SLUG Mailing List Archives
Re: [SLUG] forensics work without history file
- To: "Jesus M. Salvo Jr." <jesus.salvo@xxxxxxxxxxx>
- Subject: Re: [SLUG] forensics work without history file
- From: Glen Turner <glen.turner@xxxxxxxxxxxxx>
- Date: Tue, 08 Feb 2005 17:18:00 +1030
- Cc: slug@xxxxxxxxxxx
- Organization: Australian Academic and Research Network
- User-agent: Mozilla Thunderbird 0.9 (X11/20041127)
Jesus M. Salvo Jr. wrote:
Is placing a keylogger even legal, with or without the employee's
Some states have specific laws on "workplace surveillance". NSW
does, but I'm not sure of the details because I live in SA.
It's dodgy in all states because you don't know what the employee
is going to type. If they type a letter to their doctor (say
about a workplace injury) then you are in deep trouble. Similarly
if they converse with a lawyer. And similarly for ABS forms,
union officals asking OH&S questions, WorkCover, and a whole
mass of "privileged" conversations.
Then there are practical matters. If they enter a PIN number
and their money later goes missing and they accuse you, just
what is your defence? Hope you've got a good memory for where
you were when for all the moments after you installed that
keylogger and they typed that PIN.
In all the above scenarios, it doesn't matter if you have
the employees' permission or not. The employee has given
permission for logging, not for you to empty their bank
account, eavesdrop on their medical consultations, etc.
For some privileged conversations it's illegal to even
ask to participate, so arguments that some boilerplate
Message of the Day is sufficient permission turn into a
Lose-Lose scenario .
And finally, what are you going to do with the logs? You've
now got a massive duty of care (certainly a liability up
to the employees bank balance, in the last example). You
can't leave them on an Internet-connected computer, that
would just be negligent. And how are you going to show
that you destroyed the logs, when you do that. After all,
no one's going to take you at your word that you destroyed
them, in some circumstances they're going get a court order
to take all your hard disks to make sure.
In short, keylogging your employees carries significant
risks (eg, losing all your assets, since this would be
a non-insurable event) and you should seek real legal
Hopes this helps,
 And if you've got employees under 18, just forget
about any implied permission from a MOTD. You're
asking the wrong person for permission.