment Prevention: 6.2%
  • Search, missing data: 3.1%
  • Try illegal software: 3.1%
  • Prevent personal use: 3.1%

A survey in the November 1997 edition of PC-Welt ("The need for monitoring") provides the following results from the survey:
  • Crack down on leisure activities: 58%
  • Put an end to pirated software downloads: 47%
  • Avoid sluggish internet connections due to recreational surfing or excessive downloads: 33%

At the same time, logging of employee PC and internet activity - and thus potentially intrusive media on employee privacy - can actually offer benefits, including privacy policy use to some groups besides the employer. Employee monitoring can help enforce restrictions on access to customers' personal data. For example, the US Health Insurance Portability and Accountability Act (HIPPA) mandates the use of "audit trails" to protect the confidentiality of patient information. According to a medical security specialist, "privacy should be protected in healthcare by" tagging "all health data with the name of every single person seen .... Any patient who wants to see your record should be given Then you would be able to see who exactly was looking at your data, which, many people don't realize, can total hundreds and hundreds of people "(quoted in Health Data Management, Oct. 1998 , P. 60). Needless to say, these people are supervised employees. So, data protection (for one group, such as patients or consumers) can be purchased at the price of privacy (for another group, employees).

As the HIPPA example suggests, some employers are essentially responsible for monitoring employees. To take another example, some form of employee monitoring appears to be required for compliance with the U.S. Securities and Exchange Commission's (SEC) record keeping rules, 17a-3 and 17a-4, and with amendments to NASD rules 3010 ( Supervision) and 3110 (Books and Records) (see "NASDR Adopts Rule Changes Regarding Public Communications," April 17, 1998: "NASD expects members to prohibit correspondence with customers from employees' home computers or through third-party Systems unless the company is able to log such messages "). This is reflected in the AMA survey, which shows significantly higher levels of surveillance in the financial sector than in any other. Some products, such as the SRA Assentor EM product, are designed specifically for financial institutions (SRA has also built a product that Nasdaq uses to monitor stock chat forums).

Surveillance may also be required to avoid the sexually or racially "hostile environment" in the workplace, which is at least arguably a data protection problem (see, for example, the argument against overbroad use of the term "privacy" in: Raymond Wacks, Recht, Moral, und the private sector [Hong Kong University Press, 2000]).

The following is a list, in no particular order, of some employee surveillance concerns:
  • Productivity (e.g. mess-raw keystrokes / min; preventing access to time-consuming web sites: games, porn, private finances, sports, music)
  • Bandwidth (conserving network resources by reducing access to unproductive websites; a slightly different problem from monitoring employee productivity)
  • Cost center (to invoice-based on the client codes, or to assess timesheets)
  • Intellectual property (enforcement of software licenses for a certain number of "places"; reducing the company's responsibility for software piracy by employees; the Business Software Alliance urges employers to monitor compliance)
  • Trade secrets (recognize copying employers trade secrets in emails, on floppy disks or zip disks)
  • Security (detection of viruses in e-mails or e-mail attachments, prevention of employees from accidentally downloading trojan-horse programs)
  • Insubordination (employees and former employees venting their "bad demeanor" in chat rooms and on "grumbling" boards, posting the company's internal documents to FuckedCompany.com etc .; see "From the water cooler in cyberspace, the lecture will." Ugly ", New York Times, April 29, 2001)
  • Find a job (employees visit Monster.com, HotJobs.com, etc., or work with Microsoft Word my_resume.doc)
  • Cyber ​​undeclared work (work a second job while at work; you work on a personal website at work)
  • Customer relations (Similar to "This call can be monitored for quality assurance")
  • Audit control on data usage (purchase consumer or patient privacy-at the expense of employee privacy, enforcement and monitoring need to know, "need to use", "and not copy" controls access; see point earlier about HIPPA in the USA)
  • "Hostile environment" (e.g. detection of sexual and racist harassment in e-mails, display of pornography in plain sight by employees)
  • "Going Postal" (preventing workplace violence; see for example recent Edgewater Technology filming in Boston; a company creating software it claims will be able to predict violent behavior; see Washington Post's long list of workplace shootings since 1987)
  • The protection of the company is the public face (Looks for the Usenet postings by employees; even if these postings or e-mails contain a "that's just my opinion, not my employer" disclaimer (see also The Register of the "Longest E-Mail Disclaimer Award "), the publication or e-mail can still be treated as if it were an official statement on letterhead)
  • "Smoking guns" (attempt to deal in advance with the creation of documents that are later discovered in litigation, e.g. the Microsoft antitrust proceedings; centralization of document retention and the destruction of policies; see http: // www. kenwithers.com/) - but the inclusion of computer, email, and internet usage in log files seems to greatly increase, rather than decrease, this problem (when it is indeed a problem; many would argue that the retention of Documents issued by the tobacco company, for example, has socially desirable outcomes)
  • Disaster recovery (log files created by employee monitoring products can double as a form of backup, or a kind of electronic "paper trail" for rollback)
  • The regulation of the appropriate time and duration for non-company activities (some companies allow you to use your computer and internet as a "fringe benefit," during lunch breaks or after work)
  • Teleworker (logging offsite employees)
  • The supervision of the supervisory authorities (e.g. HR responsibility to prevent the supervisory authorities from verbally abusing or mistreating employees)
  • As an alternative to "management by walking around" (the remote micromanagers believe that reading email is a good alternative to wandering the halls and seeing how things are going)

Many of these reasons were not clearly articulated at the time when employee monitoring products are purchased and installed. It is possible that EM sometimes comes with only a vague sense of what it will be "the" for the employer.

PC and internet surveillance: driving forces

In fact, employee monitoring software can sometimes be installed less with a clear purpose of enforcing certain policies and managing certain risks, and more because the software is "it": freely available at an obvious low cost:
  • Trisys Insight: $ 85 per monitored computer, for 50-99 users.
  • WinWhatWhere Investigator: $ 34 per seat for 100-149 licenses.
  • Adavi SilentWatch: $ 35 per "seat".
  • WebSense: US $ 5,000 for 1,000 users. (As mentioned, Websense revenue equates to about $ 3.25 per user per annual subscription, its big sale to the US Army was for about $ 9 per user [although that sale also included cache motors and ethernet switches], and its ROI calculator estimates $ 15 per user. Some of the discrepancies have been eliminated, discounts for resellers; Websense "channel partners" receive a 30% discount.)
  • SurfWatch @ Work: $ 995 for 50 users.
  • SmartFilter for Microsoft Proxy Server: $ 3,250 for 1,000 users
  • LittleBrother Pro: $ 495 for 10 users.
  • CyberPatrol for Microsoft Proxy Server: $ 1,395 for 100 users
  • SurfControl: As noted, its "ROI calculator" on the website rates 50 or fewer employees at $ 1,195 ($ 24 per employee) and 10,000 employees at $ 45,000 ($ 4.50 per employee); the average is about $ 10 per employee.

In other words, the initial cost of purchasing employee monitoring software is typically far less than $ 100 per user and in large organizations can be as little as $ 5 per user. (Of course, the actual total cost is probably much greater when you consider that someone not only needs to install and manage the software, but most importantly, you need to be ready to respond appropriately to staff issues related to the issue who have favourited employee monitoring software.)
This obvious low cost is likely to drive the assumption of staff logging in the same way that the low cost cameras that support the increased use of visual surveillance.

In a sense, we're dealing here with the technical possibility of "carnivores on the desktop": ubiquitous, fine granularity of surveillance in the hands of every employer. On the other hand, it's crucial to remember who numbers used to be: now probably no more than 25 percent of employers are systematically monitoring their employees.

As mentioned earlier, some of the "Spy on Your Employees" products started life as "cybernanny" products for the home / school market. Having trouble selling to schools and consumers, many of these companies looked around to see what else they could do with their cybernanny products, and realized that other companies might have a better market. As the Websense director noted, "After four years, you all realized schools don't have a lot of money to spend"; The head of N2H2 agrees, "Most of you have left school and are now gearing towards the business-enterprise market" (quoted in Desk-Top-Cops, Internet World, August 15, 2000). So, another driving force behind employee monitoring in this endeavor is the transition from the consumer / education to the corporate marketplace.

Companies are slowly realizing that the whole idea of ​​a "personal computer" creates problems in the workplace. Especially with key resources increasingly on the internet rather than on the PC, there is perhaps a trend towards treating the PC more as a centrally managed terminal than a "personal computer". IT departments can see employee monitoring as a way to regain some control over the desktop. If so, there is a risk that the technical considerations may end up being considered a permitted driving directive. An interesting question is whether IT departments, rather than HR, are usually left to be responsible for employee monitoring.

Client-based vs. server-based interception

All employee monitoring software available are essentially programs that report on (and in some cases limit) how you use other programs. After installing an employee monitoring program, an employer can - depending on the type of program - see how much time the employees (individually and / or as a whole) spend playing solitaire, or what web sites they use visit, read or even e-mail messages that you entered but then deleted and not sent. The employer may also be able to prevent employees from visiting certain websites, or from sending or receiving certain e-mails.

One way to understand these products is to examine where they are installed. There are basically two types: server-based monitors, designed to be installed on the employer's network; client-based monitors, designed and installed directly on the employee's personal computer (PC).

First we see the network (server), then on the PC (client). To see the difference, let's imagine a typical employee, lingering while time playing solitaire. Wes Cherry, the Microsoft programmer who wrote the solitaire game included in Windows, has pointed out that he single-handedly "wasted more companies than other developers" (although employers might remind you that many employees have only just learned to use it the mouse by playing Solitaire). The question is, Can the company tell (briefly looks over his shoulder) whether an employee at Solitaire?

Hearing the provider claim the answer is yes, you can see it all. Of course, privacy advocates, whose icy reports in turn sometimes help the sellers hype, rely on these Orwellian claims.

Network-based (server) products

eSniff, the workplace monitoring hardware, claim, "When an employee goes outside of your eboundaries, eSniff provides an exact copy of everything on your screens, websites visited, chatroom activity, email ... everything."

Well, eSniff offers logging of network based actions. This is like a wiretap, it sounds in "real time" about everything that employees are on the network. According to the company, "The eSniff device uses patent-pending linguistic and mathematical methods to analyze the content and context of all TCP / IP traffic. All traffic is analyzed; web, e-mail, chat, ftp, telnet, print jobs, absolutely all traffic over the wire. "

Another example of network-based logging is SurfControl's funnily called LittleBrother (oddly enough, it doesn't yet seem to be an employee monitoring program called Big sister). The products of the largest EM provider, Websense, are also network-based, connecting to employers, the firewall, proxy or cache server.

These server-based products produce reports that would show when an employee is playing a web-based version of Solitaire. But not the Solitaire (nor FreeCell or MineSweeper) that come bundled with Windows because these games run entirely on the PC without the need for a network connection. When a network based surveillance product like eSniff claims that you can monitor "everything", you mean everything to me on the network. (And actually, "everything on the network" isn't quite the right thing, as many of these products can't do much about encrypted content, like web pages that use the https: // instead of the http: // protocol.)

This approach is good for detecting (and with some products, maybe even avoiding) employees from visiting pornographic websites, from lingering the day at web-based gaming sites like Pogo.com from being on a second job called "day." trader "(although recent events on Wall St. may do more to curb this activity), from venting a bad attitude about the company at a site whose name isn't printable at FuckedCompany.com or from sexually harassing your company Employees by email.

PC-based (client) products

But it can't catch you viewing porn you've already downloaded to your computer, nor can it see how much time you're wasting playing from a CD-ROM (unless the game "phones home" is on that Network), nor could you see it, you copying society's secrets onto a floppy disk, or polishing your resume in Word. These are all activities that happen on a PC, usually without access to the network.

To see these kinds of things, employers need something more like a camera used directly on the PC, employees rather than a listening device (so to speak) like eSniff that sits on the network.

A good example of how a client-based product is WinWhatWhere Investigator. This product records the names of the programs you run, the titles of the windows that are open on your computer, and, most clearly, the keystrokes you type, including those you subsequently delete. (For example "screenshots", see "Examples from the Investigator Reports"

For example, while WinWhatWhere Investigator was running on my PC, I wrote an email to a friend that included the text, "I think I have herpes" (this text comes from a recent ad for SafeWeb, an anonymization product that promises to be to protect employees is logged by "everyone - including your boss"). I then deleted the line and typed, "I'm fine." Then I decided not to send the message after all.

WinWhatWhere report showed the following: "I think I have herpes. I am fine." In other words, my ephemeral thoughts have now been permanently recorded (this fixation of "deleted" content raises some interesting intellectual property issues). The report also showed, "Message was not sent." It also revealed the nickname (but not the current e-mail address) of the canceled e-mail recipient. (On the preservation of supposedly "deleted" material, see the following thought-provoking articles by a federal judge in Minnesota: James M. Rosenbaum, "In Defense of the DELETE Key," Green-Bag, Summer 2000; however see also "Billg's dream? Honey, I disappeared, the emails ...", Register, June 1, 2001.)

I also saw WinWhatWhere personal information (like passwords) that I entered on "secure" web pages, encrypted with https: //, like the customer information page at Amazon.com. Even if the employee uses the SafeWeb anonymizing service, WinWhatWhere can still record keystrokes and window titles that often describe the web-sites visited).

Also WinWhatWhere author, Richard Eaton, who says, "A lot of things about this program caused me great consternation." According to Internet Week (“Keystroke Logging Software Spies on Chats, IMs,” Nov. 7, 2000), “Eaton is having second thoughts about a feature that is sweeping passwords.” When you tab over a password field, it picks up all of them that up, 'he said. "I haven't yet decided whether this is good or bad." It's related to WinWhatWhere's ability to go into a form on a web page and highlight the contents of text fields that already contain information - such as a password dialog box that already contains the user's saved password.

On the other hand, WinWhatWhere doesn't seem to recognize entering a passphrase in the Windows version of PGP (Pretty Good Privacy) encryption software; PGP uses the Windows "console" input, which, like DOS input, misses the client-based monitors due to the technique you happen to be "hooking" the keyboard (for what it's worth having a more compelling monitor with one low-level "virtual device driver" instead of employing the higher level SetWindowsHook () API).

Since the monitoring is done right on "your" PC - actually it is not literally monitoring at this point, just logging the activities to a file or database for later viewing - instead of on a central server, it is obvious that your activities can be monitored than from a network based program. And it can be done whether you are connected to a network or not.

You can configure these programs to hide your presence from most users, although the manufacturer usually recommends that employers make the monitors known (though not in a way that the monitor can be easily disabled).

But since the program is running on a PC to be used by an employee, how is the employer going to see the report that WinWhatWhere keeps so obsessively? An employer (or an HR or IT employee assigned to this task) could walk up to the PC itself, press a special key combination, and view the report. Or the program can be configured to periodically send the "stealth email" report to a named address.

Unlike the server-based monitors, this is obviously not of "real-time" monitoring, nor is this level of detail that seem conducive to large-scale monitoring of many users simultaneously from a single location (think Montgomery Burns with a view on his multiple monitors in the animated series "The Simpsons"). However, WinWhatWhere can be configured to store your log files on a network file server, logs from multiple PCs are poured into a single database, and the entries from each individual PC are distinguished by user names. Coupled with WinWhatWhere's configuration options to disable some forms of recording, such as keystroke logging, this could perhaps turn into a system-wide user activity recording tool.

Another client-based monitor is Webroot WinGuardian. In addition to recording keystrokes and logging programs and web sites visited, WinGuardian can capture "screenshots" (that is, graphic images of the entire computer screen) at set intervals (up to once per minute), and then email them for remote use viewing. The screenshots can then be "played back" on another computer to see what the employee is doing, literally every minute of the day.

Another such product is Spector, from SpectorSoft. I've spoken to an HR manager who is installing Spector on an employee's PC after repeated complaints (from other employees), and after his own repeated denials that he was spending hours every day working on pornography. That is arguably a typical example of non-systematic logging done in response to a particular situation. The HR director said that Spector secretly saved away frequent screenshots of the employee's activity, and that they would later use those screenshots after the employee had left for the day that was (a) necessary in the circumstances; and (b) extremely creepy, "like looking at someone else's screen through your own eyes." Spector's own web site can make these promises for the $ 69.95 product: "Automatically everything your spouse, kids & co-workers do online .... Spector SECRETLY takes hundreds of screen snapshots every hour, very much like a security camera. With Spector, you will You will be able to see EVERY chat, EVERY instant message, EVERY email, EVERY website visited and EVERY keystroke entered. "

To eliminate the embarrassing need to view saved records on the employee's PC, SpectorSoft also makes eBlaster, which for an additional $ 69.95, sends detailed email reports: "eBlaster provides detailed reports on activity, including all web-sites visited , all applications are running, and all keystrokes have been typed directly to your e-mail address as many times as every 30 minutes. "

These client-based monitors are starting to sound like what's known as a RAT (Remote Admin Trojan), similar to Symantec pcAnywhere, or the infamous hacking tool "Back Orifice." These "Trojan horse" programs typically involve both keystroke logging and screenshot capture, and so could be used in some circumstances for employee surveillance.

That simply looked at the client-based EM, it is important to note that some EM products that are currently using this technique in a system-wide fashion. WebSense, SurfControl, Elron Internet Manager, and MIMESweeper, for example, are all server-based. Virtually all EM software installed in large companies is server-based. However, client-based recording makes a good illustration of what is technically possible with employee monitoring software available today; just keep in mind that this particularly intrusive technique is not widely used. As a Spector example illustrates, though, HR departments are into using such products for dealing with specific problem employees.

Hybrid (client / server) products

Some workplace surveillance products, like Trisys Insight, are hybrids. (See http://www.born2e.com/isgt/MainPage.asp for a live online demo; you get selected Trisys employees on snoop.) This includes a small "agent" program on the PC used by the employees that sends messages to a server program. This company even offers an "outsourced" service, whereby Trisys itself monitors the activities for you. Trisys does not monitor specifics such as keystrokes or the text of e-mail messages. Instead, it focuses on measuring the amount of time you spend on websites or with certain applications.

One hybrid program is Wards Creek GameWarden. According to the company, "client / server technology enables the inclusion and enforcement of company policies on playing local games like Solitaire and Minesweeper or multi-player network games like Doom, Descent, X-Wing / Tie Fighter."

There seems to be a trend towards hybrid client / server logging. Two current products, Actis Net Intelligence (see "Is this the end of corporate porn?" Register, April 19, 2001) and Cerberian (see [Utah] 's Cerberian Aimed at Solving Fires' Internet worries, Deseret News, Feb. 14, 2001 ) each include an "agent" who sits on the employee's PC and reports back to a server program. As already mentioned, many server-based products are unable to fully operate web pages encrypted using the https: // protocol, and having a small "agent" program on the PC would help with this too; For example, employee monitoring providers might look into this approach as a way to defeat web anonymizers like SafeWeb.

Future trends

Having speculated earlier in this paper that it could be natural for Microsoft to indirectly enter the EM business by being able to add additional management capabilities to its operating systems, and having just suggested a trend to do more client-based monitoring About "agent" programs, here are some other possible future trends in employee monitoring:
  • As memory becomes cheaper and processors faster, "record everything" becomes a realistic option.
  • A "universal inbox" (all documents in the company are delivered, e-mail or the e-mail attachments) would make it possible to record all workflow in the company.
  • "Convergence" of office devices (voice-mail, fax, copier - all reachable over the network) can create an "integrated" location for surveillance.
  • On the other hand, keeping "divergence" away from the PC into wireless devices force EM providers, perhaps by using spy software on wireless networks; there can also be a call for integration with positioning (GPS).
  • With at least fifty different user activity taking up products in the market, there will inevitably be some consolidation in the industry. Already, SurfControl has acquired CyberPatrol, SurfWatch, and LittleBrother products and Emu-Tech in Australia. Telemate.Net is acquired by Verso Technologies.


The terms "employee surveillance" and "surveillance at work" evoke Orwellian images of Big Brother sitting at a central computer, the console, watching everything his employees do on the computer - every keystroke or mouse click, every e-mail message, every web page - and reacts "inappropriately" using the moment it happens.

Really, as mentioned above, relatively inexpensive software now makes these features cheap and potentially ubiquitous.

However, it is important to appreciate the differences between workplace surveillance programs. There is usually a trade-off between real-time logging (employers can see what employees are doing, how they are doing it), on the one hand, and the ability to get a perfect picture of what the workers are doing on the one hand other. Right now, everywhere, fine-grain employee monitoring is technically possible, but not a widespread practice. As mentioned above, most of the companies that even employ spy software (and remember that they are still in the minority) use the server-based approach, which is intrusive enough but which don't quite have the disabling capabilities of client-based user activity recording.

There's probably not much in privacy that interest in dozing off at work. But there's a privacy concern of not having an accurate record kept of exactly what you were doing, during a break, while at work, or even while snoozing.


"1999 Utility Guide: Corporate Filtering" (PC-Magazin, May 4, 1999) (extensive coverage by CyberPatrol for Microsoft Proxy Server, LittleBrother Pro, SmartFilter for Microsoft Proxy Server, SurfWatch @ Work [Editor's Choice], WebSense)

Parry Aftab and Nancy Savitt (?), "Monitoring Employees" Electronic Communications: Big Brother or Which Company? "

Ellen Alderman and Caroline Kennedy, The Right to Privacy, New York: Knopf, 1995 (pp. 275-320, 376-387 on "Data Protection in the Workplace")

Lawrence Aragon, "E-Mail Is Not Beyond the Law," PC Week, October 6, 1997 (Role of IS departments in legal discovery)

Vijay Balakrishnan, "Why a Network Pays Privacy Policy for Use for Your Business," Telemate.net, 1999

Doug Bedell, "Bye, Anonymous: Lawsuits surprise users of online pseudonyms as many are trying to keep their identities hidden," Dallas Morning News, May 24, 2001 (former contributor)

Erik J. Belanoff and Evan J. Spelfogel, "E-Mail: Ownership vs. Privacy in the Workplace," Epstein Becker & Green, PC, December 1999

David S. Bennahum, "Demon Seed: Old Email Never Dies," Wired, May 1999

Travis Berkley, "Peeping Tools: Nine Tools That Snoop on Your Workforce," Network World, July 10, 2000

Philipp Berkowitz and Jonathan L. Bing, "Employee privacy issues in the age of electronic communication," Salans, Hertzfeld & Heilbronn, 1999

Berkman Center for Internet & Society at Harvard Law School, "Digital Discovery"

Jeffrey S. Bosley and Joseph E. Herman, “Cyber ​​Organization: Applying Rust Belt Rules to the Digital Workplace,” Thelen Reid & Priest LLP, 2001

Tom Brown, "Preservation: Analysis", Harvard Law Digital Discovery (E-Mail Retention Requirement)

Karen L. Casser, "Employers, Employees, E-mail, and the Internet," Computer Law Association, 1996

Andrew Clement, "Office Automation and the Technical Control of Information Workers" (1982), in Vincent Mosco and Janet Wasko, Political Economy of Information, Madison: University of Wisconsin Press, 1988, pp. 217-246

Charles I. Cohen and Mona C. Zeiberg, "Employers Pay Attention: The NLRB Is Watching Your Email," Morgan, Lewis & Bockius LLP, July 2000

"Computers and Labor, The Bibliography" (includes a section on employee surveillance)

Andrew Conry-Murray, "The Pros and Cons of Worker Surveillance," Network Magazine, Feb. 5, 2001

Curtin Cotton, "Electronic Mail in the Workplace: Employee Surveillance vs. Employee Privacy," Gray Cary, n.d ....

Don A. Cozzetto and Theodore A. Pedeliski, "Personal Life and the Workplace: Technology and Employment in the Public Service", (Int'L Personal-Management Assoc.)

Curtis Dalton, "Preventing Corporate Network Abuse From Turning Personal," Network Magazine, Feb. 5, 2001

Data Protection Commissioner (UK), Draft Code of Practice: The Use of Personal Data in Employer / Employee Relationships, October 2000 (available from http://wood.ccta.gov.uk/dpr/dpdoc.nsf)

Mark S. Dichter and Michael S. Burkhardt, "Electronic Interaction in the Workplace: Monitoring, Retrieving, and Storing Employee Communication in the Internet Age," Morgan, Lewis & Bockius LLP, 1999

Sean Doherty, "ESniff Noses From Mischief Makers," Network Computing, June 25, 2001 (lengthy review, not just of eSniff, but of several other employee monitoring products: Elron Internet Manager, SurfControl SuperScout, Pearl Echo, and Trisy's Insight)

Amitai Etzioni, "Some Privacy, Please, For Email", New York Times, Nov. 23, 1997 (also "communitarian" privacy for staff email)

Susan E. Gindin, "Guide to E-Mail and Internet in the Workplace," 1999 (Only a section is available online; the full work is available from the Bureau of National Affairs)

Mark L. Goldstein and Lisa S. Vogel, “Can You Read Your Employee E-Mail?”, New York Law Journal, Feb. 24, 1997

Michael Hart, "An Employer, Employee Email and Internet Policy," Baker & McKenzie, London, 1996 (covers employee internet law in the UK, France, Italy, the Netherlands, Hong Kong, Japan, and the US)

Heather Harreld, "And Forgive Us For Our Misconduct: Agencies Monitor Employees To STROKE Unauthorized Surfing," Federal Computer Week, Feb. 5, 2001 (Monitoring Employees in US Government Offices)

"Internet Abuse in the News" (extensive collection of links, compiled by Websense, articles on cyberslacking, cybermoonlighting, etc.)

Internet product watch, list of filtering & monitoring products

Larry Johnson, "Guerrilla Raids On The Honey Pot: Go Straight For Email," Franke Industrial Furnace Service, Inc., 2000

Tammy Joyner, "Big Boss is Watching," Atlanta Journal-Constitution, July 25, 2001 (GPS-based employee monitoring is a key point in contract talks between BellSouth and the CWA).

Carl S. Kaplan, "Rethinking the Privacy of Office Computers," New York Times, July 27, 2001 (discussion of James Rosenbaum's "In Defense of the Hard Drive")

Wendy R. Leibowitz, "E-Mail Law Enhanced," National Law Journal, July 19, 1999

Lyrissa C. Barnett Lidsky, "Silencing John Doe: Defamation and Discourse in Cyberspace", 49 Duke Law Journal 855 (2000) (former employees, e.g. HealthSouth v. Krum)

Michael J. McCarthy, "Keylogger Saving E-Mail Rants, Raising Workplace Awareness Privacy Concerns," Wall Street Journal, Mar. 7, 2000 (on Adavi Silent Observe and WinWhatWhere Investigator)

Michael J. McCarthy, "The Workers Back Email Fire," Wall Street Journal, Apr. 26, 2000 (Leinweber v. Timekeeping Systems; McLaren v. Microsoft)

Michael S. Moran, "Internet Access and Employers' Risk," New York State Law Reporting Bureau (focuses on New York state law)

Michael Overly, e-Policies: How to Develop Computers, E-Policies, and Internet Policies to Protect Your Business and Assets, New York: AMA, 1998

Privacy Foundation (US), workplace surveillance project

Privacy International, "The Technologies of Data Protection", Data Protection & Human Rights 1999 (has a long section on "Monitoring in the Workplace": performance monitoring, phone monitoring, email and internet usage monitoring, drug testing)

Janice Reynolds and Ellen Muraskin, "Logging, Monitoring, Follow-Call-Center" Computer Telephony, May 1, 2000

Proskauer Rose LLP, "E-Mail: Is It Work Is The Last Organization Of Tactics?", August 1999 (NLRB)

Cheryl Buswell Robinson, "Surveillance and Caregivers: The Use and Abuse of Electronic Surveillance," Research for Nursing Practice (Location Tracking Using Infrared and Radio Frequency)

Jeffrey Rosen, The Unwanted Glances: The Destruction of Privacy in America, New York: Random House, 2000 (esp. Ch. 2: "Privacy in the Workplace", but the entire book is really about what Rosen sees as a conflict between Privacy and Workplace, Sexual Bullying Act)

James M. Rosenbaum, "In Defense of the Hard Drive," Winter 2001 (Chief Justice of the US District Court, Minnesota, questions the "uncritical takeover" of the strange idea that just because a company owns a computer, You therefore have a right to examine all of your content)

Andrew Schulman, "The Boss Button, Updated: Web Anonymizer vs. Employee Monitoring," Privacy Foundation Workplace Monitoring Project, April 24, 2001

Andrew Schulman, "The Extent Of Systematic Monitoring of Employee E-mail and Internet Usage," Privacy Foundation Workplace Surveillance Project, July 9, 2001

Andrew Schulman, "Fatline and AltaVista: 'Peer Pressure' Employee Monitoring?", Privacy Foundation Workplace Surveillance Project, "June 18, 2001

Larry Seltzer, "Monitoring Software," PC Magazine, Jan.March 2001 (review of Trisys Insight, Webroot WinGuardian, WinWhatWhere Investigator)

Doug Simpson, "Shadowing cyberslackers: Public posts crack down on employees who abuse the internet," civic.com (Federal Computer Week), Oct. 2, 2000

Scott A. Sundstrom, "You Got Mail! (And the Government Knows It): Applying Fourth Amendment to Workplace E-mail Monitoring," New York University Law Review, Dec 1998 (mostly on public employees)

Treeline Technologies, "Alphabetical List of Content Filter Products"

Eugene Volokh, "Freedom of Speech, Cyberspace, Harassment Law, and the Clinton Administration", Law and Contemporary Problems, 2000

Bill Wallace and Jamie Fenton, "Is Your PC Watching You? New desktop snoopware labeled products don't let anyone - boss, business partner, or spouse - track your PC habits," PC World, Dec. 5, 2000 (includes filename information uses Spector, eBlaster, Insight, WinWhatWhere)

Nigel Waters, "Privacy Code of Practice for Operational Monitoring: PCO Position," March 26, 2001 (PowerPoint)

John Whalen, "You're Not Paranoid: You Are Really Watching You", WLAN, March 1995 (covers theft, "time-stealing", etc.). Jonathan Whelan, e-mail @ work, London: FT.com, 2000

Kenneth J. Withers, "Electronic Discovery Bibliography", 2000 ("... items relevant to the identification of electronic evidence in civil litigation. This collection also includes topics closely related to electronic discovery, such as electronic records management, computer Forensics, the rules of evidence on how to use electronic data, the use of e-mail in the workplace. ")

Kenneth J. Withers, "Is Digital Different ?: Electronic Publication and Discovery in Civil Litigation," December 30, 1999

Kenneth J. Withers, "Killing the Vampires: Computer Users, Facing Discovery to Try to Stick the" Erase "Button," Federal Discovery News

Anush Yegyazarian, "Nosy Bosses Face Limits For Email Espionage," PC World, September 2000 (NLRB)

Richard F. Ziegler and Seth A. Stuhl, "Looting Issues Are In The Digital Age", National Law Journal, February 16, 1998 (E-mail and voice mail must be kept)

Shoshana Zuboff, Into the Age of the Smart Machine: The Future of Work and Power, New York: Basic Books, 1988
Release Date: